This is an automated email from the ASF dual-hosted git repository.
dongjoon pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new 646575906 ORC-2088: Upgrade `maven-dependency-plugin` to 3.10.0
646575906 is described below
commit 6465759065209a418161706788c40284aace3b2e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon Feb 9 13:41:55 2026 -0800
ORC-2088: Upgrade `maven-dependency-plugin` to 3.10.0
Bumps
[org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin)
from 3.9.0 to 3.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-dependency-plugin/releases";>org.apache.maven.plugins:maven-dependency-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.10.0</h2>
<h2>🚀 New features and improvements</h2>
<ul>
<li>Introduce graphRoots for dependencyFilter based mojos (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1571";>#1571</a>)
<a href="https://github.com/rfscholte";><code>rfscholte</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>Apply excludeReactor to plugin dependencies in go-offline and
resolve-plugins (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1583";>#1583</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Only log dependency classpath when no property/file output is specified
(<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1551";>#1551</a>)
<a href="https://github.com/mwalser";><code>mwalser</code></a></li>
<li><a href="https://issues.apache.org/jira/browse/MDEP-974";>[MDEP-974]</a>
- strip ansi codes when writing to a file (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1564";>#1564</a>)
<a href="https://github.com/elharo";><code>elharo</code></a></li>
</ul>
<h2>📝 Documentation updates</h2>
<ul>
<li>Add analyze-only to usage page (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1587";>#1587</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Move doc comment to correct location (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1568";>#1568</a>)
<a href="https://github.com/elharo";><code>elharo</code></a></li>
<li>Focus on most recent version (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1537";>#1537</a>)
<a href="https://github.com/elharo";><code>elharo</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li>Fix Jenkin bages in README (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1586";>#1586</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Improve dependencies filtering in AbstractAnalyzeMojo (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1579";>#1579</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Migration to JUnit 5 - avoid using AbstractMojoTestCase (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1574";>#1574</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Migration to JUnit 5 - avoid using AbstractMojoTestCase (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1569";>#1569</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Migration to JUnit 5 - avoid using AbstractMojoTestCase (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1563";>#1563</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Migration to JUnit 5 - avoid using AbstractMojoTestCase (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1562";>#1562</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>Migration to JUnit 5 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1558";>#1558</a>)
<a
href="https://github.com/slawekjaranowski";><code>slawekjaranowski</code></a></li>
<li>JUnit Jupiter best practices (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1548";>#1548</a>)
<a href="https://github.com/slachiewicz";><code>slachiewicz</code></a></li>
<li>Migrate JUnit3 based Tests to JUnit 5 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1541";>#1541</a>)
<a href="https://github.com/sparsick";><code>sparsick</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump org.apache.maven.shared:maven-dependency-analyzer from 1.16.0 to
1.17.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1584";>#1584</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.assertj:assertj-core from 2.9.1 to 3.27.7 in
/src/it/projects/analyze-testDependencyWithNonTestScope (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1581";>#1581</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1582";>#1582</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1580";>#1580</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.apache.maven.plugins:maven-plugins from 46 to 47 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1578";>#1578</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-archiver from 4.10.4 to 4.11.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1576";>#1576</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.apache.maven.plugins:maven-plugins from 45 to 46 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1573";>#1573</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.jsoup:jsoup from 1.21.2 to 1.22.1 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1572";>#1572</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump mavenVersion from 3.9.11 to 3.9.12 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1570";>#1570</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1559";>#1559</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump commons-io:commons-io from 2.20.0 to 2.21.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1552";>#1552</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1553";>#1553</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-io from 3.5.2 to 3.6.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1554";>#1554</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-i18n from 1.0.0 to 1.1.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1555";>#1555</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from
3.3.0 to 3.4.0 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1550";>#1550</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-io from 3.5.1 to 3.5.2 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1538";>#1538</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/pull/1539";>#1539</a>)
<a href="https://github.com/apps/dependabot";>dependabot[bot]</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/4127c336cc2420d0f19e7927371f979841df6e7b";><code>4127c33</code></a>
[maven-release-plugin] prepare release maven-dependency-plugin-3.10.0</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/68b5e4733ab4c908ce782eaa1eb7315dda9af034";><code>68b5e47</code></a>
Add analyze-only to usage page</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/09d5860369068c74a21e0f3153912cbf6f73ed5b";><code>09d5860</code></a>
Fix Jenkin bages in README</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/4308f6ccfe82f60fdff18ddaeabb85b44e80ee0d";><code>4308f6c</code></a>
Bump org.apache.maven.shared:maven-dependency-analyzer</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/ba3c570e3de0b113a07acce0be7e50686fc48c84";><code>ba3c570</code></a>
Apply excludeReactor to plugin dependencies in go-offline and
resolve-plugins</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/0d88b668ca4e192534bbba6402e9051aae8229ab";><code>0d88b66</code></a>
Only log dependency classpath when no property/file output is specified</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/0075e3140a2986fef6eae41253dbc69fb287957e";><code>0075e31</code></a>
Bump org.assertj:assertj-core (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/issues/1581";>#1581</a>)</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/65d53bba0a0e829ca0ed8f17e9803d86755df61f";><code>65d53bb</code></a>
Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/issues/1582";>#1582</a>)</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/eaf54f044b31d450646c7b0cc40297cb0b829400";><code>eaf54f0</code></a>
Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (<a
href="https://redirect.github.com/apache/maven-dependency-plugin/issues/1580";>#1580</a>)</li>
<li><a
href="https://github.com/apache/maven-dependency-plugin/commit/ece9a38fdc29ca84eb278ea7c4e38be7735af4af";><code>ece9a38</code></a>
Improve dependencies filtering in AbstractAnalyzeMojo</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.9.0...maven-dependency-plugin-3.10.0";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Closes #2525 from
dependabot[bot]/dependabot/maven/java/org.apache.maven.plugins-maven-dependency-plugin-3.10.0.
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dongjoon Hyun <[email protected]>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 84c8652e5..905000631 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -76,7 +76,7 @@
<jts.version>1.20.0</jts.version>
<junit.version>6.0.2</junit.version>
<maven-assembly-plugin.version>3.8.0</maven-assembly-plugin.version>
- <maven-dependency-plugin.version>3.9.0</maven-dependency-plugin.version>
+ <maven-dependency-plugin.version>3.10.0</maven-dependency-plugin.version>
<maven-enforcer-plugin.version>3.6.2</maven-enforcer-plugin.version>
<maven-shade-plugin.version>3.6.1</maven-shade-plugin.version>
<maven.compiler.release>${java.version}</maven.compiler.release>
