Skip to content

Commit

Permalink
MINOR: [Java] Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.11 t…
Browse files Browse the repository at this point in the history 
…o 2.8.0 in /java (#41210)

Bumps [org.cyclonedx:cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin) from 2.7.11 to 2.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/releases">org.cyclonedx:cyclonedx-maven-plugin's releases</a>.</em></p>
<blockquote>
<h2>2.8.0</h2>

<ul>
<li>Update CycloneDX Description Text (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/461">#461</a>) <a href="https://github.com/msymons"><code>@​msymons</code></a></li>
</ul>
<h2>🚀 New features and improvements</h2>
<ul>
<li>convert external reference type by value instead of CONSTANT_NAME (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/480">#480</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>distribution-intake external reference is more accurate (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/477">#477</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>add 'build' lifecycle when CDX 1.5 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/462">#462</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>document SBOM external references (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/459">#459</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>improve site generation (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/458">#458</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>upgrade to CycloneDX 1.5 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/457">#457</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>check if configured schemaVersion is supported (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/479">#479</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/478">#478</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump actions/checkout from 4.1.1 to 4.1.2 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/474">#474</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.commons:commons-compress from 1.24.0 to 1.26.0 in /src/it/makeAggregateBom/util (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/468">#468</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/465">#465</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump release-drafter/release-drafter from 5 to 6 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/464">#464</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 (<a href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/466">#466</a>) <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/90e38178a7480b10b0f225cf6c2bc2f26b5a6eab"><code>90e3817</code></a> [maven-release-plugin] prepare release cyclonedx-maven-plugin-2.8.0</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/eed838e3a76712054ff8eeeb0af04c64a7d0bd26"><code>eed838e</code></a> convert external reference type by value instead of default CONSTANT_NAME</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/3fd83bf3fef57fb5569cff378637b903ca39bf45"><code>3fd83bf</code></a> Bump org.apache.maven.plugins:maven-compiler-plugin</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/343c62dfe4a8bd983c1c77e06d37b8f285f09dbb"><code>343c62d</code></a> check if configured schemaVersion is supported</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/d0015429ef13f79503bb6d17e3b66f59a1b408a2"><code>d001542</code></a> distribution-intake external reference is more accurate</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/fa5541d39a58d6f09ec3b7a9a2ad1b8d7682bb18"><code>fa5541d</code></a> Bump actions/checkout from 4.1.1 to 4.1.2</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/a43cd056f3d6f319ff6e3de83cb62ebd9b2e29ec"><code>a43cd05</code></a> Bump org.apache.commons:commons-compress</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/31ff1f46643f888f91a27f02d9e82828f9b5590d"><code>31ff1f4</code></a> Bump org.junit:junit-bom from 5.10.1 to 5.10.2</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/ce8a6e70afbf2c7307f9a4a449ce8f4c80e03dc2"><code>ce8a6e7</code></a> Bump release-drafter/release-drafter from 5 to 6</li>
<li><a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/16dcb5b62fefe642cd29360141c512fd1ddcf2c0"><code>16dcb5b</code></a> Bump commons-codec:commons-codec from 1.16.0 to 1.16.1</li>
<li>Additional commits viewable in <a href="https://github.com/CycloneDX/cyclonedx-maven-plugin/compare/cyclonedx-maven-plugin-2.7.11...cyclonedx-maven-plugin-2.8.0">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.cyclonedx:cyclonedx-maven-plugin&package-manager=maven&previous-version=2.7.11&new-version=2.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@ dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@ dependabot rebase` will rebase this PR
- `@ dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@ dependabot merge` will merge this PR after your CI passes on it
- `@ dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@ dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@ dependabot reopen` will reopen this PR if it is closed
- `@ dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@ dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@ dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@ dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@ dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: David Li <li.davidm96@gmail.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Apr 29, 2024
1 parent a8c4f86 commit ff67979
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion java/maven/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.7.11</version>
<version>2.8.0</version>
</plugin>
</plugins>
</pluginManagement>
Expand Down
2 changes: 1 addition & 1 deletion java/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -519,7 +519,7 @@
<plugin>
<groupId>org.cyclonedx</groupId>
<artifactId>cyclonedx-maven-plugin</artifactId>
<version>2.7.11</version>
<version>2.8.0</version>
</plugin>
<plugin>
<groupId>org.apache.drill.tools</groupId>
Expand Down

0 comments on commit ff67979

Please sign in to comment.