Bump maven-pmd-plugin from 3.17.0 to 3.18.0 by dependabot[bot] · Pull Request #142 · apache/commons-codec (original) (raw)

Bumps maven-pmd-plugin from 3.17.0 to 3.18.0.

Release notes

Sourced from maven-pmd-plugin's releases.

3.18.0

🚀 New features and improvements

• MPMD-348 - Support Java 19 (#82) @​adangel

🐛 Bug Fixes

• [SECURITY] Fix Partial Path Traversal Vulnerability (#80) @​JLLeitschuh

📦 Dependency updates

• MPMD-352 - Upgrade Maven Common Artifact Filters to 3.3.1
• MPMD-351 - Upgrade Maven Artifact Transfer to 0.13.1
• MPMD-350 - Upgrade Maven Shared Utils to 3.3.4
• MPMD-349 - Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0 (#84) @​michael-o
• MPMD-347 - Upgrade to PMD 6.48.0 (#81) @​adangel
• Bump maven-plugins from 36 to 37 (#79) @​dependabot
• MPMD-345 - Upgrade to PMD 6.47.0 (#73) @​adangel
• Bump commons-lang3 from 3.8.1 to 3.12.0 (#72) @​dependabot
• Bump plexus-resources from 1.1.0 to 1.2.0 (#56) @​dependabot
• Bump animal-sniffer-maven-plugin from 1.16 to 1.21 (#54) @​dependabot

💥 Compatibility Notice

For technical reasons the parameter sourceEncoding has been replaced with inputEncoding. For details please see MPMD-349/2b7d2d7065bae1f984c82d210062064376fbd430.

Commits

• 23f5f39 [maven-release-plugin] prepare release maven-pmd-plugin-3.18.0
• 614f1a9 [MPMD-352] Upgrade Maven Common Artifact Filters to 3.3.1
• b62992f [MPMD-351] Upgrade Maven Artifact Transfer to 0.13.1
• a28c27d [MPMD-350] Upgrade Maven Shared Utils to 3.3.4
• 2b7d2d7 [MPMD-349] Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0
• 1740f00 (doc) Update releasenotes.md
• 2ecd578 [MPMD-348] - Support Java 19
• 10d345c [MPMD-347] - Upgrade to PMD 6.48.0
• 5a0ae88 Bump maven-plugins from 36 to 37
• 2404708 [SECURITY] Fix Partial Path Traversal Vulnerability
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)