Bump org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.0 in /data-prepper-expression

[dependabot]

Bumps org.apache.logging.log4j:log4j-bom from 2.22.1 to 2.23.0.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.23.0

This release adds support for LMAX Disruptor 4.x and several performance and bug fixes.

In order to maintain compatibility with JRE 8, support for LMAX Disruptor 3.x is maintained.

Added

• Added support for LMAX Disruptor 4.x (#1821)

Changed

• Simplify BND configuration after upgrade from version 6.4.1 to 7.0.0

Deprecated

• Deprecate the configuration attribute verbose (i.e., <Configuration verbose="...") and StatusConsoleListener filters (#2226)
• Deprecated the RingBufferLogEventHandler class for removal from the public API in 3.x

Fixed

• Fix regression in JdkMapAdapterStringMap performance. (#2238)
• Fix the behavior of Logger#setLevel and Logger#getLevel in the Log4j 1.2 bridge. (#2282)
• Fix the behavior of CoreLogger#getLevel and CoreLogger#setLevel in the log4j-jul module. (#2282)
• Allow deserialization of all arrays of allowed classes. (LOG4J2-3680)
• Allow the node to appear in any position in the configuration element.
• Fix forgotten threadName field in RingBufferLogEvent#clear(). (#2234)
• Fix StringBuilder cache corruption on recursive access.
• Fixed use of SecurityManager in LoaderUtil where AccessController::doPrivileged should only be invoked when a SecurityManager is installed. Some runtimes do not seem to have this method available. (#2129)
• Fix log4j-spring-cloud-config-client dependencies to include only those required. (#2157)
• Fix typo in Kubernetes clientKeyData configuration property.

Updated

• Update com.fasterxml.jackson:jackson-bom to version 2.16.1 (#2126)
• Update commons-codec:commons-codec to version 1.16.1 (#2277)
• Update io.netty:netty-bom to version 4.1.107.Final (#2284)
• Update org.apache.logging:logging-parent to version 10.6.0 (#2197)
• Update org.eclipse.jetty:jetty-bom to version 9.4.54.v20240208 (#2287)
• Update org.jctools:jctools-core to version 4.0.3 (#2270)
• Update org.springframework:spring-framework-bom to version 5.3.32 (#2293)
• Update org.zeromq:jeromq to version 0.6.0 (#2271)

Commits

• 73da901 Release changelog for version 2.23.0
• de74dd6 Update the project.build.outputTimestamp property
• feefcf1 Set version to 2.23.0
• 44254fc Prepare release notes for 2.23.0
• f53fca1 Fix behavior of CoreLogger#getLevel
• 1755087 Update github/codeql-action to version 3.24.3 (#2295)
• 9dc6aab Update org.springframework:spring-framework-bom to version 5.3.32 (#2293)
• fb49b23 Update commons-codec:commons-codec to version 1.16.1 (#2277)
• 5fbff3f Review corrections for #2278
• f87c5a7 Allow arbitrary position of \<Properties> element
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)