Message Title

Our JPQL query has concat('%', ?1) and Hibernate on the attempt of logging the query details fails on String.format:

Caused by: java.util.UnknownFormatConversionException: Conversion = '''
  at java.base/java.util.Formatter.format(Formatter.java:2671)
  at java.base/java.util.Formatter.format(Formatter.java:2625)
  at java.base/java.lang.String.format(String.java:4143)
  at org.jboss.logging.Slf4jLocationAwareLogger.doLogf(Slf4jLocationAwareLogger.java:81)
  at org.jboss.logging.Logger.logf(Logger.java:2445)
  at org.jboss.logging.DelegatingBasicLogger.debugf(DelegatingBasicLogger.java:344)
  at org.hibernate.query.hql.internal.StandardHqlTranslator.translate(StandardHqlTranslator.java:75)
  at org.hibernate.internal.AbstractSharedSessionContract.lambda$interpretHql$2(AbstractSharedSessionContract.java:744)
  at org.hibernate.query.internal.QueryInterpretationCacheStandardImpl.createHqlInterpretation(QueryInterpretationCacheStandardImpl.java:141)
  at org.hibernate.query.internal.QueryInterpretationCacheStandardImpl.resolveHqlInterpretation(QueryInterpretationCacheStandardImpl.java:128)
  at org.hibernate.internal.AbstractSharedSessionContract.interpretHql(AbstractSharedSessionContract.java:741)
  at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:786)
  at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:704)
  at org.hibernate.internal.AbstractSharedSessionContract.createQuery(AbstractSharedSessionContract.java:120)
  at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  at java.base/java.lang.reflect.Method.invoke(Method.java:568)
  at org.springframework.orm.jpa.ExtendedEntityManagerCreator$ExtendedEntityManagerInvocationHandler.invoke(ExtendedEntityManagerCreator.java:360)
  at jdk.proxy2/jdk.proxy2.$Proxy162.createQuery(Unknown Source)
  at org.springframework.data.jpa.repository.query.SimpleJpaQuery.validateQuery(SimpleJpaQuery.java:94)

User input should never be used as format expression, only as format argument - to avoid interpretation of some sequences as magical.