Bump flogger from 0.5.1 to 0.7.4

[dependabot]

Bumps flogger from 0.5.1 to 0.7.4.

Release notes

Sourced from flogger's releases.

Flogger 0.7.4

Updates the log4j dependency of the flogger-log4j2-backend to 2.17.0 (CVE-2021-45105).

Note that users of this backend should also be able to update their log4j dependency without updating to this Flogger version.

Flogger 0.7.3

Updates the log4j dependency of the flogger-log4j2-backend to 2.16.0 (CVE-2021-45046).

Note that users of this backend should also be able to update their log4j dependency without updating to this Flogger version.

Flogger 0.7.2

Updates the log4j dependency of the flogger-log4j2-backend to 2.15.0 (CVE-2021-44228).

Note that users of this backend should also be able to update their log4j dependency without updating to this Flogger version.

Flogger 0.7.1

Significant change

Changed DefaultPlatform to attempt to load services (currently BackendFactory, ContextDataProvider and Clock) from the classpath if not specified by system property. The log4j, log4j2 and slf4j backend artifacts can now be loaded automatically in this way, as can the gRPC ContextDataProvider artifact. Third party service implementations can also work with this system by ensuring their artifact includes service metadata for the appropriate classes in the jar, such as annotating the implementation classes using AutoService. (1fea2f3)

Other changes

• Added more useful methods to the ScopedLoggingContexts helper API. (de2f5a3)
• Tags given at the log site can be merged with injected tags. (6e97e9e)
• The log4j2 backend now supports ScopedLoggingContext. (d3e4a98)
• Updated SLF4J backend to include context metadata. (9d7d2c6)
• Include context metadata for log4j2. (8846b42)
• Made StackBasedLogSite non-public (use LogSites.logSiteFrom() instead). (7373a43)
• Added per() methods to allow for aggregation of rate limited log statements. (69c7480)
• Fixed an issue with log4j2 backend where output would include unnecessary info such as level as part of the logger name. (4279348)

Flogger 0.7

IMPORTANT

There was an error cutting this release and the main Flogger jar is missing several necessary class files. Please use Flogger 0.7.1 instead.

Flogger 0.6

• Eliminated self-reference in pom.xml. (6a468cc)
• Added gRPC context implementation. (79957c8)
• Renamed LoggingScope to LoggingContextCloseable. (8442b81)
• Tags no longer explicitly return a SortedSet/Map (callers should use <? extends Set/Map>). (b849fa9)
• Platform implementations now use ContextDataProvider instead of LoggingContext (which will be deleted soon).
• Removed JdkLoggerConfig (google/flogger#142). (62d0db6)
• Added provisional support for metadata keys/values in scopes. (f2ab0fd)
• Made MetadataKey's emit() method properly typed for its value. (95ded18)
• Added with(MetadataKey<Boolean>) method for setting metadata "flags". (2f1243e)
• Improved the ScopedLoggingContext API. (169d67d)
• Added log source information to the Log4J2 Event. (e1c6794)
• Various refactorings and test improvements.

Commits

• 5e41099 Update bazel-common dependency, updating flogger-log4j2-backend's log4j2 depe...
• 743505c Update bazel-common dependency, updating flogger-log4j2-backend's log4j2 depe...
• a573072 Update bazel-common version to update log4j dependency to 2.15.0 (CVE-2021-44...
• f1464c1 Change a couple tests not to call log(String) with non-constant arguments.
• 6bda67b Make Metadata handling robust against reentrant logging (especially if custom...
• e0a6a88 Internal change
• 68a860c Fix combined api jar to include classes that were moved to new targets. The j...
• 3e3f3ba Allowing Tags to be injected at the log site. While this is a very rare use c...
• 8aa984b Allowing Tags to be injected at the log site. While this is a very rare use c...
• 6e97e9e Allowing Tags to be injected at the log site. While this is a very rare use c...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)