dependabot[bot] opened a new pull request, #35804: URL: https://github.com/apache/beam/pull/35804
Bumps [com.gradleup.shadow:shadow-gradle-plugin](https://github.com/GradleUp/shadow) from 8.3.8 to 9.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/GradleUp/shadow/releases";>com.gradleup.shadow:shadow-gradle-plugin's releases</a>.</em></p> <blockquote> <h2>9.0.0</h2> <blockquote> <p>[!WARNING] This release is a major update from the 8.x series. The plugin has been fully rewritten in Kotlin, bringing significant improvements to maintainability, performance, and future extensibility. It introduces many new features, enhancements, and bug fixes, and includes several breaking changes. Please review the changelog carefully and consult the <a href="https://gradleup.com/shadow/";>new doc site</a> before upgrading.</p> <p><em>If you really don't want to upgrade, you can still use the 8.3.x, which is also Gradle 9 compatible. But no additional features or crucial bug fixes will be included in the 8.x line.</em></p> </blockquote> <blockquote> <p>[!TIP] You can diff the shadowed JARs when upgrading from 8.x to 9.x by using <a href="https://github.com/JakeWharton/diffuse";>Diffuse</a>.<br /> If there are any things missing in the changelog or the doc site, please report them to us.</p> </blockquote> <h3>Added</h3> <ul> <li>Add .md support to the Apache License and Notice transformers. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1041";>#1041</a>)</li> <li>Sync <code>SimpleRelocator</code> changes from maven-shade-plugin. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1076";>#1076</a>)</li> <li>Support configuring <code>separator</code> in <code>AppendingTransformer</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1169";>#1169</a>)<br /> This is useful for handling files like <code>resources/application.yml</code>.</li> <li>Exclude <code>module-info.class</code> in Multi-Release folders by default. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1177";>#1177</a>)</li> <li>Inject <code>TargetJvmVersion</code> attribute for Gradle Module Metadata. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1199";>#1199</a>)</li> <li>Sync <code>ShadowApplicationPlugin</code> with <code>ApplicationPlugin</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1224";>#1224</a>)</li> <li>Inject <code>Multi-Release</code> manifest attribute if any dependency contains it. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1239";>#1239</a>)</li> <li>Mark <code>Transformer</code> as throwing <code>IOException</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1248";>#1248</a>)</li> <li>Reduce duplicate <code>SimpleRelocator</code> to improve performance. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1271";>#1271</a>)</li> <li>Compat Kotlin Multiplatform plugin. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1280";>#1280</a>)</li> <li>Add Kotlin DSL examples in docs. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1306";>#1306</a>)</li> <li>Support using type-safe dependency accessors in <code>ShadowJar.dependencies</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1322";>#1322</a>)</li> <li>Support command line options for <code>ShadowJar</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1365";>#1365</a>) <pre><code>--enable-auto-relocation Enables auto relocation of packages in the dependencies. --no-enable-auto-relocation Disables option --enable-auto-relocation. --fail-on-duplicate-entries Fails build if the ZIP entries in the shadowed JAR are duplicate. --no-fail-on-duplicate-entries Disables option --fail-on-duplicate-entries. --minimize-jar Minimizes the jar by removing unused classes. --no-minimize-jar Disables option --minimize-jar. --relocation-prefix Prefix used for auto relocation of packages in the dependencies. --rerun Causes the task to be re-run even if up-to-date. </code></pre> </li> <li>Support skipping string constant remapping. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1401";>#1401</a>)</li> <li>Let <code>assemble</code> depend on <code>shadowJar</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1524";>#1524</a>)</li> <li>Fail build when inputting AAR files or using Shadow with AGP. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1530";>#1530</a>)</li> <li>Add <code>PreserveFirstFoundResourceTransformer</code>. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1548";>#1548</a>)<br /> This is useful when you set <code>shadowJar.duplicatesStrategy = DuplicatesStrategy.INCLUDE</code> (the default behavior) and want to ensure that only the first found resource is included in the final JAR.</li> <li>Fail build if the ZIP entries in the shadowed JAR are duplicate. (<a href="https://redirect.github.com/GradleUp/shadow/pull/1552";>#1552</a>)<br /> This feature is controlled by the <code>shadowJar.failOnDuplicateEntries</code> property, which is <code>false</code> by default.<br /> Related to setting <code>duplicatesStrategy = DuplicatesStrategy.FAIL</code> but there are some differences: <ul> <li>It only checks the entries in the shadowed jar, not the input files.</li> <li>It works with setting <code>duplicatesStrategy</code> to any value.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/GradleUp/shadow/commit/13bc68667a73ddc81b0557e2b1317c2fcb745640";><code>13bc686</code></a> Prepare 9.0.0 final</li> <li><a href="https://github.com/GradleUp/shadow/commit/1c533166709877c2fd6d4ce22bb9662c1463dac5";><code>1c53316</code></a> Tweak update-start-scripts workflow (<a href="https://redirect.github.com/GradleUp/shadow/issues/1598";>#1598</a>)</li> <li><a href="https://github.com/GradleUp/shadow/commit/fc9a801808b237f021a2b054c03bdd91ca583f93";><code>fc9a801</code></a> Document wildcard dependency matching in DependencyFilter (<a href="https://redirect.github.com/GradleUp/shadow/issues/1596";>#1596</a>)</li> <li><a href="https://github.com/GradleUp/shadow/commit/d946bb8f42387b39f9f445c0d39f5325e889508e";><code>d946bb8</code></a> Small tweaks about upgrading warning (<a href="https://redirect.github.com/GradleUp/shadow/issues/1594";>#1594</a>)</li> <li><a href="https://github.com/GradleUp/shadow/commit/5dd423f175880b20d98b6e4caa2aa72df099cc43";><code>5dd423f</code></a> Fix typo in doc</li> <li><a href="https://github.com/GradleUp/shadow/commit/a80909d89d7bd1a981a6b372bca2a4c822ea88e7";><code>a80909d</code></a> Update lint baseline</li> <li><a href="https://github.com/GradleUp/shadow/commit/d98bb7b8acf67d899834a1569a683374ac0571b6";><code>d98bb7b</code></a> Infix for pair</li> <li><a href="https://github.com/GradleUp/shadow/commit/fc1b3cfc5a6602a5149c374db18a9cd9b698f3ea";><code>fc1b3cf</code></a> Normalize functional test names (<a href="https://redirect.github.com/GradleUp/shadow/issues/1576";>#1576</a>)</li> <li><a href="https://github.com/GradleUp/shadow/commit/113cd7b106302553966fa321d2f89ded2df73f51";><code>113cd7b</code></a> Enable testRetry (<a href="https://redirect.github.com/GradleUp/shadow/issues/1593";>#1593</a>)</li> <li><a href="https://github.com/GradleUp/shadow/commit/605bb13616adecc07d9f4dd6abc29d14641d1fd7";><code>605bb13</code></a> Remove eachFile stuff (<a href="https://redirect.github.com/GradleUp/shadow/issues/1592";>#1592</a>)</li> <li>Additional commits viewable in <a href="https://github.com/GradleUp/shadow/compare/8.3.8...9.0.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@beam.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
