search

eclipse-passage / passage

Define and control license checks and usage constraints for OSGi / RCP / IDE
https://www.eclipse.org/passage/
Eclipse Public License 2.0
7 stars 8 forks source link

fix(deps): bump maven-assembly-plugin from 3.4.2 to 3.5.0 #1208

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps maven-assembly-plugin from 3.4.2 to 3.5.0.

Commits
  • f73f48f [maven-release-plugin] prepare release maven-assembly-plugin-3.5.0
  • f5ccd4d vuln-fix: Temporary File Information Disclosure
  • 6b62453 improve javadoc
  • f42194b MASSEMBLY-941 keep file permission in Reproducible mode (#96)
  • 1336ea7 Revert "[MASSEMBLY-941] keep file permission in Reproducible mode"
  • b41a8ee [MASSEMBLY-941] keep file permission in Reproducible mode
  • 1c6e07e update Reproducible Builds badge link
  • 69c4f55 Fix site "usage" page
  • e01ed50 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 1 year ago

Codecov Report

Merging #1208 (21b276f) into master (c0013b8) will not change coverage. The diff coverage is n/a.

:exclamation: Current head 21b276f differs from pull request most recent head b4a5cc0. Consider uploading reports for the commit b4a5cc0 to get more accurate results

@@            Coverage Diff            @@
##             master    #1208   +/-   ##
=========================================
  Coverage     33.47%   33.47%           
  Complexity      359      359           
=========================================
  Files          1175     1175           
  Lines         25744    25744           
  Branches       1590     1590           
=========================================
  Hits           8618     8618           
  Misses        16605    16605           
  Partials        521      521

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

ruspl-afed commented 1 year ago

@dependabot merge