Bump versions for several PWSS libraries

[pwgit-create]

PR description
This PR upgrades three PWSS libraries to their latest patch versions. The upgrade also includes a shared bump of logback-classic from 1.5.21 to 1.5.23 across all libraries.

Changes

• algorithm-hash-extraction: 1.2.5 → 1.2.6
• directory_nav: 1.5.3 → 1.5.4
• file-quarantine: 1.04 → 1.05

[pwgit-create]

Acknowledgements
Thanks to @lilstiffy for taking care of the PWSS libraries repository updates for this release.

[lilstiffy]

Looks great! 💯 🚀

[pwgit-create]

This change has been tested and verified against the develop branch of the GUI application, including the latest external dependency updates (#84).

[pwgit-create]

---

Logback-classic 1.5.21 → 1.5.23 Diff Summary

Official changelog:
https://logback.qos.ch/news.html

---

Version 1.5.21 — Released 2025-11-10

Key changes in 1.5.21:

• TurboFilter invocation extended: Existing turbo filters now also invoked from within log(LoggingEvent) as well as the typical enabled checks (isDebugEnabled, isInfoEnabled, etc.), fixing issue/871 .

• Removed unnecessary reentry-guard in many UnsynchronizedAppenderBase subclasses (cleaner, less overhead).

• Simplified initialization: Removed the step instantiating a SerializedModelConfigurator; still possible to configure it manually.

• Better subclassing support for JsonEncoder: Makes custom JSON encoders easier to derive.

• Bug fixes:

  • Fixed a thread-safety issue in XMLLayout LOGBACK-427 .
  • Removed superfluous buffering in Zip, GZ, and XZ compression code.

---

Version 1.5.22 — Intermediate Release (2025-12-11)

(This version sits between 1.5.21 and 1.5.23 and is useful for diff context)

• Sensitive variable masking: Logback no longer prints values of substituted variables whose names include "password", "secret" or "confidential".
• Improved Throwable handling: Uses overridden toString() of Throwable subclasses when printing stack traces.
• Internal error rate limiting: Switched to a tumbling-window guard mechanism.

---

Version 1.5.23 — Released 2025-12-21

Changes in 1.5.23 compared to 1.5.22/1.5.21:

• Configuration-time filename collision detection:
  Logback will now detect file name collisions early during configuration parsing, preventing a ConcurrentModificationException at runtime issue/959 .
• Improved compression I/O: ZIP and XZ compression now use a BufferedOutputStream when writing to compressed files (issue/988).
• Build reproducibility note: A bitwise-identical binary can be reproduced from the tagged commit.

---

📊 Comparison Table (1.5.21 → 1.5.23)

Category	1.5.21	1.5.22	1.5.23
TurboFilter behavior update	✅	—	—
JsonEncoder subclass improvements	✅	—	—
XMLLayout thread safety fix	✅	—	—
Sensitive variable masking	❌	✅	Included
Enhanced throwable handling	❌	✅	Included
Internal error rate limiting	❌	✅	Included
Config-time filename collision detection	❌	❌	✅
BufferedOutputStream in ZIP/XZ	❌	❌	✅

---

What Changed Practically

• From 1.5.21 → 1.5.23, the focus shifted from internal API enhancements and bug fixes (1.5.21) to security/robustness improvements (1.5.22) and configuration reliability + I/O performance (1.5.23).
• If your project relies on JSON logging extensibility or has custom TurboFilters, some behavior changes may matter when upgrading from pre-1.5.21.
• Upgrading to 1.5.23 also gives you early collision detection and better compressed output performance.

---