Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the build-dependencies group across 1 directory with 8 updates #4215

Merged
merged 1 commit into from
Jul 4, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 2, 2024

Bumps the build-dependencies group with 8 updates in the / directory:

Package From To
org.codehaus.mojo:versions-maven-plugin 2.16.2 2.17.0
org.moditect:moditect-maven-plugin 1.2.1.Final 1.2.2.Final
io.smallrye:jandex-maven-plugin 3.1.7 3.2.0
net.revelc.code:impsort-maven-plugin 1.10.0 1.11.0
org.apache.maven.plugins:maven-project-info-reports-plugin 3.6.0 3.6.1
com.buschmais.jqassistant:jqassistant-maven-plugin 2.2.1 2.3.1
org.owasp:dependency-check-maven 9.2.0 10.0.0
org.junit:junit-bom 5.10.2 5.10.3

Updates org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0

Release notes

Sourced from org.codehaus.mojo:versions-maven-plugin's releases.

2.17.0

Changes

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

... (truncated)

Commits
  • f9c2f92 [maven-release-plugin] prepare release 2.17.0
  • a34ec43 Build and test with Maven 4
  • cb677d2 Bump com.fasterxml.woodstox:woodstox-core from 6.6.2 to 7.0.0
  • 1a0e937 Get rid of usage of o.a.maven.repository.RepositorySystem
  • d2550ba Add goal for Dynamic Versioning from SCM tag (#1082)
  • cbcf394 Remove unmaintained changes.xml
  • b5dfcfb Optimize ITs parallel build
  • 06ba7d0 Execute fail-fast job without ITs
  • 08a64ff Use JUnit5 in versions-commons, versions-enforcer
  • 7b86752 Add range type in ignoreVersion
  • Additional commits viewable in compare view

Updates org.moditect:moditect-maven-plugin from 1.2.1.Final to 1.2.2.Final

Release notes

Sourced from org.moditect:moditect-maven-plugin's releases.

1.2.2.Final

Changelog

  • 04bb13a Releasing version 1.2.2.Final
  • af42936 Only use inner class heuristic with class names
  • e06db30 Next version 1.3.0-SNAPSHOT
  • e070303 Releasing version 1.2.1.Final

Contributors

We'd like to thank the following people for their contributions:

  • Andres Almiray
  • Ethan McCue (@​bowbahdoe)
  • moditect-release-bot
Commits

Updates io.smallrye:jandex-maven-plugin from 3.1.7 to 3.2.0

Release notes

Sourced from io.smallrye:jandex-maven-plugin's releases.

3.2.0

  • #370 release 3.2.0
  • #368 move to next minor version, 3.2.0
  • #361 add annotation overlay
  • #356 skip Jandex Maven plugin execution for POM packaging
  • #355 Skip Plugin Execution on packaging type pom
  • #354 improve Index[View].getKnownUsers()
  • #348 Add support for sealed classes
  • #347 Reduce hash collisions when interning type variable references
  • #346 Add empty and stacked indexes
  • #322 Indexing takes over 100x longer on big file
  • #255 Add an annotation overlay
  • #167 Add support for sealed classes
  • #142 Add a "stacked" composite index

3.1.8

  • #365 release 3.1.8, second attempt
  • #364 release 3.1.8
  • #363 Memory improvements
  • #360 Add ClassInfo.method(String, List)
  • #359 Add ClassInfo.method(String, List)
Commits
  • f8b6fa8 [maven-release-plugin] prepare release 3.2.0
  • 0a1ef64 Amendments before release
  • 6b8d54e Merge pull request #370 from smallrye/release-3.2.0
  • 32c6301 release 3.2.0
  • 0485d58 Merge pull request #361 from Ladicek/annotation-overlay
  • f80be5d add annotation overlay
  • afe4f49 move AnnotationInstance.RETENTION and Index.REPEATABLE to DotName
  • ddba5d4 Merge pull request #354 from Ladicek/improve-known-users
  • 3a80388 improve Index[View].getKnownUsers()
  • 1d05389 improve ClassInfo.recordComponents() in case the class is not a record
  • Additional commits viewable in compare view

Updates net.revelc.code:impsort-maven-plugin from 1.10.0 to 1.11.0

Updates org.apache.maven.plugins:maven-project-info-reports-plugin from 3.6.0 to 3.6.1

Commits
  • 21d3653 [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.6.1
  • b707915 [MPIR-462] IT for MRJAR issue with dependencies goal
  • 3fd654a [MPIR-463] Remove workaround to count the number of root content entries in J...
  • 790b646 [MPIR-464] Upgrade to Maven Shared JAR 3.1.1
  • 740536d Lift restriction on mojo renames
  • 3e8276f Make spotless happy
  • 9ba89c9 Fix SCM tag
  • 870d7bf Improve variable name (2)
  • b08af0c Improve variable name
  • 1231c79 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates com.buschmais.jqassistant:jqassistant-maven-plugin from 2.2.1 to 2.3.1

Commits
  • 355c608 Release 2.3.1
  • 620b268 Set development version to 2.4.0-SNAPSHOT
  • b6ed58a Set development version to 2.4.0-SNAPSHOT
  • 21d7340 Release 2.3.0
  • fa181e5 added IT for artifacts and their dependencies created by Maven projects
  • 82d5ee7 Merge remote-tracking branch 'origin/master'
  • 22d7c2b removed unnecessary logging
  • e3282f4 Set development version to 2.3.0-SNAPSHOT
  • 52ea008 Release 2.3.0-RC2
  • 9702be5 improved APOC IT
  • Additional commits viewable in compare view

Updates org.owasp:dependency-check-maven from 9.2.0 to 10.0.0

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 10.0.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 10.0.0 (2024-07-01)

  • breaking change: upgrade to dotnet 8.0 (#6580)
    • Users of the AssemblyAnalyzer must upgrade/utilize dotnet 8 to analyze assemblies
  • feat: fix the NVD API related errors by adding cvssV4 support (#6756)
  • fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)
  • fix: #6688 Trim version number when parsin POM (#6705)
  • fix: change request if lockfile is file v3 (#6690)
  • fix: skip pyproject.toml unless it contains tool.poetry before ensuring lockfiles (#6681)

See the full listing of changes.

Commits
  • 2ce874a build: prepare release v10.0.0
  • cfe0b39 docs: prepare release
  • ad0d16a feat: add cvssV4 support (#6756)
  • a798f89 feat: upgrade to dotnet 8.0 (#6580)
  • 1af4856 build(deps): bump bundled jQuery versions from 3.5.1 to 3.7.1 (#6750)
  • 9b42aed fix: avoid escaping unnecessary chars in HTML report suppression regexes (#6749)
  • fff64eb build(deps): bump jackson.version from 2.16.1 to 2.17.1 (#6648)
  • 84868b6 build(deps): bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.5 t...
  • 66cf0b3 build(deps): bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3...
  • 5afb495 build(deps): bump org.apache.maven.plugins:maven-project-info-reports-plugin ...
  • Additional commits viewable in compare view

Updates org.junit:junit-bom from 5.10.2 to 5.10.3

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.10.3 = Platform 1.10.3 + Jupiter 5.10.3 + Vintage 5.10.3

See Release Notes.

Full Changelog: junit-team/junit5@r5.10.2...r5.10.3

Commits
  • 55d1232 Release 5.10.3
  • 4455093 Remove accidental heading
  • b86a681 Remove JDK 21 as it's no longer available via Oracle's setup-java step
  • bc1608c Clean up release notes
  • 316ed31 Use Liberica for JDK 8 for compatibility with Apple Silicon
  • ad7c5dd Update copyright headers to 2024
  • 6c663b1 Use same default seed for method and class ordering (#3821)
  • d29e3eb Fix NPE when deserializing TestIdentifier (#3820)
  • f936c01 Fix class-level execution conditions on GraalVM (#3785)
  • 76b7c05 Allow GraalVmStarterTests to run remotely on Test Distribution agents
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 2, 2024
@hibernate-github-bot
Copy link

hibernate-github-bot bot commented Jul 2, 2024

Thanks for your pull request!

This pull request does not follow the contribution rules. Could you have a look?

❌ All commit messages should start with a JIRA issue key matching pattern HSEARCH-\d+
    ↳ Offending commits: [d7feebf]

› This message was automatically generated.

@marko-bekhta marko-bekhta force-pushed the dependabot/maven/build-dependencies-7318ca0ab6 branch from 8dec3dd to b500e2b Compare July 2, 2024 06:39
@marko-bekhta
Copy link
Member

let's wait for #4171 to get merged first

@marko-bekhta marko-bekhta added the Waiting for other pull request Based on another PR that should be merged first label Jul 3, 2024
@marko-bekhta marko-bekhta force-pushed the dependabot/maven/build-dependencies-7318ca0ab6 branch from b500e2b to 505e21e Compare July 3, 2024 10:19
Bumps the build-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions) | `2.16.2` | `2.17.0` |
| [org.moditect:moditect-maven-plugin](https://github.com/moditect/moditect) | `1.2.1.Final` | `1.2.2.Final` |
| net.revelc.code:impsort-maven-plugin | `1.10.0` | `1.11.0` |
| [org.apache.maven.plugins:maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) | `3.6.0` | `3.6.1` |
| [com.buschmais.jqassistant:jqassistant-maven-plugin](https://github.com/jqassistant/jqa-maven-plugin) | `2.2.1` | `2.3.1` |
| [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) | `9.2.0` | `10.0.0` |
| [org.junit:junit-bom](https://github.com/junit-team/junit5) | `5.10.2` | `5.10.3` |

Updates `org.codehaus.mojo:versions-maven-plugin` from 2.16.2 to 2.17.0
- [Release notes](https://github.com/mojohaus/versions/releases)
- [Changelog](https://github.com/mojohaus/versions/blob/master/ReleaseNotes.md)
- [Commits](mojohaus/versions@2.16.2...2.17.0)

Updates `org.moditect:moditect-maven-plugin` from 1.2.1.Final to 1.2.2.Final
- [Release notes](https://github.com/moditect/moditect/releases)
- [Commits](moditect/moditect@1.2.1.Final...1.2.2.Final)

Updates `net.revelc.code:impsort-maven-plugin` from 1.10.0 to 1.11.0

Updates `org.apache.maven.plugins:maven-project-info-reports-plugin` from 3.6.0 to 3.6.1
- [Commits](apache/maven-project-info-reports-plugin@maven-project-info-reports-plugin-3.6.0...maven-project-info-reports-plugin-3.6.1)

Updates `com.buschmais.jqassistant:jqassistant-maven-plugin` from 2.2.1 to 2.3.1
- [Commits](jqassistant-archive/jqa-maven-plugin@REL-2.2.1...REL-2.3.1)

Updates `org.owasp:dependency-check-maven` from 9.2.0 to 10.0.0
- [Release notes](https://github.com/jeremylong/DependencyCheck/releases)
- [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md)
- [Commits](jeremylong/DependencyCheck@v9.2.0...v10.0.0)

Updates `org.junit:junit-bom` from 5.10.2 to 5.10.3
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](junit-team/junit5@r5.10.2...r5.10.3)

---
updated-dependencies:
- dependency-name: org.codehaus.mojo:versions-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.moditect:moditect-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: net.revelc.code:impsort-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-project-info-reports-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: com.buschmais.jqassistant:jqassistant-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: org.owasp:dependency-check-maven
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@marko-bekhta marko-bekhta force-pushed the dependabot/maven/build-dependencies-7318ca0ab6 branch from 505e21e to d7feebf Compare July 4, 2024 08:13
@marko-bekhta marko-bekhta merged commit c3d36b6 into main Jul 4, 2024
6 of 7 checks passed
@dependabot dependabot bot deleted the dependabot/maven/build-dependencies-7318ca0ab6 branch July 4, 2024 09:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code Waiting for other pull request Based on another PR that should be merged first
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant