Bump org.apache.logging.log4j:log4j-bom from 2.25.3 to 2.25.4 in the log4j group

[dependabot]

Bumps the log4j group with 1 update: org.apache.logging.log4j:log4j-bom.

Updates org.apache.logging.log4j:log4j-bom from 2.25.3 to 2.25.4

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.4

This patch release delivers fixes for configuration inconsistencies and formatting issues across several layouts.

• Restores alignment between documented and actual configuration attributes.
• Fixes formatting and sanitization issues in XML and RFC5424 layouts.
• Improves handling of invalid characters and non-standard values.

The authoritative list of recognized configuration attributes is available in the PluginReference.

Fixed

• Don't issue warnings if extra argument in parameterized logging is null. (#3975, #4014)
• Restore support for documented Rfc5424Layout parameter names. (#4022, #4074)
• Take Throwable#toString() into account while rendering stack traces in Pattern Layout. (#3623, #4033)
• Added debug level logs for successful resource loading in Loader class. (#4058, #4060)
• Align SslConfiguration factory method usage with Log4j 2.12+ API. The verifyHostname attribute is now correctly recognized. (#4061, #4075)
• Fix sanitization of structured data parameter names in RFC5424 layout. (#4073)
• Replace invalid characters in XmlLayout output with the Unicode replacement character (U+FFFD). (#4077)
• Replace invalid characters in Log4j1XmlLayout output with the Unicode replacement character (U+FFFD). (#4078)
• Replace invalid characters in MapMessage.asXml() output with the Unicode replacement character (U+FFFD). (#4079)
• Write non-finite floating-point numbers as strings in JsonWriter. (#4080)

Commits

• 0628e53 Update the project.build.outputTimestamp property
• a2590b4 Add debug logs for successful resource loading in Loader (#4060)
• b788154 Changelog for additional fixes
• 59bd6b3 Avoid referring to PluginBuilderAttribute.class in PluginProcessor (#4041)
• 79568db Take Throwable#toString() into account while rendering stack traces in Patt...
• 0881bc5 Add versioning and support policy information (#3341)
• 0543b52 docs: recommend use of appropriately scoped trust roots (#4006)
• 7a1e0ad Fix warning when last argument is null (#4014)
• 5286148 Remove Log4j Jakarta EE link from navigation file (#4025)
• adcda32 Retire Log4j Scala (#4030)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions