cvss-calculator
cvss-calculator copied to clipboard
Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0
Bumps org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0.
Release notes
Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.
3.5.0
🚀 New features and improvements
- [MENFORCER-497] - Require Maven 3.6.3+ (#317)
@slawekjaranowski
- [MENFORCER-494] - Allow banning dynamic versions in whole tree (#294)
@JimmyAx
- [MENFORCER-500] - New rule to enforce that Maven coordinates match given (#309)
@kwin
🐛 Bug Fixes
- [MENFORCER-503] - Pass context to ProfileActivator - fix NPE in Maven 3.9.7 (#315)
@slawekjaranowski
📦 Dependency updates
- [MENFORCER-501] - Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311)
@dependabot
- [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312)
@dependabot
- [MENFORCER-504] - Bump org.apache.maven:maven-parent from 41 to 42 (#314)
@dependabot
- [MENFORCER-501] - Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#298)
@dependabot
- [MENFORCER-501] - Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (#305)
@dependabot
- [MENFORCER-501] - Bump commons-io:commons-io from 2.13.0 to 2.16.0 (#310)
@dependabot
- Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307)
@dependabot
- Bump apache/maven-gh-actions-shared from 3 to 4 (#308)
@dependabot
- [MENFORCER-498] - Update parent pom to 41 (#306)
@slachiewicz
- Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303)
@dependabot
- Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 (#301)
@dependabot
- Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#295)
@dependabot
- Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#296)
@dependabot
- [MENFORCER-492] - Bump plexus-utils from 3.5.1 to 4.0.0 and plexus-xml 3.0.0 (#291)
@slawekjaranowski
- Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292)
@dependabot
👻 Maintenance
- [MENFORCER-490] - Remove unused dependency (#316)
@elharo
- Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307)
@dependabot
- Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 (#304)
@dependabot
- [MENFORCER-498] - Update parent pom to 41 (#306)
@slachiewicz
- Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303)
@dependabot
- Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292)
@dependabot
- Oxford comma, fill to file, and tighten language (#290)
@elharo
- [MENFORCER-490] - Declare enforcer-rules dependencies (#289)
@elharo
- [MENFORCER-490] - fully declare maven-enforcer-plugin dependencies (#288)
@elharo
Commits
21b31b5
[maven-release-plugin] prepare release enforcer-3.5.0e6cd6e9
Remove unused dependency (#316)29d1c0d
[MENFORCER-497] Require Maven 3.6.3+80e6626
[MENFORCER-503] Pass context to ProfileActivator - fix NPE in Maven 3.9.75c7d0bc
[MENFORCER-494] Allow banning dynamic versions in whole tree (#294)e687c46
[MENFORCER-501] Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311)6665083
[MENFORCER-501] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312)3eb6343
Bump project version to 3.5.0-SNAPSHOT1cf5c5f
[MENFORCER-504] Bump org.apache.maven:maven-parent from 41 to 42 (#314)a24b557
Manage ignore artifacts for dependabot in PR- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)