Bump the plugins group with 5 updates

[dependabot]

Bumps the plugins group with 5 updates:

Package	From	To
org.apache.maven.plugins:maven-dependency-plugin	3.10.0	3.11.0
org.apache.maven.plugins:maven-surefire-plugin	3.5.5	3.5.6
org.apache.maven.plugins:maven-failsafe-plugin	3.5.5	3.5.6
org.apache.maven.plugins:maven-site-plugin	3.21.0	3.22.0
org.sonarsource.scanner.maven:sonar-maven-plugin	5.6.0.6792	5.7.0.6970

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.10.0 to 3.11.0

Release notes

Sourced from org.apache.maven.plugins:maven-dependency-plugin's releases.

3.11.0

🚀 New features and improvements

• Add dependency:add and dependency:remove goals (#1599) @​brunoborges
• Added ability to provide arbitrary dependencies to properties mojo (#1561) @​treilhes

🐛 Bug Fixes

• Fix artifact relocation support (#1633) @​slawekjaranowski
• fix: fix addParentPoms=true causes repositories to be ignored. (#1585) @​k-wall
• Fix false positive in analyze-exclusions with transitive dependency exclusion (#1628) @​slawekjaranowski
• Make AbstractAnalyzeMojo.filterArtifactsByScope() null-safe (#1622) @​elharo
• Prevent NPE in BuildClasspathMojo.appendArtifactPath() when an artifact has no resolved file (#1623) @​elharo
• Log unpacking at debug level (#1624) @​elharo
• Resolve plugins declared in pluginManagement for resolve-plugins and go-offline (#1603) @​slawekjaranowski
• Fix analyze-exclusions crashes if there is no dependencyManagement element (#1597) @​JackPGreen

👻 Maintenance

• Enable ITs for dependency:remove and use mock dependencies (#1613) @​slawekjaranowski
• More meaningful assertions (#1611) @​elharo
• Cure various typos IntelliJ complains about (#1612) @​elharo
• Remove unused jansi dependency (#1606) @​slawekjaranowski
• Enable ITs for dependecy:add and use mock dependencies (#1610) @​slawekjaranowski
• Cleaner exception handling (#1566) @​elharo

📦 Dependency updates

• Manage ASM version 9.10 to support JDK 27 (#1632) @​slawekjaranowski
• Bump eu.maveniverse.maven.domtrip:domtrip-core from 1.5.0 to 1.5.1 (#1631) @dependabot[bot]
• Bump eu.maveniverse.maven.domtrip:domtrip-maven from 1.5.0 to 1.5.1 (#1630) @dependabot[bot]
• Bump mavenVersion from 3.9.15 to 3.9.16 (#1626) @dependabot[bot]
• Bump org.apache.maven.shared:maven-dependency-analyzer from 1.17.0 to 1.17.1 (#1627) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 in /src/it/projects/remove-dependency/basic (#1607) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (#1605) @dependabot[bot]
• Bump mavenVersion from 3.9.14 to 3.9.15 (#1601) @dependabot[bot]
• Bump org.jsoup:jsoup from 1.22.1 to 1.22.2 (#1602) @dependabot[bot]
• Bump org.apache.maven.doxia:doxia-sink-api from 2.0.0 to 2.1.0 (#1595) @dependabot[bot]
• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#1596) @dependabot[bot]
• Bump mavenVersion from 3.9.12 to 3.9.14 (#1594) @dependabot[bot]
• Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.5.0 to 3.5.1 (#1589) @dependabot[bot]

Commits

• c186d05 [maven-release-plugin] prepare release maven-dependency-plugin-3.11.0
• 3712611 Fix artifact relocation support
• e873e0e Manage ASM version 9.10 to support JDK 27
• 70b5356 fix: fix addParentPoms=true causes repositories to be ignored. (#1585)
• 51d8939 Fix false positive in analyze-exclusions with transitive dependency exclusion...
• 02b865b Bump eu.maveniverse.maven.domtrip:domtrip-core from 1.5.0 to 1.5.1
• 04f4de1 Bump eu.maveniverse.maven.domtrip:domtrip-maven from 1.5.0 to 1.5.1
• 2812490 Bump mavenVersion from 3.9.15 to 3.9.16
• ce117da Bump org.apache.maven.shared:maven-dependency-analyzer
• aea7a64 Prevent NPE (#1622)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.6

🚀 New features and improvements

• Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

• Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_socket at address' is not displayed anymore when using maven.surefire.debug (#3353) (#3354) @​olamy
• Ensure that the statistics filename is calculated only once. (#3326) (#3327) @​olamy
• Add flakes attribute to use in testsuite report (#3306) (#3308) @​olamy
• [BACKPORT 3.5.x] [SUREFIRE-2049] - Fix SHUTDOWN type lost during command serialization. (#3270) (#3289) @​olamy
• fix: null guard for context map (#3269) (#3272) @​olamy

👻 Maintenance

• 3.5.x/bug/cherry pick embedded mode its (#3328) @​olamy
• Use surefire 3.5.5 by project itself for testing (#3324) @​slawekjaranowski
• Follow Oracle javadoc guidelines (#3177) @​elharo

📦 Dependency updates

• Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#3334) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#3350) @dependabot[bot]

Commits

• 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
• e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
• dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
• 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
• 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
• 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
• 04ad9a2 Use surefire 3.5.5 by project itself for testing
• 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
• a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
• e838393 deploy 3.5.x branch to nexus
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-site-plugin from 3.21.0 to 3.22.0

Release notes

Sourced from org.apache.maven.plugins:maven-site-plugin's releases.

3.22.0

🚀 New features and improvements

• Upgrade to Doxia 2.1.0 (#1269) @​kwin
• Upgrade to Doxia Site Tools 2.1.0 (1b3cff6) @​kwin
• Add blocking "auto-refresh" goal (#1267) @​kwin
• Allow to give alternative source directories (1b3cff6) @​kwin
• Throw UOE for unsupported MultiPageSinkFactory.createSink(...) overloads (a27b283) @​kwin

📝 Documentation updates

• Several site improvements (#1272) @​kwin
• Convert Site source from APT to Markdown (#1265) @​kwin

👻 Maintenance

• Fix GitHub CI configuration on new master (#1257) @​slawekjaranowski
• remove missing module (#1258) @​hboutemy
• [MSITE-977] - Remove broken links (#211) (#1256) @​hboutemy
• chore: Migrate Junit3/4 to Junit5 (#1243) @​slawekjaranowski
• Allow to manually execute release drafter (#236) @​slawekjaranowski
• Enable GitHub Issues (Maven 3) (#234) @​Bukama
• Drop additional configuration for requirementsHistories (#221) @​slawekjaranowski
• Convert to Guice injection (#218) @​elharo
• [MSITE-986] Refresh download page (12c8a9d0) @​yuhaowin
• Rename "Goals" to "Plugin Documentation" (f489a1e) @​Bukama

📦 Dependency updates

• Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (#1271) @dependabot[bot]
• Bump org.apache.logging.log4j:log4j-core from 2.25.3 to 2.25.4 in /src/it/projects/MSITE-497/apps/app (#1263) @dependabot[bot]
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#1268) @dependabot[bot]
• Backport Update to parent 47 to 3.x branch (#1235) (#1237) @​Bukama
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (#1225) @dependabot[bot]
• Bump org.apache.maven:maven-archiver from 3.6.5 to 3.6.6 (#1212) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#1207) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.4 (#1203) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-i18n from 1.0.0 to 1.1.0 (#1204) @dependabot[bot]
• Bump jettyVersion from 9.4.56.v20240826 to 9.4.58.v20250814 (#1194) @dependabot[bot]
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1193) @dependabot[bot]

Commits

• f9f7cc6 [maven-release-plugin] prepare release maven-site-plugin-3.22.0
• f7b57ea Bump org.codehaus.plexus:plexus-interactivity-api from 1.3 to 1.5.1
• 282aa04 Several site improvements (#1272)
• 55ebd9f Upgrade to Doxia 2.1.0
• 93ecbb6 Improve goal description
• 106d259 Improve error messages
• a7511e9 Fix additional PR comments
• c3c1c0f Rename from "hot-reload" to "auto-refresh"
• 5fb1504 Add blocking "hot-reload" goal
• 2d9a489 Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (#1271)
• Additional commits viewable in compare view

Updates org.sonarsource.scanner.maven:sonar-maven-plugin from 5.6.0.6792 to 5.7.0.6970

Release notes

Sourced from org.sonarsource.scanner.maven:sonar-maven-plugin's releases.

5.7.0.6970

Release notes - Sonar Scanner for Maven - 5.7

Feature

SCANMAVEN-317 Support encryption of sonar.token, and other new secure properties SCANMAVEN-332 support modular-jar artifact type SCANMAVEN-341 Rework the support of encrypted properties

Maintenance

SCANMAVEN-370 Prepare next development iteration 5.7.0 SCANMAVEN-372 Configure Renovate for sonar-scanner-maven SCANMAVEN-373 SubmitReview: Use Vault token SCANMAVEN-374 Unpin internal GitHub actions SCANMAVEN-376 Use SonarSource/.../sonar-update-center-release@v1 instead of @​master SCANMAVEN-377 Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY]

Commits

• 9e114d7 SCANMAVEN-332 Support modular-jar (#402)
• 7424fe5 SCANMAVEN-317 - Support encryption of sonar.token, and other new secure prope...
• b8ff39f SCANMAVEN-341 Fix regex for encrypted property filtering for mvn4 and add tes...
• b4c0b4a SCANMAVEN-377 Update dependency org.assertj:assertj-core to v3.27.7 [SECURITY...
• cd19506 SCANMAVEN-372 Configure Renovate (#393)
• 944f552 SCANMAVEN-376 Use SonarSource/.../sonar-update-center-release@v1 instead of @...
• 2832b8a SCANMAVEN-374 Unpin internal GitHub actions (#396)
• 81caeeb SCANMAVEN-373 SubmitReview: Use Vault token (#395)
• c62dd74 SCANMAVEN-370 Prepare next development iteration 5.7.0 (#392)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions