Bump commons-logging:commons-logging from 1.3.5 to 1.3.6

[dependabot]

Bumps commons-logging:commons-logging from 1.3.5 to 1.3.6.

Changelog

Sourced from commons-logging:commons-logging's changelog.

Apache Commons Logging 1.3.6 Release Notes

The Apache Commons Logging team is pleased to announce the release of Apache Commons Logging 1.3.6.

Apache Commons Logging is a thin adapter allowing configurable bridging to other, well-known logging systems.

This is a feature and maintenance release. Java 8 or later is required.

Changes in this version

Fixed Bugs

•           Fix running spotbugs:check: Unable to parse configuration of mojo. Thanks to Gary Gregory.
  

•           Update deprecated call in PathableClassLoader.addLogicalLib(String). Thanks to Gary Gregory.
  

•           Fix malformed Javadoc comments. Thanks to Gary Gregory.
  

•           Fix log level in Slf4jLogFactory.error(Object, Throwable) [#416](https://github.com/apache/commons-logging/issues/416). Thanks to Gary Gregory.
  

Changes

•           Bump org.apache.commons:commons-parent from 81 to 97 [#361](https://github.com/apache/commons-logging/issues/361), [#367](https://github.com/apache/commons-logging/issues/367), [#388](https://github.com/apache/commons-logging/issues/388), [#409](https://github.com/apache/commons-logging/issues/409), [#410](https://github.com/apache/commons-logging/issues/410). Thanks to Gary Gregory, Dependabot.
  

•           Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17 [#344](https://github.com/apache/commons-logging/issues/344). Thanks to Gary Gregory, Dependabot.
  

•           Bump com.h3xstream.findsecbugs:findsecbugs-plugin from 1.13.0 to 1.14.0 [#360](https://github.com/apache/commons-logging/issues/360). Thanks to Gary Gregory, Dependabot.
  

•           Bump log4j2.version from 2.24.3 to 2.25.3 [#371](https://github.com/apache/commons-logging/issues/371), [#412](https://github.com/apache/commons-logging/issues/412). Thanks to Gary Gregory, Dependabot.
  

•           Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.20.0 [#373](https://github.com/apache/commons-logging/issues/373). Thanks to Gary Gregory, Dependabot.
  

•           Bump ch.qos.logback:logback-core from 1.3.14 to 1.3.16 [#411](https://github.com/apache/commons-logging/issues/411).. Thanks to Gary Gregory, Dependabot.
  

Historical list of changes: https://commons.apache.org/proper/commons-logging/changes.html

Download it from https://commons.apache.org/proper/commons-logging/download_logging.cgi

For complete information on Apache Commons Logging, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Logging website:

https://commons.apache.org/proper/commons-logging/

---

Commits

• 141c9ea Prepare for the release candidate 1.3.6 RC1
• 05cbf46 Prepare for release
• 3ea5f4d Prepare for the next release candidate
• d8e5e80 Simplify
• 694754e Simpler description.
• 97e7660 Fix log level in Slf4jLogFactory.error(Object, Throwable) #416
• 07452cc fix LogLevel (#416)
• c8c20de Bump github/codeql-action from 4.32.4 to 4.32.5
• b879d3e Bump org.apache.commons:commons-parent from 96 to 97.
• 5b2e759 Add security page.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 37%. Comparing base (a46b0bb) to head (e29a2fe).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff            @@
##             master   #2656   +/-   ##
========================================
- Coverage        37%     37%   -0%     
  Complexity       74      74           
========================================
  Files           199     199           
  Lines         13551   13551           
  Branches       1431    1431           
========================================
- Hits           4903    4902    -1     
  Misses         8240    8240           
- Partials        408     409    +1     

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.