SUSE-RU-2026:20023-1: moderate: Recommended update for maven-parent, maven-invoker, maven-filtering, maven-file-management, maven-doxia-sitetools, maven-doxia, maven-dependency-tree, maven-dependency-analyzer, maven-artifact-transfer, maven-archiver, xom, maven-plugin-tools, objectweb-asm, plexus-xml, plexus-velocity, plexus-sec-dispatcher, velocity-engine, plexus-languages, plexus-io, plexus-interpolation, plexus-interactivity, plexus-i18n, plexus-compiler, plexus-classworlds, plexus-cipher, plexus-build-api, maven, maven-resolver, xmvn
SLE-UPDATES
null at suse.de
Thu Jan 15 08:35:11 UTC 2026
# Recommended update for maven-parent, maven-invoker, maven-filtering, maven-
file-management, maven-doxia-sitetools, maven-doxia, maven-dependency-tree,
maven-dependency-analyzer, maven-artifact-transfer, maven-archiver, xom, maven-
plugin-tools, objectweb-asm, plexus-xml, plexus-velocity, plexus-sec-dispatcher,
velocity-engine, plexus-languages, plexus-io, plexus-interpolation, plexus-
interactivity, plexus-i18n, plexus-compiler, plexus-classworlds, plexus-cipher,
plexus-build-api, maven, maven-resolver, xmvn
Announcement ID: SUSE-RU-2026:20023-1
Release Date: 2026-01-07T11:23:24Z
Rating: moderate
References:
Affected Products:
* SUSE Linux Enterprise Server 16.0
* SUSE Linux Enterprise Server for SAP Applications 16.0
An update that can now be installed.
## Description:
This update for maven-parent, maven-invoker, maven-filtering, maven-file-
management, maven-doxia-sitetools, maven-doxia, maven-dependency-tree, maven-
dependency-analyzer, maven-artifact-transfer, maven-archiver, xom, maven-plugin-
tools, plexus-xml, plexus-velocity, plexus-sec-dispatcher, velocity-engine,
plexus-languages, plexus-io, plexus-interpolation, plexus-interactivity,
plexus-i18n, plexus-compiler, plexus-classworlds, plexus-cipher, plexus-build-
api, maven, maven-resolver, xmvn fixes the following issues:
Changes in maven-parent:
* Upgrade to Apache Maven parent POM version 45
* New features and improvements
* Use a standard tag template for releases
* Bug Fixes
* Use spotless / palantirJavaFormat - 2.56.0 for all JDKs
* Build
* Allow manually executing release-drafter
* Upgrade to Apache Maven parent POM version 44
* Breaking changes
* Move snapshot repositories in a profile
* Check test code by checkstyle
* New features and improvements
* Move snapshot repositories in a profile
* Introduce property maven.site.path.suffix to allow override site path
* Use v@{project.version} as tag template for releases
* import KEYS history from svn
* Add licenseText to modello
* Update site descriptor to 2.0
* Check test code by checkstyle
* Add issues templates
* Accept all line endings with spotless
* Enable automatic formatter when not on CI
* Bug Fixes
* Fix asf.yaml syntax
* Skip render empty taglist report
Changes in maven-invoker:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-filtering:
* Bogus dependency on plexus-xml (https://github.com/apache/maven-
filtering/issues/286)
* Upgrade to version 3.4.0
* Changes
* Bump apache/maven-gh-actions-shared from 3 to 4
* Bump org.apache.maven.shared:maven-shared-components from 41
* MSHARED-1412: Allow to customize Interpolator used by filter
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-file-management:
* Update to upstream version 3.2.0
* New features and improvements
* Enable GitHub Issues
* Add Release Drafter
* MSHARED-1203: no longer need to shell out to create a symbolic link
* Java 7 can detect symbolic links
* Maintenance
* Update site descriptor
* Skip generating of xml reader and writer for FileSet
* Use version of modello-maven-plugin from parent
* Add PR Automation and Stale actions
* MSHARED-1448: Refresh download page
* remove duplicate tests and unneeded code
* fix JUnit dependencies
* MSHARED-1265: use JUnit assumptions
* MSHARED-1203: use JUnit @TempDir
* MSHARED-1264: Convert to JUnit5
* Add GitHub Actions setup and Dependabot
* Dependency updates
* Bump commons-io:commons-io from 2.18.0 to 2.19.0
* Bump org.apache.maven.shared:maven-shared-components from 43 to 44
* MSHARED-1380: Bump commons-io:commons-io from 2.17.0 to 2.18.0
* MSHARED-1381: Bump org.apache.maven.shared:maven-shared-components from 42 to 43
* MSHARED-1380: Bump commons-io:commons-io from 2.16.1 to 2.17.0
* MSHARED-1380: Bump commons-io:commons-io from 2.13.0 to 2.16.1
* MSHARED-1381: Upgrade parent pom to 42
* Bump apache/maven-gh-actions-shared from 3 to 4
* Bump org.junit:junit-bom from 5.10.1 to 5.10.2
* Bump org.junit:junit-bom from 5.10.0 to 5.10.1
* Bump org.junit:junit-bom from 5.9.3 to 5.10.0
* MSHARED-1266: upgrade commons-io 2.11.0 --> 2.13.0
* update to parent pom 39
Changes in maven-doxia-sitetools:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-doxia:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-dependency-tree:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-dependency-analyzer:
* Upgrade to upstream version 1.16.0
* New features and improvements
* Enable GitHub Issues
* Bug Fixes
* MSHARED-47: Don't flag xml-apis:xml-apis as undeclared
* Maintenance
* Remove unneeded suppression
* Dependency updates
* Bump org.apache.maven.shared:maven-shared-components from 43 to 44
* Bump org.ow2.asm:asm from 9.7.1 to 9.8
* Bump org.assertj:assertj-bom from 3.27.2 to 3.27.3
* Bump org.assertj:assertj-bom from 3.26.3 to 3.27.2
Changes in maven-artifact-transfer:
+ allow building against maven 4.x and maven-resolver 2.x
Changes in maven-archiver:
* Upgrade to maven-archiver 3.6.5
* New features and improvements
* add Java-Version entry to default MANIFEST.MF
* Bug Fixes
* avoid negative entry time: upgrade plexus-archiver
* don't limit outputTimestamp to zip (MS DOS) range
* Documentation updates
* remove extra newline in code blocks
* reformat descriptor description to match usual Modello-generated ones
* document Java-Version entry added in #298
* Maintenance
* Update site descriptor to 2.0.0
* Dependency updates
* Bump org.assertj:assertj-core from 3.27.3 to 3.27.6
* Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1
* Upgrade to maven-archiver 3.6.4
* New features and improvements
* improve Reproducible Builds javadoc
* Fall back on SOURCE_DATE_EPOCH if it exists
* Bug Fixes
* Treat empty Automatic-Module-Name as no Automatic-Module-Name at all
* Maintenance
* Enable GitHub Issues
* Dependency updates
* Bump org.apache.maven.shared:maven-shared-components from 43 to 45
* Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28
* Bump org.assertj:assertj-core from 3.26.0 to 3.27.3
Changes in xom:
* Make build recipe compatible with POSIX sh. Use %autosetup.
Changes in maven-plugin-tools:
* Upgrade to upstream version 3.15.2
* Documentation updates
* Fix run-on sentence
* Update document to use Guice constructor injection
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* Maintenance
* Update site descriptors to 2.0
* Add support for Maven 4 PluginDescriptor.getRequiredJavaVersion() method
* Cleanups dependencies
* Use injection instead of Component annotation
* Begin converting this plugin to Guice constructor injection
* refactor: Replace Plexus AbstractLogEnabled with SLF4J
* Use properties for versions in components.xml
* JDK 25 build fix
* MPLUGIN-543: Update to Parent 44
* Add release drafter
* Add PR Automation action
* Dependency updates
* Bump org.jsoup:jsoup from 1.18.1 to 1.19.1
* Bump org.codehaus.plexus:plexus-testing from 1.4.0 to 1.6.1
* Bump org.codehaus.plexus:plexus-velocity from 2.2.0 to 2.3.0
* Bump net.bytebuddy:byte-buddy from 1.15.5 to 1.17.8
* Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.3
* Bump org.codehaus.plexus:plexus-java from 1.3.0 to 1.5.0
* Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.19.0
* Bump org.codehaus.plexus:plexus-classworlds from 2.8.0 to 2.9.0
* Bump org.assertj:assertj-core from 3.26.3 to 3.27.6
* Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
* Bump asmVersion from 9.7.1 to 9.9
* Bump org.apache.velocity:velocity-engine-core from 2.4 to 2.4.1
* Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0
* Bump maven3Version from 3.9.9 to 3.9.11
* Bump org.codehaus.plexus:plexus-xml from 3.0.1 to 3.0.2
* Bump org.apache.maven:maven-parent from 44 to 45
* Bump antVersion from 1.10.14 to 1.10.15
Changes in maven-plugin-tools:
* Upgrade to upstream version 3.15.2
* Documentation updates
* Fix run-on sentence
* Update document to use Guice constructor injection
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* Maintenance
* Update site descriptors to 2.0
* Add support for Maven 4 PluginDescriptor.getRequiredJavaVersion() method
* Cleanups dependencies
* Use injection instead of Component annotation
* Begin converting this plugin to Guice constructor injection
* refactor: Replace Plexus AbstractLogEnabled with SLF4J
* Use properties for versions in components.xml
* JDK 25 build fix
* MPLUGIN-543: Update to Parent 44
* Add release drafter
* Add PR Automation action
* Dependency updates
* Bump org.jsoup:jsoup from 1.18.1 to 1.19.1
* Bump org.codehaus.plexus:plexus-testing from 1.4.0 to 1.6.1
* Bump org.codehaus.plexus:plexus-velocity from 2.2.0 to 2.3.0
* Bump net.bytebuddy:byte-buddy from 1.15.5 to 1.17.8
* Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.3
* Bump org.codehaus.plexus:plexus-java from 1.3.0 to 1.5.0
* Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.19.0
* Bump org.codehaus.plexus:plexus-classworlds from 2.8.0 to 2.9.0
* Bump org.assertj:assertj-core from 3.26.3 to 3.27.6
* Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
* Bump asmVersion from 9.7.1 to 9.9
* Bump org.apache.velocity:velocity-engine-core from 2.4 to 2.4.1
* Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0
* Bump maven3Version from 3.9.9 to 3.9.11
* Bump org.codehaus.plexus:plexus-xml from 3.0.1 to 3.0.2
* Bump org.apache.maven:maven-parent from 44 to 45
* Bump antVersion from 1.10.14 to 1.10.15
Changes in maven-plugin-tools:
* Add the maven-plugin-report-plugin to the _multibuild file
* Initial packaging of the maven-plugin-report-plugin 3.15.2
Changes in maven-plugin-tools:
* Upgrade to upstream version 3.15.2
* Documentation updates
* Fix run-on sentence
* Update document to use Guice constructor injection
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* Maintenance
* Update site descriptors to 2.0
* Add support for Maven 4 PluginDescriptor.getRequiredJavaVersion() method
* Cleanups dependencies
* Use injection instead of Component annotation
* Begin converting this plugin to Guice constructor injection
* refactor: Replace Plexus AbstractLogEnabled with SLF4J
* Use properties for versions in components.xml
* JDK 25 build fix
* MPLUGIN-543: Update to Parent 44
* Add release drafter
* Add PR Automation action
* Dependency updates
* Bump org.jsoup:jsoup from 1.18.1 to 1.19.1
* Bump org.codehaus.plexus:plexus-testing from 1.4.0 to 1.6.1
* Bump org.codehaus.plexus:plexus-velocity from 2.2.0 to 2.3.0
* Bump net.bytebuddy:byte-buddy from 1.15.5 to 1.17.8
* Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.3
* Bump org.codehaus.plexus:plexus-java from 1.3.0 to 1.5.0
* Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.19.0
* Bump org.codehaus.plexus:plexus-classworlds from 2.8.0 to 2.9.0
* Bump org.assertj:assertj-core from 3.26.3 to 3.27.6
* Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
* Bump asmVersion from 9.7.1 to 9.9
* Bump org.apache.velocity:velocity-engine-core from 2.4 to 2.4.1
* Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0
* Bump maven3Version from 3.9.9 to 3.9.11
* Bump org.codehaus.plexus:plexus-xml from 3.0.1 to 3.0.2
* Bump org.apache.maven:maven-parent from 44 to 45
* Bump antVersion from 1.10.14 to 1.10.15
Changes in plexus-xml:
* Update to upstream version 3.0.2
* Dependency updates
* Bump org.codehaus.plexus:plexus from 19 to 20
* Bump org.codehaus.plexus:plexus from 18 to 19
* Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
* Maintenance
* Cleanup tests and drop dependency to plexus-utils
Changes in plexus-velocity:
* Update to version 2.3.0
* New features and improvements
* Use internal Nullable annotation, allow drop sisu-inject from runtime dependencies
* Maintenance
* Add LICENSE file to project, fix build badge
* Enhance site information
* Use plexus-testing instead of direct sisu InjectedTest
* Dependency updates
* Override version of commons-lang3 to avoid reporting of security issues
* Bump org.codehaus.plexus:plexus from 20 to 24
* Bump org.eclipse.sisu:org.eclipse.sisu.inject from 0.9.0.M3 to 0.9.0.M4
* Update to version 2.2.1
* Dependency updates
* Bump org.apache.velocity:velocity-engine-core from 2.4 to 2.4.1
* Bump org.apache.velocity:velocity-engine-core from 2.3 to 2.4
* Bump org.eclipse.sisu:org.eclipse.sisu.inject from 0.9.0.M2 to 0.9.0.M3
* Bump org.codehaus.plexus:plexus from 19 to 20
* Bump org.codehaus.plexus:plexus from 18 to 19
* Bump org.codehaus.plexus:plexus from 17 to 18
* Bump org.codehaus.plexus:plexus from 16 to 17
* Bump release-drafter/release-drafter from 5 to 6
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in plexus-sec-dispatcher:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in velocity-engine:
* Version 2.4.1:
* Fixes
* Finding the topmost method when introspecting a class should stop at the first static or accessible method found (Fixes VELOCITY-983)
* Direct evaluation of VTL code via RuntimeInstance.evaluate() should update the current rendering template information for local velocimacros to be visible in string literals interpolation (Fixes VELOCITY-944)
Changes in plexus-languages:
* Upgrade to upstream version 1.5.0
* New features and improvements
* Read only first 8 bytes of class in JavaClassfileVersion
* Bump org.ow2.asm:asm from 9.6 to 9.7 - JDK 23 support
* Bump org.ow2.asm:asm from 9.7 to 9.7.1 - JDK 24 support
* Bump org.ow2.asm:asm from 9.7.1 to 9.8
* Maintenance
* Project cleanups
* Rename resources of test data
* Bump release-drafter/release-drafter from 5 to 6
* Reuse plexus-pom action for CI
* Disable deploy job on GitHub
* Added CI for JDK 24-ea
Changes in plexus-io:
* Upgrade to version 3.5.1
* New features and improvements
* Fix performance problem by caching unix group and user names
* Dependency updates
* Bump org.codehaus.plexus:plexus-testing from 1.3.0 to 1.4.0
* Bump org.codehaus.plexus:plexus from 16 to 18
* Bump org.eclipse.sisu:org.eclipse.sisu.inject from 0.9.0.M2 to 0.9.0.M3
* Bump org.codehaus.plexus:plexus-xml from 3.0.0 to 3.0.1
* Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1
* Bump commons-io:commons-io from 2.15.1 to 2.16.1
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in plexus-interpolation:
* Upgrade to version 1.28
* New features and improvements
* Fix #16: StringSearchInterpolator does not cache answers.
* Add FeedbackingValueSource
* Pass delimiter information to ValueSource
* Apply spotless re-formatting
Changes in plexus-interactivity:
* Upgrade to version 1.4
* Changes
* Bump org.jline:jline-reader from 3.25.1 to 3.29.0
* Bump org.eclipse.sisu:org.eclipse.sisu.inject from 0.9.0.M2 to 0.9.0.M3
* Apply spotless re-formatting
* Bump org.codehaus.plexus:plexus from 16 to 20
* Bump release-drafter/release-drafter from 5 to 6
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in plexus-i18n:
* Upgrade to 1.0.0
* no changelog provided by upstream
Changes in plexus-compiler:
* Upgrade to upstream release 2.15.0
* New features and improvements
* Allow to override useUnsharedTable compiler argument
* Lazy providers and better error reporting
* Only use "-release" parameter with javac 9+
* Correctly determine the version of the underlying javac tool
* Use a TreeSet instead of HashSet to get consistent ordering of results
* Bug Fixes
* Cleanup dependencies
* Path.relativize() may throw exception if source and build directories are on different Windows drives
* Fix ECJ not using annotation processor when defined via processorpath
* Report "Error occurred during initialization of VM" as error
* Maintenance
* Bump project version to 2.15.0-SNAPSHOT
* Use LocalRepositoryManager for resolving artifacts paths in tests
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in plexus-classworlds:
* Upgrade to version 2.9.9
* New features and improvements
* refine ConfigurationParser
* Dependency updates
* Bump org.codehaus.plexus:plexus from 19 to 20
* Bump org.codehaus.plexus:plexus from 18 to 19
* Bump org.codehaus.plexus:plexus from 17 to 18
* Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.1
* Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.0 to 3.7.1
* Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.0
* Maintenance
* Apply spotless re-formatting
* Align site.xml with used schema (2.0.0)
* Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.0 to 4.0.2
* Bump org.apache.logging.log4j:log4j-api from 2.20.0 to 2.23.1
* Bump org.apache.ant:ant from 1.10.13 to 1.10.14
* Bump org.codehaus.plexus:plexus from 16 to 17
Changes in plexus-cipher:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in plexus-build-api:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven:
+ Set Guice class loading to CHILD: avoid using terminally
deprecated methods. Default Guice class loading uses a
terminally deprecated JDK memory-access classes.
* Upgrade to upstream version 3.9.11
* New features and improvements
* Augment version range resolution used repositories
* Bug Fixes
* Deduplicate filtered dependency graph
* Move ensure in boundaries of project lock
* Maintenance
* [MNGSITE-393] - remove references to Maven 2
* Update CONTRIBUTING after GitHub issues enabled
* Enable Github Issues
* [MNG-8763] - Remove name from site bannerLeft
* Build
* Pin GitHub action versions by hash
* Build the project by JDK 21 as default
* Use Maven 3.9.10 for build on GitHub
* Upgrade to upstream version 3.9.10
* Bug
* MNG-8096: Inconsistent dependency resolution behaviour for concurrent multi-module build can cause failures
* MNG-8169: MINGW support requires \--add-opens java.base/java.lang=ALL-UNNAMED
* MNG-8170: Maven 3.9.8 contains weird native library for Jansi on Windows/arm64
* MNG-8211: Maven should fail builds that use CI Friendly versions but have no values set
* MNG-8248: WARNING: A restricted method in java.lang.System has been called
* MNG-8256: ProjectDependencyGraph bug: in case of filtering, non-direct module links are lost
* MNG-8315: Failure of mvn.cmd if a .mvn directory is located at drive root
* MNG-8396: Maven takes forever to resume
* MNG-8711: "Duplicate artifact" in LifecycleDependencyResolver
* Improvement
* MNG-8370: Introduce maven.repo.local.head
* MNG-8399: JDK 24+ issues warning about usage of sun.misc.Unsafe
* MNG-8707: Add methods to remove compile and test source roots
* MNG-8712: improve dependency version explanation: it's a requirement, not always effective version
* MNG-8717: Remove maven-plugin-plugin:addPluginArtifactMetadata from default binding
* MNG-8722: Use a single standalone version of asm
* MNG-8731: Use https for xsi:schemaLocation in generated descriptors
* MNG-8734: Simplify scripting like "get project version" cases
* Task
* MNG-8728: Bump Eclipse Sisu from 0.9.0.M3 to 0.9.0.M4 and use Java 24 on CI
* Link also the objectweb-asm/asm to the lib directory
* MNG-8177: Warning
Changes in maven-resolver:
* Update to upstream version 1.9.24
* New features and improvements
* Metadata type out of coordinates
* RFC9457 implementation
* Intern context strings
* Maintenance
* Align plexus-util version with Maven
* Align guice version with Maven
* Enable Github Issues (1.9.x branch)
* Build also maven-resolver-supplier package in separate spec file
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
* Update to upstream version 1.9.23
* Bug
* MRESOLVER-659: NPE in trusted checksum post processor if
* Improvement
* MRESOLVER-680: Disable checksum by default for .sigstore.json as well
* MRESOLVER-703: HTTP transport should expose config for max redirects
* Upgrade to upstream version 1.9.22
* Bug
* MRESOLVER-572: Resolver-Supplier unusable in OSGi runtimes
* MRESOLVER-574: Invalid Cookie set under proxy conditions
* MRESOLVER-586: In typical setups, DefaultArtifact copies the same maps over and over again
* MRESOLVER-587: Memory consumption improvements
* New Feature
* MRESOLVER-571: Import o.e.aether packages with the exact same version in OSGi metadata
* Improvement
* MRESOLVER-570: Remove excessive strictness of OSGi dependency metadata
* Task
* MRESOLVER-576: Allow co-release of Resolver 1.x and 2.x
* Upgrade to upstream version 1.9.20
* Bug
* MRESOLVER-483: PreorderNodeListGenerator bug: may print trailing ":"
* MRESOLVER-522: File locking threads not entering critical region were "oversleeping"
* MRESOLVER-547: BF collector always copies artifacts, even when it should not
* Improvement
* MRESOLVER-536: Skip setting last modified time when FS does not support it
* Add dependency on plexus-xml where relevant
* this will be needed for smooth upgrade to plexus-utils 4.0.0
* Upgrade to upstream version 1.9.18
* Bug
* MRESOLVER-372: Sporadic AccessDeniedEx on Windows
* MRESOLVER-441: Undo FileUtils changes that altered non-Windows execution path
* Improvement
* MRESOLVER-396: Native transport should retry on HTTP 429 (Retry-After)
* Task
* MRESOLVER-397: Deprecate Guice modules
* MRESOLVER-405: Get rid of component name string literals, make them constants and reusable
* MRESOLVER-433: Expose configuration for inhibiting Expect-Continue handshake in 1.x
* MRESOLVER-435: Refresh download page
* MRESOLVER-437: Resolver should not override given HTTP transport default use of expect-continue handshake
* Upgrade to upstream version 1.9.15
* Bug
* MRESOLVER-373: Remove lock upgrading code
* MRESOLVER-375: Several key aspects are broken in provided and trusted checksum feature
* MRESOLVER-376: StackOverflowError at BfDependencyCollector.processDependency
* MRESOLVER-380: Lock diagnostic: attempted lock step is recorded, but on failed attempt is not removed
* MRESOLVER-393: Transport HTTP does not retain last modified as sent by remote end
* Improvement
* MRESOLVER-220: Modify signaling for unsupported operations
* MRESOLVER-382: Define local outgoing (bind) address
* MRESOLVER-385: Reduce default value for aether.connector.http.connectionMaxTtl
* Task
* MRESOLVER-378: Update parent POM to 40
* MRESOLVER-381: Undo MRESOLVER-373 as it was fixed by other means
* MRESOLVER-386: Make all injected ctors public, deprecate all def ctors
* MRESOLVER-388: Transport HTTP old codec proper override
* Upgrade to upstream version 1.9.12
* Bug
* [MRESOLVER-371] Unjustified WARNING log added by MRESOLVER-364
* [MRESOLVER-361] Unreliable TCP and retries on upload
* [MRESOLVER-357] ConflictResolver STANDARD verbosity misbehaves
* [MRESOLVER-352] Duplicate METADATA_DOWNLOADING event is being sent
* Improvement
* [MRESOLVER-360] disable checksum by default for .sigstore in addition to .asc
* New Feature
* [MRESOLVER-370] Lock factory should dump lock states on failure
* [MRESOLVER-353] Make aether.checksums.algorithms settable per remote repository
* Task
* [MRESOLVER-366] Upgrade build plugins
* [MRESOLVER-364] Revert MRESOLVER-132
* [MRESOLVER-359] Make build be explicit about build time requirements
* [MRESOLVER-356] Remove Guava (is unused)
* [MRESOLVER-354] Document expected checksums
* Upgrade to upstream version 1.9.8
* Bug
* [MRESOLVER-345] Conflict resolution in verbose mode is sensitive to version ordering
* [MRESOLVER-348] SslConfig httpSecurityMode change is not detected
* [MRESOLVER-339] Preemptive Auth broken when default ports used
* [MRESOLVER-325] [REGRESSION] Suddenly seeing I/O errors under windows aborting the build
* [MRESOLVER-330] Static name mapper is unusable with file-lock factory
* [MRESOLVER-314] Getting "IllegalArgumentException: Comparison method violates its general contract!"
* [MRESOLVER-316] DF collector enters endless loop when collecting org.webjars.npm:musquette:1.1.1
* [MRESOLVER-298] javax.inject should be provided or optional
* [MRESOLVER-305] Evaluate blocked repositories also when retrieving metadata
* [MRESOLVER-309] PrefixesRemoteRepositoryFilterSource aborts the build while it should not
* [MRESOLVER-313] Artifact file permissions are 0600 and not implicitly set by umask
* [MRESOLVER-296] FileProcessor.write( File, InputStream ) is defunct
* [MRESOLVER-292] Documented and used param names mismatch
* [MRESOLVER-294] Fix JapiCmp configuration and document it
* [MRESOLVER-285] File locking on Windows knows to misbehave
* [MRESOLVER-246] m-deploy-p will create hashes for hashes
* [MRESOLVER-265] Discrepancy between produced and recognized checksums
* [MRESOLVER-241] Resolver checksum calculation should be driven by layout
* [MRESOLVER-242] When no remote checksums provided by layout, transfer inevitably fails/warns
* [MRESOLVER-250] Usage of descriptors map in DataPool prevents gargabe collection
* New Feature
* [MRESOLVER-32] Support parallel artifact/metadata uploads
* [MRESOLVER-319] Support parallel deploy
* [MRESOLVER-297] Chained LRM
* [MRESOLVER-167] Support forcing specific repositories for artifacts
* [MRESOLVER-268] Apply artifact checksum verification for any resolved artifact
* [MRESOLVER-274] Introduce Remote Repository Filter feature
* [MRESOLVER-275] Introduce trusted checksums source
* [MRESOLVER-276] Resolver post-processor
* [MRESOLVER-278] BREAKING: Introduce RepositorySystem shutdown hooks
* [MRESOLVER-236] Make it possible to resolve .asc on a 'fail' respository.
* Improvement
* [MRESOLVER-346] Too eager locking
* [MRESOLVER-347] Better connection pool configuration (reuse, max TTL, maxPerRoute)
* [MRESOLVER-349] Adapter when locking should "give up and retry"
* [MRESOLVER-350] Get rid of commons-lang dependency
* [MRESOLVER-327] Make tranport-http obey system properties regarding proxy settings
* [MRESOLVER-340] Make WebDAV "dance" disabled by default
* [MRESOLVER-341] Add option for preemptive PUT Auth
* [MRESOLVER-315] Implement preemptive authentication feature for transport-http
* [MRESOLVER-328] The transport-http should be able to ignore cert errors
* [MRESOLVER-337] Real cause when artifact not found with repository filtering
* [MRESOLVER-287] Get rid of deprecated finalize methods
* [MRESOLVER-317] Improvements for BF collector
* [MRESOLVER-318] Cleanup redundant code and centralize executor handling
* [MRESOLVER-303] Make checksum detection reusable
* [MRESOLVER-290] Improve file handling resolver wide
* [MRESOLVER-7] Download dependency POMs in parallel in BF collector
* [MRESOLVER-266] Simplify adapter creation and align configuration for it
* [MRESOLVER-269] Allow more compact storage of provided checksums
* [MRESOLVER-273] Create more compact File locking layout/mapper
* [MRESOLVER-284] BREAKING: Some Sisu parameters needs to be bound
* [MRESOLVER-286] Improve basic connector closed state handling
* [MRESOLVER-240] Using breadth-first approach to resolve Maven dependencies
* [MRESOLVER-247] Avoid unnecessary dependency resolution by a Skip solution based on BFS
* [MRESOLVER-248] Make DF and BF collector implementations coexist
* Task
* [MRESOLVER-326] Resolver transport-http should retry on failures
* [MRESOLVER-331] Make DefaultTrackingFileManager write directly to tracking files
* [MRESOLVER-333] Distinguish better resolver errors for artifact availability
* [MRESOLVER-320] Investigate slower resolving speeds as reported by users
* [MRESOLVER-291] Undo MRESOLVER-284
* [MRESOLVER-279] Simplify and improve trusted checksum sources
* [MRESOLVER-281] Update configurations page with new elements
* [MRESOLVER-282] Drop PartialFile
* [MRESOLVER-230] Make supported checksum algorithms extensible
* [MRESOLVER-231] Extend “smart checksum” feature
* [MRESOLVER-234] Introduce “provided” checksums feature
* [MRESOLVER-237] Make all checksum mismatches handled same
* [MRESOLVER-239] Update and sanitize dependencies
* [MRESOLVER-244] Deprecate FileTransformer API
* [MRESOLVER-245] Isolate Hazelcast tests
* Dependency upgrade
* [MRESOLVER-311] Upgrade Parent to 39
* [MRESOLVER-293] Update dependencies, align with Maven
* [MRESOLVER-272] Update parent POM to 37, remove plugin version overrides, update bnd
* [MRESOLVER-280] Upgrade invoker, install, deploy, require maven 3.8.4+
* [MRESOLVER-251] Upgrade Redisson to 3.17.5
* [MRESOLVER-249] Update Hazelcast to 5.1.1 in named-locks-hazelcast module
* Add an alias for the wagon connector
* Build against the standalone JavaEE modules unconditionally
* Remove the javax.annotation:javax.annotation-api dependency on distribution
versions that do not incorporate the JavaEE modules
* Add the glassfish-annotation-api jar to the build classpath
* Upgrade to upstream version 1.7.3
* Bug
* [MRESOLVER-96] - Dependency Injection fails after upgrading to Maven 3.6.2
* [MRESOLVER-153] - resolver-status.properties file is corrupted due to concurrent writes
* [MRESOLVER-171] - Resolver fails when compiled on Java 9+ an run on Java 8 due to JDK API breakage
* [MRESOLVER-189] - Using semaphore-redisson followed by rwlock-redisson on many parallel build of the same project triggers redisson error
* New Feature
* [MRESOLVER-90] - HTML content in POM: Maven should validate content before storing in local repo
* [MRESOLVER-145] - Introduce more SyncContext implementations
* Improvement
* [MRESOLVER-103] - Replace deprecated HttpClient classes
* [MRESOLVER-104] - maven-resolver-demo-maven-plugin uses reserved artifactId
* [MRESOLVER-147] - Upgrade to Java 8
* [MRESOLVER-148] - Use vanilla Guice 4 instead of forked Guice 3
* [MRESOLVER-156] - Active dependency management for Google Guice/Guava
* [MRESOLVER-168] - add DEBUG message when downloading an artifact from repositories
* [MRESOLVER-193] - Properly type lock key names in Redis
* [MRESOLVER-197] - Minors improvements (umbrella)
* [MRESOLVER-204] - Add a SessionData#computeIfAbsent method
* [MRESOLVER-214] - Remove clirr configuration
* Task
* [MRESOLVER-141] - Review index-based access to collections
* [MRESOLVER-151] - Enforce a checksum policy to be provided explicitly
* [MRESOLVER-152] - Perform null checks when interface contracts require it
* [MRESOLVER-154] - Move SyncContextFactory interface to SPI module
* [MRESOLVER-155] - Make TrackingFileManager member of DefaultUpdateCheckManager
* [MRESOLVER-158] - Simplify SimpleDigest class
* [MRESOLVER-159] - Mark singleton components as Sisu Singletons
* [MRESOLVER-160] - Deprecate ServiceLocator
* [MRESOLVER-162] - Restore binary compatibility broken by MRESOLVER-154
* [MRESOLVER-170] - Deprecate org.eclipse.aether.spi.log
* [MRESOLVER-172] - Make TrackingFileManager shared singleton component
* [MRESOLVER-173] - Drop deprecated AetherModule
* [MRESOLVER-174] - Use all bindings in UTs and tests
* [MRESOLVER-175] - Drop SyncContextFactory delegates in favor of a selector approach
* [MRESOLVER-177] - Move pre-/post-processing of metadata from ResolveTask to DefaultMetadataResolver
* [MRESOLVER-183] - Don't require optional dependencies for Redisson
* [MRESOLVER-184] - Destroy Redisson semaphores if not used anymore
* [MRESOLVER-186] - Update Maven version in Resolver Demo Snippets
* [MRESOLVER-188] - Improve documentation on using the named locks with redis/hazelcast (umbrella)
* [MRESOLVER-190] - [Regression] Revert MRESOLVER-184
* [MRESOLVER-191] - Document how to analyze lock issues
* [MRESOLVER-196] - Document named locks configuration options
* [MRESOLVER-219] - Implement NamedLock with advisory file locking
* [MRESOLVER-227] - Refactor NamedLockFactorySelector to a managed component
* [MRESOLVER-232] - Make SimpleNamedLockFactorySelector logic reusable
* Sub-task
* [MRESOLVER-198] - Replace assert by simpler but equivalent calls
* [MRESOLVER-199] - Java 8 improvements
* [MRESOLVER-200] - Simplify conditions with the same result and avoid extra validations
* [MRESOLVER-201] - Make variables final whenever possible
* [MRESOLVER-202] - Use isEmpty() instead length() <= 0
* Dependency upgrade
* [MRESOLVER-185] - Upgrade Redisson to 3.15.6
* Change of API and incompatible with maven-resolver < 1.7
* Upgrade to upstream version 1.6.3
* Bug
* [MRESOLVER-153] - resolver-status.properties file is corrupted due to concurrent writes
* [MRESOLVER-171] - Resolver fails when compiled on Java 9+ and run on Java 8 due to JDK API breakage
* Improvement
* [MRESOLVER-168] - add DEBUG message when downloading an artifact from repositories
* Task
* [MRESOLVER-177] - Move pre-/post-processing of metadata from ResolveTask to DefaultMetadataResolver
* Needed for maven 3.8.4
* Do not build/run the tests against the legacy guava20 package
* Upgrade to upstream version 1.6.2
* Sub-task
* [MRESOLVER-139] - Make SimpleDigest use SHA-1 or MD5 only
* [MRESOLVER-140] - Default to SHA-1 and MD5 hashing algorithms
* Bug
* [MRESOLVER-25] - Resume support is broken under high concurrency
* [MRESOLVER-114] - ArtifactNotFoundExceptions when building in parallel
* [MRESOLVER-129] - Exclusion has no setters
* [MRESOLVER-137] - Make OSGi bundles reproducible
* [MRESOLVER-138] - MRESOLVER-56 introduces severe performance regression
* New Feature
* [MRESOLVER-109] - AndDependencySelector should override toString
* [MRESOLVER-115] - Make checksum algorithms configurable
* [MRESOLVER-123] - Provide a global locking sync context by default
* [MRESOLVER-131] - Introduce a Redisson-based SyncContextFactory
* [MRESOLVER-165] - Add support for mirror selector on external:http:*
* [MRESOLVER-166] - Add support for blocked repositories/mirrors
* Improvement
* [MRESOLVER-56] - Support SHA-256 and SHA-512 as checksums
* [MRESOLVER-116] - Add page with all supported configuration options
* [MRESOLVER-125] - Use type conversions returning primitives
* [MRESOLVER-127] - Don't use boolean for property 'aether.updateCheckManager.sessionState'
* [MRESOLVER-136] - Migrate from maven-bundle-plugin to bnd-maven-plugin
* Task
* [MRESOLVER-119] - Turn log messages to SLF4J placeholders
* [MRESOLVER-130] - Move GlobalSyncContextFactory to a separate module
* [MRESOLVER-132] - Remove synchronization in TrackingFileManager
* Dependency upgrade
* [MRESOLVER-105] - Update Plexus Components
* [MRESOLVER-106] - Update HttpComponents
* [MRESOLVER-107] - Update Wagon Provider API to 3.4.0
* [MRESOLVER-108] - Update mockito-core to 2.28.2
* [MRESOLVER-117] - Upgrade SLF4J to 1.7.30
* [MRESOLVER-118] - Upgrade Sisu Components to 0.3.4
* Needed for maven 3.8.x
* Set buildshell to bash for "<<<".
* Upgrade to upstream version 1.4.2
* Bug:
* MRESOLVER-38 – SOE/OOME in DefaultDependencyNode.accept
* Improvements:
* MRESOLVER-93 – PathRecordingDependencyVisitor to handle 3 cycles
* MRESOLVER-102 – make build Reproducible
* Upgrade to upstream version 1.4.1
* Task
* [MRESOLVER-92] - Revert MRESOLVER-7
* Bug
* [MRESOLVER-86] - ResolveArtifactMojo from resolver example uses plugin repositories to resolve dependencies
* New Feature
* [MRESOLVER-10] - New 'TransitiveDependencyManager' supporting transitive dependency management
* [MRESOLVER-33] - New 'DefaultDependencyManager' managing dependencies on all levels supporting transitive dependency management
* Improvement
* [MRESOLVER-7] - Download dependency POMs in parallel
* [MRESOLVER-84] - Add support for "release" qualifier
* [MRESOLVER-87] - Refresh examples to use maven-resolver artifacts for demo
* [MRESOLVER-88] - Code style cleanup to use Java 7 features
* Initial packaging of maven-resolver 1.3.1
* Generate and customize the ant build files
Changes in maven-resolver:
* Update to upstream version 1.9.24
* New features and improvements
* Metadata type out of coordinates
* RFC9457 implementation
* Intern context strings
* Maintenance
* Align plexus-util version with Maven
* Align guice version with Maven
* Enable Github Issues (1.9.x branch)
* Build also maven-resolver-supplier package in separate spec file
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
* Update to upstream version 1.9.23
* Bug
* MRESOLVER-659: NPE in trusted checksum post processor if
* Improvement
* MRESOLVER-680: Disable checksum by default for .sigstore.json as well
* MRESOLVER-703: HTTP transport should expose config for max redirects
Changes in xmvn:
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in objectweb-asm:
* Upgrade to version 9.9
* new Opcodes.V26 constant for Java 26
* new mapInvokeDynamicMethodName method in Remapper. Old method deprecated.
New Remapper constructor, with an api parameter.
* bug fixes
* 318028: Textifier misinterprets ACC_SUPER of inner classes as ACC_SYNCHRONIZED
* 318032: FIPS 140-3 and SerialVersionUIDAdder's SHA-1 Use
* 318034: Many ASM contents lack API detection.
* Upgrade to version 9.8
* new Opcodes.V25 constant for Java 25
* bug fixes
* Fix one more copy operation on DUP2
* 318015: Valid bytecode for jvm, but failed to pass the CheckClassAdapter.
* `ASMifier` should print calls to `valueOf` instead of deprecated constructors of primitive wrappers
Changes in plexus-archiver:
* Upgrade to upstream version 4.10.2
* New features and improvements
* Utilize VT if possible
* Bug Fixes
* check minimum timestamp: avoid negative Zip 5455 Extended Timestamp
* Maintenance
* Cleanups of using deprecated methods
* symLinks:Enhance the compatibility of regen.sh
* Apply spotless re-formatting
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-surefire:
* Upgrade to 3.5.4
* New features and improvements
* Name the shutdown hook
* Implement fail-fast behavior for JUnit Platform provider
* Create a single LauncherSession for invocations of JUnitPlatformProvider
* Bug Fixes
* SUREFIRE-2298: fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit)
* Maintenance
* feat: enable prevent branch protection rules
* Get rid of plexus-annotations
* Remove maven-changes-plugin
* Enable GitHub Issues
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
* Upgrade to 3.5.3
* Bug
* SUREFIRE-1643: JUnit 5 in parallel execution mode confuses Surefire reports
* SUREFIRE-1737: Disabling the JUnit5Xml30StatelessReporter has no effect
* SUREFIRE-1751: Surefire report shows flaky tests as failures
* SUREFIRE-2289: FailsafeSummary.toRunResult throws a raw exception
Changes in maven-compiler-plugin:
* Upgrade to upstream release 3.14.1
* New features and improvements
* Improve DeltaList behavior for large projects
* Allow to not use --module-version for the Java compiler
* Bug Fixes
* Add generatedSourcesPath back to the maven project
* MCOMPILER-538: Do not add target/generated-sources/annotations to the source roots
* Dependency updates
* Enforce asm version used here, to not depend on brittle transitive
* Bump mavenVersion from 3.9.9 to 3.9.11
* Bump org.apache.maven.plugins:maven-plugins from 43 to 45
* Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0
Changes in maven-javadoc-plugin:
* Upgrade to upstream version 3.12.0
* Breaking changes
* remove fix mojo
* detectOfflineLinks is now false per default for all jar mojo issue #1258
* Bug Fixes
* Fix legacyMode
* Fix package {...} does not exist in legacyMode
* Ensure UTF-8 charset is used to avoid IllegalArgumentException: Null charset name
* Remove Javadoc 1.4+ / -1.1 switch related warning
* Maintenance
* protect 3.8.x branch
* feat: enable prevent branch protection rules
* Upgrade to upstream version 3.11.3
* Removed
* Remove workaround for long patched CVE in javadoc
* New features and improvements
* Issue #369 Support --no-fonts option per default for jdk 23+
* Bug Fixes
* Make the legacyMode consistent (Filter out all of the module-info.java files in legacy mode, do not use \--source-path in legacy mode)
* MJAVADOC-826: Don't try to modify project source roots
* Documentation updates
* Correct javadoc-no-fork description on index-page
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* (doc) Close links tag in links parameter javadoc example
* Maintenance
* Be consistent about data encoding when copying files
* Clean up JavadocUtilTest
* Use Java 7 relativization instead of hand-rolled code
* Rephrase source code fix interactive messages for clarity
* Reduce non-debug logging
* Delete duplicate @throws clause
* Use Java 7 relativization instead of our hand-rolled code
* Clean up comments and argument names
* Issue #378 Cleanup of code related to old non supported Java version
* Cure deprecation warning
* MJAVADOC-773: deprecate toRelative
* Issue #373 Fix JDK 23 build
* Fix aggregate Javadoc typo
* Enable GH issues
* MJAVADOC-825: Prefer NullPointerExceptions for null arguments
* Add dependency on objectweb-asm to build with sisu 0.9.0.M4
Changes in maven-assembly-plugin:
Update to version 3.7.1
* Bug
* MASSEMBLY-1020: Cannot invoke "java.io.File.isFile()" because "this.inputFile" is null
* MASSEMBLY-1021: Nullpointer in assembly:single when upgrading to 3.7.0
* MASSEMBLY-1022: Unresolved artifacts should be not processed
* Changes of 3.7.0
* Bug
* MASSEMBLY-967: maven-assembly-plugin doesn't add target/class artifacts in generated jarfat but META-INF/MANIFEST.MF seems to be correct
* MASSEMBLY-994: Items from unpacked dependency are not refreshed
* MASSEMBLY-998: Transitive dependencies are not properly excluded as of 3.1.1
* MASSEMBLY-1008: Assembly plugin handles scopes wrongly
* MASSEMBLY-1018: Fix examples about useStrictFiltering
* New Feature
* MASSEMBLY-992: Facility to define assembly descriptor in body of POM
* Improvement
* MASSEMBLY-1007: Upgrade maven-plugin parent to 41
* MASSEMBLY-1016: clarify and fix plugin system requirements history
* MASSEMBLY-1017: Don't use deprecated methods in code
* Task
* MASSEMBLY-991: XSDs for 2.2.0 missing from Maven Project Web Site
* MASSEMBLY-1000: ITs - cleanups, refresh plugins versions
* MASSEMBLY-1003: Remove unused remoteRepositories
* MASSEMBLY-1004: Remove ignored and deprecated parameter - useJvmChmod
* MASSEMBLY-1010: Use IOUtils from commons-io instead of plexus
* MASSEMBLY-1013: Code cleanups
Changes in maven-bundle-plugin:
* remove patch that is fixed in maven-archiver
Changes in maven-dependency-plugin:
* Upgrade to version 3.9.0
* New features and improvements
* Use Resolver API in go-offline for dependencies resolving
* Use Resolver API in go-offline for plugins resolving
* Fixes #1522, add render-dependencies mojo
* Use Resolver API in resolve-plugin
* MDEP-964: unconditionally ignore dependencies known to be loaded by reflection
* Update maven-dependency-analyzer to support Java24
* MDEP-972: copy-dependencies: copy signatures alongside artifacts
* MDEP-776: Warn when multiple dependencies have the same file name
* MDEP-966: Migrate AnalyzeDepMgt to Sisu
* MDEP-957: By default, don't report slf4j-simple as unused
* Bug Fixes
* ProjectBuildingRequest should not be modified
* Fix: markersDirectory is not working when unpack goal is executed from command line
* Fix broken link for analyze-exclusions-mojo on usage-page
* MDEP-839: Avoid extra blank lines in file
* Update collect URL
* MDEP-689: Fixes ignored dependency filtering in go-offline goal
* MDEP-960: Repair silent logging
* Documentation updates
* MDEP-933: Document dependency tree output formats
* Add additional comment to clarify the minimal supported version of outputing dependency tree in JSON fromat.
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* Unix file separators
* Maintenance
* Simplify usage of RepositoryManager and DependencyResolver
* Use Resolver API in copy and unpack
* Update site descriptor to 2.0.0
* Enable prevent branch protection rules
* Fix [MDEP-931: Replace PrintWriter with Writer in AbstractSerializing Visitor and subclasses
* Cleanups dependencies
* Copy edit parameter descriptions
* Small Javadoc clarifications
* MDEP-967: Change info to debug logging in AbstractFromConfigurationMojo
* fix: remove duplicate maven-resolver-api and maven-resolver-util dependencies in pom.xml
* Enable GH issues
* Remove redundant/unneeded code
* Add PR Automation and Stale actions
* Keep files in temporary directory to be deleted after test
* Drop unnecessary call
* Avoid deprecated ArtifactFactory
* MDEP-966: Convert remaining Mojos to Guice injection
* MDEP-966: Convert Analyze Mojos to Guice constructor injection
* MDEP-966: Prefer Guice injection
* MDEP-966: Migrate TreeMojo/CopyMojo/AnalyzeExclusionsMojo/ /UnpackMojo/CopyDependenciesMojo from Plexus to Sisu Guice
* MDEP-966: @component --> @Inject for DisplayAncestorsMojo
* Fixing flaky test in TestCopyDependenciesMojo
* MNG-2961: Remove workaround for fixed bug
* Build
* Build by Maven 4
* Dependency updates
* Bump Maven in dependencies to 3.9.11
* Bump commons-io:commons-io from 2.16.1 to 2.20.0
* Bump jettyVersion from 9.4.56.v20240826 to 9.4.58.v20250814
* Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.19.0
* Bump org.apache.maven.plugins:maven-plugins from 43 to 45
* Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
* Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1
* Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0
* Bump org.jsoup:jsoup from 1.18.1 to 1.21.2
* MDEP-963: Bump org.apache.maven.shared:maven-dependency-analyzer from 1.15.0 to 1.15.1
Changes in maven-invoker-plugin:
* Upgrade to upstream version 3.9.1
* Documentation updates
* Add note about cloneProjectsTo being required for filtering
* Maintenance
* Use constant 3.6.3 in prerequisites/maven as minimal Maven version
* Enable GH Issues
* MNGSITE-529: Rename "Goals" to "Plugin Documentation"
* Switch to Guice constructor injection
* Specify UTF-8 when reading build log
* Make utility class static
* Build
* Enable build by Maven 4 on GitHub
* Dependency updates
* Bump commons-beanutils:commons-beanutils from 1.9.4 to 1.11.0
* Bump commons-codec:commons-codec from 1.17.1 to 1.18.0
* Bump commons-io:commons-io from 2.18.0 to 2.19.0
* Bump mavenVersion from 3.6.3 to 3.9.10
* Bump org.apache.groovy:groovy-bom from 4.0.24 to 4.0.27
* Bump org.apache.maven.plugins:maven-plugins from 43 to 45
* Bump org.assertj:assertj-core from 3.26.3 to 3.27.3
* Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28
Changes in plexus-archiver:
* Upgrade to upstream version 4.10.2
* New features and improvements
* Utilize VT if possible
* Bug Fixes
* check minimum timestamp: avoid negative Zip 5455 Extended Timestamp
* Maintenance
* Cleanups of using deprecated methods
* symLinks:Enhance the compatibility of regen.sh
* Apply spotless re-formatting
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 16.0
zypper in -t patch SUSE-SLES-16.0-122=1
* SUSE Linux Enterprise Server for SAP Applications 16.0
zypper in -t patch SUSE-SLES-16.0-122=1
## Package List:
* SUSE Linux Enterprise Server 16.0 (noarch)
* maven-bundle-plugin-5.1.9-160000.3.1
* maven-javadoc-3.9.11-160000.1.1
* maven-artifact-transfer-0.13.1-160000.3.1
* maven-resolver-transport-wagon-1.9.24-160000.1.1
* plexus-interpolation-javadoc-1.28-160000.1.1
* maven-invoker-javadoc-3.3.0-160000.3.1
* maven-plugin-tools-ant-3.15.2-160000.1.1
* maven-resolver-test-util-1.9.24-160000.1.1
* maven-surefire-provider-junit5-3.5.4-160000.1.1
* maven-compiler-plugin-3.14.1-160000.1.1
* maven-doxia-module-xhtml5-2.0.0-160000.3.1
* plexus-sec-dispatcher-2.0-160000.3.1
* velocity-engine-core-2.4.1-160000.1.1
* plexus-velocity-javadoc-2.3.0-160000.1.1
* maven-resolver-javadoc-1.9.24-160000.1.1
* maven-doxia-test-docs-2.0.0-160000.3.1
* maven-filtering-3.4.0-160000.1.1
* plexus-i18n-javadoc-1.0.0-160000.1.1
* maven-doxia-module-apt-2.0.0-160000.3.1
* xmvn-subst-4.3.0-160000.3.1
* maven-surefire-plugin-3.5.4-160000.1.1
* maven-plugin-plugin-3.15.2-160000.1.1
* maven-file-management-3.2.0-160000.1.1
* velocity-engine-core-javadoc-2.4.1-160000.1.1
* maven-javadoc-plugin-javadoc-3.12.0-160000.1.1
* plexus-cipher-2.1.0-160000.3.1
* maven-surefire-provider-junit-3.5.4-160000.1.1
* maven-jar-plugin-javadoc-3.5.0-160000.1.1
* xmvn-install-4.3.0-160000.3.1
* maven-surefire-plugins-javadoc-3.5.4-160000.1.1
* maven-plugin-tools-beanshell-3.15.2-160000.1.1
* maven-dependency-analyzer-javadoc-1.16.0-160000.1.1
* xmvn-connector-javadoc-4.3.0-160000.3.1
* maven-artifact-transfer-javadoc-0.13.1-160000.3.1
* maven-resolver-spi-1.9.24-160000.1.1
* maven-doxia-sink-api-2.0.0-160000.3.1
* plexus-interactivity-javadoc-1.4-160000.1.1
* plexus-xml-javadoc-3.0.2-160000.1.1
* maven-plugin-tools-javadoc-3.15.2-160000.1.1
* maven-resolver-impl-1.9.24-160000.1.1
* velocity-engine-parent-2.4.1-160000.1.1
* maven-doxia-module-xdoc-2.0.0-160000.3.1
* xmvn-tools-javadoc-4.3.0-160000.3.1
* plexus-sec-dispatcher-javadoc-2.0-160000.3.1
* plexus-languages-1.5.0-160000.1.1
* plexus-build-api-1.2.0-160000.3.1
* plexus-classworlds-2.9.0-160000.1.1
* maven-compiler-plugin-javadoc-3.14.1-160000.1.1
* maven-doxia-core-2.0.0-160000.3.1
* maven-doxia-javadoc-2.0.0-160000.3.1
* velocity-engine-javadoc-2.4.1-160000.1.1
* maven-doxia-sitetools-javadoc-2.0.0-160000.3.1
* maven-plugin-annotations-3.15.2-160000.1.1
* plexus-cipher-javadoc-2.1.0-160000.3.1
* maven-invoker-plugin-3.9.1-160000.1.1
* xom-1.3.9-160000.3.1
* maven-script-ant-3.15.2-160000.1.1
* xmvn-core-4.3.0-160000.3.1
* maven-surefire-javadoc-3.5.4-160000.1.1
* maven-invoker-3.3.0-160000.3.1
* maven-resolver-transport-classpath-1.9.24-160000.1.1
* maven-doxia-sitetools-2.0.0-160000.3.1
* plexus-languages-javadoc-1.5.0-160000.1.1
* plexus-interpolation-1.28-160000.1.1
* plexus-compiler-extras-2.15.0-160000.1.1
* plexus-archiver-4.10.2-160000.1.1
* maven-script-beanshell-3.15.2-160000.1.1
* maven-plugin-tools-generators-3.15.2-160000.1.1
* plexus-compiler-2.15.0-160000.1.1
* maven-resolver-util-1.9.24-160000.1.1
* maven-surefire-provider-junit5-javadoc-3.5.4-160000.1.1
* maven-jar-plugin-3.5.0-160000.1.1
* maven-dependency-tree-3.2.1-160000.3.1
* maven-plugin-tools-model-3.15.2-160000.1.1
* plexus-build-api-javadoc-1.2.0-160000.3.1
* xmvn-resolve-4.3.0-160000.3.1
* maven-assembly-plugin-javadoc-3.7.1-160000.1.1
* plexus-velocity-2.3.0-160000.1.1
* xmvn-mojo-4.3.0-160000.3.1
* xmvn-mojo-javadoc-4.3.0-160000.3.1
* maven-surefire-report-plugin-3.5.4-160000.1.1
* maven-surefire-provider-testng-3.5.4-160000.1.1
* xom-javadoc-1.3.9-160000.3.1
* maven-surefire-report-parser-3.5.4-160000.1.1
* velocity-engine-scripting-2.4.1-160000.1.1
* plexus-archiver-javadoc-4.10.2-160000.1.1
* plexus-i18n-1.0.0-160000.1.1
* maven-bundle-plugin-javadoc-5.1.9-160000.3.1
* maven-plugin-tools-annotations-3.15.2-160000.1.1
* maven-assembly-plugin-3.7.1-160000.1.1
* plexus-io-3.5.1-160000.1.1
* objectweb-asm-javadoc-9.9-160000.1.1
* maven-javadoc-plugin-3.12.0-160000.1.1
* maven-surefire-3.5.4-160000.1.1
* maven-file-management-javadoc-3.2.0-160000.1.1
* maven-archiver-javadoc-3.6.5-160000.1.1
* plexus-classworlds-javadoc-2.9.0-160000.1.1
* velocity-engine-examples-2.4.1-160000.1.1
* maven-resolver-transport-http-1.9.24-160000.1.1
* maven-resolver-1.9.24-160000.1.1
* xmvn-parent-4.3.0-160000.3.1
* plexus-xml-3.0.2-160000.1.1
* xmvn-api-4.3.0-160000.3.1
* maven-filtering-javadoc-3.4.0-160000.1.1
* maven-doxia-module-fml-2.0.0-160000.3.1
* maven-resolver-transport-file-1.9.24-160000.1.1
* maven-failsafe-plugin-3.5.4-160000.1.1
* plexus-interactivity-api-1.4-160000.1.1
* velocity-custom-parser-example-2.4.1-160000.1.1
* maven-resolver-named-locks-1.9.24-160000.1.1
* maven-invoker-plugin-javadoc-3.9.1-160000.1.1
* xmvn-connector-4.3.0-160000.3.1
* maven-plugin-plugin-javadoc-3.15.2-160000.1.1
* plexus-io-javadoc-3.5.1-160000.1.1
* maven-dependency-analyzer-1.16.0-160000.1.1
* maven-plugin-tools-api-3.15.2-160000.1.1
* plexus-compiler-javadoc-2.15.0-160000.1.1
* maven-parent-45-160000.1.1
* maven-dependency-tree-javadoc-3.2.1-160000.3.1
* maven-resolver-api-1.9.24-160000.1.1
* maven-archiver-3.6.5-160000.1.1
* xom-demo-1.3.9-160000.3.1
* maven-plugin-tools-java-3.15.2-160000.1.1
* maven-resolver-connector-basic-1.9.24-160000.1.1
* objectweb-asm-9.9-160000.1.1
* SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64)
* xmvn-4.3.0-160000.3.1
* xmvn-minimal-4.3.0-160000.3.1
* maven-lib-3.9.11-160000.1.1
* maven-3.9.11-160000.1.1
* SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch)
* maven-bundle-plugin-5.1.9-160000.3.1
* maven-javadoc-3.9.11-160000.1.1
* maven-artifact-transfer-0.13.1-160000.3.1
* maven-resolver-transport-wagon-1.9.24-160000.1.1
* plexus-interpolation-javadoc-1.28-160000.1.1
* maven-invoker-javadoc-3.3.0-160000.3.1
* maven-plugin-tools-ant-3.15.2-160000.1.1
* maven-resolver-test-util-1.9.24-160000.1.1
* maven-surefire-provider-junit5-3.5.4-160000.1.1
* maven-compiler-plugin-3.14.1-160000.1.1
* maven-doxia-module-xhtml5-2.0.0-160000.3.1
* plexus-sec-dispatcher-2.0-160000.3.1
* velocity-engine-core-2.4.1-160000.1.1
* plexus-velocity-javadoc-2.3.0-160000.1.1
* maven-resolver-javadoc-1.9.24-160000.1.1
* maven-doxia-test-docs-2.0.0-160000.3.1
* maven-filtering-3.4.0-160000.1.1
* plexus-i18n-javadoc-1.0.0-160000.1.1
* maven-doxia-module-apt-2.0.0-160000.3.1
* xmvn-subst-4.3.0-160000.3.1
* maven-surefire-plugin-3.5.4-160000.1.1
* maven-plugin-plugin-3.15.2-160000.1.1
* maven-file-management-3.2.0-160000.1.1
* velocity-engine-core-javadoc-2.4.1-160000.1.1
* maven-javadoc-plugin-javadoc-3.12.0-160000.1.1
* plexus-cipher-2.1.0-160000.3.1
* maven-surefire-provider-junit-3.5.4-160000.1.1
* maven-jar-plugin-javadoc-3.5.0-160000.1.1
* xmvn-install-4.3.0-160000.3.1
* maven-surefire-plugins-javadoc-3.5.4-160000.1.1
* maven-plugin-tools-beanshell-3.15.2-160000.1.1
* maven-dependency-analyzer-javadoc-1.16.0-160000.1.1
* xmvn-connector-javadoc-4.3.0-160000.3.1
* maven-artifact-transfer-javadoc-0.13.1-160000.3.1
* maven-resolver-spi-1.9.24-160000.1.1
* maven-doxia-sink-api-2.0.0-160000.3.1
* plexus-interactivity-javadoc-1.4-160000.1.1
* plexus-xml-javadoc-3.0.2-160000.1.1
* maven-plugin-tools-javadoc-3.15.2-160000.1.1
* maven-resolver-impl-1.9.24-160000.1.1
* velocity-engine-parent-2.4.1-160000.1.1
* maven-doxia-module-xdoc-2.0.0-160000.3.1
* xmvn-tools-javadoc-4.3.0-160000.3.1
* plexus-sec-dispatcher-javadoc-2.0-160000.3.1
* plexus-languages-1.5.0-160000.1.1
* plexus-build-api-1.2.0-160000.3.1
* plexus-classworlds-2.9.0-160000.1.1
* maven-compiler-plugin-javadoc-3.14.1-160000.1.1
* maven-doxia-core-2.0.0-160000.3.1
* maven-doxia-javadoc-2.0.0-160000.3.1
* velocity-engine-javadoc-2.4.1-160000.1.1
* maven-doxia-sitetools-javadoc-2.0.0-160000.3.1
* maven-plugin-annotations-3.15.2-160000.1.1
* plexus-cipher-javadoc-2.1.0-160000.3.1
* maven-invoker-plugin-3.9.1-160000.1.1
* xom-1.3.9-160000.3.1
* maven-script-ant-3.15.2-160000.1.1
* xmvn-core-4.3.0-160000.3.1
* maven-surefire-javadoc-3.5.4-160000.1.1
* maven-invoker-3.3.0-160000.3.1
* maven-resolver-transport-classpath-1.9.24-160000.1.1
* maven-doxia-sitetools-2.0.0-160000.3.1
* plexus-languages-javadoc-1.5.0-160000.1.1
* plexus-interpolation-1.28-160000.1.1
* plexus-compiler-extras-2.15.0-160000.1.1
* plexus-archiver-4.10.2-160000.1.1
* maven-script-beanshell-3.15.2-160000.1.1
* maven-plugin-tools-generators-3.15.2-160000.1.1
* plexus-compiler-2.15.0-160000.1.1
* maven-resolver-util-1.9.24-160000.1.1
* maven-surefire-provider-junit5-javadoc-3.5.4-160000.1.1
* maven-jar-plugin-3.5.0-160000.1.1
* maven-dependency-tree-3.2.1-160000.3.1
* maven-plugin-tools-model-3.15.2-160000.1.1
* plexus-build-api-javadoc-1.2.0-160000.3.1
* xmvn-resolve-4.3.0-160000.3.1
* maven-assembly-plugin-javadoc-3.7.1-160000.1.1
* plexus-velocity-2.3.0-160000.1.1
* xmvn-mojo-4.3.0-160000.3.1
* xmvn-mojo-javadoc-4.3.0-160000.3.1
* maven-surefire-report-plugin-3.5.4-160000.1.1
* maven-surefire-provider-testng-3.5.4-160000.1.1
* xom-javadoc-1.3.9-160000.3.1
* maven-surefire-report-parser-3.5.4-160000.1.1
* velocity-engine-scripting-2.4.1-160000.1.1
* plexus-archiver-javadoc-4.10.2-160000.1.1
* plexus-i18n-1.0.0-160000.1.1
* maven-bundle-plugin-javadoc-5.1.9-160000.3.1
* maven-plugin-tools-annotations-3.15.2-160000.1.1
* maven-assembly-plugin-3.7.1-160000.1.1
* plexus-io-3.5.1-160000.1.1
* objectweb-asm-javadoc-9.9-160000.1.1
* maven-javadoc-plugin-3.12.0-160000.1.1
* maven-surefire-3.5.4-160000.1.1
* maven-file-management-javadoc-3.2.0-160000.1.1
* maven-archiver-javadoc-3.6.5-160000.1.1
* plexus-classworlds-javadoc-2.9.0-160000.1.1
* velocity-engine-examples-2.4.1-160000.1.1
* maven-resolver-transport-http-1.9.24-160000.1.1
* maven-resolver-1.9.24-160000.1.1
* xmvn-parent-4.3.0-160000.3.1
* plexus-xml-3.0.2-160000.1.1
* xmvn-api-4.3.0-160000.3.1
* maven-filtering-javadoc-3.4.0-160000.1.1
* maven-doxia-module-fml-2.0.0-160000.3.1
* maven-resolver-transport-file-1.9.24-160000.1.1
* maven-failsafe-plugin-3.5.4-160000.1.1
* plexus-interactivity-api-1.4-160000.1.1
* velocity-custom-parser-example-2.4.1-160000.1.1
* maven-resolver-named-locks-1.9.24-160000.1.1
* maven-invoker-plugin-javadoc-3.9.1-160000.1.1
* xmvn-connector-4.3.0-160000.3.1
* maven-plugin-plugin-javadoc-3.15.2-160000.1.1
* plexus-io-javadoc-3.5.1-160000.1.1
* maven-dependency-analyzer-1.16.0-160000.1.1
* maven-plugin-tools-api-3.15.2-160000.1.1
* plexus-compiler-javadoc-2.15.0-160000.1.1
* maven-parent-45-160000.1.1
* maven-dependency-tree-javadoc-3.2.1-160000.3.1
* maven-resolver-api-1.9.24-160000.1.1
* maven-archiver-3.6.5-160000.1.1
* xom-demo-1.3.9-160000.3.1
* maven-plugin-tools-java-3.15.2-160000.1.1
* maven-resolver-connector-basic-1.9.24-160000.1.1
* objectweb-asm-9.9-160000.1.1
* SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64)
* xmvn-4.3.0-160000.3.1
* xmvn-minimal-4.3.0-160000.3.1
* maven-lib-3.9.11-160000.1.1
* maven-3.9.11-160000.1.1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260115/2accaab1/attachment.htm>
More information about the sle-updates
mailing list