Bump git from 3.3.1 to 4.11.5

[dependabot[bot]]

Bumps git from 3.3.1 to 4.11.5.

Release notes

Sourced from git's releases.

4.11.5

🐛 Bug fixes

• SECURITY-2796 - fix @​raul-arabaolaza

4.11.4

🐛 Bug fixes

• SECURITY-284 - fix @​yaroslavafenkin

4.11.3

🐛 Bug fixes

• JENKINS-68562 - Fix Git checkouts for controllers running on Windows (#1273) @​dwnusbaum

📝 Documentation updates

• Fix minor typo in documentation. (#1260) @​pouwerkerk

📦 Dependency updates

• Bump spotless-maven-plugin from 2.22.3 to 2.22.5 (#1261, #1269) @​dependabot
• Bump spotbugs-annotations from 4.6.0 to 4.7.0 (#1263) @​dependabot

4.11.2

Security fix

• SECURITY-2478 - Prevent checkout from the controller file system

4.11.1

📝 Documentation updates

• Add warning about unexpected default branch name. (#1246) @​jmMeessen

🚦 Tests

• Work around JENKINS-67309 - (#1255) @​basil

📦 Dependency updates

• Bump promoted-builds from 3.9.1 to 3.10.1 (#1254) @​dependabot
• Test with Java 17 in addition to Java 11 and Java 8 (#1249) @​MarkEWaite
• Bump plugin pom from 4.38 to 4.40 (#1245, #1248) @​dependabot
• Bump spotless-maven-plugin from 2.21.0 to 2.22.1 (#1244, #1250) @​dependabot

4.11.0

... (truncated)

Changelog

Sourced from git's changelog.

[[changelog-moved-to-github-releases]] = Changelog moved to https://github.com/jenkinsci/git-plugin/releases[GitHub Releases]

== See https://github.com/jenkinsci/git-plugin/releases[GitHub Releases] for all new changelogs (July 1, 2019)

== Version 3.10.0 (May 2, 2019)

• Require Java 8
• Require Jenkins 2.121.1 or newer
• Fix upgrade compatibility error for mergeStrategy 'default' of pre-build merge in pipeline jobs (https://issues.jenkins.io/browse/JENKINS-51638[JENKINS-51638])

== Version 3.9.4 (April 24, 2019)

• https://jenkins.io/security/advisory/2019-01-28/[Security advisory] Fix object not found exception scanning multibranch pipeline repo (https://issues.jenkins.io/browse/JENKINS-50394[JENKINS-50394])

== Version 4.0.0-rc (January 30, 2019)

• Require Java 8
• Require Jenkins 2.60
• Make matrix project dependency optional
• Add shallow cloning for submodules (https://issues.jenkins.io/browse/JENKINS-21248[JENKINS-21248])
• Add option to search for users by e-mail address (https://issues.jenkins.io/browse/JENKINS-9016[JENKINS-9016])
• Add parallel update for submodules (https://issues.jenkins.io/browse/JENKINS-44720[JENKINS-44720])
• Stop bloating build.xml files with BuildData (https://issues.jenkins.io/browse/JENKINS-19022[JENKINS-19022])
• Fix notifyCommit for branch names that contain '/' characters (https://issues.jenkins.io/browse/JENKINS-29603[JENKINS-29603], https://issues.jenkins.io/browse/JENKINS-32174[JENKINS-32174])
• Fix empty "depth" parameter handling for shallow cloning (https://issues.jenkins.io/browse/JENKINS-53050[JENKINS-53050])
• Ignore exceptions when generating commit message as informational message in build log (https://issues.jenkins.io/browse/JENKINS-53725[JENKINS-53725])
• Fix snippet generator gitlab version class cast exception (https://issues.jenkins.io/browse/JENKINS-46650[JENKINS-46650])
• Fix git tool references on agent (https://issues.jenkins.io/browse/JENKINS-55827[JENKINS-55827])

== Version 3.9.3 (January 30, 2019)

• https://jenkins.io/security/advisory/2019-01-28/[Fix local tool reference was ignored] (https://issues.jenkins.io/browse/JENKINS-55827[JENKINS-55827]), regression in 3.9.2

... (truncated)

Commits

• d66885a [maven-release-plugin] prepare release git-4.11.5
• 3241db9 SECURITY-2796
• a776a3f [maven-release-plugin] prepare for next development iteration
• e732ec5 [maven-release-plugin] prepare release git-4.11.4
• b46165c [SECURITY-284][SECURITY-907]
• 18577d1 [maven-release-plugin] prepare for next development iteration
• 7dd7758 [maven-release-plugin] prepare release git-4.11.3
• 170f24f Merge pull request #1273 from dwnusbaum/JENKINS-68562
• 4c49869 Merge remote-tracking branch 'security/master'
• 83580ff [JENKINS-68562] Minor refactoring
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jenkinsci/ghprb-plugin/network/alerts).