Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.11.1 in /jans-core #10030

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.11.1 in /jans-core #10030

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 4, 2024
edited
Loading

Bumps org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.11.1.

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

maven-javadoc-plugin-3.10.1

What's Changed

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1

maven-javadoc-plugin-3.10.0

❗ NOTICE

Due to Doxia 2.x stack maven-site-plugin 3.20+ is requred.

What's Changed

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.8.0...maven-javadoc-plugin-3.10.0

Commits
  • 619650c [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.1
  • e314da0 [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin
  • 62a6861 [MJAVADOC-820] [REGRESSION] MJAVADOC-787 was merged incompletely
  • d1090c5 [maven-release-plugin] prepare for next development iteration
  • ee030f7 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.0
  • 6c5fdc0 [MJAVADOC-819] Align archive generation code with Maven Source Plugin
  • 3a90de5 [MJAVADOC-787] Automatic detection of release option for JDK < 9
  • 373172d [MJAVADOC-817] Upgrade to Doxia 2.0.0 GA Stack
  • ba266c0 Fix SCM tag
  • 5775ce1 Fix typo
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the java Pull requests that update Java code label Nov 4, 2024
@dependabot dependabot bot requested a review from yuriyzz as a code owner November 4, 2024 11:06
@dependabot dependabot bot added the kind-dependencies Pull requests that update a dependency file label Nov 4, 2024
@dependabot dependabot bot mentioned this pull request Nov 4, 2024
Closed
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Nov 4, 2024
edited
Loading

DryRun Security Summary

The provided code change updates the maven-javadoc-plugin version from 3.8.0 to 3.11.1 in the jans-core/pom.xml file, which is a routine maintenance task that does not appear to introduce any significant security concerns.

Expand for full summary

Summary:

The provided code change is an update to the maven-javadoc-plugin version in the jans-core/pom.xml file. The previous version 3.8.0 is being updated to 3.11.1. From an application security perspective, this change does not appear to introduce any significant security concerns, as the maven-javadoc-plugin is responsible for generating the Javadoc documentation for the project, and updating the version is a routine maintenance task. However, it's important to review the changelog or release notes of the updated plugin version to ensure that there are no known security vulnerabilities or issues that could impact the project. Additionally, it's a good practice to monitor the project's dependencies and keep them up-to-date to mitigate potential security risks. Overall, this code change seems to be a straightforward update and does not raise any immediate application security concerns.

Files Changed:

  • jans-core/pom.xml: The maven-javadoc-plugin version has been updated from 3.8.0 to 3.11.1. This change is related to the generation of Javadoc documentation for the project and does not introduce any obvious security vulnerabilities.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Sensitive Files Analyzer 1 finding

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@moabu
Copy link
Member

moabu commented Nov 7, 2024

@dependabot recreate

@dependabot
chore(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from …
b823d21 
…3.8.0 to 3.11.1 in /jans-core

Dependabot couldn't find the original pull request head commit, 259f9ce.
@dependabot dependabot bot force-pushed the dependabot/maven/jans-core/org.apache.maven.plugins-maven-javadoc-plugin-3.11.1 branch from 259f9ce to b823d21 Compare November 7, 2024 03:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yurem yurem Awaiting requested review from yurem yurem is a code owner

@yuriyz yuriyz Awaiting requested review from yuriyz yuriyz is a code owner

@yuriyzz yuriyzz Awaiting requested review from yuriyzz yuriyzz is a code owner

@duttarnab duttarnab Awaiting requested review from duttarnab

@jgomer2001 jgomer2001 Awaiting requested review from jgomer2001

@devrimyatar devrimyatar Awaiting requested review from devrimyatar

@moabu moabu Awaiting requested review from moabu

@iromli iromli Awaiting requested review from iromli

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
java Pull requests that update Java code kind-dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@moabu