deps(deps): bump the logging group across 1 directory with 3 updates by dependabot[bot] · Pull Request #8 · ktestify/ktestify-plugin-azureblob

dependabot · 2026-05-18T11:33:03Z

Bumps the logging group with 3 updates in the / directory: org.slf4j:slf4j-api, org.apache.logging.log4j:log4j-slf4j2-impl and org.apache.logging.log4j:log4j-core.

Updates org.slf4j:slf4j-api from 2.0.17 to 2.0.18

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.25.4 to 2.26.0

Updates org.apache.logging.log4j:log4j-core from 2.25.4 to 2.26.0

github-actions · 2026-05-18T11:33:18Z

📋 Unreleased Changelog Preview

This is what the next release notes will look like based on commits in this PR.

Changelog

All notable changes to this project will be documented in this file.

[Unreleased]

✨ Features

Added integrations tests — @nil-malh
Add integration test classes and configure JaCoCo for code coverage — @nil-malh

⬆️ Dependency Updates

Updated KTestify Core to 0.1.0-rc1 — @nil-malh
Bump com.azure:azure-storage-blob (deps) — @dependabot[bot]
Bump the logging group across 1 directory with 3 updates (deps)

🐛 Bug Fixes

Fixed integration-tests.yml that was failing trying to install ktestify-core from local — @nil-malh

🔧 Miscellaneous

Migrated workflows from GitHub PAT to GITHUB_TOKEN — @nil-malh

🎉 New Contributors

@nil-malh made their first contribution in #1

Generated by git-cliff

🔄 Run #21 · Mon, 18 May 2026 11:33:18 GMT

github-actions · 2026-05-18T11:34:18Z

✅ Test Results

	Metric	Count
✅	Passed	103
❌	Failed	0
⏭️	Skipped	0
📊	Total	103

✅ Coverage

	Type	Coverage	Covered / Total
📏	Lines	80.8%	286 / 354
🌿	Branches	64.8%	92 / 142
🔧	Methods	95.5%	64 / 67

🔄 CI run #45 · Mon, 15 Jun 2026 07:16:49 GMT

Bumps the logging group with 3 updates in the / directory: org.slf4j:slf4j-api, org.apache.logging.log4j:log4j-slf4j2-impl and org.apache.logging.log4j:log4j-core. Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.4 to 2.26.0 Updates `org.apache.logging.log4j:log4j-core` from 2.25.4 to 2.26.0 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: logging - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: logging - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: logging ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-15T07:15:50Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

maven/org.apache.logging.log4j:log4j-core

2.26.0

🟢 8.3

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests	🟢 4	4 out of 9 merged PRs checked by a CI test -- score normalized to 4
CII-Best-Practices	⚠️ 2	badge detected: in_progress
Code-Review	⚠️ 1	found 20 unreviewed changesets out of 23 -- score normalized to 1
Contributors	🟢 10	46 different organizations found -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	🟢 10	update tool detected
Fuzzing	🟢 10	project is fuzzed
License	🟢 10	license file detected
Maintained	🟢 10	30 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	no published package detected
Pinned-Dependencies	🟢 10	all dependencies are pinned
SAST	⚠️ 2	SAST tool is not run on all commits -- score normalized to 2
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 10	no vulnerabilities detected

maven/org.apache.logging.log4j:log4j-slf4j2-impl

2.26.0

🟢 8.3

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests	🟢 4	4 out of 9 merged PRs checked by a CI test -- score normalized to 4
CII-Best-Practices	⚠️ 2	badge detected: in_progress
Code-Review	⚠️ 1	found 20 unreviewed changesets out of 23 -- score normalized to 1
Contributors	🟢 10	46 different organizations found -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	🟢 10	update tool detected
Fuzzing	🟢 10	project is fuzzed
License	🟢 10	license file detected
Maintained	🟢 10	30 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	no published package detected
Pinned-Dependencies	🟢 10	all dependencies are pinned
SAST	⚠️ 2	SAST tool is not run on all commits -- score normalized to 2
Security-Policy	🟢 10	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 10	no vulnerabilities detected

maven/org.slf4j:slf4j-api

2.0.18

🟢 5.2

Details

Check	Score	Reason
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Maintained	🟢 5	3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Code-Review	⚠️ 0	Found 2/30 approved changesets -- score normalized to 0
Security-Policy	🟢 10	security policy file detected
Packaging	⚠️ -1	packaging workflow not detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts	⚠️ 0	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	🟢 10	project is fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

Scanned Files

pom.xml

github-actions · 2026-06-15T07:15:50Z

📋 Unreleased Changelog Preview

This is what the next release notes will look like based on commits in this PR.

Changelog

All notable changes to this project will be documented in this file.

[Unreleased]

Bug Fixes

Fixed integration-tests.yml that was failing trying to install ktestify-core from local — @nil-malh

Miscellaneous

Migrated workflows from GitHub PAT to GITHUB_TOKEN — @nil-malh
Removed codeql.yml to use GitHub's & fixed an issue with the release workflow. — @nil-malh

✨ Features

Added integrations tests — @nil-malh
Add integration test classes and configure JaCoCo for code coverage — @nil-malh
Add README.md and update changelog configuration — @nil-malh

⬆️ Dependency Updates

Updated KTestify Core to 0.1.0-rc1 — @nil-malh
Bump com.azure:azure-storage-blob (deps) — @dependabot[bot]
Bump the logging group across 1 directory with 3 updates (deps)

New Contributors

@nil-malh made their first contribution in #15

Generated by git-cliff

🔄 Run #40 · Mon, 15 Jun 2026 07:15:50 GMT

dependabot Bot added dependencies java labels May 18, 2026

dependabot Bot force-pushed the dependabot/maven/logging-89f810f10b branch from 652b63f to e4d9954 Compare June 15, 2026 07:15

dependabot Bot requested a review from nil-malh as a code owner June 15, 2026 07:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps(deps): bump the logging group across 1 directory with 3 updates#8

deps(deps): bump the logging group across 1 directory with 3 updates#8
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/logging-89f810f10b

dependabot Bot commented on behalf of github May 18, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented May 18, 2026

Uh oh!

github-actions Bot commented May 18, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Jun 15, 2026

Uh oh!

github-actions Bot commented Jun 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions Bot commented May 18, 2026

📋 Unreleased Changelog Preview

Changelog

[Unreleased]

✨ Features

⬆️ Dependency Updates

🐛 Bug Fixes

🔧 Miscellaneous

🎉 New Contributors

Uh oh!

github-actions Bot commented May 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Test Results

✅ Coverage

Uh oh!

github-actions Bot commented Jun 15, 2026

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

github-actions Bot commented Jun 15, 2026

📋 Unreleased Changelog Preview

Changelog

[Unreleased]

Bug Fixes

Miscellaneous

✨ Features

⬆️ Dependency Updates

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 18, 2026 •

edited

Loading

github-actions Bot commented May 18, 2026 •

edited

Loading