Bump the build-dependencies group across 1 directory with 8 updates #241

dependabot · 2024-07-02T02:18:14Z

Bumps the build-dependencies group with 8 updates in the / directory:

Package	From	To
org.codehaus.mojo:versions-maven-plugin	`2.16.2`	`2.17.0`
org.moditect:moditect-maven-plugin	`1.2.1.Final`	`1.2.2.Final`
io.smallrye:jandex-maven-plugin	`3.1.7`	`3.2.0`
net.revelc.code:impsort-maven-plugin	`1.10.0`	`1.11.0`
org.apache.maven.plugins:maven-project-info-reports-plugin	`3.6.0`	`3.6.1`
com.buschmais.jqassistant:jqassistant-maven-plugin	`2.2.1`	`2.3.1`
org.owasp:dependency-check-maven	`9.2.0`	`10.0.0`
org.junit:junit-bom	`5.10.2`	`5.10.3`

Updates org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0

Release notes

Sourced from org.codehaus.mojo:versions-maven-plugin's releases.

2.17.0

Changes

🚀 New features and improvements

feat: Add Dynamic Versioning SCM plugin (#1082) @jimisola

Add range type in ignoreVersion (#1093) @slawekjaranowski

Require Maven 3.6.3, dependencies cleanups (#1089) @slawekjaranowski

Use new Enforcer Api (#1056) @slawekjaranowski

🐛 Bug Fixes

Resolves #1042: Fixed set logic wrt processAllModules (#1051) @jarmoniuk

📦 Dependency updates

Bump com.fasterxml.woodstox:woodstox-core from 6.6.2 to 7.0.0 (#1099) @dependabot

Bump org.codehaus.mojo:mojo-parent from 82 to 84 (#1087) @dependabot

Bump org.codehaus.mojo:mojo-parent from 80 to 82 (#1078) @dependabot

Bump org.apache.maven.shared:maven-common-artifact-filters from 3.3.2 to 3.4.0 (#1086) @dependabot

Bump byteBuddyVersion from 1.14.16 to 1.14.17 (#1084) @dependabot

Bump byteBuddyVersion from 1.14.15 to 1.14.16 (#1081) @dependabot

Bump org.codehaus.plexus:plexus-xml from 3.0.0 to 3.0.1 (#1080) @dependabot

Bump byteBuddyVersion from 1.14.14 to 1.14.15 (#1075) @dependabot

Bump byteBuddyVersion from 1.14.13 to 1.14.14 (#1072) @dependabot

Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#1074) @dependabot

Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 (#1069) @dependabot

Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (#1068) @dependabot

Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#1065) @dependabot

Bump byteBuddyVersion from 1.14.12 to 1.14.13 (#1063) @dependabot

Bump commons-io:commons-io from 2.15.1 to 2.16.0 (#1064) @dependabot

Bump com.fasterxml.woodstox:woodstox-core from 6.6.1 to 6.6.2 (#1062) @dependabot

Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2 (#1061) @dependabot

Bump apache/maven-gh-actions-shared from 3 to 4 (#1059) @dependabot

Bump com.fasterxml.woodstox:woodstox-core from 6.6.0 to 6.6.1 (#1058) @dependabot

Bump org.codehaus.mojo:mojo-parent from 78 to 80 (#1054) @dependabot

Bump org.postgresql:postgresql from 42.4.3 to 42.7.2 in /versions-maven-plugin/src/it/it-property-updates-report-002-slow (#1053) @dependabot

Bump byteBuddyVersion from 1.14.11 to 1.14.12 (#1050) @dependabot

Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3 (#1045) @dependabot

Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#1049) @dependabot

Bump com.fasterxml.woodstox:woodstox-core from 6.5.1 to 6.6.0 (#1041) @dependabot

Bump release-drafter/release-drafter from 5 to 6 (#1044) @dependabot

Bump org.codehaus.mojo:mojo-parent from 77 to 78 (#1038) @dependabot

Bump org.codehaus.plexus:plexus-interactivity-api from 1.1 to 1.2 (#1036) @dependabot

Manage byte-buddy version in order to support build with JDK 21 (#1040) @slawekjaranowski

Bump actions/stale from 8 to 9 (#1032) @dependabot

Bump org.codehaus.plexus:plexus-archiver from 4.9.0 to 4.9.1 (#1035) @dependabot

Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#1028) @dependabot

Bump commons-io:commons-io from 2.15.0 to 2.15.1 (#1030) @dependabot

... (truncated)

Commits

f9c2f92 [maven-release-plugin] prepare release 2.17.0
a34ec43 Build and test with Maven 4
cb677d2 Bump com.fasterxml.woodstox:woodstox-core from 6.6.2 to 7.0.0
1a0e937 Get rid of usage of o.a.maven.repository.RepositorySystem
d2550ba Add goal for Dynamic Versioning from SCM tag (#1082)
cbcf394 Remove unmaintained changes.xml
b5dfcfb Optimize ITs parallel build
06ba7d0 Execute fail-fast job without ITs
08a64ff Use JUnit5 in versions-commons, versions-enforcer
7b86752 Add range type in ignoreVersion
Additional commits viewable in compare view

Updates org.moditect:moditect-maven-plugin from 1.2.1.Final to 1.2.2.Final

Release notes

Sourced from org.moditect:moditect-maven-plugin's releases.

1.2.2.Final

Changelog

04bb13a Releasing version 1.2.2.Final

af42936 Only use inner class heuristic with class names

e06db30 Next version 1.3.0-SNAPSHOT

e070303 Releasing version 1.2.1.Final

Contributors

We'd like to thank the following people for their contributions:

Andres Almiray

Ethan McCue (@bowbahdoe)

moditect-release-bot

Commits

04bb13a Releasing version 1.2.2.Final
af42936 Only use inner class heuristic with class names
e06db30 Next version 1.3.0-SNAPSHOT
e070303 Releasing version 1.2.1.Final
See full diff in compare view

Updates io.smallrye:jandex-maven-plugin from 3.1.7 to 3.2.0

Release notes

Sourced from io.smallrye:jandex-maven-plugin's releases.

3.2.0

#370 release 3.2.0

#368 move to next minor version, 3.2.0

#361 add annotation overlay

#356 skip Jandex Maven plugin execution for POM packaging

#355 Skip Plugin Execution on packaging type pom

#354 improve Index[View].getKnownUsers()

#348 Add support for sealed classes

#347 Reduce hash collisions when interning type variable references

#346 Add empty and stacked indexes

#322 Indexing takes over 100x longer on big file

#255 Add an annotation overlay

#167 Add support for sealed classes

#142 Add a "stacked" composite index

3.1.8

#365 release 3.1.8, second attempt

#364 release 3.1.8

#363 Memory improvements

#360 Add ClassInfo.method(String, List)

#359 Add ClassInfo.method(String, List)

Commits

f8b6fa8 [maven-release-plugin] prepare release 3.2.0
0a1ef64 Amendments before release
6b8d54e Merge pull request #370 from smallrye/release-3.2.0
32c6301 release 3.2.0
0485d58 Merge pull request #361 from Ladicek/annotation-overlay
f80be5d add annotation overlay
afe4f49 move AnnotationInstance.RETENTION and Index.REPEATABLE to DotName
ddba5d4 Merge pull request #354 from Ladicek/improve-known-users
3a80388 improve Index[View].getKnownUsers()
1d05389 improve ClassInfo.recordComponents() in case the class is not a record
Additional commits viewable in compare view

Updates net.revelc.code:impsort-maven-plugin from 1.10.0 to 1.11.0

Updates org.apache.maven.plugins:maven-project-info-reports-plugin from 3.6.0 to 3.6.1

Commits

21d3653 [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.6.1
b707915 [MPIR-462] IT for MRJAR issue with dependencies goal
3fd654a [MPIR-463] Remove workaround to count the number of root content entries in J...
790b646 [MPIR-464] Upgrade to Maven Shared JAR 3.1.1
740536d Lift restriction on mojo renames
3e8276f Make spotless happy
9ba89c9 Fix SCM tag
870d7bf Improve variable name (2)
b08af0c Improve variable name
1231c79 [maven-release-plugin] prepare for next development iteration
See full diff in compare view

Updates com.buschmais.jqassistant:jqassistant-maven-plugin from 2.2.1 to 2.3.1

Commits

355c608 Release 2.3.1
620b268 Set development version to 2.4.0-SNAPSHOT
b6ed58a Set development version to 2.4.0-SNAPSHOT
21d7340 Release 2.3.0
fa181e5 added IT for artifacts and their dependencies created by Maven projects
82d5ee7 Merge remote-tracking branch 'origin/master'
22d7c2b removed unnecessary logging
e3282f4 Set development version to 2.3.0-SNAPSHOT
52ea008 Release 2.3.0-RC2
9702be5 improved APOC IT
Additional commits viewable in compare view

Updates org.owasp:dependency-check-maven from 9.2.0 to 10.0.0

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 10.0.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 10.0.0 (2024-07-01)

breaking change: upgrade to dotnet 8.0 (#6580)

Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies

feat: fix the NVD API related errors by adding cvssV4 support (#6756)

breaking changes: anyone utilizing a centralized database will need to upgrade the schema; see changes in [PR #6756](jeremylong/DependencyCheck#6756)

fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)

fix: #6688 Trim version number when parsin POM (#6705)

fix: change request if lockfile is file v3 (#6690)

fix: skip pyproject.toml unless it contains tool.poetry before ensuring lockfiles (#6681)

See the full listing of changes.

Commits

2ce874a build: prepare release v10.0.0
cfe0b39 docs: prepare release
ad0d16a feat: add cvssV4 support (#6756)
a798f89 feat: upgrade to dotnet 8.0 (#6580)
1af4856 build(deps): bump bundled jQuery versions from 3.5.1 to 3.7.1 (#6750)
9b42aed fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)
fff64eb build(deps): bump jackson.version from 2.16.1 to 2.17.1 (#6648)
84868b6 build(deps): bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.5 t...
66cf0b3 build(deps): bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3...
5afb495 build(deps): bump org.apache.maven.plugins:maven-project-info-reports-plugin ...
Additional commits viewable in compare view

Updates org.junit:junit-bom from 5.10.2 to 5.10.3

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.10.3 = Platform 1.10.3 + Jupiter 5.10.3 + Vintage 5.10.3

See Release Notes.

Full Changelog: junit-team/junit5@r5.10.2...r5.10.3

Commits

55d1232 Release 5.10.3
4455093 Remove accidental heading
b86a681 Remove JDK 21 as it's no longer available via Oracle's setup-java step
bc1608c Clean up release notes
316ed31 Use Liberica for JDK 8 for compatibility with Apple Silicon
6c663b1 Use same default seed for method and class ordering (#3821)
d29e3eb Fix NPE when deserializing TestIdentifier (#3820)
f936c01 Fix class-level execution conditions on GraalVM (#3785)
76b7c05 Allow GraalVmStarterTests to run remotely on Test Distribution agents
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the build-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions) | `2.16.2` | `2.17.0` | | [org.moditect:moditect-maven-plugin](https://github.com/moditect/moditect) | `1.2.1.Final` | `1.2.2.Final` | | [io.smallrye:jandex-maven-plugin](https://github.com/smallrye/jandex) | `3.1.7` | `3.2.0` | | net.revelc.code:impsort-maven-plugin | `1.10.0` | `1.11.0` | | [org.apache.maven.plugins:maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) | `3.6.0` | `3.6.1` | | [com.buschmais.jqassistant:jqassistant-maven-plugin](https://github.com/jqassistant/jqa-maven-plugin) | `2.2.1` | `2.3.1` | | [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) | `9.2.0` | `10.0.0` | | [org.junit:junit-bom](https://github.com/junit-team/junit5) | `5.10.2` | `5.10.3` | Updates `org.codehaus.mojo:versions-maven-plugin` from 2.16.2 to 2.17.0 - [Release notes](https://github.com/mojohaus/versions/releases) - [Changelog](https://github.com/mojohaus/versions/blob/master/ReleaseNotes.md) - [Commits](mojohaus/versions@2.16.2...2.17.0) Updates `org.moditect:moditect-maven-plugin` from 1.2.1.Final to 1.2.2.Final - [Release notes](https://github.com/moditect/moditect/releases) - [Commits](moditect/moditect@1.2.1.Final...1.2.2.Final) Updates `io.smallrye:jandex-maven-plugin` from 3.1.7 to 3.2.0 - [Release notes](https://github.com/smallrye/jandex/releases) - [Commits](smallrye/jandex@3.1.7...3.2.0) Updates `net.revelc.code:impsort-maven-plugin` from 1.10.0 to 1.11.0 Updates `org.apache.maven.plugins:maven-project-info-reports-plugin` from 3.6.0 to 3.6.1 - [Commits](apache/maven-project-info-reports-plugin@maven-project-info-reports-plugin-3.6.0...maven-project-info-reports-plugin-3.6.1) Updates `com.buschmais.jqassistant:jqassistant-maven-plugin` from 2.2.1 to 2.3.1 - [Commits](jqassistant-archive/jqa-maven-plugin@REL-2.2.1...REL-2.3.1) Updates `org.owasp:dependency-check-maven` from 9.2.0 to 10.0.0 - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](jeremylong/DependencyCheck@v9.2.0...v10.0.0) Updates `org.junit:junit-bom` from 5.10.2 to 5.10.3 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit5@r5.10.2...r5.10.3) --- updated-dependencies: - dependency-name: org.codehaus.mojo:versions-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: org.moditect:moditect-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: build-dependencies - dependency-name: io.smallrye:jandex-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: net.revelc.code:impsort-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: build-dependencies - dependency-name: com.buschmais.jqassistant:jqassistant-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-major dependency-group: build-dependencies - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-patch dependency-group: build-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-07-09T02:31:24Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 2, 2024

dependabot bot closed this Jul 9, 2024

dependabot bot deleted the dependabot/maven/build-dependencies-7318ca0ab6 branch July 9, 2024 02:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the build-dependencies group across 1 directory with 8 updates #241

Bump the build-dependencies group across 1 directory with 8 updates #241

dependabot bot commented on behalf of github Jul 2, 2024 •

edited

Loading

dependabot bot commented on behalf of github Jul 9, 2024

Bump the build-dependencies group across 1 directory with 8 updates #241

Bump the build-dependencies group across 1 directory with 8 updates #241

Conversation

dependabot bot commented on behalf of github Jul 2, 2024 • edited Loading

2.17.0

Changes

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

1.2.2.Final

Changelog

Contributors

3.2.0

3.1.8

Version 10.0.0

Version 10.0.0 (2024-07-01)

dependabot bot commented on behalf of github Jul 9, 2024

dependabot bot commented on behalf of github Jul 2, 2024 •

edited

Loading