fix(deps): update dependency org.sonatype.gradle.plugins:scan-gradle-plugin to v3 #1010
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.8.3->3.0.0Release Notes
sonatype-nexus-community/scan-gradle-plugin (org.sonatype.gradle.plugins:scan-gradle-plugin)
v3.0.0First and foremost, please see the usage of this plugin now requires to set explicitly the "Info" log level:
https://github.com/sonatype-nexus-community/scan-gradle-plugin?tab=readme-ov-file#how-to-use
This is a big milestone version as in order to keep this plugin up to date with new updates and improvements in regards to the Lifecycle integration, Java version has been bumped up to 11.
Alongside with the Java version, the Gradle version was also updated.
Given all that, for projects using Gradle lower than 8.3 please take a look at the updated compatibility list in the readme document:
https://github.com/sonatype-nexus-community/scan-gradle-plugin?tab=readme-ov-file#compatibility
Also, the plugin JAR file size has been reduced now that it no longer includes its dependencies shadowed, so dependency management will be done like any other plugin.
Changelog
2e8c08bTry using .vars and rename for jreleaser (#184)00c89b4Make the plugin available at the Gradle plugins portal7cd4fd4Add values to all POM files generated906c9d9Fix Env Variables (#182)b26817aBNR-1226-Jreleaser (#181)3d1c858Added Jreleaser (#174)97bc24echore(ci): update CI workflow4478c81Sherlock Trunks - Version 3 (#171)36be381CI build using GitHub Actions. (#169)d1d2642update local circleci notes to work with latest circleci (#168)ba449a4Bump up to 2.8.4-SNAPSHOTa835973Restore publishing to Gradle plugins portal0b1f008Bump up to 2.8.34ee87d8Temporary skips publishing to Gradle plugins portal07cbd8bCheck if a child dependency was already included as compileOnly (#162)52c210a[skip ci] [Gradle Release Plugin] - new version commit: '2.8.3-SNAPSHOT'.caeab95[skip ci] [Gradle Release Plugin] - pre tag commit: '2.8.2'.1c8df57Bump up dependencies versions178a543Update README.md1a70918#155 add failOnDetection plugin configuration to generate OSS Index report without failing build (#158)c001c02Update README.md78e32ad[skip ci] [Gradle Release Plugin] - new version commit: '2.8.2-SNAPSHOT'.7c45ea2[skip ci] [Gradle Release Plugin] - pre tag commit: '2.8.1'.e96e241Upgrade to safe version of JGit (#157)6aaf851[skip ci] [Gradle Release Plugin] - new version commit: '2.8.1-SNAPSHOT'.2013d95[skip ci] [Gradle Release Plugin] - pre tag commit: '2.8.0'.3d55724New configuration to exclude compileOnly dependencies (#156)b0d8252[skip ci] [Gradle Release Plugin] - new version commit: '2.7.1-SNAPSHOT'.038a633[skip ci] [Gradle Release Plugin] - pre tag commit: '2.7.0'.edb4449#139 Allows to set additional scan targets for IQ evaluations (#150)a3c4d21[skip ci] [Gradle Release Plugin] - new version commit: '2.6.3-SNAPSHOT'.dd3a22c[skip ci] [Gradle Release Plugin] - pre tag commit: '2.6.2'.5b4fef3#148 Uses the Legacy Violations text in log output (#149)c6460e7Update first-interaction.yml4a6b446Update first-interaction.yml9684c8cUpdate gradle.properties9a016cfDelete .muse.toml9a0c803#140 Set this tasks as Not Compatible with configuration cache (#142)8b2e19fUpdate gradle.propertiesa20ec95Update README.md2bc22f1Update CVSS Threshold limit (#138)65fd125[skip ci] [Gradle Release Plugin] - new version commit: '2.5.6-SNAPSHOT'.5d8e9c8[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.5'.bb040b4Allow to set attributes to match a variant after a conflict (#136)23f48e5Update first-interaction.ymledfb7cdUpgrade first-interaction to v1.1.1aae0e56[skip ci] [Gradle Release Plugin] - new version commit: '2.5.5-SNAPSHOT'.eaff3bc[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.4'.119858eUpdate README.mde2ba991#128 Improves handling of project dependencies with variants (#132)3fbaa75[skip ci] [Gradle Release Plugin] - new version commit: '2.5.4-SNAPSHOT'.8e9395f[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.3'.7ceb99aUpdate README.md7a5dd18Add parent ID to module xml (#129)6ed2464[skip ci] [Gradle Release Plugin] - new version commit: '2.5.3-SNAPSHOT'.17f2bb7[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.2'.b29bd08#124 Creates applications under organizations using the new nexus-platform-api method (#130)0734829[skip ci] version bump757c925[skip ci] [Gradle Release Plugin] - new version commit: '2.5.2-SNAPSHOT'.cbddd58[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.1'.677bf2d#126 Improves the error message when it's related to IQ API calls. (#127)8b3a9c9[skip ci] [Gradle Release Plugin] - new version commit: '2.5.1-SNAPSHOT'.5e718b6[skip ci] [Gradle Release Plugin] - pre tag commit: '2.5.0'.322e2ff#121 Adios nexus-platform-api - Hello nexus-plaform-api (#122)9ec37beSkip unresolvable dependencies (#120)c25b063smaller banner (#119)c6769af[skip ci] Version bumpd14699d[skip ci] [Gradle Release Plugin] - new version commit: '2.4.2-SNAPSHOT'.3e2a5a0[skip ci] [Gradle Release Plugin] - pre tag commit: '2.4.1'.ee2c2acUpdate build.gradlebe1c1be[skip ci] Removes signing for shadow7554c11Adding commons-io to shadded nexus-platform-api. (#118)323122bUpdate plugins, dependencies and Gradle versions (#115)4ca4fed[skip ci] Bump version to 2.4.06de7fa9CycloneDX to generate a JSON result for OSS Index (#113)a15a22a[skip ci] [Gradle Release Plugin] - new version commit: '2.3.1-SNAPSHOT'.24998af[skip ci] [Gradle Release Plugin] - pre tag commit: '2.3.0'.63c1ffeUpdate README.mdf57606fUpdate gradle.propertiesbfd05f4Introduce 'modulesExcluded' and 'modulesIncluded' properties for ossIndexAudit (#111)dcdfd28explicit nexusIQIndex task (#99) (#110)492fc5d[skip ci] [Gradle Release Plugin] - new version commit: '2.2.4-SNAPSHOT'.4aab23c[skip ci] [Gradle Release Plugin] - pre tag commit: '2.2.3'.4cf2f52Fix commit hash discovery (#107)bf3702cAdding Kotlin syntax (#106)368e2c7[skip ci] [Gradle Release Plugin] - new version commit: '2.2.3-SNAPSHOT'.2ea4e97[skip ci] [Gradle Release Plugin] - pre tag commit: '2.2.2'.5e43c53#82 Creates an application with a given organization ID if not exists (#103)8fe714f[skip ci] [Gradle Release Plugin] - new version commit: '2.2.2-SNAPSHOT'.364b1ec[skip ci] [Gradle Release Plugin] - pre tag commit: '2.2.1'.757ec00Do not eagerly create tasks upon plugin apply (#102)ee33045Update first-interaction.ymlb71dc44docs: Missing slashes before comments in README.md (#100)a38a368Improves documentation on sensitive data through command line8b2e90c[skip ci] [Gradle Release Plugin] - new version commit: '2.2.1-SNAPSHOT'.b4cbade[skip ci] [Gradle Release Plugin] - pre tag commit: '2.2.0'.26d7201CLM-19069 New index task to save a module descriptor for Nexus IQ. (#99)7046461Set the main branch to perform a releaseebac358master -> main (#98)a44a1f8[skip ci] [Gradle Release Plugin] - new version commit: '2.1.1-SNAPSHOT'.ae7688b[skip ci] [Gradle Release Plugin] - pre tag commit: '2.1.0'.79b1018#77 Uses assemble instead of build when releasing to skip tests01fb556#80 Allows to set directories to include and exclude (#95)b506cfb#81 Exclude sub-modules by name for Nexus IQ (#97)74b2c8a#79 Prevents a NullPointerException (#96)56ca057[skip ci] [Gradle Release Plugin] - new version commit: '2.0.13-SNAPSHOT'.bbf8808[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.12'.e8965e9Send plugin metadata to Nexus IQ (#91)5a72293Update first-interaction.yml2f065f6Update README.mdbbfa780[skip ci] [Gradle Release Plugin] - new version commit: '2.0.12-SNAPSHOT'.3f133fa[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.11'.2f28eb6Bug Fix - Scanning circular dependencies (#78)0aebdc5Some typos, etc... and adds CONTRIBUTORS.md (#88)4344b03Update first-interaction.yml5ac8bd7Update first-interaction.yml35ab0f9Delete action.ymlbf5e04dCreate first-interaction.yml8c0d0c1Create action.ymla8688fd[skip ci] [Gradle Release Plugin] - new version commit: '2.0.11-SNAPSHOT'.040a55c[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.10'.f6d6a4fUpdate README.mddcbdd90[skip ci] Update documentation9f5f5a8#74 Copies Gradle configurations to another Set so more can be added (#83)0b72f8e[skip ci] [Gradle Release Plugin] - new version commit: '2.0.10-SNAPSHOT'.beaa7a4[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.9'.158317fCLM-18367 Include runtime dependencies as the IQ Maven plugin does (#75)558e877[skip ci] [Gradle Release Plugin] - new version commit: '2.0.9-SNAPSHOT'.7234de3[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.8'.f136e5aCLM-18313 Builds the artifact ID for InnerSource dependency manually (#73)751160b[skip ci] [Gradle Release Plugin] - new version commit: '2.0.8-SNAPSHOT'.918d3b5[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.7'.70f2fa1#66 Update Gradle wrapper, plugins and dependencies versions (#72)5e4a765[skip ci] [Gradle Release Plugin] - new version commit: '2.0.7-SNAPSHOT'.d819267[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.6'.65ae985Saves the IQ evaluation results in a JSON file (#70)3c2c420[skip ci] [Gradle Release Plugin] - new version commit: '2.0.6-SNAPSHOT'.b6415cc[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.5'.9c0a39aApply groovy exclusions (#69)950b101[skip ci] [Gradle Release Plugin] - new version commit: '2.0.5-SNAPSHOT'.c39d36a[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.4'.2a7f5e9Add dependencies to the scanned Module (#65)7f0389b[skip ci] [Gradle Release Plugin] - new version commit: '2.0.4-SNAPSHOT'.c1af6e3[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.3'.4034c82Create flag for enabling printing banner (#64)2ccd9bb[skip ci] [Gradle Release Plugin] - new version commit: '2.0.3-SNAPSHOT'.c5e8c61[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.2'.d5bbaf2disable jansi (#62)2d40e8d[skip ci] [Gradle Release Plugin] - new version commit: '2.0.2-SNAPSHOT'.0ce302d[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.1'.8d35a14FIX: #56 Adds support for multiple Android flavors (#59)29bda71Add support for excluding vulnerabilities (#60)7b374c9Update pull_request_template.md88a0a1cUpdate feature_request.md497fec3Doh6117a33Sherlock Trunks was an elephant8f3027eupdated SECURITY.md (#57)4a751ee[skip ci] Update docaf3848e[skip ci] [Gradle Release Plugin] - new version commit: '2.0.1-SNAPSHOT'.60ea3d0[skip ci] [Gradle Release Plugin] - pre tag commit: '2.0.0'.3578403Include CI examples link35f1f43[skip ci] Update to 2.0.0a64f3ea[skip ci] [Gradle Release Plugin] - new version commit: '1.2.6-SNAPSHOT'.7aa5c70[skip ci] [Gradle Release Plugin] - pre tag commit: '1.2.5'.5877d4aHide non vulnerable dependencies for OSS Index output (#54)661ca19Remove breaking input from taskc9beb5cAdd m ...Configuration
📅 Schedule: Branch creation - "after 10pm" in timezone Europe/Prague, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.