You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by GitBox <gi...@apache.org> on 2022/09/22 15:23:14 UTC
[GitHub] [commons-dbcp] dependabot[bot] opened a new pull request, #219: Bump commons-parent from 53 to 54
dependabot[bot] opened a new pull request, #219:
URL: https://github.com/apache/commons-dbcp/pull/219
Bumps [commons-parent](https://github.com/apache/commons-parent) from 53 to 54.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt">commons-parent's changelog</a>.</em></p>
<blockquote>
<pre><code> Apache Commons Parent 54
RELEASE NOTES
</code></pre>
<p>The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 54.</p>
<p>The Apache Commons Parent POM provides common settings for all Apache Commons components.</p>
<p>Version 54: SBOMs, drop JDepend, replace FindBugs with SpotBugs, dependency bumps.</p>
<p>Changes in this version include:</p>
<p>New features:
o Add .vscode/* to RAT excludes.
o Add property commons.javadoc18.java.link. Thanks to Dependabot.
o Add JUnit BOM to dependency management.
o Add CycloneDX SBOM generation <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/122">#122</a>. Thanks to Steve Springett.
o Add SPDX SBOM generation. Thanks to Gary Gregory.</p>
<p>Changes:
o Bump actions/cache from 3 to 3.0.8, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/118">#118</a>. Thanks to Gary Gregory, Dependabot.
o Bump actions/checkout from 3 to 3.0.2. Thanks to Gary Gregory.
o Bump actions/setup-java from 2 to 3. Thanks to Gary Gregory.
o Bump apache from 24 to 27 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/112">#112</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/127">#127</a>. Thanks to Dependabot.
o Bump build-helper-maven-plugin from 3.2.0 to 3.3.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/105">#105</a>. Thanks to Dependabot.
o Bump jacoco-maven-plugin from 0.8.7 to 0.8.8. Thanks to Gary Gregory.
o Bump spotbugs from 4.5.3 to 4.7.2 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/120">#120</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/143">#143</a>. Thanks to Gary Gregory, Dependabot.
o Bump spotbugs-maven-plugin from 4.5.3.0 to 4.7.2.0, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/129">#129</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/142">#142</a>. Thanks to Gary Gregory, Dependabot.
o Bump maven-project-info-reports-plugin from 3.2.2 to 3.4.1 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/107">#107</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/128">#128</a>. Thanks to Dependabot.
o Bump maven-site-plugin from 3.11.0 to 3.12.1 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/108">#108</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/132">#132</a>. Fix [WARNING] An issue has occurred with apache-rat-plugin:0.14:rat report, skipping LinkageError org.apache.rat.mp.RatReportMojo.generate(Lorg/codehaus/doxia/sink/Sink;Ljava/util/Locale;)V, Thanks to Dependabot.
o Bump maven-bundle-plugin from 5.1.4 to 5.1.8, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/111">#111</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/126">#126</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/133">#133</a>. Thanks to Gary Gregory, Dependabot.
o Bump net.sourceforge.pmd:pmd-* from 6.44.0 to 6.49.0, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/138">#138</a>. Thanks to Gary Gregory, Dependabot.
o Bump maven-jxr-plugin from 3.1.1 to 3.3.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/110">#110</a>, <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/136">#136</a>. Thanks to Dependabot.
o Bump maven-javadoc-plugin from 3.3.2 to 3.4.1 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/114">#114</a>. Thanks to Dependabot, Gary Gregory.
o Bump apache-rat from 0.13 to 0.15. Thanks to Gary Gregory.
o Bump biz.aQute.bndlib from 6.2.0 to 6.3.1. Thanks to Gary Gregory.
o Bump maven-pmd-plugin from 3.16.0 to 3.19.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/141">#141</a>. Thanks to Gary Gregory, Dependabot.
o Bump maven-enforcer-plugin from 3.0.0 to 3.1.0. Thanks to Gary Gregory.
o Bump org.apache.maven.wagon:wagon-ssh 3.5.1 to 3.5.2. Thanks to Gary Gregory.
o Bump maven-assembly-plugin from 3.3.0 to 3.4.2 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/123">#123</a>. Thanks to Dependabot, Gary Gregory.
o Bump Surefire 2.22.2 to 3.0.0-M7. Thanks to Gary Gregory.
o Bump Failsafe 2.22.2 to 3.0.0-M7. Thanks to Gary Gregory.
o Bump animal-sniffer-maven-plugin from 1.21 to 1.22. Thanks to Gary Gregory.
o Bump maven-checkstyle-plugin from 3.1.2 to 3.2.0. Thanks to Gary Gregory.
o Bump japicmp-maven-plugin from 0.15.7 to 0.16.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/140">#140</a>. Thanks to Gary Gregory.
o Bump versions-maven-plugin from 2.11.0 to 2.12.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/144">#144</a>. Thanks to Dependabot.
o Bump maven-jar-plugin from 3.2.2 to 3.3.0 <a href="https://github-redirect.dependabot.com/apache/commons-parent/issues/147">#147</a>. Thanks to Dependabot.</p>
<p>Removed:
o Remove org.codehaus.mojo:jdepend-maven-plugin 2.0; it does not work with current versions of RAT and site plugins. Thanks to Gary Gregory.
o Remove FindBugs properties, use SpotBugs instead. Thanks to Gary Gregory.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/apache/commons-parent/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@commons.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [commons-dbcp] garydgregory merged pull request #219: Bump commons-parent from 53 to 54
Posted by GitBox <gi...@apache.org>.
garydgregory merged PR #219:
URL: https://github.com/apache/commons-dbcp/pull/219
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@commons.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [commons-dbcp] codecov-commenter commented on pull request #219: Bump commons-parent from 53 to 54
Posted by GitBox <gi...@apache.org>.
codecov-commenter commented on PR #219:
URL: https://github.com/apache/commons-dbcp/pull/219#issuecomment-1255231479
# [Codecov](https://codecov.io/gh/apache/commons-dbcp/pull/219?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#219](https://codecov.io/gh/apache/commons-dbcp/pull/219?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (9496c53) into [master](https://codecov.io/gh/apache/commons-dbcp/commit/52201fa2b16f1b42f7d9ea72d861a9f6ff3fbb7e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (52201fa) will **decrease** coverage by `0.02%`.
> The diff coverage is `n/a`.
```diff
@@ Coverage Diff @@
## master #219 +/- ##
============================================
- Coverage 59.73% 59.70% -0.03%
Complexity 1783 1783
============================================
Files 57 57
Lines 7415 7415
Branches 421 421
============================================
- Hits 4429 4427 -2
- Misses 2769 2771 +2
Partials 217 217
```
| [Impacted Files](https://codecov.io/gh/apache/commons-dbcp/pull/219?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...ache/commons/dbcp2/managed/TransactionContext.java](https://codecov.io/gh/apache/commons-dbcp/pull/219/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvZGJjcDIvbWFuYWdlZC9UcmFuc2FjdGlvbkNvbnRleHQuamF2YQ==) | `72.22% <0.00%> (-3.71%)` | :arrow_down: |
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@commons.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org