dependabot[bot] opened a new pull request, #8812:
URL: https://github.com/apache/camel-quarkus/pull/8812

   Bumps 
[eu.maveniverse.maven.scalpel:extension](https://github.com/maveniverse/scalpel)
 from 0.3.5 to 0.3.7.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a 
href="https://github.com/maveniverse/scalpel/releases";>eu.maveniverse.maven.scalpel:extension's
 releases</a>.</em></p>
   <blockquote>
   <h2>Scalpel 0.3.7</h2>
   <p>Fix <a 
href="https://redirect.github.com/maveniverse/scalpel/issues/39";>#39</a>: 
Exclude .mvn/ files from source mapping and add testsSkipped boolean (<a 
href="https://redirect.github.com/maveniverse/scalpel/issues/42";>#42</a>)</p>
   <p><code>apache/camel#24250</code></p>
   <ol>
   <li>
   <p>.mvn/ files (extensions.xml, maven.config) are Maven build infrastructure,
   not module source. When fullBuildTriggers is overridden to exclude .mvn/**,
   these files were still mapped to the root module as SOURCE_CHANGE, causing
   ALL reactor modules to cascade as DOWNSTREAM (670 instead of 45).</p>
   </li>
   <li>
   <p>The report JSON had testsSkippedReason (string) but no testsSkipped 
(boolean).
   CI scripts using jq '.testsSkipped == true' found 0 matches because the
   field did not exist — only testsSkippedReason was present.</p>
   </li>
   </ol>
   <p>Co-authored-by: Claude Opus 4.6 <a 
href="mailto:[email protected]";>[email protected]</a></p>
   <h2>Scalpel 0.3.6</h2>
   <p>Fix <a 
href="https://redirect.github.com/maveniverse/scalpel/issues/39";>#39</a>: 
Exclude upstream build-prerequisite modules from report affectedModules</p>
   <p>Upstream-only modules (pulled in by alsoMake for build ordering) are not
   genuinely affected by a change — they are build prerequisites. Including
   them in report mode's affectedModules causes sync-point modules like
   camel-allcomponents to explode the affected set to the entire reactor.</p>
   <p>Changes:</p>
   <ul>
   <li>Exclude UPSTREAM-category modules from report affectedModules</li>
   <li>Add excludedUpstreamCount field to JSON report for observability</li>
   <li>Deprecate REASON_UPSTREAM_DEPENDENCY constant (no longer emitted)</li>
   <li>Add comprehensive debug logging across POM analysis, reactor trimming,
   and report generation</li>
   <li>Guard debug calls with isDebugEnabled() where needed (S2629), balanced
   against cognitive complexity limits (S3776)</li>
   <li>Add regression tests covering upstream exclusion, BOM property changes,
   and the camel-like sync-point scenario (39 tests total)</li>
   </ul>
   <p>Co-Authored-By: Claude Opus 4.6 <a 
href="mailto:[email protected]";>[email protected]</a></p>
   </blockquote>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a 
href="https://github.com/maveniverse/scalpel/commit/af81921f1f3ab1b88e16d92dbb323a4cdc5dc434";><code>af81921</code></a>
 Fix <a 
href="https://redirect.github.com/maveniverse/scalpel/issues/39";>#39</a>: 
Exclude .mvn/ files from source mapping and add testsSkipped boolean...</li>
   <li><a 
href="https://github.com/maveniverse/scalpel/commit/35f8f2167fb49859a778b1458353edfd1b092b99";><code>35f8f21</code></a>
 Fix <a 
href="https://redirect.github.com/maveniverse/scalpel/issues/39";>#39</a>: 
Exclude upstream build-prerequisite modules from report affectedModules</li>
   <li>See full diff in <a 
href="https://github.com/maveniverse/scalpel/compare/0.3.5...0.3.7";>compare 
view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eu.maveniverse.maven.scalpel:extension&package-manager=maven&previous-version=0.3.5&new-version=0.3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to