dependabot maven(deps): bump cyclonedx-maven-plugin from 2.7.9 to 2.7.10
Bumps cyclonedx-maven-plugin from 2.7.9 to 2.7.10.
Release notes
Sourced from cyclonedx-maven-plugin's releases.
2.7.10
🚀 New features and improvements
- Extended documentation by pointing out the allowed project types (#383)
@r4fterman- [409] Removes non-deployed artifacts from SBOM (#416)
@ppkarwasz- Addressing issue #388. Checking if URL is null, empty, or blank (usin… (#396)
@mtgag- replace maven.reproducible property with cdx:reproducible (#392)
@hboutemy- upgrade cyclonedx-maven-plugin to 2.7.9 to produce Reproducible SBOM (#368)
@hboutemy
🐛 Bug Fixes
- ignore bomGenerator.generate() call (#376)
@seanly- switch to m-plugin-report-p introduced in 3.9.0 (#381)
@hboutemy
📦 Dependency updates
- Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.8.2 to 3.10.1 (#413)
@dependabot- Bump org.apache.maven.plugins:maven-plugin-plugin from 3.9.0 to 3.10.1 (#412)
@dependabot- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 (#404)
@dependabot- Bump actions/checkout from 4.1.0 to 4.1.1 (#408)
@dependabot- Bump commons-codec from 1.15 to 1.16.0 (#377)
@dependabot- Bump org.junit:junit-bom from 5.9.3 to 5.10.0 (#385)
@dependabot- Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.13.0 (#386)
@dependabot- Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.3.0 to 3.4.1 (#399)
@dependabot- Bump org.apache.commons:commons-compress from 1.22 to 1.24.0 in /src/it/makeAggregateBom/util (#400)
@dependabot- Bump actions/checkout from 3.5.3 to 4.1.0 (#401)
@dependabot- Bump org.xerial.snappy:snappy-java from 1.1.8.4 to 1.1.10.4 in /src/test/resources/bundle (#402)
@dependabot- Bump actions/checkout from 3.5.2 to 3.5.3 (#370)
@dependabot- Bump maven-release-plugin from 3.0.0 to 3.0.1 (#369)
@dependabot- Bump maven-source-plugin from 3.2.1 to 3.3.0 (#366)
@dependabot- Bump maven-plugin-plugin from 3.8.2 to 3.9.0 (#363)
@dependabot
Commits
-
a6e8e5c[maven-release-plugin] prepare release cyclonedx-maven-plugin-2.7.10 -
fbc9781point to CycloneDX specification for project types -
52900baExtended documentation by pointing out the allowed project types -
d809920Merge pull request #413 from CycloneDX/dependabot/maven/org.apache.maven.plug... -
c112bc8Merge pull request #412 from CycloneDX/dependabot/maven/org.apache.maven.plug... -
8ec9e71Merge pull request #404 from CycloneDX/dependabot/maven/org.apache.maven.plug... -
6d32f39Merge pull request #408 from CycloneDX/dependabot/github_actions/actions/chec... -
e774f12Merge pull request #416 from ppkarwasz/non-deployed -
7bbf61d[409] Removes non-deployed artifacts from SBOM -
1257d13Bump org.apache.maven.plugin-tools:maven-plugin-annotations - Additional commits viewable in compare view