build(deps): bump org.apache.logging.log4j:log4j-bom from 2.25.4 to 2.26.0

[dependabot]

Bumps org.apache.logging.log4j:log4j-bom from 2.25.4 to 2.26.0.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.26.0

This minor release delivers all the fixes in the [2.25.0, 2.25.4] version range, plus some new fixes, and several other improvements and features.

Added

• Add a new ConfigurationFactory::getConfiguration method accepting multiple URIs (#3775, #3921)
• Add and export org.apache.logging.log4j.core.pattern.NamedInstantPattern enabling users to programmatically access named date & time patterns supported by Pattern Layout (#3789)
• Add log4j.plugin.processor.minAllowedMessageKind annotation processor option to PluginProcessor to filter diagnostic messages by severity. This allows builds that treat compiler notes as errors (e.g. Maven with -Werror) to suppress informational notes emitted during normal plugin processing. (apache/logging-log4j2#3380, #4063)
• Add missing setters to Rfc5424LayoutBuilder

Changed

• Ensure scripts in the global Scripts element have explicit names by throwing a ConfigurationException for unnamed ones. (#3176)
• Simplify file manager registry factory methods (#3968)

Deprecated

• Deprecated withers in builder classes in favor of setters. This change improves API consistency with Log4j Core 3 and helps users adapt to the upcoming changes. (#3750)

Fixed

• Fix script resolution failure when the Scripts element is placed after a ScriptRef in the configuration. (#3336)
• Fix ArrayIndexOutOfBoundsException thrown by ThrowableStackTraceRenderer when the stack trace is modified concurrently (#3940, #3955)
• Fix SLF4JLogger.atFatal() returning atLevel(Level.TRACE) instead of atLevel(Level.FATAL). This was causing FATAL-level log events to be silently discarded when using the fluent API through the log4j-to-slf4j bridge. (#4068, #4089)
• Fix Javadoc references across module boundaries (i.e., cross-references) (#4099, #4100)
• Fix header write in RollingRandomAccessFileManager that was being incorrectly skipped if append=true and the file didn't exist before
• Fix a properties file configuration regression caused by not referenced loggers, appenders, and filters (#4036, #4069)

Removed

• Remove the jvmrunargs lookup. (#3874)

Updated

• Update org.junit:junit-bom to version 5.13.4 (#3850)
• Update org.mongodb:bson to version 5.6.1 (#3961)
• Update org.xerial.snappy:snappy-java to version 1.1.10.8 (#3841)

Commits

• c1ad2a6 Update the project.build.outputTimestamp property
• 8b3a799 Set version to 2.26.0
• 96486eb Merge remote-tracking branch 'origin/2.x' into release/2.26.0
• 8243257 Add documentation for MessageRewritePolicy (#4042)
• 2a15414 Add documentation pointer to the Async HTTP Appender of more-log4j2 (#4062)
• b178cb1 Switch CI to gha/v0 and remove Develocity (#4108)
• 23321de Remove changelog entries for already released changes
• def55fc Add .release.xml and .release-notes.adoc.ftl
• 0e019f2 Move changelog entries
• a487a5d Tidy up changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)