You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@iotdb.apache.org by GitBox <gi...@apache.org> on 2021/10/12 03:20:02 UTC

[GitHub] [iotdb] dependabot[bot] opened a new pull request #4127: Bump download-maven-plugin from 1.3.0 to 1.6.7

dependabot[bot] opened a new pull request #4127:
URL: https://github.com/apache/iotdb/pull/4127


   Bumps [download-maven-plugin](https://github.com/maven-download-plugin/maven-download-plugin) from 1.3.0 to 1.6.7.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/maven-download-plugin/maven-download-plugin/releases">download-maven-plugin's releases</a>.</em></p>
   <blockquote>
   <h2>Overwrite file if overwrite=true regardless of skipCache</h2>
   <ul>
   <li>several 3rd party dependency upgrades</li>
   </ul>
   <h2>&quot;checkSignature&quot; parmeter deprecation</h2>
   <p>Use &quot;alwaysVerifyChecksum&quot; instead.
   &quot;checkSignature&quot; is deprecated and will be removed in future versions</p>
   <h2>TLSv1.3 + no-proxy fix</h2>
   <p>No release notes provided.</p>
   <h2>Support for Follow Redirects</h2>
   <p>Added a <code>&lt;followRedirects&gt;</code> option (Or system property <code>download.plugin.followRedirects</code>)  that would enable follow redirects for the Wget mojo</p>
   <h2>Offline mode and nonProxy</h2>
   <p>Respects offline mode and nonProxy host configuration</p>
   <h2>Thread-safe</h2>
   <p>Now the plugin is thread-safe (for the cost of Java 8+) and supports custom HTTP headers</p>
   <h2>Works behind https proxies</h2>
   <p>No release notes provided.</p>
   <h2>1.5.0</h2>
   <p>No release notes provided.</p>
   </blockquote>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/3a7d99cb5e1a7617221b764ac0f574c30f2b66a1"><code>3a7d99c</code></a> Release 1.6.7</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/89103475bdeb48c5a131b69b5b9a3dee8b1eb939"><code>8910347</code></a> <a href="https://github-redirect.dependabot.com/maven-download-plugin/maven-download-plugin/issues/194">#194</a> Overwrite file if overwrite=true regardless of skipCache</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/05a6dc77e8bb99027d2d9c94fe2646c75e0ed1bd"><code>05a6dc7</code></a> <a href="https://github-redirect.dependabot.com/maven-download-plugin/maven-download-plugin/issues/199">#199</a> Expand javadoc for overwrite and skipCache params</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/aed992772e5e3d8d0958b665819bd3974e90b8a1"><code>aed9927</code></a> rearranging readme for readability</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/5b70471e5718ab6f98d473ab45a458957d68727d"><code>5b70471</code></a> Update README.md</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/e5e06ed12d47c0c188e4a1d609f07b2fd554879d"><code>e5e06ed</code></a> explained workaround for No such archiver error</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/4fb6c8b18a1496ae0ba6b31026e2236f7ee43ccb"><code>4fb6c8b</code></a> <a href="https://github-redirect.dependabot.com/maven-download-plugin/maven-download-plugin/issues/197">#197</a> Bump plexus-archiver to fix vulnerability in org.apache.commons:commons-...</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/5d0d0a1fbdcf0094d7e6874466bf730c60788809"><code>5d0d0a1</code></a> <a href="https://github-redirect.dependabot.com/maven-download-plugin/maven-download-plugin/issues/177">#177</a> Bump maven-core dep to fix vulnerability in transitive dep com.google.gu...</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/1887edbeafea559e4f53f8651f091167b961d01f"><code>1887edb</code></a> Update README.md</li>
   <li><a href="https://github.com/maven-download-plugin/maven-download-plugin/commit/39234995c017bf99fe2f0c678444422f14e4ee07"><code>3923499</code></a> add Travis CI bage</li>
   <li>Additional commits viewable in <a href="https://github.com/maven-download-plugin/maven-download-plugin/compare/1.3.0...1.6.7">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.googlecode.maven-download-plugin:download-maven-plugin&package-manager=maven&previous-version=1.3.0&new-version=1.6.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@iotdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] coveralls edited a comment on pull request #4127: Bump download-maven-plugin from 1.3.0 to 1.6.7

Posted by GitBox <gi...@apache.org>.

coveralls edited a comment on pull request #4127:
URL: https://github.com/apache/iotdb/pull/4127#issuecomment-940643286


   
   [![Coverage Status](https://coveralls.io/builds/43430476/badge)](https://coveralls.io/builds/43430476)
   
   Coverage decreased (-0.001%) to 67.721% when pulling **a39a16e49e682adc23251490cb982a2e235fa07c on dependabot/maven/master/com.googlecode.maven-download-plugin-download-maven-plugin-1.6.7** into **51a3049b95cb64cd33b0f7ed5960f02fd86b5d8a on master**.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@iotdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] HTHou merged pull request #4127: Bump download-maven-plugin from 1.3.0 to 1.6.7

Posted by GitBox <gi...@apache.org>.

HTHou merged pull request #4127:
URL: https://github.com/apache/iotdb/pull/4127


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@iotdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] coveralls commented on pull request #4127: Bump download-maven-plugin from 1.3.0 to 1.6.7

Posted by GitBox <gi...@apache.org>.

coveralls commented on pull request #4127:
URL: https://github.com/apache/iotdb/pull/4127#issuecomment-940643286


   
   [![Coverage Status](https://coveralls.io/builds/43429464/badge)](https://coveralls.io/builds/43429464)
   
   Coverage increased (+0.007%) to 67.752% when pulling **07bdcd6182632a45a1641750c1a07a929d452c31 on dependabot/maven/master/com.googlecode.maven-download-plugin-download-maven-plugin-1.6.7** into **e65c36731f98d40f24e7ba31f633adba54033c48 on master**.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@iotdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org