Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump gmavenplus-plugin from 1.4 to 3.0.0 #17

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump gmavenplus-plugin from 1.4 to 3.0.0 #17

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 26, 2023
edited
Loading

Bumps gmavenplus-plugin from 1.4 to 3.0.0.

Release notes

Sourced from gmavenplus-plugin's releases.

3.0.0

Bugs

  • #244 Fix Maven plugin validation warnings.

Enhancements

  • #239 Require Maven 3.2.5.

Potentially breaking changes

Maven's compatibility plan marked Maven versions older than 3.2.5 as EOL in March 2023. Therefore, we now require 3.2.5 to move forward with the rest of the ecosystem.

Notes

Fixing the validation warnings removed some Maven dependencies from the plugin's classpath (instead of using the ones from Maven itself). I'm not aware of any negative consequences of this, but it's possible certain specialized use cases might encounter changes in behavior.

2.1.0

Bugs

None.

Enhancements

  • #230 Recognize JDK 19 as a valid target bytecode.
  • #232 Recognize JDK 20 as a valid target bytecode.

Potentially breaking changes

None.

Notes

None.

2.0.0

Bugs

None.

Enhancements

  • #210 Improve error messages when Groovy classes can't be located (avoiding the NullPointerExceptions that were causing confusion and instead throwing our own exception).
  • #221 apache/groovy@8d19017#diff-5522480b605c81fc7dd50f58b857f5fc8802ea69229742441c6fdef328846062 caused an exception to be thrown for Groovy 4.0.0-RC-1 and newer when binding properties in a script/console/shell and bindPropertiesToSeparateVariables is false. The error logging when this happens has been improved.
  • #223 Support 5, 6, 7, 8, and 1.9 arguments to targetBytecode so that validation doesn't unexpectedly fail since it uses the maven.compiler.target property and these arguments are valid for javac.

Potentially breaking changes

This release requires Java 8 and drops support for Java 7. This was necessary to update dependencies which fix vulnerabilities. Specifically, in maven-archiver. At the time of release, the following dependencies were not compatible with Java 7

  • org.apache.commons:commons-compress
  • org.codehaus.plexus:plexus-archiver
  • org.apache.maven:maven-archiver
  • org.codehaus.plexus:plexus-io
  • org.codehaus.plexus:plexus-utils

This is not the first breaking release, but it is the first breaking release to follow the semver conventions.

Notes

None.

1.13.1

... (truncated)

Commits
  • 7ea236c [maven-release-plugin] prepare release 3.0.0
  • f5d2014 Merge pull request #250 from groovy/guava
  • b27275c Fix Guava CVEs
  • 3e50f9e Merge pull request #249 from groovy/remove_unneeded_dependencies
  • 01b3622 Remove overridden dependencies no longer needed
  • 473d93e Add test SLF4J implementation
  • 96da595 Update plugin-plugin configuration
  • 31259ae Clean up integration test versions
  • 9c99c76 Merge pull request #246 from hazendaz/master
  • 5218747 Bump a couple integration test plugin versions
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 26, 2023
@dependabot dependabot bot mentioned this pull request May 26, 2023
Closed
@dependabot
Bump gmavenplus-plugin from 1.4 to 3.0.0
a1697eb 
Bumps [gmavenplus-plugin](https://github.com/groovy/GMavenPlus) from 1.4 to 3.0.0.
- [Release notes](https://github.com/groovy/GMavenPlus/releases)
- [Commits](groovy/GMavenPlus@1.4...3.0.0)

---
updated-dependencies:
- dependency-name: org.codehaus.gmavenplus:gmavenplus-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@mamh2021 mamh2021 force-pushed the dependabot/maven/org.codehaus.gmavenplus-gmavenplus-plugin-3.0.0 branch from db97eb1 to a1697eb Compare July 17, 2023 04:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants