Bump maven-shade-plugin from 3.3.0 to 3.4.0

[dependabot]

Bumps maven-shade-plugin from 3.3.0 to 3.4.0.

Commits

• 885de67 [maven-release-plugin] prepare release maven-shade-plugin-3.4.0
• dc8f067 Revert "[maven-release-plugin] prepare release maven-shade-plugin-3.3.1"
• dcd5cae Revert "[maven-release-plugin] prepare for next development iteration"
• b2d5b53 [maven-release-plugin] prepare for next development iteration
• a09e6de [maven-release-plugin] prepare release maven-shade-plugin-3.3.1
• 875114a [MSHADE-416] Fix Jenkins URL
• ad2f6f8 [MSHADE-425] Relocate services name before add to serviceEntries
• 26b5873 gha shared v3
• 3994b11 Bump xmlunit-legacy from 2.7.0 to 2.9.0
• 89d9e79 Added release drafter.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Unit Test Results

  4 668 files  ±  0    4 668 suites  ±0   35m 33s ⏱️ -10s
  4 627 tests +18    4 409 ✔️ +21     218 💤  - 3  0 ❌ ±0 
54 528 runs  +12  49 485 ✔️ +17  5 043 💤  - 5  0 ❌ ±0 

Results for commit fb2a7e0. ± Comparison against base commit fca8f63.

♻️ This comment has been updated with latest results.

[nvoxland]

@dependabot recreate

[nvoxland]

Code review and test results:

Things to be aware of:

• Plugin used for including 3rd party libraries in the liquibase jar
• Something is off on the build status and I think it's including previous runs and somehow confused about the state of pro. The dependency upgrade is very small and if anything would fail with it it would likely have failed in the parts that ran, so I think it's fine to merge it and revert it in the odd case something surprising happens vs. spending more time fighting with it.

Things to worry about:

• Nothing

[nvoxland]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[nvoxland]

@dependabot recreate

[XDelphiGrl]

PR updates the Maven Shade Plugin used during build.

• There are no CVEs reported by Maven Central for the jar itself.
  • There is a CVE in a Maven Shade Plugin dependency.
  • Liquibase end-users are not exposed because Liquibase does not ship the plugin.
• No additional testing required.

Maven Central Maven Shade Plugin 3.4.0