Ability to skip project collection #1

gnodet · 2024-11-27T16:25:02Z

[MINVOKER-313] Get rid of maven-artifact-transfer - InstallMojo refactor
Bump project version to 3.5.0-SNAPSHOT
[MINVOKER-322] Bump assertj-core from 3.23.1 to 3.24.2 ([MINVOKER-322] Bump assertj-core from 3.23.1 to 3.24.2 apache/maven-invoker-plugin#168)
[MINVOKER-324] Temporary File Information Disclosure ([MINVOKER-324] Fix Temporary File Information Disclosure Vulnerability apache/maven-invoker-plugin#152)
[MINVOKER-325] Bump groovy-bom from 4.0.6 to 4.0.9 ([MINVOKER-325] Bump groovy-bom from 4.0.6 to 4.0.9 apache/maven-invoker-plugin#176)
[MINVOKER-326] Bump doxia-sink-api from 1.11.1 to 1.12.0 ([MINVOKER-326] Bump doxia-sink-api from 1.11.1 to 1.12.0 apache/maven-invoker-plugin#166)
[maven-release-plugin] prepare release maven-invoker-plugin-3.5.0
[maven-release-plugin] prepare for next development iteration
[MINVOKER-328] Skip install artifacts with the same source and target path
Add optional dependency for install ITs
[MINVOKER-329] Bump plexus-utils from 3.5.0 to 3.5.1 ([MINVOKER-329] Bump plexus-utils from 3.5.0 to 3.5.1 apache/maven-invoker-plugin#178)
[MINVOKER-331] Bump groovy-bom from 4.0.9 to 4.0.10 ([MINVOKER-331] Bump groovy-bom from 4.0.9 to 4.0.10 apache/maven-invoker-plugin#180)
[MINVOKER-330] Allow relative path for mavenExecutable
[MINVOKER-332] Update plugins versions used in ITs
[MINVOKER-333] Artifact should be installed once
[maven-release-plugin] prepare release maven-invoker-plugin-3.5.1
[maven-release-plugin] prepare for next development iteration
[MNG-6825] Replace StringUtils with Commons Lang3
configure notifications
[MINVOKER-338] Bump groovy-bom from 4.0.10 to 4.0.12 ([MINVOKER-338] Bump groovy-bom from 4.0.10 to 4.0.12 apache/maven-invoker-plugin#188)
[MNG-6829] Replace StringUtils#isEmpty(String) and #isNotEmpty(String) ([MNG-6829] Replace StringUtils#isEmpty(String) and #isNotEmpty(String) apache/maven-invoker-plugin#189)
Bump maven-shared-utils from 3.3.4 to 3.4.1
[MINVOKER-341] Make elapsed time field type consistent with Maven Surefire
[MINVOKER-342] Use ChoiceFormat to selectively render elapsed time in AbstractInvokerMojo
[MINVOKER-344] Move reporting rendering logic into a ReportRenderer class
[MINVOKER-345] Use ChoiceFormat to selectively render percentage and elapsed time in InvokerReportRenderer
[MINVOKER-347] Document upcoming report file name change
[maven-release-plugin] prepare release maven-invoker-plugin-3.6.0
[maven-release-plugin] prepare for next development iteration
add explicit dependency on commons-lang3 and update version (add explicit dependency on commons-lang3 and update version apache/maven-invoker-plugin#196)
Update commons-io to 2.13.0 (Update commons-io to 2.13.0 apache/maven-invoker-plugin#195)
Add .checkstyle to .gitignore
[MINVOKER-350] - Upgrade maven-plugin parent to 41
Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27
Bump org.apache.maven.shared:maven-shared-utils from 3.4.1 to 3.4.2
Small code improvments.
[MINVOKER-352] - Remove usage commons-lang3
Bump org.assertj:assertj-core from 3.24.2 to 3.25.0
Switch to defaults for GHA maven verify
Upgrade org.codehaus.plexus:plexus-utils from 3.5.1 to 4.0.0 (Bump org.codehaus.plexus:plexus-utils from 3.5.1 to 4.0.0 apache/maven-invoker-plugin#200)
Bump org.assertj:assertj-core from 3.25.0 to 3.25.1 (Bump org.assertj:assertj-core from 3.25.0 to 3.25.1 apache/maven-invoker-plugin#211)
Bump org.apache.groovy:groovy-bom from 4.0.12 to 4.0.17 (Bump org.apache.groovy:groovy-bom from 4.0.12 to 4.0.17 apache/maven-invoker-plugin#205)
Bump commons-codec:commons-codec from 1.15 to 1.16.0 (Bump commons-codec:commons-codec from 1.15 to 1.16.0 apache/maven-invoker-plugin#198)
Bump org.apache.groovy:groovy-bom from 4.0.17 to 4.0.18 (Bump org.apache.groovy:groovy-bom from 4.0.17 to 4.0.18 apache/maven-invoker-plugin#213)
Bump org.assertj:assertj-core from 3.25.1 to 3.25.3
Bump apache/maven-gh-actions-shared from 3 to 4
Bump commons-codec:commons-codec from 1.16.0 to 1.16.1
Bump org.apache.groovy:groovy-bom from 4.0.18 to 4.0.20
- Removed negative logic (Removed negative logic apache/maven-invoker-plugin#212)
use github for all scm elements
[maven-release-plugin] prepare release maven-invoker-plugin-3.6.1
[maven-release-plugin] prepare for next development iteration
[MINVOKER-357] Bump commons-io:commons-io from 2.13.0 to 2.16.0 ([MINVOKER-357] Bump commons-io:commons-io from 2.13.0 to 2.16.0 apache/maven-invoker-plugin#220)
[MINVOKER-358] Bump org.apache.maven.plugins:maven-plugins from 41 to 42 ([MINVOKER-358] Bump org.apache.maven.plugins:maven-plugins from 41 to 42 apache/maven-invoker-plugin#224)
[MINVOKER-337] Exclude plexus-container-default and o.a.maven from runtime dependencies
[MINVOKER-359] Bump org.apache.groovy:groovy-bom from 4.0.20 to 4.0.21 ([MINVOKER-359] Bump org.apache.groovy:groovy-bom from 4.0.20 to 4.0.21 apache/maven-invoker-plugin#223)
[MINVOKER-360] Bump commons-io:commons-io from 2.16.0 to 2.16.1 ([MINVOKER-360] Bump commons-io:commons-io from 2.16.0 to 2.16.1 apache/maven-invoker-plugin#222)
[MINVOKER-361] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 ([MINVOKER-361] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 apache/maven-invoker-plugin#227)
[MINVOKER-284] Switch to JUnit5, drop maven-compat
Bump org.apache.maven.shared:maven-script-interpreter from 1.4 to 1.5
[MINVOKER-362] Use properties from parent for plugins versions in ITs
[MINVOKER-335] Preserve symlinks for copied files
Use default JDKs on jenkins build
[MINVOKER-336] Create empty .mvn directory in cloned projects
[MINVOKER-363] Bump org.apache.maven.shared:maven-script-interpreter from 1.5 to 1.6 ([MINVOKER-363] Bump org.apache.maven.shared:maven-script-interpreter from 1.5 to 1.6 apache/maven-invoker-plugin#234)
[MINVOKER-364] Rename invoker.systemPropertiesFile to invoker.userPropertiesFile
[MINVOKER-335] Use selector script for preparing test with symlinks
[MINVOKER-366] Require Maven 3.6.3
[MINVOKER-367] Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 ([MINVOKER-367] Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 apache/maven-invoker-plugin#240)
[MINVOKER-365] Allow to pre-build script to set user properties
[MINVOKER-307] Support @{..} syntax in mavenOpts
[MINVOKER-351] Escape special xml character in junit report ([MINVOKER-351] Escape special xml character in junit report apache/maven-invoker-plugin#242)
[maven-release-plugin] prepare release maven-invoker-plugin-3.7.0
[maven-release-plugin] prepare for next development iteration
Add missing dependency
[MINVOKER-368] Filter artifacts by scope before resolving in install
Bump commons-codec:commons-codec from 1.17.0 to 1.17.1
Bump org.apache.groovy:groovy-bom from 4.0.21 to 4.0.22
Bump org.assertj:assertj-core from 3.25.3 to 3.26.3
Bump org.apache.maven.plugins:maven-plugins from 42 to 43
[MINVOKER-354] Upgrade to Doxia 2.0.0 Milestone Stack
[MINVOKER-346] Align report output name
[maven-release-plugin] prepare release maven-invoker-plugin-3.8.0
[maven-release-plugin] prepare for next development iteration
use new Reproducible Central badge endpoint
Bump commons-io:commons-io from 2.16.1 to 2.17.0
Bump org.apache.groovy:groovy-bom from 4.0.22 to 4.0.23
[MINVOKER-371] Upgrade to Doxia 2.0.0 GA Stack
[maven-release-plugin] prepare release maven-invoker-plugin-3.8.1
[maven-release-plugin] prepare for next development iteration
[MINVOKER-373] Switch to Doxia 2
Ability to skip project collection

- refactor InstallMojo to use Resolver API - add possibility to configure scope for installing artifacts - remove maven-artifact-transfer and maven-common-artifact-filters from dependencies

Bumps assertj-core from 3.23.1 to 3.24.2. --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This fixes temporary file information disclosure vulnerability due to the use of the vulnerable `File.createTempFile()` method. The vulnerability is fixed by using the `Files.createTempFile()` method which sets the correct posix permissions. Weakness: CWE-377: Insecure Temporary File Severity: Medium CVSSS: 5.5 Detection: CodeQL & OpenRewrite (https://public.moderne.io/recipes/org.openrewrite.java.security.SecureTempFileCreation) Reported-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com> Bug-tracker: JLLeitschuh/security-research#18 Co-authored-by: Moderne <team@moderne.io> Co-authored-by: Guillaume Nodet <gnodet@gmail.com>

Bumps [groovy-bom](https://github.com/apache/groovy) from 4.0.6 to 4.0.9. - [Release notes](https://github.com/apache/groovy/releases) - [Commits](https://github.com/apache/groovy/commits) --- updated-dependencies: - dependency-name: org.apache.groovy:groovy-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [doxia-sink-api](https://github.com/apache/maven-doxia) from 1.11.1 to 1.12.0. - [Release notes](https://github.com/apache/maven-doxia/releases) - [Commits](apache/maven-doxia@doxia-1.11.1...doxia-1.12.0) --- updated-dependencies: - dependency-name: org.apache.maven.doxia:doxia-sink-api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

… path When user not specified localRepositoryPath we can not reinstall artifact with the same source and target path

Bumps [plexus-utils](https://github.com/codehaus-plexus/plexus-utils) from 3.5.0 to 3.5.1. - [Release notes](https://github.com/codehaus-plexus/plexus-utils/releases) - [Commits](codehaus-plexus/plexus-utils@plexus-utils-3.5.0...plexus-utils-3.5.1) --- updated-dependencies: - dependency-name: org.codehaus.plexus:plexus-utils dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [groovy-bom](https://github.com/apache/groovy) from 4.0.9 to 4.0.10. - [Release notes](https://github.com/apache/groovy/releases) - [Commits](https://github.com/apache/groovy/commits) --- updated-dependencies: - dependency-name: org.apache.groovy:groovy-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Moderne <team@moderne.io>

Bumps [groovy-bom](https://github.com/apache/groovy) from 4.0.10 to 4.0.12. - [Commits](https://github.com/apache/groovy/commits) --- updated-dependencies: - dependency-name: org.apache.groovy:groovy-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

@elharo

apache#189) Continuation of https://issues.apache.org/jira/browse/MNG-6829 Review requested of @elharo Use this link to re-run the recipe: https://public.moderne.io/recipes/org.openrewrite.java.migrate.apache.commons.lang.IsNotEmptyToJdk?organizationId=QXBhY2hlIE1hdmVu Co-authored-by: Moderne <team@moderne.io>

Bumps [maven-shared-utils](https://github.com/apache/maven-shared-utils) from 3.3.4 to 3.4.1. - [Release notes](https://github.com/apache/maven-shared-utils/releases) - [Commits](apache/maven-shared-utils@maven-shared-utils-3.3.4...maven-shared-utils-3.4.1) --- updated-dependencies: - dependency-name: org.apache.maven.shared:maven-shared-utils dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…efire This closes apache#191

… AbstractInvokerMojo This closes apache#192

…lass This closes apache#193

…elapsed time in InvokerReportRenderer This closes apache#194

…from 1.5 to 1.6 (apache#234) Bumps [org.apache.maven.shared:maven-script-interpreter](https://github.com/apache/maven-script-interpreter) from 1.5 to 1.6. - [Release notes](https://github.com/apache/maven-script-interpreter/releases) - [Commits](apache/maven-script-interpreter@maven-script-interpreter-1.5...maven-script-interpreter-1.6) --- updated-dependencies: - dependency-name: org.apache.maven.shared:maven-script-interpreter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…pertiesFile

…to 3.3.0 (apache#240) Bumps [org.apache.maven.shared:maven-invoker](https://github.com/apache/maven-invoker) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/apache/maven-invoker/releases) - [Commits](apache/maven-invoker@maven-invoker-3.2.0...maven-invoker-3.3.0) --- updated-dependencies: - dependency-name: org.apache.maven.shared:maven-invoker dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

--------- Co-authored-by: Michael Osipov <michaelo@apache.org>

Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.17.0 to 1.17.1. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-codec@rel/commons-codec-1.17.0...rel/commons-codec-1.17.1) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.apache.groovy:groovy-bom](https://github.com/apache/groovy) from 4.0.21 to 4.0.22. - [Commits](https://github.com/apache/groovy/commits) --- updated-dependencies: - dependency-name: org.apache.groovy:groovy-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.25.3 to 3.26.3. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.25.3...assertj-build-3.26.3) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.apache.maven.plugins:maven-plugins](https://github.com/apache/maven-parent) from 42 to 43. - [Release notes](https://github.com/apache/maven-parent/releases) - [Commits](https://github.com/apache/maven-parent/commits) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-plugins dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

This closes apache#187

Bumps commons-io:commons-io from 2.16.1 to 2.17.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.apache.groovy:groovy-bom](https://github.com/apache/groovy) from 4.0.22 to 4.0.23. - [Commits](https://github.com/apache/groovy/commits) --- updated-dependencies: - dependency-name: org.apache.groovy:groovy-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

This closes apache#261

slawekjaranowski and others added 30 commits January 31, 2023 17:29

[MINVOKER-313] Get rid of maven-artifact-transfer - InstallMojo refactor

74de493

- refactor InstallMojo to use Resolver API - add possibility to configure scope for installing artifacts - remove maven-artifact-transfer and maven-common-artifact-filters from dependencies

Bump project version to 3.5.0-SNAPSHOT

6bb7c6b

[maven-release-plugin] prepare release maven-invoker-plugin-3.5.0

56ae7e2

[maven-release-plugin] prepare for next development iteration

c7fcdbf

[MINVOKER-328] Skip install artifacts with the same source and target…

de1dbbf

… path When user not specified localRepositoryPath we can not reinstall artifact with the same source and target path

Add optional dependency for install ITs

f46013f

[MINVOKER-330] Allow relative path for mavenExecutable

460582c

[MINVOKER-332] Update plugins versions used in ITs

3e4f3c9

[MINVOKER-333] Artifact should be installed once

bb40a30

[maven-release-plugin] prepare release maven-invoker-plugin-3.5.1

c3dbd68

[maven-release-plugin] prepare for next development iteration

e42da37

[MNG-6825] Replace StringUtils with Commons Lang3

5c62df6

Co-authored-by: Moderne <team@moderne.io>

configure notifications

9c3e913

[MINVOKER-341] Make elapsed time field type consistent with Maven Sur…

26f2dcf

…efire This closes apache#191

[MINVOKER-342] Use ChoiceFormat to selectively render elapsed time in…

3dff59f

… AbstractInvokerMojo This closes apache#192

[MINVOKER-344] Move reporting rendering logic into a ReportRenderer c…

a154e5b

…lass This closes apache#193

[MINVOKER-345] Use ChoiceFormat to selectively render percentage and …

3df7c38

…elapsed time in InvokerReportRenderer This closes apache#194

[MINVOKER-347] Document upcoming report file name change

14ffae6

[maven-release-plugin] prepare release maven-invoker-plugin-3.6.0

d612eb6

[maven-release-plugin] prepare for next development iteration

ffb89ce

add explicit dependency on commons-lang3 and update version (apache#196)

c57f670

slawekjaranowski and others added 29 commits May 3, 2024 12:04

[MINVOKER-336] Create empty .mvn directory in cloned projects

66a536f

[MINVOKER-364] Rename invoker.systemPropertiesFile to invoker.userPro…

a741ea0

…pertiesFile

[MINVOKER-335] Use selector script for preparing test with symlinks

be7f699

[MINVOKER-366] Require Maven 3.6.3

e4dea9d

[MINVOKER-365] Allow to pre-build script to set user properties

89b9633

[MINVOKER-307] Support @{..} syntax in mavenOpts

0e572a9

[MINVOKER-351] Escape special xml character in junit report (apache#242)

74a87f6

--------- Co-authored-by: Michael Osipov <michaelo@apache.org>

[maven-release-plugin] prepare release maven-invoker-plugin-3.7.0

07a1977

[maven-release-plugin] prepare for next development iteration

40a10b7

Add missing dependency

affa7be

[MINVOKER-368] Filter artifacts by scope before resolving in install

1bd7bb2

[MINVOKER-354] Upgrade to Doxia 2.0.0 Milestone Stack

36bcf12

This closes apache#187

[MINVOKER-346] Align report output name

843ddcf

[maven-release-plugin] prepare release maven-invoker-plugin-3.8.0

3542f38

[maven-release-plugin] prepare for next development iteration

2a2e488

use new Reproducible Central badge endpoint

e28603c

[MINVOKER-371] Upgrade to Doxia 2.0.0 GA Stack

b050650

This closes apache#261

[maven-release-plugin] prepare release maven-invoker-plugin-3.8.1

ff4b440

[maven-release-plugin] prepare for next development iteration

4fd5322

[MINVOKER-373] Switch to Doxia 2

30731f1

Ability to skip project collection

6ab7d6e

gnodet closed this Nov 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ability to skip project collection #1

Ability to skip project collection #1

gnodet commented Nov 27, 2024

Ability to skip project collection #1

Ability to skip project collection #1

Conversation

gnodet commented Nov 27, 2024