dependabot[bot] opened a new pull request, #21829: URL: https://github.com/apache/camel/pull/21829
Bumps [io.github.ascopes:protobuf-maven-plugin](https://github.com/ascopes/protobuf-maven-plugin) from 4.1.3 to 5.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ascopes/protobuf-maven-plugin/releases";>io.github.ascopes:protobuf-maven-plugin's releases</a>.</em></p> <blockquote> <h2>v5.0.2</h2> <p><strong>Bugfixes:</strong></p> <ul> <li>Reimplement artifact resolution to handle additional edge cases that may previously have bled into other code and caused spurious/unhelpful/vague exceptions during dependency resolution. <ul> <li>Specifically, this handles a case where passing a non-existent classifier on a published dependency could result in an ArrayIndexOutOfBoundsException being raised at runtime. Other edge cases should also be handled more sensibly moving forwards.</li> </ul> </li> </ul> <p><strong>Other changes</strong>:</p> <ul> <li>Dependency resolution now explicitly ensures additional configuration overrides within the Maven/Aether transports are propagated and used correctly with respect to things like proxies and custom authenticators.</li> <li>New examples by <a href="https://github.com/sleepkqq";><code>@sleepkqq</code></a> for building Kotlin gRPC projects in the documentation.</li> <li>Build on Maven 3.9.13 in addition to 3.9.6 and 4.0.0-rc-5, now that the former has been released.</li> </ul> <p>v5.0.1 release notes</p> <ul> <li>Implemented partial workaround for <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/596";>GH-596</a> where users may experience OutOfMemoryExceptions being raised by Eclipse Aether during dependency resolution. - The plugin now follows similar behaviour to Maven Core by not recursing into transitive test dependencies and fat artifact dependencies, which was considered to be surprising and undefined behaviour. <ul> <li>Users depending on the old behaviour should explicitly declare their dependencies following standard Maven conventions.</li> <li>This is not deemed a breaking change since the old behaviour is undefined and does not follow Maven default behaviour.</li> </ul> </li> <li>Reverted offloading project dependency resolution to Maven to address <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/939";>GH-939</a>. <ul> <li>This previously manifested as various Maven reactor failures when resolving sibling dependencies in a Maven multi-module project.</li> <li>Users can now disable dependency resolution for the main project dependencies correctly by setting <code><ignoreProjectDependencies>true</ignoreProjectDependencies></code> and only specify their protobuf dependencies via the plugin itself.</li> </ul> </li> <li>Reduced default concurrency multiplier used for various internal tasks after several JFR profiling sessions showed a general lack of utilisation of the thread pool. <ul> <li>This should reduce idle resources slightly in builds.</li> </ul> </li> <li>Various Aether internals are now cached for the duration of the plugin goal rather than recreated numerous times during dependency resolution. <ul> <li>This should reduce resource usage slightly in builds.</li> </ul> </li> <li>Updated plugin to use <code>protobuf-java:4.34.0</code>for various descriptor file-related activities.</li> <li>Updated project and integration test dependencies to verify plugin compatibility across various component matrices.</li> </ul> <h2>v5.0.0</h2> <p>New major version that removes some old tech debt introduced for backwards API compatibility with minor versions on v4.x and older. This allows extending this plugin with new features moving forwards by removing some limitations around the old way of configuring a couple of aspects.</p> <p>The changes are fairly minor, but migration details have been added below.</p> <blockquote> <p>[!TIP] Users with concerns about making changes across many projects due to being pinned to an older version of this plugin can first upgrade their parent projects to point at v4.1.3 of this plugin while they perform migration steps incrementally.</p> <p>If there are any concerns or queries, please add a comment to <a href="https://github.com/ascopes/protobuf-maven-plugin/discussions/937";>the discussion</a>.</p> </blockquote> <h2>Protoc plugin declarations</h2> <p>We have removed deprecated legacy protoc plugin parameters from <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/877";>GH-877</a> -- users must use the <code>plugins</code> parameter instead now. - <code>binaryMavenPlugins</code> is removed, use <code>plugins</code> with <code>kind="binary-maven"</code> instead. - <code>binaryPathPlugins</code> is removed, use <code>plugins</code> with <code>kind="path"</code> instead. - <code>binaryUrlPlugins</code> is removed, use <code>plugins</code> with <code>kind="url"</code> instead. - <code>jvmMavenPlugins</code> is removed, use <code>plugins</code> with kind <code>jvm-maven</code> instead.</p> <p>See <a href="https://ascopes.github.io/protobuf-maven-plugin/using-protoc-plugins.html";>https://ascopes.github.io/protobuf-maven-plugin/using-protoc-plugins.html</a> for full usage details and examples, but effectively the change that users will want to make is the following:</p> <p>Old usage:</p> <pre lang="xml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/7d80b0e14aa02e6526bd85c4dd4b2672139ee0cc";><code>7d80b0e</code></a> [maven-release-plugin] prepare release v5.0.2</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/b7ba3a4d4ba542965197aa2dd30a6fbe1876eb2d";><code>b7ba3a4</code></a> Merge pull request <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/955";>#955</a> from ascopes/dependabot/maven/main/org.apache.maven-m...</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/11bbb9216ec542a1c1ebb61228c4a1658cb61fcf";><code>11bbb92</code></a> Merge pull request <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/956";>#956</a> from ascopes/dependabot/maven/main/org.apache.maven.p...</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/e7ca48e602b17dfa51eb76e52b4426f3cc79129c";><code>e7ca48e</code></a> Merge pull request <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/957";>#957</a> from ascopes/dependabot/maven/main/org.apache.maven-m...</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/aa8bfc19fc39ee0c2478b9aec5be57cff7666e0e";><code>aa8bfc1</code></a> Merge pull request <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/958";>#958</a> from ascopes/dependabot/maven/protobuf-maven-plugin/s...</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/5d53f85d1ee625a63b76af52df1b119fab4284d5";><code>5d53f85</code></a> Bump net.alchim31.maven:scala-maven-plugin</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/261f7b03f60a30523a0357dbaeefb82df89825ba";><code>261f7b0</code></a> Bump org.apache.maven:maven-core from 3.9.12 to 3.9.13</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/883c34896dd369a92ad68f0f7e6098ef69b6d71a";><code>883c348</code></a> Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/c9b37cb83699d0dcc144185e3dd3640f6b77595a";><code>c9b37cb</code></a> Bump org.apache.maven:maven-plugin-api from 3.9.12 to 3.9.13</li> <li><a href="https://github.com/ascopes/protobuf-maven-plugin/commit/7586ac0e781fab5d1566954fc08c90e20950c092";><code>7586ac0</code></a> Merge pull request <a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/954";>#954</a> from ascopes/bugfix/<a href="https://redirect.github.com/ascopes/protobuf-maven-plugin/issues/951";>GH-951</a></li> <li>Additional commits viewable in <a href="https://github.com/ascopes/protobuf-maven-plugin/compare/v4.1.3...v5.0.2";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
