Closed DRoppelt closed 1 year ago
Related #369
@aleksandr-m do you have a timeline on releasing this? Maybe a 1.19.1
or so?
Any news on that for a next 1.19.1?
Is there a maven repository available, where the version "1.19.1-SNAPSHOT" - currently on master branch - can be pulled?
1.20.0
is released.
Hi, very much appreciate your project here.
We have some security scans on our maven build agents and they keep flagging "someone uses log4j1!", so we investigated and found your plugin to be the one that eventually leads to log4j.jar to be present in build cache.
It seems like the project is using some alpha depedencies from 2009 (maven-project). Which seems to be replaced by
maven-core
(which this plugin also depends on). Any way you would consider cleaning up that dependency tree?I am not familiar with plugin development, I would submit a PR if you'd like.
How to reproduce:
1) add this into a pom.xml
2)
mvn dependency:tree > tree.log && grep -i "gitflow" -A 80 tree.log