s4u / sign-maven-plugin

Maven plugin which creates Open PGP / GPG signatures for all of the project's artifacts
https://www.simplify4u.org/sign-maven-plugin/
Apache License 2.0
47 stars 7 forks source link

Bump mockito.version from 4.11.0 to 5.1.1 #154

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps mockito.version from 4.11.0 to 5.1.1. Updates mockito-junit-jupiter from 4.11.0 to 5.1.1

Release notes

Sourced from mockito-junit-jupiter's releases.

v5.1.1

Changelog generated by Shipkit Changelog Gradle Plugin

5.1.1

v5.1.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.1.0

v5.0.0

Mockito 5: prepare for future JDK versions

For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working.

Switch the default mockmaker to mockito-inline

Back in Mockito 2.7.6, we published a new mockmaker based on the "inline bytecode" principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates "real" subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass.

Massive thanks to community member @​reta who implemented this change.

Note: this does not affect mockito-android nor testing on Android.

When should I still be using the subclass mockmaker?

... (truncated)

Commits


Updates mockito-core from 4.11.0 to 5.1.1

Release notes

Sourced from mockito-core's releases.

v5.1.1

Changelog generated by Shipkit Changelog Gradle Plugin

5.1.1

v5.1.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.1.0

v5.0.0

Mockito 5: prepare for future JDK versions

For a while now, we have seen an increase in problems/incompatibilities with recent versions of the JDK due to our usage of JVM-internal API. Most notably, JDK 17 made some changes which are incompatible with the current subclass mockmaker. Therefore, to prepare for the future of JDK, we are making some core changes to ensure Mockito keeps on working.

Switch the default mockmaker to mockito-inline

Back in Mockito 2.7.6, we published a new mockmaker based on the "inline bytecode" principle. This mockmaker creates mocks manipulating bytecode equivalent within the original class such that its method implementations hook into the normal Mockito machinery. As a comparison, the subclass mockmaker generates "real" subclasses for mocks, to mimic the same behavior. While the approaches are similar, the inline mockmaker avoids certain restrictions that the JDK imposes. For example, it does not violate module boundaries (introduced in JDK 9, but more heavily used in JDK 17) and avoids the leaking of the creation of the subclass.

Massive thanks to community member @​reta who implemented this change.

Note: this does not affect mockito-android nor testing on Android.

When should I still be using the subclass mockmaker?

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

dependabot[bot] commented 1 year ago

Superseded by #157.