Skip to content

Bump log4net from 3.3.0 to 3.3.1#8501

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/tracer/dependabot/integrations/log4net-3.3.1
Closed

Bump log4net from 3.3.0 to 3.3.1#8501
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/nuget/tracer/dependabot/integrations/log4net-3.3.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 22, 2026

Updated log4net from 3.3.0 to 3.3.1.

Release notes

Sourced from log4net's releases.

3.3.1

What's Changed

New Contributors

Full Changelog: apache/logging-log4net@rel/3.3.0...rel/3.3.1
Nuget: https://www.nuget.org/packages/log4net/3.3.1

Commits viewable in compare view.

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump log4net from 3.3.0 to 3.3.1
b5aa29d 
---
updated-dependencies:
- dependency-name: log4net
  dependency-version: 3.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added area:dependabot dependabot updates dependencies Pull requests that update a dependency file labels Apr 22, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 22, 2026 16:49
@dependabot dependabot Bot added the area:dependabot dependabot updates label Apr 22, 2026
@bouwkast bouwkast mentioned this pull request Apr 22, 2026
Merged
bouwkast added a commit that referenced this pull request Apr 23, 2026
@bouwkast @andrewlock
Remove dependabot for instrumentations (#8504)
8c6215f 
## Summary of changes

This removes the dependabot configuration and related code/projects for
updating instrumentations.

## Reason for change

Dependabot would trigger and then open a PR like so [Bump log4net from
3.3.0 to 3.3.1](#8501).

Then our workflow would trigger and raise this PR [[Test Package
Versions Bump] Updating package
versions](#8502)

Ultimately we don't really act on these dependabot PRs so they don't add
a ton of value.

To compensate for the potential loss in visibility I've opted to add a
single additional run on Wednesday which will regenerate the `[Test
Package Versions Bump]` if still open from Sunday's.

Depending on how this goes we may want to remove the Wednesday
additional run, but running it on Wednesday will mean that any cooldown
packages skipped on Sunday will get bumped which may be helpful.

## Implementation details

- Removed all the dependabot honeypot projects - I don't think we need
them anymore they were used by dependabot to do the bumping
- Removed all code that updated/touched those projects
- Removed the dependabot config for the integrations
- Updated/Removed the github workflow that opens the `[Test Package
Versions Bump]` to no longer look for the dependabot PRs (will need to
close them manually) and to run on Wednesday too.

## Test coverage

none

## Other details
<!-- Fixes #{issue} -->



<!--  ⚠️ Note:

Where possible, please obtain 2 approvals prior to merging. Unless
CODEOWNERS specifies otherwise, for external teams it is typically best
to have one review from a team member, and one review from apm-dotnet.
Trivial changes do not require 2 reviews.

MergeQueue is NOT enabled in this repository. If you have write access
to the repo, the PR has 1-2 approvals (see above), and all of the
required checks have passed, you can use the Squash and Merge button to
merge the PR. If you don't have write access, or you need help, reach
out in the #apm-dotnet channel in Slack.
-->

---------

Co-authored-by: Andrew Lock <andrew.lock@datadoghq.com>
@bouwkast
Copy link
Copy Markdown
Collaborator

bouwkast commented Apr 23, 2026

Included in #8502

@bouwkast bouwkast closed this Apr 23, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 23, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/nuget/tracer/dependabot/integrations/log4net-3.3.1 branch April 23, 2026 19:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area:dependabot dependabot updates dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bouwkast