Bump plexus-archiver from 4.2.3 to 4.5.0

[dependabot[bot]]

Bumps plexus-archiver from 4.2.3 to 4.5.0.

Release notes

Sourced from plexus-archiver's releases.

Plexus Archiver 4.5.0

🚀 New features and improvements

• Add zstd (un)archiver support (#226) @​pleeplop

🐛 Bug Fixes

• Fix UnArchiver#isOverwrite not working as expected (#229) @​plamentotev Existing files were overridden only if UnArchiver#isOverwrite was set and the existing files were older than the archive entry. Now it works as documented: older files are always overridden; when UnArchiver#isOverwrite is true, existing files are always overridden regardless if they are older or not.

Plexus Archiver 4.4.0

🚀 New features and improvements

• Drop legacy plexus API and use only JSR330 components (#220) @​cstamas

Plexus Archiver 4.3.0

🚀 New features and improvements

• Require Java 8 (#206) @​plamentotev
• Refactor to use FileTime API (#199) @​jorsol
• Rename setTime method to setZipEntryTime (#209) @​jorsol
• Convert InputStreamSupplier to lambdas (#212) @​jorsol
• Update plexus-container-default to 2.1.1, commons-io 2.11.0 (#211) @​jorsol
• FIX: Reproducible Builds not working when using modular jar (#205) @​jorsol

📦 Dependency updates

• Bump plexus-parent from 8 to 10 (#219) @​dependabot
• Bump plexus-io from 3.2.0 to 3.3.1 (#214) @​dependabot
• Bump plexus-utils from 3.4.1 to 3.4.2 (#218) @​dependabot

Plexus Archiver 4.2.7

🚀 New features and improvements

• Respect order of META-INF/ and META-INF/MANIFEST.MF entries in a JAR file (#189) @​michael-o

Plexus Archiver 4.2.6

This release updates commons-compress to 1.21 which contains security fixed for CVE-2021-35517 CVE-2021-35516 CVE-2021-35515 CVE-2021-36090

This version requires Java 8 as minimum (commons-compress 1.21 requires Java 8).

🚀 New features and improvements

• FileInputStream, FileOutputStream, FileReader and FileWriter are no longer used (#183) @​jorsol

... (truncated)

Commits

• 61aa536 [maven-release-plugin] prepare release plexus-archiver-4.5.0
• 69d9efb Bump zstd-jni from 1.5.2-3 to 1.5.2-4
• b5aae67 Bump to 4.5.0
• 5ba0d19 Add zstd (un)archiver support
• 8656ee0 Fix UnArchiver#isOverwrite not working as expected
• 57d924b Bump junitVersion from 5.8.2 to 5.9.0
• 0a5115c Use @Enabled/@​Disabled to run tests only on specific OS/JDK
• 5363cf9 Migrate to JUnit 5
• bf33d58 Update release-drafter.yml
• f558d87 Use shared workflow for the Maven build
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #105.