Bump the build-dependencies group with 3 updates #86

dependabot · 2025-12-01T21:55:29Z

Bumps the build-dependencies group with 3 updates: org.apache.maven.plugins:maven-release-plugin, org.apache.maven.plugins:maven-resources-plugin and org.apache.maven.plugins:maven-assembly-plugin.

Updates org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0

Release notes

Sourced from org.apache.maven.plugins:maven-release-plugin's releases.

3.2.0

🚀 New features and improvements

Add "serverId" and "privateKey" SCM parameters (#1385) @kwin

Support complex CI-Friendly expressions (#1382) @kwin

[MRELEASE-1160] - Consider releaseDescriptor's pushChanges for ScmRepositoryConfigurator.getConfiguredRepository() (#237) @kwin

[MRELEASE-1054] - Support for excluding submodules changes. (#196) @wuwen5

🐛 Bug Fixes

[MRELEASE-1154] - Never fail for unresolvable version expressions (#230) @kwin

[MRELEASE-1153] - Revert parts of MRELEASE-1109 (8dfcb47996320af5e6f0b2d50eac209… (#224) @michael-o

📝 Documentation updates

Convert APT to Markdown (#1405) @kwin

(doc) Add FAQ entry for using custom deploy plugin (#1388) @Marcono1234

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#238) @Bukama

👻 Maintenance

PlexusFileUtils Refaster recipes (#1403) @slachiewicz

PlexusStringUtils Refaster recipes (#1404) @slachiewicz

Update site descriptor to 2.0.0 (#1399) @slawekjaranowski

feat: enable prevent branch protection rules (#1387) @sebtiem

Github Issues (#241) @Bukama

Convert to Guice constructor injection (#236) @elharo

📦 Dependency updates

Bump parent from 42 to 45 (#1396) @slawekjaranowski

Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#1392) @dependabot[bot]

Bump scmVersion from 2.1.0 to 2.2.1 (#1393) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.3 to 2.10.4 (#1389) @dependabot[bot]

Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1386) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#1378) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interactivity-api from 1.3 to 1.4 (#239) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#240) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.1 to 2.10.3 (#1377) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.0 to 2.10.1 (#242) @dependabot[bot]

Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 (#227) @dependabot[bot]

Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#226) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.17.0 (#231) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 (#225) @dependabot[bot]

Commits

167c489 [maven-release-plugin] prepare release maven-release-3.2.0
0ab10be Improve javadoc for parameter "pushChanges"
f06aaa2 Add links to Javadocs for SCM authentication
bf44cbe Site: Convert APT to Markdown
71db7e5 Move to match target converter format MARKDOWN with doxia-converter
46a6026 PlexusFileUtils Refaster recipes (#1403)
b3d49dc PlexusStringUtils Refaster recipes (#1404)
ce76e9f Update site descriptor to 2.0.0
0ef78fd Bump parent from 42 to 45
dfe917c Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#1392)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0

Release notes

Sourced from org.apache.maven.plugins:maven-resources-plugin's releases.

3.4.0

🚀 New features and improvements

Enable GitHub Issues (#98) @slawekjaranowski

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#89) @Bukama

[MRESOURCES-299] - Be more accurate on using filtering element (#80) @pzygielo

Don't bother with very old versions (#59) @elharo

👻 Maintenance

Migrate site to Doxia 2 (#440) @slachiewicz

Bump Maven to 3.9.11 while keep prerequisites on 3.6.3 (#437) @slachiewicz

PlexusFileUtils Refaster recipes (#431) @slachiewicz

Add PR Automation action (#94) @slawekjaranowski

Improve release-drafter configuration (#93) @slawekjaranowski

Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (#64) @dependabot[bot]

Add dependency to slf4j-simple for test scope (#60) @slachiewicz

Use try with resources in integration test (#58) @elharo

reduce dependency scope of plexus-utils and commons-io (#57) @elharo

📦 Dependency updates

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#439) @dependabot[bot]

Bump org.apache.maven.resolver:maven-resolver-api from 1.6.3 to 1.9.24 (#413) @dependabot[bot]

Bump Maven to 3.9.11 while keep prerequisites on 3.6.3 (#437) @slachiewicz

Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#432) @dependabot[bot]

Bump m-invoker-p to 3.9.1 (#433) @slachiewicz

Bump org.apache.maven.plugins:maven-plugins from 43 to 45 (#411) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#114) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#430) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#422) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#419) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#416) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#117) @dependabot[bot]

Bump org.apache.maven.shared:maven-filtering from 3.3.2 to 3.4.0 (#107) @dependabot[bot]

Bump commons-io:commons-io from 2.16.0 to 2.18.0 (#102) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.17.0 (#104) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 41 to 43 (#101) @dependabot[bot]

[MRESOURCES-305] - Bump org.codehaus.plexus:plexus-utils from 3.5.1 to 4.0.0 (#65) @dependabot[bot]

[MRESOURCES-304] - Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27 (#66) @dependabot[bot]

[MRESOURCES-303] - Bump org.apache.maven.shared:maven-filtering from 3.3.1 to 3.3.2 (#68) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0 (#62) @dependabot[bot]

[MRESOURCES-302] - Bump commons-io:commons-io from 2.11.0 to 2.16.0 (#69) @dependabot[bot]

Bump apache/maven-gh-actions-shared from 3 to 4 (#67) @dependabot[bot]

Commits

b07d56e [maven-release-plugin] prepare for next development iteration
21e646c [maven-release-plugin] prepare release maven-resources-plugin-3.4.0
61801af Migrate site to Doxia 2
146ebb8 Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#439)
5013682 Bump org.apache.maven.resolver:maven-resolver-api from 1.6.3 to 1.9.24
d7c4d28 Bump Maven to 3.9.11 while keep prerequisites on 3.6.3
e33f1ec Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29
ce77f50 Bump m-invoker-p to 3.9.1
726f429 Bump org.apache.maven.plugins:maven-plugins from 43 to 45
a747bae PlexusFileUtils Refaster recipes
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-assembly-plugin from 3.7.1 to 3.8.0

Release notes

Sourced from org.apache.maven.plugins:maven-assembly-plugin's releases.

3.8.0

🐛 Bug Fixes

[MASSEMBLY-1030] - Manifest entries from archive configuration are not added in final MANIFEST (#205) @olamy

[MASSEMBLY-1029] - Use minimal level for model validation (#204) @gnodet

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#215) @Bukama

👻 Maintenance

chore: migrate junit3/4 to junit5 (#1260) @sparsick

feat: enable prevent branch protection rules (#1252) @sebtiem

Enable Github Issues (#219) @Bukama

📦 Dependency updates

Bump Maven to 3.9.11. Prerequisite still 3.6.3 (#1270) @slachiewicz

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#1269) @dependabot[bot]

Bump org.codehaus.plexus:plexus-io from 3.5.2 to 3.6.0 (#1264) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#1266) @dependabot[bot]

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#1267) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#1265) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5 (#1258) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-5 to 1.5.7-6 (#1259) @dependabot[bot]

Bump plexus-archiver to 4.10.3 (#1255) @slachiewicz

Bump m-invoker-p to 3.9.1 for Java 25 (#1256) @slachiewicz

Bump com.github.luben:zstd-jni from 1.5.7-4 to 1.5.7-5 (#1254) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#1251) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 42 to 44 (#216) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#1248) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.3 to 3.6.4 (#1249) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#1250) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#1247) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-3 to 1.5.7-4 (#1244) @dependabot[bot]

Bump commons-fileupload:commons-fileupload from 1.5 to 1.6.0 in /src/it/projects/bugs/massembly-580 (#1245) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-2 to 1.5.7-3 (#225) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#209) @dependabot[bot]

Bump org.apache.maven.shared:maven-common-artifact-filters from 3.3.2 to 3.4.0 (#207) @dependabot[bot]

Bump commons-io:commons-io from 2.16.1 to 2.19.0 (#224) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#223) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.6-3 to 1.5.7-2 (#222) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.3 (#221) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.0 to 1.27.1 (#213) @dependabot[bot]

Bump org.apache.maven.shared:maven-filtering from 3.3.2 to 3.4.0 (#220) @dependabot[bot]

Bump org.codehaus.plexus:plexus-io from 3.4.2 to 3.5.1 (#214) @dependabot[bot]

Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#212) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.26.1 to 1.27.0 (#211) @dependabot[bot]

... (truncated)

Commits

53dcfc0 Remove redundant escaping (#1277)
04cbbb3 some nits (#1279)
7c9e58a Plug ThreadLocal memory leak (#1276)
ceef4b0 commons-io version is now the same (#1274)
0a06350 Declare used dependencies (#1271)
31ac192 Remove commented code (#1273)
c5b8aff Document regex support in include/exclude patterns (#1243)
bd8cafc [maven-release-plugin] prepare for next development iteration
434b3aa [maven-release-plugin] prepare release maven-assembly-plugin-3.8.0
43666c3 Bump Maven to 3.9.11. Prerequisite still 3.6.3
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the build-dependencies group with 3 updates: [org.apache.maven.plugins:maven-release-plugin](https://github.com/apache/maven-release), [org.apache.maven.plugins:maven-resources-plugin](https://github.com/apache/maven-resources-plugin) and [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin). Updates `org.apache.maven.plugins:maven-release-plugin` from 3.1.1 to 3.2.0 - [Release notes](https://github.com/apache/maven-release/releases) - [Commits](apache/maven-release@maven-release-3.1.1...maven-release-3.2.0) Updates `org.apache.maven.plugins:maven-resources-plugin` from 3.3.1 to 3.4.0 - [Release notes](https://github.com/apache/maven-resources-plugin/releases) - [Commits](apache/maven-resources-plugin@maven-resources-plugin-3.3.1...v3.4.0) Updates `org.apache.maven.plugins:maven-assembly-plugin` from 3.7.1 to 3.8.0 - [Release notes](https://github.com/apache/maven-assembly-plugin/releases) - [Commits](apache/maven-assembly-plugin@maven-assembly-plugin-3.7.1...v3.8.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-release-plugin dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: org.apache.maven.plugins:maven-resources-plugin dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies - dependency-name: org.apache.maven.plugins:maven-assembly-plugin dependency-version: 3.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: build-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Dec 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump the build-dependencies group with 3 updates #86

Bump the build-dependencies group with 3 updates #86

dependabot bot commented on behalf of github Dec 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Bump the build-dependencies group with 3 updates #86

Are you sure you want to change the base?

Bump the build-dependencies group with 3 updates #86

Conversation

dependabot bot commented on behalf of github Dec 1, 2025

3.2.0

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.4.0

🚀 New features and improvements

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.8.0

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant