metaschema-framework / oscal-cli

https://oscal-cli.metaschema.dev/
Other
3 stars 4 forks source link

Bump io.github.git-commit-id:git-commit-id-maven-plugin from 7.0.0 to 9.0.1 #3

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps io.github.git-commit-id:git-commit-id-maven-plugin from 7.0.0 to 9.0.1.

Release notes

Sourced from io.github.git-commit-id:git-commit-id-maven-plugin's releases.

Version 9.0.1 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

  • #754 / #760: Fix an issue where empty git.properties had been generated in submodules when injectAllReactorProjects=true

  • bump several maven plugins

    • bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0
    • bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.0
    • bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0
    • bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3.4.0
    • bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.1

Getting the latest release

The plugin is available from Maven Central (see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency:

<dependency>
    <groupId>io.github.git-commit-id</groupId>
    <artifactId>git-commit-id-maven-plugin</artifactId>
    <version>9.0.1</version>
</dependency>

Getting the latest snapshot (build automatically)

If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by github actions:

<pluginRepositories>
    <pluginRepository>
        <id>sonatype-snapshots</id>
        <name>Sonatype Snapshots</name>
         <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
    </pluginRepository>
</pluginRepositories>

Even though the github actions will only deploy a new snapshot once all tests have finished, it is recommended to rely on the released and more stable version.

Known Issues / Limitations:

  • This plugin is unfortunately not working with Heroku which is due to the fact how Heroku works. In summary Heroku does not copy over the .git-repository but in order to determine the git properties this plugin relies on the fact that it has access to the git-repository. A somewhat workaround to get some information is outlined in ktoso/maven-git-commit-id-plugin#279
  • Using maven's plugin prefix resolution (e.g. mvn com.test.plugins:myPlugin:myMojo) might result in unresolved properties even with <injectAllReactorProjects>true</injectAllReactorProjects>. Please refer to git-commit-id/maven-git-commit-id-plugin#287 or git-commit-id/maven-git-commit-id-plugin#413 for details and potential workarounds

Reporting Problems

If you find any problem with this plugin, feel free to report it here

Version 9.0.0 is finally there and includes various bug-fixes and improvements :-)

⚠️ This is a potentially breaking release. Read the release-notes carefully ⚠️

Potential Breaking changes:

The main key-aspects that might cause a breakage when migrating to the new version:

... (truncated)

Commits
  • cba7dc5 [maven-release-plugin] prepare release v9.0.1
  • 08004a2 Merge pull request #760 from git-commit-id/754
  • 1238467 fix checkstyle
  • cb2490d git-commit-id/git-commit-id-maven-plugin#754: Fix a...
  • 38b9b4e Merge pull request #759 from git-commit-id/dependabot/maven/org.apache.maven....
  • 977f148 Merge pull request #758 from git-commit-id/dependabot/maven/org.apache.maven....
  • 9867c07 Merge pull request #756 from git-commit-id/dependabot/maven/org.apache.maven....
  • 20f53da Merge pull request #755 from git-commit-id/dependabot/maven/org.apache.maven....
  • 98c058e build(deps): bump org.apache.maven.plugins:maven-dependency-plugin
  • 345cf3d build(deps): bump org.apache.maven.plugins:maven-clean-plugin
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
david-waltermire commented 3 months ago

@dependabot rebase