merge: #8963

8963: deps(maven): bump maven-enforcer-plugin from 3.0.0-M3 to 3.0.0 r=npepinpe a=dependabot[bot] Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.0.0-M3 to 3.0.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-enforcer/commit/b1b22822174bc92857a2e674c9a024035ee6d7cd"><code>b1b2282</code></a> [maven-release-plugin] prepare release enforcer-3.0.0</li> <li><a href="https://github.com/apache/maven-enforcer/commit/70de3ad6b6cf83505fe049896e37d90ac81e13f3"><code>70de3ad</code></a> Lock maven-jxr-plugin</li> <li><a href="https://github.com/apache/maven-enforcer/commit/da3f8886d41522450c4b187a5f3562a4f6309610"><code>da3f888</code></a> Fix JavaDoc and lock sisu-maven-plugin</li> <li><a href="https://github.com/apache/maven-enforcer/commit/014253f19260b04eedccfd00678b2777f93fa4e3"><code>014253f</code></a> update CI url</li> <li><a href="https://github.com/apache/maven-enforcer/commit/5409be83dc3b621121e6222ad3830f8e95cf6614"><code>5409be8</code></a> [MENFORCER-211] wildcard ignore in requireReleaseDeps</li> <li><a href="https://github.com/apache/maven-enforcer/commit/335f26e39d1f20e157c46485481e36f858135a14"><code>335f26e</code></a> [MENFORCER-364] requireFilesExist rule should be case sensitive</li> <li><a href="https://github.com/apache/maven-enforcer/commit/faaf5c118bd9cda06cecca94ab3f9656c1cb7927"><code>faaf5c1</code></a> [MENFORCER-280] Enforcer dependency convergence stumbles on selenium-java</li> <li><a href="https://github.com/apache/maven-enforcer/commit/ab53fd99607eb36554f2fd3af41847ad9568a5ed"><code>ab53fd9</code></a> [MENFORCER-357] RequirePluginVersions not recognizing versions-from-properties</li> <li><a href="https://github.com/apache/maven-enforcer/commit/1b8ca8f82815ec721e09abbd2330ce315893f2ed"><code>1b8ca8f</code></a> [MENFORCER-388] Extends RequirePluginVersions with banMavenDefaults</li> <li><a href="https://github.com/apache/maven-enforcer/commit/ca73329888b925899f4f57419a1d2ed208b1e0c4"><code>ca73329</code></a> [MENFORCER-359] RequirePluginVersions fails when versions are inherited</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0-M3...enforcer-3.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-enforcer-plugin&package-manager=maven&previous-version=3.0.0-M3&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nicolas Pepin-Perreault <nicolas.pepin-perreault@camunda.com>
camunda · Mar 24, 2022 · 41008dd · 41008dd
2 parents 12c2dc2 + 9414e9a
commit 41008dd
Showing 1 changed file with 29 additions and 2 deletions.
diff --git a/parent/pom.xml b/parent/pom.xml
@@ -113,6 +113,9 @@
     <version.jsr305>3.0.2</version.jsr305>
     <version.classgraph>4.8.141</version.classgraph>
     <version.plexus-util>3.4.1</version.plexus-util>
+    <version.servlet-api>2.5</version.servlet-api>
+    <version.osgi>6.0.0</version.osgi>
+    <version.findbugs-annotations>3.0.1</version.findbugs-annotations>
 
     <!-- maven plugins -->
     <plugin.version.antrun>3.0.0</plugin.version.antrun>
@@ -122,7 +125,7 @@
     <plugin.version.compiler>3.10.1</plugin.version.compiler>
     <plugin.version.dependency-analyzer>1.12.0</plugin.version.dependency-analyzer>
     <plugin.version.dependency>3.3.0</plugin.version.dependency>
-    <plugin.version.enforcer>3.0.0-M3</plugin.version.enforcer>
+    <plugin.version.enforcer>3.0.0</plugin.version.enforcer>
     <plugin.version.exec>3.0.0</plugin.version.exec>
     <plugin.version.failsafe>3.0.0-M5</plugin.version.failsafe>
     <plugin.version.flaky-tests>2.1.1</plugin.version.flaky-tests>
@@ -791,6 +794,12 @@
         <artifactId>conscrypt-openjdk-uber</artifactId>
         <version>${version.conscrypt}</version>
       </dependency>
+      <dependency>
+        <!-- specified for dependency convergence -->
+        <groupId>javax.servlet</groupId>
+        <artifactId>servlet-api</artifactId>
+        <version>${version.servlet-api}</version>
+      </dependency>
       <dependency>
         <!-- NOTE: required because of https://github.com/tomakehurst/wiremock/issues/1083-->
         <groupId>org.ow2.asm</groupId>
@@ -934,6 +943,13 @@
         <version>${version.json-smart}</version>
       </dependency>
 
+      <!-- primarily for dependency convergence between log4j2 and other libraries -->
+      <dependency>
+        <groupId>org.osgi</groupId>
+        <artifactId>org.osgi.core</artifactId>
+        <version>${version.osgi}</version>
+      </dependency>
+
       <dependency>
         <groupId>commons-io</groupId>
         <artifactId>commons-io</artifactId>
@@ -946,6 +962,12 @@
         <version>${version.jsr305}</version>
       </dependency>
 
+      <dependency>
+        <groupId>com.google.code.findbugs</groupId>
+        <artifactId>annotations</artifactId>
+        <version>${version.findbugs-annotations}</version>
+      </dependency>
+
       <dependency>
         <groupId>org.bouncycastle</groupId>
         <artifactId>bcpkix-jdk15on</artifactId>
@@ -1789,8 +1811,13 @@
           <exclusions>
             <exclusion>
               <groupId>org.apache.maven.surefire</groupId>
-              <artifactId>surefire-shared-utils</artifactId>
+	      <artifactId>surefire-shared-utils</artifactId>
             </exclusion>
+            <!-- excluded for dependency convergence -->
+	    <exclusion>
+              <groupId>org.fusesource.jansi</groupId>
+	      <artifactId>jansi</artifactId>
+	    </exclusion>
           </exclusions>
         </dependency>
       </dependencies>