From a8889222e49fcea476287817b595bf6a98f259d7 Mon Sep 17 00:00:00 2001
From: ASF Logging Services RM <private@logging.apache.org>
Date: Mon, 5 Feb 2024 11:05:38 +0000
Subject: [PATCH 1/2] Update `org.assertj:assertj-core` to version `3.25.3`
 (#2262)

---
 log4j-parent/pom.xml                                     | 2 +-
 src/changelog/.2.x.x/update_org_assertj_assertj_core.xml | 4 ++--
 src/site/_release-notes/_2.x.x.adoc                      | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/log4j-parent/pom.xml b/log4j-parent/pom.xml
index c7a3d1ff23b..4c11322b22b 100644
--- a/log4j-parent/pom.xml
+++ b/log4j-parent/pom.xml
@@ -63,7 +63,7 @@
     <activemq.version>6.0.1</activemq.version>
     <angus-activation.version>2.0.1</angus-activation.version>
     <angus-mail.version>2.0.2</angus-mail.version>
-    <assertj.version>3.25.2</assertj.version>
+    <assertj.version>3.25.3</assertj.version>
     <awaitility.version>4.2.0</awaitility.version>
     <bsh.version>2.0b6</bsh.version>
     <cassandra.version>3.11.16</cassandra.version>
diff --git a/src/changelog/.2.x.x/update_org_assertj_assertj_core.xml b/src/changelog/.2.x.x/update_org_assertj_assertj_core.xml
index 9540e0643ca..d6fdc84c57c 100644
--- a/src/changelog/.2.x.x/update_org_assertj_assertj_core.xml
+++ b/src/changelog/.2.x.x/update_org_assertj_assertj_core.xml
@@ -3,6 +3,6 @@
        xmlns="http://logging.apache.org/log4j/changelog"
        xsi:schemaLocation="http://logging.apache.org/log4j/changelog https://logging.apache.org/log4j/changelog-0.1.3.xsd"
        type="updated">
-  <issue id="2244" link="https://github.com/apache/logging-log4j2/pull/2244"/>
-  <description format="asciidoc">Update `org.assertj:assertj-core` to version `3.25.2`</description>
+  <issue id="2262" link="https://github.com/apache/logging-log4j2/pull/2262"/>
+  <description format="asciidoc">Update `org.assertj:assertj-core` to version `3.25.3`</description>
 </entry>
diff --git a/src/site/_release-notes/_2.x.x.adoc b/src/site/_release-notes/_2.x.x.adoc
index 42bd635e413..d34b815d92a 100644
--- a/src/site/_release-notes/_2.x.x.adoc
+++ b/src/site/_release-notes/_2.x.x.adoc
@@ -54,5 +54,5 @@ This releases contains ...
 * Update `io.netty:netty-bom` to version `4.1.106.Final` (https://github.com/apache/logging-log4j2/pull/2225[2225])
 * Update `org.apache.logging:logging-parent` to version `10.6.0` (https://github.com/apache/logging-log4j2/pull/2197[2197])
 * Update `org.apache.maven.surefire:surefire-junit47` to version `3.2.5` (https://github.com/apache/logging-log4j2/pull/2178[2178])
-* Update `org.assertj:assertj-core` to version `3.25.2` (https://github.com/apache/logging-log4j2/pull/2244[2244])
+* Update `org.assertj:assertj-core` to version `3.25.3` (https://github.com/apache/logging-log4j2/pull/2262[2262])
 * Update `org.codehaus.groovy:groovy-bom` to version `3.0.20` (https://github.com/apache/logging-log4j2/pull/2125[2125])

From 7d6f427af95b81eb7ab45cff592a67f37ecdef52 Mon Sep 17 00:00:00 2001
From: ASF Logging Services RM <private@logging.apache.org>
Date: Mon, 5 Feb 2024 11:46:42 +0000
Subject: [PATCH 2/2] Update `github/codeql-action` to version `3.24.0` (#2264)

---
 .github/workflows/scorecards-analysis.yaml           | 2 +-
 src/changelog/.2.x.x/update_github_codeql_action.xml | 4 ++--
 src/site/_release-notes/_2.x.x.adoc                  | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/scorecards-analysis.yaml b/.github/workflows/scorecards-analysis.yaml
index c63c05297ec..41310868bd1 100644
--- a/.github/workflows/scorecards-analysis.yaml
+++ b/.github/workflows/scorecards-analysis.yaml
@@ -70,6 +70,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@b7bf0a3ed3ecfa44160715d7c442788f65f0f923    # 2.1.22
+        uses: github/codeql-action/upload-sarif@e8893c57a1f3a2b659b6b55564fdfdbbd2982911    # 2.1.22
         with:
           sarif_file: results.sarif
diff --git a/src/changelog/.2.x.x/update_github_codeql_action.xml b/src/changelog/.2.x.x/update_github_codeql_action.xml
index a8b0e6781d7..a15f8e18860 100644
--- a/src/changelog/.2.x.x/update_github_codeql_action.xml
+++ b/src/changelog/.2.x.x/update_github_codeql_action.xml
@@ -3,6 +3,6 @@
        xmlns="http://logging.apache.org/log4j/changelog"
        xsi:schemaLocation="http://logging.apache.org/log4j/changelog https://logging.apache.org/log4j/changelog-0.1.3.xsd"
        type="updated">
-  <issue id="2253" link="https://github.com/apache/logging-log4j2/pull/2253"/>
-  <description format="asciidoc">Update `github/codeql-action` to version `3.23.2`</description>
+  <issue id="2264" link="https://github.com/apache/logging-log4j2/pull/2264"/>
+  <description format="asciidoc">Update `github/codeql-action` to version `3.24.0`</description>
 </entry>
diff --git a/src/site/_release-notes/_2.x.x.adoc b/src/site/_release-notes/_2.x.x.adoc
index d34b815d92a..bae1ad8252a 100644
--- a/src/site/_release-notes/_2.x.x.adoc
+++ b/src/site/_release-notes/_2.x.x.adoc
@@ -50,7 +50,7 @@ This releases contains ...
 * Update `co.elastic.clients:elasticsearch-java` to version `8.12.0` (https://github.com/apache/logging-log4j2/pull/2212[2212])
 * Update `com.fasterxml.jackson:jackson-bom` to version `2.16.1` (https://github.com/apache/logging-log4j2/pull/2126[2126])
 * Update `com.google.code.java-allocation-instrumenter:java-allocation-instrumenter` to version `3.3.4` (https://github.com/apache/logging-log4j2/pull/2103[2103])
-* Update `github/codeql-action` to version `3.23.2` (https://github.com/apache/logging-log4j2/pull/2253[2253])
+* Update `github/codeql-action` to version `3.24.0` (https://github.com/apache/logging-log4j2/pull/2264[2264])
 * Update `io.netty:netty-bom` to version `4.1.106.Final` (https://github.com/apache/logging-log4j2/pull/2225[2225])
 * Update `org.apache.logging:logging-parent` to version `10.6.0` (https://github.com/apache/logging-log4j2/pull/2197[2197])
 * Update `org.apache.maven.surefire:surefire-junit47` to version `3.2.5` (https://github.com/apache/logging-log4j2/pull/2178[2178])