dependabot[bot] opened a new pull request, #3248: URL: https://github.com/apache/incubator-kie-optaplanner/pull/3248
Bumps [org.sonarsource.scanner.maven:sonar-maven-plugin](https://github.com/SonarSource/sonar-scanner-maven) from 3.9.1.2184 to 5.7.0.6970. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/SonarSource/sonar-scanner-maven/releases">org.sonarsource.scanner.maven:sonar-maven-plugin's releases</a>.</em></p> <blockquote> <h2>5.7.0.6970</h2> <h1>Release notes - Sonar Scanner for Maven - 5.7</h1> <h3>Feature</h3> <p><a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-317">SCANMAVEN-317</a> Support encryption of sonar.token, and other new secure properties <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-332">SCANMAVEN-332</a> support <code>modular-jar</code> artifact type <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-341">SCANMAVEN-341</a> Rework the support of encrypted properties</p> <h3>Maintenance</h3> <p><a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-370">SCANMAVEN-370</a> Prepare next development iteration 5.7.0 <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-372">SCANMAVEN-372</a> Configure Renovate for sonar-scanner-maven <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-373">SCANMAVEN-373</a> SubmitReview: Use Vault token <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-374">SCANMAVEN-374</a> Unpin internal GitHub actions <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-376">SCANMAVEN-376</a> Use SonarSource/.../sonar-update-center-release@v1 instead of <a href="https://github.com/master"><code>@​master</code></a> <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-377">SCANMAVEN-377</a> Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY]</p> <h2>5.6.0.6792</h2> <h1>Release notes - Sonar Scanner for Maven - 5.6</h1> <h3>Maintenance</h3> <p><a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-318">SCANMAVEN-318</a> Update Orchestrator and fix e2e matrix <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-324">SCANMAVEN-324</a> Convert e2e tests to invoker <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-346">SCANMAVEN-346</a> Fix CI failure <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-347">SCANMAVEN-347</a> Automate detection of sonar:sonar shorthand failure <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-348">SCANMAVEN-348</a> Bump org.assertj:assertj-core from 3.26.3 to 3.27.7 in /sonar-maven-plugin <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-349">SCANMAVEN-349</a> Remove Maven 4 e2e tests from promotion requirements <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-356">SCANMAVEN-356</a> Add automated release workflow <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-357">SCANMAVEN-357</a> Licence packaging standard - Maven Scanner <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-358">SCANMAVEN-358</a> Create SonarUpdateCenterRelease.yml <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-361">SCANMAVEN-361</a> Add issue-categories in automated release <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-363">SCANMAVEN-363</a> Fix e2e tests with Maven 4 <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-364">SCANMAVEN-364</a> Do not run nightly builds on weekends <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-365">SCANMAVEN-365</a> Set up orchestrator cache <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-366">SCANMAVEN-366</a> Update sonar-scanner-java-library to 4.1.0.1619 <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-367">SCANMAVEN-367</a> Update sonar-scanner-java-library to 4.1.1.1633 <a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-369">SCANMAVEN-369</a> Update parent pom to 87.0.0.3057</p> <h3>Feature</h3> <p><a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-281">SCANMAVEN-281</a> Irrelevant encrypted properties are not filtered out in multi-module project with "sonar" in the name</p> <h2>5.5.0.6356</h2> <h1>Release notes - Sonar Scanner for Maven - 5.5</h1> <h3>Task</h3> <p><a href="https://sonarsource.atlassian.net/browse/SCANMAVEN-339">SCANMAVEN-339</a> Update parent pom to 86.0.0.3040 and scanner-java-library to 3.5.2.1586</p> <h2>5.4.0.6343</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/9e114d74155442c40a927a7491718dde472b43fc"><code>9e114d7</code></a> SCANMAVEN-332 Support modular-jar (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/402">#402</a>)</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/7424fe56eeaabf1d9abd4d43bec6eff694c18c55"><code>7424fe5</code></a> SCANMAVEN-317 - Support encryption of sonar.token, and other new secure prope...</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/b8ff39f9c72f56cac1e302ac8ec9854b5a8f25cd"><code>b8ff39f</code></a> SCANMAVEN-341 Fix regex for encrypted property filtering for mvn4 and add tes...</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/b4c0b4ae8638e87874786fdf055e8ac904eadeab"><code>b4c0b4a</code></a> SCANMAVEN-377 Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY...</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/cd195065d088e8fade81b59c3c78068dc393a291"><code>cd19506</code></a> SCANMAVEN-372 Configure Renovate (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/393">#393</a>)</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/944f55249fb64c3fa7bf2258974ca281375af257"><code>944f552</code></a> SCANMAVEN-376 Use SonarSource/.../sonar-update-center-release@v1 instead of @...</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/2832b8a069e8e9ac83ece6b0111f723f653dbda2"><code>2832b8a</code></a> SCANMAVEN-374 Unpin internal GitHub actions (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/396">#396</a>)</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/81caeeb11b25dd0ca8aafc0aefc46390350d3e9e"><code>81caeeb</code></a> SCANMAVEN-373 SubmitReview: Use Vault token (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/395">#395</a>)</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/c62dd7423fb4b2b7dffe457849e51c38dcc779cc"><code>c62dd74</code></a> SCANMAVEN-370 Prepare next development iteration 5.7.0 (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/392">#392</a>)</li> <li><a href="https://github.com/SonarSource/sonar-scanner-maven/commit/8f1042a83d386ad59ba6dd4dd1c40e497fc7d87c"><code>8f1042a</code></a> SCANMAVEN-369 Update parent pom to 87.0.0.3057 (<a href="https://redirect.github.com/SonarSource/sonar-scanner-maven/issues/391">#391</a>)</li> <li>Additional commits viewable in <a href="https://github.com/SonarSource/sonar-scanner-maven/compare/3.9.1.2184...5.7.0.6970">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
