From 2502a8def05ab5db2f9de612b2e1d4df47a08049 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 24 Dec 2025 22:12:10 +0000
Subject: [PATCH] build(deps): bump logback from 1.5.22 to 1.5.23 (#5298)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps `logback` from 1.5.22 to 1.5.23.
Updates `ch.qos.logback:logback-core` from 1.5.22 to 1.5.23
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.23</h2>
<p><strong>2025-12-21 Release of logback version 1.5.23</strong></p>
<p>• In response to <a
href="https://redirect.github.com/qos-ch/logback/issues/959">issues/959</a>
file name collisions are detected at configuration time by analyzing the
configuration file and no longer at run time. This avoids the
<code>ConcurrentModificationException</code> reported in the issue.</p>
<p>• ZIP and XZ compression now use a <code>BufferedOutputStream</code>
when writing to the compressed file. This issue was reported in <a
href="https://redirect.github.com/qos-ch/logback/issues/988">issues/988</a>.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
0bcc3feb54a6d99caac70969ee5f8334aad1fbaf associated with the tag
v_1.5.23. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/0bcc3feb54a6d99caac70969ee5f8334aad1fbaf"><code>0bcc3fe</code></a>
prepare release 1.5.23</li>
<li><a
href="https://github.com/qos-ch/logback/commit/4627dbd618cbb2365a09c8013ec3fc00d349743e"><code>4627dbd</code></a>
better to use BufferedOutputStream during ZIP and XZ compression,
especially ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/299f091d3211ad38869aadadbf7b2f66f231ad52"><code>299f091</code></a>
add collision test in presence of conditional processing</li>
<li><a
href="https://github.com/qos-ch/logback/commit/b446f3f06188f4041cea827832ffb8a90fb07241"><code>b446f3f</code></a>
In Context, remove collision map</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a3eb14df4886ce8c398f6486b22ea77ad45ba9af"><code>a3eb14d</code></a>
in response to issues/959, collision detection is now done by
FileCollisionAn...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/681b2be7e11dc46f883ead7ed4603dbad92812ae"><code>681b2be</code></a>
remove unused method, minor comment edits</li>
<li><a
href="https://github.com/qos-ch/logback/commit/17a3edfccc6021cfdd6f0ff52bfd2ae8bcc2c393"><code>17a3edf</code></a>
start work on 1.5.23-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.23">compare
view</a></li>
</ul>
</details>
<br />

Updates `ch.qos.logback:logback-classic` from 1.5.22 to 1.5.23
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases">ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.23</h2>
<p><strong>2025-12-21 Release of logback version 1.5.23</strong></p>
<p>• In response to <a
href="https://redirect.github.com/qos-ch/logback/issues/959">issues/959</a>
file name collisions are detected at configuration time by analyzing the
configuration file and no longer at run time. This avoids the
<code>ConcurrentModificationException</code> reported in the issue.</p>
<p>• ZIP and XZ compression now use a <code>BufferedOutputStream</code>
when writing to the compressed file. This issue was reported in <a
href="https://redirect.github.com/qos-ch/logback/issues/988">issues/988</a>.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
0bcc3feb54a6d99caac70969ee5f8334aad1fbaf associated with the tag
v_1.5.23. Release built using Java &quot;21&quot; 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/0bcc3feb54a6d99caac70969ee5f8334aad1fbaf"><code>0bcc3fe</code></a>
prepare release 1.5.23</li>
<li><a
href="https://github.com/qos-ch/logback/commit/4627dbd618cbb2365a09c8013ec3fc00d349743e"><code>4627dbd</code></a>
better to use BufferedOutputStream during ZIP and XZ compression,
especially ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/299f091d3211ad38869aadadbf7b2f66f231ad52"><code>299f091</code></a>
add collision test in presence of conditional processing</li>
<li><a
href="https://github.com/qos-ch/logback/commit/b446f3f06188f4041cea827832ffb8a90fb07241"><code>b446f3f</code></a>
In Context, remove collision map</li>
<li><a
href="https://github.com/qos-ch/logback/commit/a3eb14df4886ce8c398f6486b22ea77ad45ba9af"><code>a3eb14d</code></a>
in response to issues/959, collision detection is now done by
FileCollisionAn...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/681b2be7e11dc46f883ead7ed4603dbad92812ae"><code>681b2be</code></a>
remove unused method, minor comment edits</li>
<li><a
href="https://github.com/qos-ch/logback/commit/17a3edfccc6021cfdd6f0ff52bfd2ae8bcc2c393"><code>17a3edf</code></a>
start work on 1.5.23-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.23">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/build.gradle b/build.gradle
index a4dd1be91..fc0bb73ae 100644
--- a/build.gradle
+++ b/build.gradle
@@ -25,7 +25,7 @@ ext {
     openSamlVersion = "4.3.2"
     commonmarkVersion = "0.27.0"
     googleJavaFormatVersion = "1.28.0"
-    logback = "1.5.22"
+    logback = "1.5.23"
     junitPlatformVersion = "1.12.2"
 }
 
