3.10.x Upgrade slf4j to 2.0.17

[olamy]

• Upgrade to slf4j 2.0.17

Following this checklist to help us incorporate your
contribution quickly and easily:

• Your pull request should address just one issue, without pulling in other changes.
• Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
• Each commit in the pull request should have a meaningful subject line and body.
  Note that commits might be squashed by a maintainer on merge.
• Write unit tests that match behavioral changes, where the tests fail if the changes to the runtime are not applied.
  This may not always be possible but is a best-practice.
• Run mvn verify to make sure basic checks pass.
  A more thorough check will be performed on your pull request automatically.
• You have run the Core IT successfully.

If your pull request is about ~20 lines of code you don't need to sign an
Individual Contributor License Agreement if you are unsure
please ask on the developers list.

To make clear that you license your contribution under
the Apache License Version 2.0, January 2004
you have to acknowledge this by using the following check-box.

• I hereby declare this contribution to be licenced under the Apache License Version 2.0, January 2004
• In any other case, please file an Apache Individual Contributor License Agreement.

[Copilot]

Pull request overview

Updates Maven’s logging stack to SLF4J 2.0.17 and migrates the Maven-provided “simple” binding from the SLF4J 1.7 StaticLoggerBinder mechanism to the SLF4J 2.x SLF4JServiceProvider mechanism.

Changes:

• Upgrade SLF4J from 1.7.36 to 2.0.17 and adjust related build/documentation references.
• Replace StaticLoggerBinder with a new MavenSimpleServiceProvider and service descriptor under META-INF/services/.
• Move Maven’s customized simple logger classes from org.slf4j.impl to org.slf4j.simple and update embedder wiring accordingly.

Reviewed changes

Copilot reviewed 12 out of 13 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
README.md	Updates bootstrap command to use a 3.10.x snapshot target directory.
pom.xml	Bumps slf4jVersion to 2.0.17 and adjusts SLF4J-related dependency metadata.
maven-slf4j-provider/src/test/java/org/slf4j/simple/MavenSimpleLoggerTest.java	Aligns test package with SLF4J 2.x simple package.
maven-slf4j-provider/src/main/resources/META-INF/services/org.slf4j.spi.SLF4JServiceProvider	Adds SLF4J 2 provider registration.
maven-slf4j-provider/src/main/java/org/slf4j/simple/MavenSimpleServiceProvider.java	Implements SLF4J 2 SLF4JServiceProvider for Maven’s simple logger.
maven-slf4j-provider/src/main/java/org/slf4j/simple/MavenSimpleLoggerFactory.java	Moves factory into SLF4J 2 simple package.
maven-slf4j-provider/src/main/java/org/slf4j/simple/MavenSimpleLogger.java	Moves logger into SLF4J 2 simple package.
maven-slf4j-provider/src/main/java/org/slf4j/impl/StaticLoggerBinder.java	Removes SLF4J 1.7 binder implementation.
maven-slf4j-provider/pom.xml	Updates unpacked source package paths and excludes SLF4J 2 SimpleServiceProvider.
maven-embedder/src/main/resources/META-INF/maven/slf4j-configuration.properties	Adds mapping for Maven’s new simple-factory package name.
maven-embedder/src/main/java/org/slf4j/simple/MavenSlf4jSimpleFriend.java	Moves helper into SLF4J 2 simple package.
maven-embedder/src/main/java/org/apache/maven/cli/logging/impl/Slf4jSimpleConfiguration.java	Updates import to new helper package.
apache-maven/src/main/appended-resources/licenses/unrecognized-slf4j-api-2.0.17.txt	Adds license text for the updated SLF4J artifact version.

Comments suppressed due to low confidence (1)

pom.xml:372

• With slf4jVersion upgraded to 2.0.17, the managed logback-classic version 1.2.13 is a SLF4J 1.7 binding and is not compatible with SLF4J 2.x (it will trigger binding/version mismatch warnings and won’t function as a provider). If Maven still intends to support the optional Logback binding path, update logback-classic to a SLF4J 2 compatible release (e.g., Logback 1.4+), or remove/replace this optional dependency to avoid advertising a broken combination.

      <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-api</artifactId>
        <version>${slf4jVersion}</version>
      </dependency>
      <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-simple</artifactId>
        <version>${slf4jVersion}</version>
      </dependency>
      <dependency>
        <groupId>ch.qos.logback</groupId>
        <artifactId>logback-classic</artifactId>
        <version>1.2.13</version>
        <optional>true</optional>

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 12 out of 13 changed files in this pull request and generated 1 comment.

Comments suppressed due to low confidence (1)

pom.xml:371

• After upgrading to SLF4J 2.0.x, logback-classic 1.2.13 is an SLF4J 1.7-era binding and is not compatible with the SLF4J 2.x provider mechanism (and can also pull in an older slf4j-api transitively). Please bump logback-classic to an SLF4J 2-compatible line (e.g., 1.3.x for Java 8) or otherwise adjust/remove this optional dependency to avoid runtime binding conflicts.

      </dependency>
      <dependency>
        <groupId>ch.qos.logback</groupId>
        <artifactId>logback-classic</artifactId>
        <version>1.2.13</version>

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[olamy]

the idea is to avoid such issue for downstream projects:

• ee8 AsyncResponse.resume() from non-Jetty thread causes IllegalStateException in HttpChannelState.unhandle() jetty/jetty.project#14731