Merge remote-tracking branch 'apache/2.x' into ppkarwasz-2.x

.asf.yaml

@@ -53,6 +53,13 @@ github:
     - api
     - syslog
 
+  # Enforce squashing while merging PRs.
+  # Otherwise, the git log gets polluted severely.
+  enabled_merge_buttons:
+    squash:  true
+    merge:   false
+    rebase:  false
+
   protected_branches:
     main:
       required_signatures: true

.github/dependabot.yaml

@@ -81,16 +81,16 @@ updates:
         update-types: [ "version-update:semver-major" ]
       # Apache Cassandra: keep version 3.x
       - dependency-name: "org.apache.cassandra:*"
-        versions: [ "[4.0.0,)" ]
+        versions: [ "[4,)" ]
       # Kubernetes: keep version 5.x
       - dependency-name: "io.fabric8:*"
-        versions: [ "[6.0.0,)" ]
+        versions: [ "[6,)" ]
       # `com.conversantmedia:disruptor` 1.2.16 requires Java 9
       - dependency-name: "com.conversantmedia:disruptor"
         versions: [ "[1.2.16,)" ]
       # Keep Jakarta EE at version 9.0
       - dependency-name: "jakarta.platform:*"
-        versions: [ "[10.0.0,)" ]
+        versions: [ "[10,)" ]
       # OpenRewrite is quite noisy. Let us skip patch and minor updates:
       - dependency-name: "org.openrewrite:*"
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
@@ -100,25 +100,28 @@ updates:
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
       # Json Unit 3.x requires Java 17
       - dependency-name: "net.javacrumbs.json-unit:*"
-        versions: [ "[3.0.0,)" ]
+        versions: [ "[3,)" ]
       # Update both `disruptor.version` to latest 3.x version
       # and `disruptor4.version` to latest 4.x version
       - dependency-name: "com.lmax:disruptor"
         update-types: [ "version-update:semver-major" ]
       # WebCompere System Stubs requires Java 11
       - dependency-name: "uk.org.webcompere:*"
-        versions: [ "2.1.0,)" ]
+        versions: [ "[2.1,)" ]
       # SLF4J 1.7.x should only upgrade to 1.7.x and
       # SLF4J 2.x should only upgrade to 2.x.
       - dependency-name: "org.slf4j:slf4j-api"
         update-types: [ "version-update:semver-major" ]
       # Plexus Utils 4.x are for Maven 4.x
       - dependency-name: "org.codehaus.plexus:plexus-utils"
-        versions: [ "4,)" ]
+        versions: [ "[4,)" ]
       # MongoDB 3.x should only upgrade to 3.x and
       # MongoDB 4.x should only upgrade to 4.x
       - dependency-name: "org.mongodb:*"
         update-types: [ "version-update:semver-major" ]
+      # H2 version 2.3.x requires Java 11
+      - dependency-name: "com.h2database:h2"
+        versions: [ "[2.3,)" ]
 
   - package-ecosystem: github-actions
     directory: "/"
@@ -141,43 +144,16 @@ updates:
     registries:
       - maven-central
     ignore:
-      # Jetty 10.x does not have an internal logging API
-      - dependency-name: "org.eclipse.jetty:*"
-        update-types: [ "version-update:semver-major" ]
-      # EclipseLink 3.x is Jakarta EE 9
-      - dependency-name: "org.eclipse.persistence:*"
-        update-types: [ "version-update:semver-major" ]
-      # Spring 6.x is Jakarta EE 9
-      - dependency-name: "org.springframework:*"
-        update-types: [ "version-update:semver-major" ]
-      # Spring Boot 3.x is Jakarta EE 9
-      - dependency-name: "org.springframework.boot:*"
-        update-types: [ "version-update:semver-major" ]
-      # Spring Cloud 2022.x is Jakarta EE 9
-      - dependency-name: "org.springframework.cloud:*"
-        update-types: [ "version-update:semver-major" ]
-      # Keep Logback version 1.2.x
-      - dependency-name: "ch.qos.logback:*"
-        update-types: [ "version-update:semver-major", "version-update:semver-minor" ]
-      # Apache Cassandra: keep version 3.x
-      - dependency-name: "org.apache.cassandra:*"
-        versions: [ "[4.0.0,)" ]
-      # Kubernetes: keep version 5.x
-      - dependency-name: "io.fabric8:*"
-        versions: [ "[6.0.0,)" ]
       # Keep Jakarta EE at version 9.0
       - dependency-name: "jakarta.platform:*"
-        versions: [ "[10.0.0,)" ]
+        versions: [ "[10,)" ]
       # OpenRewrite is quite noisy. Let us skip patch and minor updates:
       - dependency-name: "org.openrewrite:*"
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
       - dependency-name: "org.openrewrite.maven:*"
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
       - dependency-name: "org.openrewrite.recipe:*"
         update-types: [ "version-update:semver-minor", "version-update:semver-patch" ]
-      # Json Unit 3.x requires Java 17
-      - dependency-name: "net.javacrumbs.json-unit:*"
-        versions: [ "[3.0.0,)" ]
       # SLF4J 1.7.x should only upgrade to 1.7.x and
       # SLF4J 2.x should only upgrade to 2.x.
       - dependency-name: "org.slf4j:slf4j-api"

.github/workflows/build.yaml

@@ -22,33 +22,29 @@ on:
     branches:
       - "2.x"
       - "release/2*"
-    paths-ignore:
-      - "**.adoc"
-      - "**.md"
-      - "**.txt"
   pull_request:
-    paths-ignore:
-      - "**.adoc"
-      - "**.md"
-      - "**.txt"
 
 permissions: read-all
 
 jobs:
 
   build:
     if: github.actor != 'dependabot[bot]'
-    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/11.0.0
+    # Temporary use `develocity` branch
+    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@develocity
+    secrets:
+      GE_ACCESS_TOKEN: ${{ ! startsWith(github.refname, 'release/') && secrets.GE_ACCESS_TOKEN }}
     with:
       java-version: |
         8
         17
       site-enabled: true
+      reproducibility-check-enabled: false
 
   deploy-snapshot:
     needs: build
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
-    uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/11.1.0
     # Secrets for deployments
     secrets:
       NEXUS_USERNAME: ${{ secrets.NEXUS_USER }}
@@ -60,8 +56,8 @@ jobs:
 
   deploy-release:
     needs: build
-    if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/2')
-    uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/11.0.0
+    if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/')
+    uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/11.1.0
     # Secrets for deployments
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}

.github/workflows/close-stale.yaml

@@ -0,0 +1,42 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: 'Close stale issues'
+on:
+  schedule:
+    - cron: '30 1 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e    # v9.0.0
+        with:
+          # Labels need to match with the ones in `labeler.yaml`!
+          only-labels: waiting-for-user
+          days-before-stale: 60
+          days-before-close: 7
+          stale-issue-message: >
+            This issue is stale because it has been waiting for your feedback for more than 60 days.
+            The Apache Logging Services community values every submitted issue, but without additional information from you,
+            we are unable to provide a solution to your problem.
+
+            Please comment on this issue or it will be closed in 7 days.

.github/workflows/codeql-analysis.yaml

@@ -30,7 +30,7 @@ permissions: read-all
 jobs:
 
   analyze:
-    uses: apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@rel/11.1.0
     with:
       java-version: |
         8

.github/workflows/deploy-site.yaml

@@ -33,10 +33,12 @@ jobs:
 
   deploy-site-stg:
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@develocity
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
+      # Temporarily disabled until build is fixed
+      # GE_ACCESS_TOKEN: ${{ secrets.GE_ACCESS_TOKEN }}
     # Write permissions for committing the generated site
     permissions:
       contents: write
@@ -51,10 +53,11 @@ jobs:
 
   deploy-site-pro:
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x-site-pro'
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@develocity
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
+      GE_ACCESS_TOKEN: ${{ secrets.GE_ACCESS_TOKEN }}
     # Write permissions for committing the generated site
     permissions:
       contents: write
@@ -68,7 +71,7 @@ jobs:
       target-branch: ${{ github.ref_name }}-out
 
   export-version:
-    if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/2')
+    if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/')
     runs-on: ubuntu-latest
     outputs:
       version: ${{ steps.export-version.outputs.version }}
@@ -81,10 +84,11 @@ jobs:
 
   deploy-site-rel:
     needs: export-version
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@develocity
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
+      GE_ACCESS_TOKEN: ${{ secrets.GE_ACCESS_TOKEN }}
     # Write permissions for committing the generated site
     permissions:
       contents: write

.github/workflows/labeler.yaml

@@ -0,0 +1,69 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: 'Check labels'
+on:
+  issue_comment:
+    types: [created]
+  issues:
+    types: [opened]
+env:
+  issue_user_type: >-
+    ${{
+      contains(fromJSON('["COLLABORATOR","CONTRIBUTOR","MEMBER","OWNER"]'), github.event.issue.author_association) && 'maintainer' || 'user'
+    }}
+  comment_user_type: >-
+    ${{
+      github.event_name == 'issue_comment' &&
+      (
+        contains(fromJSON('["COLLABORATOR","CONTRIBUTOR","MEMBER","OWNER"]'), github.event.comment.author_association) && 'maintainer' || 'user'
+      ) || null
+    }}
+
+permissions:
+  issues: write
+
+jobs:
+  check-labels:
+    # Prevents the job from running on pull requests
+    if: ${{ ! github.event.issue.pull_request }}
+    runs-on: ubuntu-latest
+
+    steps:
+
+     - name: Print user type
+       env:
+         ISSUE_AUTHOR: ${{ github.event.issue.author_association }}
+         COMMENT_AUTHOR: ${{ github.event.comment.author_association }}
+         EVENT_NAME: ${{ github.event_name }}
+         ISSUE_USER_TYPE: ${{ env.issue_user_type }}
+         COMMENT_USER_TYPE: ${{ env.comment_user_type }}
+       run: |
+         echo "Event name:" $EVENT_NAME
+         echo "Issue created by:" $ISSUE_USER_TYPE
+         echo "Issue author association:" $ISSUE_AUTHOR
+         echo "Comment created by:" $COMMENT_USER_TYPE
+         echo "Comment author association:" $COMMENT_AUTHOR
+
+     # The `waiting-for-maintainer` label needs to match with the one in `close-stale.yaml`!
+     - name: Add `waiting-for-maintainer` label
+       if: github.event_name == 'issues' && env.issue_user_type == 'user' || env.comment_user_type == 'user'
+       env:
+         ISSUE: ${{ github.event.issue.html_url }}
+         GH_TOKEN: ${{ github.token }}
+       run: |
+         gh issue edit $ISSUE --add-label 'waiting-for-maintainer' --remove-label 'waiting-for-user'

.github/workflows/merge-dependabot.yaml

@@ -30,15 +30,19 @@ jobs:
 
   build:
     if: github.repository == 'apache/logging-log4j2' && github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
-    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/11.0.0
+    # Temporary use `develocity` branch
+    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@develocity
+    secrets:
+      GE_ACCESS_TOKEN: ${{ secrets.GE_ACCESS_TOKEN }}
     with:
       java-version: |
         8
         17
+      reproducibility-check-enabled: false
 
   merge-dependabot:
     needs: build
-    uses: apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.0.0
+    uses: apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.1.0
     with:
       java-version: 17
     permissions:

.gitignore

@@ -16,8 +16,10 @@
 .project
 .idea
 **/*.iml
+.vscode
 /.metadata/
 /.mvn/wrapper/maven-wrapper.jar
+/.mvn/.develocity
 .flattened-pom.xml
 .project
 .settings

.mvn/develocity.xml

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
+<develocity>
+    <projectId>logging-log4j2</projectId>
+    <server>
+        <url>https://ge.apache.org</url>
+    </server>
+    <buildScan>
+        <obfuscation>
+            <ipAddresses>0.0.0.0</ipAddresses>
+        </obfuscation>
+        <publishing>
+            <onlyIf>
+                <![CDATA[env['CI'] != null]]>
+            </onlyIf>
+        </publishing>
+        <backgroundBuildScanUpload>false</backgroundBuildScanUpload>
+    </buildScan>
+    <buildCache>
+        <local>
+            <enabled>false</enabled>
+        </local>
+        <remote>
+            <enabled>false</enabled>
+        </remote>
+    </buildCache>
+</develocity>