Upgraded Slf4j-api version from 25.0 to 26.0 - CVE-2018-8088

[Coduz]

The PR bumps the version of Slf4j-api and bridging implementations to 1.7.26

Related Issue
None

Description of the solution adopted
Bumped to the last version available.
Full CQ required

slf4j-api: https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20264
jcl-over-slf4j: https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20265
log4j-over-slf4j: https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20266
jul-to-slf4j: https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20267

Screenshots
None

Any side note on the changes made
Grouped dependencies and add some comments.

[codecov]

Codecov Report

Merging #2627 into develop will increase coverage by 49.22%.
The diff coverage is n/a.

@@              Coverage Diff               @@
##             develop    #2627       +/-   ##
==============================================
+ Coverage       0.82%   50.05%   +49.22%     
- Complexity         5     2453     +2448     
==============================================
  Files            992      959       -33     
  Lines          28134    27640      -494     
  Branches        2308     2269       -39     
==============================================
+ Hits             233    13836    +13603     
+ Misses         27884    12826    -15058     
- Partials          17      978      +961

Impacted Files	Coverage Δ	Complexity Δ
...lipse/kapua/service/scheduler/trigger/Trigger.java	0% <0%> (ø)	0% <0%> (ø)	⬇️
...eclipse/kapua/model/type/ObjectValueConverter.java	0% <0%> (ø)	0% <0%> (ø)	⬇️
...t/commons/exception/DeviceManagementException.java	0% <0%> (ø)	0% <0%> (ø)	⬇️
...vice/device/call/message/kura/utils/GZIPUtils.java	0% <0%> (ø)	1% <0%> (+1%)	⬆️
...e/scheduler/trigger/quartz/TriggerCreatorImpl.java	0% <0%> (ø)	0% <0%> (ø)	⬇️
.../DeviceManagementNotificationMessageProcessor.java	0% <0%> (ø)	0% <0%> (ø)	⬇️
...igger/definition/quartz/TriggerDefinitionImpl.java
...efinition/quartz/TriggerDefinitionServiceImpl.java
...xception/JobDeviceManagementTriggerErrorCodes.java
...z/driver/exception/CannotScheduleJobException.java
... and 611 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bf0b8c4...3192dfc. Read the comment docs.

[Coduz]

According to the comments of Kai:

https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20264#c6
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20265#c3
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20266#c3
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20267#c3

we should piggy back on version 1.7.25 and then we can update without a CQ to any of the patch versions if the projects follows semantic versioning.

Dependency	Kapua CQ	Piggy Back CQ
slf4j-api	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20270	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=13368
jcl-over-slf4j	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20271	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=13678
log4j-over-slf4j	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20272	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=13680
jul-to-slf4j	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20273	https://dev.eclipse.org/ipzilla/show_bug.cgi?id=13367

All 4 dependencies have the same GitHub project and the diff between 1.7.25 and 1.7.26 can be seen here:

qos-ch/slf4j@v_1.7.25...v_1.7.26

So we can assume it is safe to bump the version without a new CQ.

[Coduz]

Hi all,

CQ approved! 🎉

https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20270#c1
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20271#c1
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20272#c1
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20273#c1