Skip to content

build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin from 5.0.0.4389 to 5.1.0.4751 #3261

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 22, 2025
Merged

build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin from 5.0.0.4389 to 5.1.0.4751 #3261

merged 1 commit into from
Apr 22, 2025
+1 −1

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 21, 2025

Bumps org.sonarsource.scanner.maven:sonar-maven-plugin from 5.0.0.4389 to 5.1.0.4751.

Release notes

Sourced from org.sonarsource.scanner.maven:sonar-maven-plugin's releases.

5.1.0.4751

Release notes - Sonar Scanner for Maven - 5.1

New Feature

SCANMAVEN-264 Add support for SonarQube Cloud regions

Bug

SCANMAVEN-228 Irrelevant encrypted properties should not be passed to the scanner engine

Task

SCANMAVEN-242 Migrate from single module to a multi-module structure

SCANMAVEN-250 Fix broken links coming from the relocation-pom's parent

SCANMAVEN-254 Update parent pom to version 81.0.0.2300

SCANMAVEN-257 Update headers for 2025

SCANMAVEN-258 Conditionally run tests using sonar.password in ITs

SCANMAVEN-260 Update CODEOWNERS after reorg

SCANMAVEN-261 Validate IT using the latest maven 4 release candidate 2

SCANMAVEN-262 Fix quality flaws: remove unnecessary public modifiers

SCANMAVEN-265 Upgrade sonar-scanner-java-library to latest version

SCANMAVEN-266 Analyze integration tests

SCANMAVEN-269 Prepare next development iteration 5.1

SCANMAVEN-271 Fix readability issues in ProxyTest

SCANMAVEN-272 Increase memory because maven 4.0.0-rc-2 fails with out of memory exception

SCANMAVEN-274 Fix quality flaws

SCANMAVEN-277 remove unused third-party-licenses.sh

SCANMAVEN-278 Fix quality flaws

SCANMAVEN-279 Clean up tech debt in Maven Scanner

SCANMAVEN-282 Update plexus-sec-dispatcher to fix CVE-2017-1000487

SCANMAVEN-284 Migrate releasability check to v2, fix property-dump-plugin to be excluded by releasability check (not released)

... (truncated)

Commits
  • e284917 SCANMAVEN-284 Bump releasability workflow version (#294)
  • cb6dd58 SCANMAVEN-282 Update plexus-sec-dispatcher from 1.4 (sonatype) to 2.0 (codeha...
  • 460e710 SCANMAVEN-280 Log the SonarQube Cloud Region (#291)
  • 8e0570b SCANMAVEN-228 Ignore Irrelevant Encrypted Properties (#289)
  • 7d5574f SCANMAVEN-279 Clean up old code (#290)
  • c472cfd SCANMAVEN-271 Fix readability issues in ProxyTest (#279)
  • 0783ad3 SCANMAVEN-264 Add support for SonarQube Cloud regions (#284)
  • 8f52888 SCANMAVEN-278 Fix quality flaws (#288)
  • 4c796c8 SCANMAVEN-276 ScannerEngineBootstrapper.isSuccessful() should be verified bef...
  • a09d151 SCANMAVEN-242 update readme quality gate badge, because project key has chang...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
Loading
Loading status checks…
9bc2070 
Bumps [org.sonarsource.scanner.maven:sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 5.0.0.4389 to 5.1.0.4751.
- [Release notes](https://github.com/SonarSource/sonar-scanner-maven/releases)
- [Commits](SonarSource/sonar-scanner-maven@5.0.0.4389...5.1.0.4751)

---
updated-dependencies:
- dependency-name: org.sonarsource.scanner.maven:sonar-maven-plugin
  dependency-version: 5.1.0.4751
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 21, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Apr 21, 2025
edited
Loading

PR Summary

This PR updates the org.sonarsource.scanner.maven:sonar-maven-plugin dependency from version 5.0.0.4389 to 5.1.0.4751. This update includes new features, bug fixes, and improvements to the plugin's functionality, such as support for SonarQube Cloud regions and various quality improvements.

Changes

File Summary
pom.xml The sonar-maven-plugin.version property in the pom.xml file has been updated from 5.0.0.4389 to 5.1.0.4751. This change reflects the updated version of the Sonar Maven plugin used in the project.

autogenerated by presubmit.ai

github-actions[bot]
github-actions bot reviewed Apr 21, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Review Summary

Commits Considered (1)
  • 9bc2070: build(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin

Bumps org.sonarsource.scanner.maven:sonar-maven-plugin from 5.0.0.4389 to 5.1.0.4751.

updated-dependencies:

  • dependency-name: org.sonarsource.scanner.maven:sonar-maven-plugin
    dependency-version: 5.1.0.4751
    dependency-type: direct:production
    update-type: version-update:semver-minor
    ...

Signed-off-by: dependabot[bot] support@github.com

Files Processed (1)
  • pom.xml (1 hunk)
Actionable Comments (0)
Skipped Comments (0)

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@iluwatar iluwatar merged commit ad6bdf8 into master Apr 22, 2025
2 checks passed
@iluwatar iluwatar deleted the dependabot/maven/org.sonarsource.scanner.maven-sonar-maven-plugin-5.1.0.4751 branch April 22, 2025 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot]

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@iluwatar