cvss-calculator
cvss-calculator copied to clipboard
Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.10 to 2.7.11
Bumps org.cyclonedx:cyclonedx-maven-plugin from 2.7.10 to 2.7.11.
Release notes
Sourced from org.cyclonedx:cyclonedx-maven-plugin's releases.
2.7.11
🚀 New features and improvements
- rename convert methohds to explicit project vs dependency (#456)
@hboutemy
- cleanup unused code (#455)
@hboutemy
- test dependency type=zip for #431 (reverts #9) (#454)
@hboutemy
- Support metadata when dependency is any other dependency type than jar (#431)
@AlbGarciam
- Add support for custom external references (#428)
@vy
- Add a configuration option to skip undeployed artifacts (#435)
@ppkarwasz
- use metadata properties in UUID (#441)
@hboutemy
- Generate serial numbers deterministically (#420) (#425)
@vy
📦 Dependency updates
- define plugin-tools.version property (#453)
@hboutemy
- Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.2 to 3.11.0 (#451)
@dependabot
- Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.10.2 to 3.11.0 (#450)
@dependabot
- Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0 (#449)
@dependabot
- Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1 (#447)
@dependabot
- Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.1 to 3.10.2 (#445)
@dependabot
- Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.4.5 to 3.5.0 (#442)
@dependabot
- Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#443)
@dependabot
- Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.1 to 3.10.2 (#444)
@dependabot
- Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#422)
@dependabot
- Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.10.1 to 3.10.2 (#424)
@dependabot
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.3 (#438)
@dependabot
- Bump actions/setup-java from 3 to 4 (#437)
@dependabot
- Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.9.0 to 3.10.1 (#417)
@dependabot
Commits
349fe7c
[maven-release-plugin] prepare release cyclonedx-maven-plugin-2.7.112d130a0
rename convert methohds to explicit project vs dependency051be8e
cleanup unused coded0e6cb5
test dependency type=zip for #431 (reverts #9)46837cd
Update DefaultModelConverter.java to support Zip filesdc90b21
define plugin-tools.version property8836cbd
Add support for custom external references (#428)86410aa
Bump org.apache.maven.plugin-tools:maven-plugin-annotations4d71b50
Bump org.apache.maven.plugins:maven-plugin-report-plugin70aae8e
Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)