logging-log4j-kotlin icon indicating copy to clipboard operation
logging-log4j-kotlin copied to clipboard

Published 20 hours ago verified publisher icon apache

Bump apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0 from 11.3.0 to 12.1.1

Open dependabot[bot] opened this issue 5 months ago • 0 comments

Bumps apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0 from 11.3.0 to 12.1.1.

Release notes

Sourced from apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0's releases.

12.1.1

This patch release addresses a blocker issue with the creation of a release distribution and enhances the reliability of our caching and reproducibility mechanisms.

Fixed

  • Fix staging of binary distribution archive. (#400)
  • Improve Node.js caching using package-lock.json. (#366, #408)
  • Improve reliability of reproducibility verification. (#388)

Updated

  • Update actions/setup-java to version 4.7.1 (#376)
  • Update com.diffplug.spotless:spotless-maven-plugin to version 2.44.5 (#397)
  • Update com.google.errorprone:error_prone_core to version 2.38.0 (#381)
  • Update com.gradle:common-custom-user-data-maven-extension to version 2.0.3 (#407)
  • Update com.gradle:develocity-maven-extension to version 2.0.1 (#398)
  • Update com.h3xstream.findsecbugs:findsecbugs-plugin to version 1.14.0 (#380)
  • Update com.palantir.javaformat:palantir-java-format to version 2.68.0 (#410)
  • Update dependabot/fetch-metadata to version 2.4.0 (#386)
  • Update github/codeql-action to version 3.28.19 (#402)
  • Update gradle/develocity-actions to version 1.4 (#404)
  • Update org.apache.groovy:groovy to version 4.0.27 (#395)
  • Update org.codehaus.gmavenplus:gmavenplus-plugin to version 4.2.0 (#383)
  • Update org.codehaus.mojo:build-helper-maven-plugin to version 3.6.1 (#403)
  • Update org.codehaus.mojo:exec-maven-plugin to version 3.5.1 (#396)
  • Update org.eclipse.jgit:org.eclipse.jgit to version 7.3.0.202506031305-r (#405)
  • Update org.jacoco:jacoco-maven-plugin to version 0.8.13 (#368)
  • Update ossf/scorecard-action to version 2.4.2 (#399)

12.1.0

This minor release adds CodeQL checks for GitHub Actions. It also fixes a breaking change in Error Prone that prevented projects from migrating to version 12.0.0.

Added

  • Add "GitHub Actions" to the list of languages analyzed by CodeQL. (#343)

Fixed

  • Use the maven.deploy.skip Maven property in nexus-staging-maven-plugin. This effectively fixes the skipping of test artifacts' deployments. (#360)
  • Fix Error Prone arguments breaking maven-compiler-plugin:compile.
  • Fix inheritance of url elements in children POMs.(#330)

Updated

  • Update actions/cache to version 4.2.3 (#357)
  • Update actions/upload-artifact to version 4.6.2 (#359)
  • Update com.diffplug.spotless:spotless-maven-plugin to version 2.44.3 (#333)

... (truncated)

Commits
  • 9c01c10 Update the project.build.outputTimestamp property
  • 8f12e09 Prepare release notes for version 12.1.1
  • 27d5c80 Update com.palantir.javaformat:palantir-java-format to version 2.68.0 (#410)
  • 12bdb03 Fix incorrect key syntax in actions/cache/save (#411)
  • e6f8ac3 Improve Node.js caching using package-lock.json (#409)
  • 3b4379f Update com.gradle:common-custom-user-data-maven-extension to version `2.0.3...
  • 0725f82 Update org.eclipse.jgit:org.eclipse.jgit to version 7.3.0.202506031305-r ...
  • 4301755 Update gradle/develocity-actions to version 1.4 (#404)
  • 908b2f3 Update org.codehaus.mojo:build-helper-maven-plugin to version 3.6.1 (#403...
  • 2bf3dfc Update github/codeql-action to version 3.28.19 (#402)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] avatar Jun 16 '25 08:06 dependabot[bot]