From 083eba58d8f2d5dfe9bce4d1e7bf187d5da396b7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 3 Mar 2023 13:07:55 +0000
Subject: [PATCH 1/6] Bump commons-io from 2.4 to 2.7

Bumps commons-io from 2.4 to 2.7.

Signed-off-by: dependabot[bot] <support@github.com>
---
 pepper-lib/pom.xml | 2 +-
 pom.xml            | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pepper-lib/pom.xml b/pepper-lib/pom.xml
index 367c00425..ba56a98d6 100644
--- a/pepper-lib/pom.xml
+++ b/pepper-lib/pom.xml
@@ -42,7 +42,7 @@
 		<dependency>
 			<groupId>commons-io</groupId>
 			<artifactId>commons-io</artifactId>
-			<version>2.4</version>
+			<version>2.7</version>
 		</dependency>
 		<dependency>
 			<groupId>org.codehaus.janino</groupId>
diff --git a/pom.xml b/pom.xml
index 5894e2c50..af2d197fb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -116,7 +116,7 @@
 		<org.codehaus.janino.version>2.7.8</org.codehaus.janino.version>
 		<org.eclipse.aether.version>1.0.2.v20150114</org.eclipse.aether.version>
 		<org.eclipse.osgi.services.version>3.4.0.v20140312-2051</org.eclipse.osgi.services.version>
-		<commons.io.version>2.4</commons.io.version>
+		<commons.io.version>2.7</commons.io.version>
 		<!-- versions of plugins -->
 		<maven-bundle-plugin.version>2.5.4</maven-bundle-plugin.version>
 		<maven-resources-plugin.version>2.7</maven-resources-plugin.version>

From 7da007c6f85d88dfa069a067e76691ac46b2aaf2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 3 Mar 2023 13:07:56 +0000
Subject: [PATCH 2/6] Bump logback-classic from 1.0.13 to 1.2.0 in /pepper-lib

Bumps logback-classic from 1.0.13 to 1.2.0.

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pepper-lib/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pepper-lib/pom.xml b/pepper-lib/pom.xml
index 367c00425..0e660d74e 100644
--- a/pepper-lib/pom.xml
+++ b/pepper-lib/pom.xml
@@ -32,7 +32,7 @@
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
 			<artifactId>logback-classic</artifactId>
-			<version>1.0.13</version>
+			<version>1.2.0</version>
 		</dependency>
 		<dependency>
 			<groupId>ch.qos.logback</groupId>

From 54d51c107b962c04273a8f8bfad55766d9b70f9a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 3 Mar 2023 13:08:05 +0000
Subject: [PATCH 3/6] Bump logback-core from 1.0.13 to 1.2.9 in /pepper-lib

Bumps logback-core from 1.0.13 to 1.2.9.

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pepper-lib/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pepper-lib/pom.xml b/pepper-lib/pom.xml
index 367c00425..670c8ad94 100644
--- a/pepper-lib/pom.xml
+++ b/pepper-lib/pom.xml
@@ -37,7 +37,7 @@
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
 			<artifactId>logback-core</artifactId>
-			<version>1.0.13</version>
+			<version>1.2.9</version>
 		</dependency>
 		<dependency>
 			<groupId>commons-io</groupId>

From 73f33749f8ca1ada4b7d28f452218d9642eeb37c Mon Sep 17 00:00:00 2001
From: Thomas Krause <thomas.krause@hu-berlin.de>
Date: Mon, 25 Nov 2024 17:42:14 +0100
Subject: [PATCH 4/6] Update logging implementation to fix security issues and
 compatibility with newer Eclipse releases

---
 CHANGELOG.md                | 1 +
 pepper-doc/pom.xml          | 2 +-
 pepper-framework/pom.xml    | 2 +-
 pepper-lib/pom.xml          | 2 +-
 pepper-newModule/pom.xml    | 2 +-
 pepper-parentModule/pom.xml | 2 +-
 pom.xml                     | 4 ++--
 7 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 846330c83..9ceb11d56 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
 
 - Update some dependencies for better compatibility with newer Java versions
+- Update logging implementation to fix security issues and compatibility with newer Eclipse releases 
 
 ## [3.6.0] - 2021-03-01
 
diff --git a/pepper-doc/pom.xml b/pepper-doc/pom.xml
index 8a7de7177..f80e1cde8 100644
--- a/pepper-doc/pom.xml
+++ b/pepper-doc/pom.xml
@@ -9,7 +9,7 @@
 		<groupId>org.corpus-tools</groupId>
 		<artifactId>pepper</artifactId>
 		<relativePath>../pom.xml</relativePath>
-		<version>3.6.1</version>
+		<version>3.7.0-SNAPSHOT</version>
 	</parent>
 
 	<properties>
diff --git a/pepper-framework/pom.xml b/pepper-framework/pom.xml
index c9e67c3c5..f4f55915f 100644
--- a/pepper-framework/pom.xml
+++ b/pepper-framework/pom.xml
@@ -7,7 +7,7 @@
 
 		<groupId>org.corpus-tools</groupId>
 		<artifactId>pepper</artifactId>
-		<version>3.6.1</version>
+		<version>3.7.0-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<description>This project contains the core of Pepper.</description>
diff --git a/pepper-lib/pom.xml b/pepper-lib/pom.xml
index e839db200..fe0b3989b 100644
--- a/pepper-lib/pom.xml
+++ b/pepper-lib/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.corpus-tools</groupId>
 		<artifactId>pepper</artifactId>
-		<version>3.6.1</version>
+		<version>3.7.0-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<dependencies>
diff --git a/pepper-newModule/pom.xml b/pepper-newModule/pom.xml
index 24cb132d9..8c5d793ed 100755
--- a/pepper-newModule/pom.xml
+++ b/pepper-newModule/pom.xml
@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>org.corpus-tools</groupId>
 		<artifactId>pepper-parentModule</artifactId>
-		<version>3.6.1</version>
+		<version>3.7.0-SNAPSHOT</version>
 		<relativePath>../pepper-parentModule/pom.xml</relativePath>
 	</parent>
 	<artifactId>pepper-newModule</artifactId>
diff --git a/pepper-parentModule/pom.xml b/pepper-parentModule/pom.xml
index f6ef3f181..ec950f3a6 100644
--- a/pepper-parentModule/pom.xml
+++ b/pepper-parentModule/pom.xml
@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>org.corpus-tools</groupId>
 		<artifactId>pepper</artifactId>
-		<version>3.6.1</version>
+		<version>3.7.0-SNAPSHOT</version>
 		<relativePath>../pom.xml</relativePath>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
diff --git a/pom.xml b/pom.xml
index af2d197fb..117832b44 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.corpus-tools</groupId>
 	<artifactId>pepper</artifactId>
-	<version>3.6.1</version>
+	<version>3.7.0-SNAPSHOT</version>
 	<packaging>pom</packaging>
 	<modules>
 		<module>pepper-framework</module>
@@ -104,7 +104,7 @@
 		<!-- versions of dependencies -->
 		<salt.version>3.4.2</salt.version>
 		<commons-lang3.version>3.4</commons-lang3.version>
-		<slf4j.version>1.7.5</slf4j.version>
+		<slf4j.version>2.0.16</slf4j.version>
 		<junit.version>4.13.1</junit.version>
 		<assertj.version>2.4.1</assertj.version>
 		<mockito.version>1.10.19</mockito.version>

From d0d72e3e0abb3f96304eb7a1cfbd8748305a44db Mon Sep 17 00:00:00 2001
From: Thomas Krause <thomas.krause@hu-berlin.de>
Date: Mon, 25 Nov 2024 17:46:55 +0100
Subject: [PATCH 5/6] Update Github Ubuntu runner

---
 .github/workflows/deploy.yml | 2 +-
 .github/workflows/test.yml   | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 418197d9a..e5b5bb687 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -6,7 +6,7 @@ jobs:
     name: Deploy as P2 repository
     # Only run Job on tagged commits that start with "v"
     if: startsWith(github.ref, 'refs/tags/v')
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v1
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 3291cdbd5..4b96929ab 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -4,7 +4,7 @@ on: push
 jobs:
   test_java8:
     name: Execute all automated tests on Java 8
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v1
@@ -21,7 +21,7 @@ jobs:
         run: mvn install
   test_java11:
     name: Execute all automated tests on Java 11
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Checkout
         uses: actions/checkout@v1
@@ -35,4 +35,4 @@ jobs:
       - name: Set JAVA_HOME to included JDK 11
         run: echo JAVA_HOME=$JAVA_HOME_11_X64 >> $GITHUB_ENV
       - name: Run Maven install (includes tests)
-        run: mvn install
\ No newline at end of file
+        run: mvn install

From b0cce23334b79554d7de1bdaf5a8448e1be0293b Mon Sep 17 00:00:00 2001
From: Thomas Krause <thomas.krause@hu-berlin.de>
Date: Mon, 25 Nov 2024 17:50:20 +0100
Subject: [PATCH 6/6] Use update GH cache action

---
 .github/workflows/test.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 4b96929ab..f8d7e0b32 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -9,7 +9,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v1
       - name: Cache local Maven repository
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-java8-${{ hashFiles('**/pom.xml') }}
@@ -26,7 +26,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v1
       - name: Cache local Maven repository
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.m2/repository
           key: ${{ runner.os }}-java11-${{ hashFiles('**/pom.xml') }}