File maven.changes of Package maven.35432

Overview Repositories Revisions Requests Users Attributes Meta

File maven.changes of Package maven.35432

-------------------------------------------------------------------
Tue Aug 27 08:46:19 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.9.9
  * Bug
    + MNG-8159: Fix search for topDirectory when using -f / --file
    for Maven 3.9.x
    + MNG-8165: Maven does not find extensions for -f when current
      dir is root
    + MNG-8177: Warning 
      "'dependencyManagement.dependencies.dependency.systemPath' for
      com.sun:tools:jar refers to a non-existing file
      C:\Temp\jdk-11.0.23\..\lib\tools.jar"
    + MNG-8178: Profile activation based on OS properties is broken
      for "mvn site"
    + MNG-8180: Resolver will blindly assume it is deploying a
      plugin by presence of META-INF/maven/plugins.xml in JAR
    + MNG-8182: Missing or mismatching Trusted Checksum for some
      artifacts is not properly reported
    + MNG-8188: [REGRESSION] Property not resolved in profile
      pluginManagement
  * Task
    + MNG-8206: Remove Maven 2.1 (v 2.0) compatibility bits

-------------------------------------------------------------------
Tue Jun 18 08:12:47 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.9.8
  * Bug
    + MNG-7758: o.e.aether.resolution.ArtifactResolutionException
      incorrectly examined when multiple repositories are involved
    + MNG-8066: Maven hangs on self-referencing exceptions
    + MNG-8116: Plugin configuration can randomly fail in case of
      method overloading as it doesn't take into account
      implementation attribute
    + MNG-8131: Property replacement in dependency pom no longer
      works
    + MNG-8135: Profile activation based on OS properties is no
      longer case insensitive
    + MNG-8142: If JDK profile activator gets "invalid" JDK version
      for whatever reason, it chokes but does not tell why
    + MNG-8147: Profile interpolation broke their evaluation in case
      of duplicate IDs
  * Improvement
    + MNG-7902: Sort plugins in validation report
    + MNG-8140: When a model is discarded (by model builder) for
      whatever reason, show why it happened
    + MNG-8141: Model Builder should report if not sure about
      "fully correct" outcome
    + MNG-8150: Make SimplexTransferListener handle absent
      source/target files
  * Task
    + MNG-8146: Drop use of commons-lang
  * Dependency upgrade
    + MNG-8136: Update to Eclipse Sisu 0.9.0.M3
    + MNG-8143: Update to commons-cli 1.8.0
    + MNG-8144: Update to Guava 32.2.1-jre
    + MNG-8154: Upgrade default plugin bindings

-------------------------------------------------------------------
Tue Jun 11 15:23:33 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.9.7
  * Bug
    + MNG-8106: Maven Metadata corruption if repository directory
      role overlaps
    + MNG-8121: NullPointerException at
      org.apache.maven.artifact.repository.metadata.Metadata.merge
      (Metadata.java:293)
  * New Feature
    + MNG-5726: Update OS Activation To Allow Wildcards In OS
      Version
    + MNG-8030: Backport: Add ability to ignore dependency
      repositories: mvn -itr
  * Improvement
    + MNG-8019: Streamline update policy of
      pluginRepository/repository of Maven Central in Super POM
    + MNG-8029: improve documentation of mirror in settings
    + MNG-8031: Backport: Make Maven transfer listener used with
      Resolver more concurrent friendly
    + MNG-8081: default profile activation should consider available
      system and user properties
    + MNG-8085: swtich from png+imagemap to svg
    + MNG-8117: Improve prerequisite evaluation and plugin version
      selection logging
  * Task
    + MNG-7309: Remove redundant MojoDescriptor parameterMap
    + MNG-8011: Minimize and make generic the README.txt
    + MNG-8055: Investigate possible solutions for build number
      diffs on deploy
  * Dependency upgrade
    + MNG-8094: Resolver 1.9.19
    + MNG-8100: Upgrade default plugin bindings
    + MNG-8101: Upgrade Parent to 42
    + MNG-8109: Resolver 1.9.20
    + MNG-8115: Upgrade minimal set of dependencies
    + MNG-8125: (build) Bump buildhelper-maven-plugin to 3.6.0 (was
      3.4.0)
    + MNG-8126: Bump logback classic to 1.2.13 (was 1.2.12)
    + MNG-8127: Bump guava to 33.2.0-jre

-------------------------------------------------------------------
Mon Jun 10 13:58:23 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Add dependency on jakarta-inject, needed by google-guice 6.0.0

-------------------------------------------------------------------
Tue Apr  2 17:21:14 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Add dependency on plexus-xml where relevant
  * this will be needed for smooth upgrade to plexus-utils 4.0.0

-------------------------------------------------------------------
Wed Feb 21 15:10:43 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Use %patch -P N instead of deprecated %patchN.

-------------------------------------------------------------------
Tue Jan 30 07:13:33 UTC 2024 - Fridrich Strba <fstrba@suse.com>

- Upgrade tu upstream version 3.9.6
  * Bug
    + MNG-7851: Error message when modelVersion is 4.0 is confusing
  * Improvement
    + MNG-7875: Colorize transfer messages
    + MNG-7895: Support ${project.basedir} in file profile
      activation
    + MNG-7939: Allow to exclude plugins from validation
  * Task
    + MNG-7856: Maven Resolver Provider classes ctor change
    + MNG-7870: Undeprecate wrongly deprecated repository metadata
    + MNG-7872: Deprecate
      org.apache.maven.repository.internal.MavenResolverModule
    + MNG-7874: maven-resolver-provider: introduce NAME constants.
  * Dependency upgrade
    + MNG-7859: Update to Resolver 1.9.16
    + MNG-7913: Upgrade Sisu version to 0.9.0.M2
    + MNG-7934: Upgrade Resolver version to 1.9.18
    + MNG-7942: Upgrade to parent POM 41
    + MNG-7943: Upgrade default plugin bindings

-------------------------------------------------------------------
Thu Sep 21 12:03:34 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Upgrade tu upstream version 3.9.4
  * Bug
    + MNG-7705: Sporadic failures on multiple builds sharing the
      same local repo when writing the .lastUpdated file
    + MNG-7786: Maven Plugin Validation message is misleading
    + MNG-7795: IllegalArgumentException: 'other' has different root
      during plugin validation
    + MNG-7796: Top directory cannot be computed
    + MNG-7799: Plugin validation falsely reports there are issues
      (but shows none)
    + MNG-7811: Plugins verification - reports are inconsistent
    + MNG-7818: [REGRESSION] maven improperly excludes hamcrest-core
      from junit
    + MNG-7819: Create IT that exercise file locking with snapshots
    + MNG-7846: endless loop in DefaultExceptionHandler.getMessage()
  * Improvement
    + MNG-7698: Allow comments in .mvn/maven.config
    + MNG-7785: Clean usage of SessionData
    + MNG-7787: Introduce new options for plugin validation
    + MNG-7788: Plugin Validation Report should be printed before
      build summary
    + MNG-7789: Plugin Dependency Validations use wrong data set
    + MNG-7806: Plugins verification - remove used in module(s)
      report
    + MNG-7823: Make plugin validation level parsing more consistent
  * Task
    + MNG-5987: Document the algorithm calculating the order of
      plugin executions inside a phase.
    + MNG-7743: Make the build work on JDK 20
    + MNG-7790: Update lifecycle plugins
    + MNG-7791: Split validation issues into "user actionable" and
      "plugin dev actionable"
    + MNG-7797: Return BRIEF mode, simply map it onto SUMMARY
    + MNG-7807: Update Super POM plugins
  * Dependency upgrade
    + MNG-7800: Upgrade to Maven Resolver 1.9.13
    + MNG-7816: Bump maven parent from 39 to 40
    + MNG-7828: Bump guava from 31.1-jre to 32.0.1-jre
    + MNG-7847: Upgrade to Resolver 1.9.14

-------------------------------------------------------------------
Tue Sep 12 12:55:07 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Reproducible builds: do not output build number

-------------------------------------------------------------------
Mon Sep  4 15:13:23 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Added patch:
  * 0005-Reproducible-maven.build.timestamp.patch
    + debian patch to make maven builds more reproducible

-------------------------------------------------------------------
Mon Jun 19 15:31:21 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.9.2
  * Bug
    + MNG-7750: Interpolated properties in originalModel in
      an active profile.
    + MNG-7759: java.lang.NullPointerException at org.apache
      .maven.repository.internal.DefaultModelCache.newInstance
      (DefaultModelCache.java:37)
  * Improvement
    + MNG-7712: Core should issue a warning if plugin depends
      on maven-compat
    + MNG-7741: Add more information when using
      -Dmaven.repo.local.recordReverseTree=true
    + MNG-7754: Improvement and extension of plugin validation
    + MNG-7767: Tone down plugin validation report
    + MNG-7776: don't fingerprint Sigstore signatures (like GPG)
    + MNG-7778: Maven should print suppressed exceptions when a
      mojo fails
  * Task
    + MNG-7749: Upgrade animal-sniffer from 1.21 to 1.23
    + MNG-7774: Maven config and command line interpolation

-------------------------------------------------------------------
Thu May 11 08:39:04 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Modified patch:
  * 0001-Adapt-mvn-script.patch
    + revert to older version which worked well (bsc#1211198)

-------------------------------------------------------------------
Wed May  3 11:44:20 UTC 2023 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.9.1
  * Changes of version 3.8.7:
    + Regression fixes from Maven 3.8.6
    + General fixes
    + Maven Wagon upgrade
  * Changes of verson 3.8.8
    + Regression fixes from Maven 3.8.7
    + General fixes
    + Non-functional backports and improvements from 3.9.0
  * Changes of version 3.9.0
    + Minimum Java version to use with Maven 3.9.0 is raised to
      Java 8.
    + With Java 8, upgrade of several key dependencies became
      possible as well.
    + Several backports from Maven 4.x line.
    + Long outstanding issue fixes from Maven 3.x line.
    + Cutting ties with Maven 2 backward compatibility, preparing
      grounds for Maven 4.
    + General fixes and improvements.
    + The Maven Resolver transport has changed from Wagon to “native
      HTTP”, see Resolver Transport guide.
    + Maven 2.x was auto-injecting an ancient version of
      plexus-utils dependency into the plugin classpath, and Maven
      3.x continued doing this to preserve backward compatibility.
      Starting with Maven 3.9, it does not happen anymore. This
      change may lead to plugin breakage. The fix for affected
      plugin maintainers is to explicitly declare a dependency on
      plexus-utils. The workaround for affected plugin users is to
      add this dependency to plugin dependencies until issue is
      fixed by the affected plugin maintainer.
    + Mojos are prevented to boostrap new instance of
      RepositorySystem (for example by using deprecated
      ServiceLocator), they should reuse RepositorySystem instance
      provided by Maven instead. See MNG-7471.
    + Each line in .mvn/maven.config is now interpreted as a single
      argument. That is, if the file contains multiple arguments,
      these must now be placed on separate lines, see MNG-7684.
  * Changes of version 3.9.1:
    + Regression fixes from Maven 3.9.0
    + General performance and other fixes
- Changed patches:
  * 0001-Adapt-mvn-script.patch
  * 0002-Invoke-logback-via-reflection.patch
    + rediff to changed context
  * 0004-Remove-dependency-on-powermock.patch
    -> 0003-Remove-dependency-on-powermock.patch
  * 0007-Fix-build-with-qdox-2.0.1.patch
    ->  0004-Fix-build-with-qdox-2.0.1.patch
    + rediff and rename to have the sequence of patches right
- Removed patches:
  * 0003-Use-non-shaded-HTTP-wagon.patch
  * 0005-Port-to-maven-resolver-1.7.2.patch
  * 0006-Restore-DefaultModelValidator-compatibility-with-Mav.patch
    + not needed with 3.9.1

-------------------------------------------------------------------
Mon Aug 29 08:50:39 UTC 2022 - Thorsten Kukuk <kukuk@suse.com>

- Move mvn.1 from bin to man directory

-------------------------------------------------------------------
Mon Jul 25 12:13:39 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.8.6
  * Bug
    + MNG-7432: [REGRESSION] Resolver session contains
      non-MavenWorkspaceReader
    + MNG-7433: [REGRESSION] Multiple maven instances working on
      same source tree can lock each other
    + MNG-7441: Update Version of (optional) Logback to Address
      CVE-2021-42550, bsc#1193795
    + MNG-7448: Don't ignore bin/ otherwise bin/ in apache-maven
      module cannot be readded
    + MNG-7455: [REGRESSION] IllegalStateException in
      SessionScope during guice injection in multithreaded build
    + MNG-7459: Revert MNG-7347 (SessionScoped beans should be
      singletons for a given session)
    + MNG-7467: [REGRESSION] Compilation failure with relocated
      transitive dependency
    + MNG-7487: Fix deadlock during forked lifecycle executions
    + MNG-7493: [REGRESSION] Resolving dependencies between
      submodules fails
  * New Feature
    + MNG-7486: Create a multiline message helper for boxed log
      messages
  * Improvement
    + MNG-7445: to refactor some useless code
    + MNG-7476: Display a warning when an aggregator mojo is
      locking other mojo executions
  * Task
    + MNG-7466: Align Assembly Descriptor NS versions
  * Dependency upgrade
    + MNG-7488: Upgrade SLF4J to 1.7.36
    + MNG-7489: Upgrade JUnit to 4.13.2
    + MNG-7490: Upgrade Plexus Utils to 3.3.1

-------------------------------------------------------------------
Mon May 16 14:26:42 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.8.5
  * Bug
    + MNG-5180: Versioning's snapshot version list is not
      included in metadata merge
    + MNG-5561: Plugin relocation loses configuration
    + MNG-5982: The POM for ... is invalid, transitive
      dependencies ... while property was overriden
    + MNG-6326: Build continues when core extensions aren't
      found
    + MNG-6727: Using version range in parent and CI Friendly
      Version fails
    + MNG-6802: FileProfileActivator changes
      FileProfileActivator.exists which lets flattened
      resolveCiFriendliesOnly depending fail activating profile
    + MNG-7156: Parallel build can cause issues between clean
      and forked goals
    + MNG-7335: [Regression] Parallel build fails due to missing
      JAR artifacts in compilePath
    + MNG-7347: SessionScoped beans should be singletons for a
      given session
    + MNG-7357: All Maven Core JARs have unusual entry order
    + MNG-7362: DefaultArtifactResolver has spurious "Failure
      detected" INFO log
    + MNG-7374: Mutating RelocatedArtifact does not retain type
    + MNG-7386: ModelMerger$MergingList is not serializable
    + MNG-7402: BuildListCalculator never detaches the
      classloader
    + MNG-7417: Several classes do not set properties properly
      for building requests
  * New Feature
    + MNG-7395: Support interpolation in extensions.xml
    + MNG-7407: Introduce a ModelVersionProcessor component to
      make CI Friendly Versions pluggable
  * Improvement
    + MNG-6960: Use RuntimeInformation instead of reading
      properties
    + MNG-7349: Limit relocation warning message to direct
      dependencies only
    + MNG-7380: Don't log non-threadsafe warning if only
      building a single module
    + MNG-7381: Shorten parallel builder thread name to
      artifactId, conditionally with groupId
    + MNG-7385: Improve documentation on repository metadata
    + MNG-7400: Allow more WorkspaceReaders to participate
    + MNG-7408: Explain reporting plugin version automatic
      selection (in Maven 3)
  * Dependency upgrade
    + MNG-7370: Upgrade Maven Wagon to 3.5.1
    + MNG-7384: Upgrade Maven JAR Plugin to 3.2.2
    + MNG-7428: Upgrade Maven Parent to 35
- Modified patches:
  * 0001-Adapt-mvn-script.patch
  * 0002-Invoke-logback-via-reflection.patch
  * 0005-Port-to-maven-resolver-1.7.2.patch
  * 0004-Use-non-shaded-HTTP-wagon.patch ->
    0003-Use-non-shaded-HTTP-wagon.patch
    + rebase
  * qdox-2.0.1.patch -> 0007-Fix-build-with-qdox-2.0.1.patch
    + rebase using git
- Added patches:
  * 0004-Remove-dependency-on-powermock.patch
    + Remove the non-interpolated tests that require powermock
  * 0006-Restore-DefaultModelValidator-compatibility-with-Mav.patch
    + XMvn was relying on default constructor for the
      org.apache.maven.model.validation.DefaultModelValidator,
      which is not generated, since a non-default one is defined.
    + This adds the no-parameter constructor back implicitely

-------------------------------------------------------------------
Fri May 13 09:01:43 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Fix build with modello-2.0.0

-------------------------------------------------------------------
Wed Apr 27 14:00:15 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Remove using of alternatives, since the symlinks are in a separate
  package that one can decide not to install and this is the only
  provider for mvn and mvnDebug links
- Remove dependency on cglib and aopalliance, since the no_aop
  version of guice does not really depend on them

-------------------------------------------------------------------
Fri Mar 11 12:11:36 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Added patch:
  * 0005-Port-to-maven-resolver-1.7.2.patch
    + fix build with the API incompatible maven-resolver 1.7.3
- Link the new maven-resolver-named-locks artifact too

-------------------------------------------------------------------
Thu Jan 13 07:12:09 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.8.4
  * Sub-task
    + MNG-6281: ArrayIndexOutOfBoundsException caused by pom.xml
      with invalid/duplicate XML
  * Bug
    + MNG-4706: Multithreaded building can create bad files for
      downloaded artifacts in local repository
    + MNG-5307: NPE during resolution of dependencies - parallel
      mode
    + MNG-5315: Artifact resolution sporadically fails in
      parallel builds
    + MNG-5838: Maven on No-File-Lock Systems
    + MNG-5868: Adding serval times the same artifact via
      MavenProjectHelper (attachArtifact) keep adding to the List
      duplicate artifacts
    + MNG-6071: GetResource ('/) returns 'null' if build is
      started with -f
    + MNG-6216: ArrayIndexOutOfBoundsException when parsing POM
    + MNG-6239: Jansi messes up System.err and System.out
    + MNG-6380: Option -Dstyle.color=always doesn't force color
      output
    + MNG-6604: Intermittent failures while downloading GAVs from
      Nexus
    + MNG-6648: 'mavenrc_pre' script does not receive arguments
      like mavenrc in Bourne shell does
    + MNG-6719: mvn color output escape keys w/ "| tee xxx.log"
      on Win with git/bash
    + MNG-6737: StackOverflowError when version ranges are
      unsolvable and graph contains a cycle
    + MNG-6767: Plugin with ${project.groupId} resolved
      improperly
    + MNG-6819: NullPointerException for
      DefaultArtifactDescriptorReader.loadPom
    + MNG-6828: DependencyResolutionException breaks
      serialization
    + MNG-6842: ProjectBuilderTest uses Guava, but Guava is not
      defined in dependencies
    + MNG-6843: Parallel build fails due to missing JAR artifacts
      in compilePath
    + MNG-6850: Prevent printing the EXEC_DIR when it's just a
      disk letter
    + MNG-6921: Maven compile with properties ${artifactId} and
      ${project.build.finalName} occurs
      java.lang.NullPointerException
    + MNG-6937: StringSearchModelInterpolatorTest fails on
      symlinked paths
    + MNG-6964: Maven version sorting is internally inconsistent
    + MNG-6983: Plugin key can get out of sync with artifactId
      and groupId
    + MNG-7000: metadata.mdo contains invalid link to schema
    + MNG-7032: Option -B still showing formatting when used
      with --version
    + MNG-7034: StackOverflowError thrown if a cycle exists in
      BOM imports
    + MNG-7045: Drop CDI API from Maven
    + MNG-7090: mvnDebug does not work on Java 11+
    + MNG-7127: NullPointerException in
      MavenCliTest.testStyleColors in JDK 16
    + MNG-7155: make sources jar reproducible (upgrade
      maven-source-plugin to 3.2.1)
    + MNG-7161: Error thrown during uninstalling of JAnsi
    + MNG-7214: Bad transitive dependency parent from CDI API
    + MNG-7215: [Regression] Maven Site Plugin cannot resolve
      parent site descriptor without locale
    + MNG-7216: Revert MNG-7170
    + MNG-7218: [Regression]
      o.a.m.model.Build.getSourceDirectory() incorrectly returns
      absolute dir on 3.8.2
    + MNG-7219: [Regression] plexus-cipher missing from
      transitive dependencies
    + MNG-7220: [REGRESSION] test-classpath incorrectly resolved
    + MNG-7251: Fix threadLocalArtifactsHolder leaking into
      cloned project
    + MNG-7253: Relocation message is never shown
    + MNG-7270: Maven startup script (init) calls which(1) which
      is an external command
    + MNG-7285: [Regression] MavenProject.getArtifacts() not
      returning correct value across multiple threads
    + MNG-7300: [Regression] Reloading web application (Enter)
      fails due to java.lang.ClassNotFoundException
  * New Feature
    + MNG-7149: Introduce MAVEN_DEBUG_ADDRESS in mvnDebug scripts
    + MNG-7164: Add constructor MojoExecutionException(Throwable)
  * Improvement
    + MNG-2802: Concurrent-safe access to local Maven repository
    + MNG-6471: Parallel builder should use the module name as
      thread name
    + MNG-6754: Set the same timestamp in multi module builds
    + MNG-6810: Remove profiles in maven-model
    + MNG-6811: Remove unnecessary filtering configuration
    + MNG-6816: Prefer System.lineSeparator() over system
      properties
    + MNG-6827: Replace deprecated StringUtils#defaultString()
      from Plexus Utils
    + MNG-6837: Simplify detection of the MAVEN_HOME and make it
      fully qualified on Windows
    + MNG-6844: Use StandardCharsets and remove outdated
      @SuppressWarnings
    + MNG-6853: Don't box primitives where it's not needed
    + MNG-6859: Build not easily reproducible when built from
      source release archive
    + MNG-6873: Inconsistent library versions notice
    + MNG-6967: Improve the command line output from
      maven-artifact
    + MNG-6987: Reorder groupId before artifactId when writing an
      exclusion using maven-model
    + MNG-7010: Omit "NB: JAVA_HOME should point to a JDK not a
      JRE" except when that is the problem
    + MNG-7064: Use HTTPS for schema location in global
      settings.xml
    + MNG-7080: Add a --color option
    + MNG-7170: Allow to associate pomFile/${basedir} with
      DefaultProjectBuilder.build(ModelSource, ...)
    + MNG-7180: Make --color option behave more like BSD/GNU
      grep's --color option
    + MNG-7181: Make --version support -q
    + MNG-7185: Describe explicit and recommended version for
      VersionRange.createFromVersionSpec()
    + MNG-7190: Load mavenrc from /usr/local/etc also in Bourne
      shell script
    + MNG-7235: Speed improvements when calculating the sorted
      project graph
    + MNG-7236: The DefaultPluginVersionResolver should cache
      results for the session
  * Task
    + MNG-6598: Maven 3.6.0 and Surefire problem
    + MNG-6884: Cleanup POM File after version upgrade
    + MNG-7172: Remove expansion of Jansi native libraries
    + MNG-7184: document .mavenrc/maven_pre.bat|cmd scripts and
      MAVEN_SKIP_RC environment variable
    + MNG-7252: Fix warnings issued by dependency:analyze
    + MNG-7254: Expand Windows native libraries for Jansi due to
      JDK-8195129 (workaround)
    + MNG-7312: Revert ThreadLocal approach from MNG-6843 and
      MNG-7251
  * Dependency upgrade
    + MNG-6818: Upgrade Plexus Utils to 3.3.0
    + MNG-6841: Upgrade Plexus Interpolation to 1.26
    + MNG-6872: Found CVEs in your dependencies - plexus-utils
      (tests)
    + MNG-6874: Upgrade Maven Parent to 34
    + MNG-6886: Upgrade plexus-cipher 1.8
    + MNG-6993: Upgrade SLF4J to 1.7.30
    + MNG-7152: Upgrade Maven Resolver to 1.6.3
    + MNG-7177: Upgrade Maven Shared Utils to 3.3.4
    + MNG-7179: Upgrade Jansi to 2.3.3
    + MNG-7186: Upgrade Guice to 4.2.2
    + MNG-7196: Upgrade Jansi to 2.3.4
    + MNG-7198: Upgrade SLF4J to 1.7.32
    + MNG-7246: Upgrade Plexus Cipher and Sec Dispatcher to 2.0
    + MNG-7250: Upgrade Sisu Inject/Plexus to 0.3.5
    + MNG-7331: Upgrade Jansi to 2.4.0
- Added patch:
  * qdox-2.0.1.patch
    + Fix syntax error with qdox 2.0.1 and method declarations
      containing the new keyword "record" as name of variables

-------------------------------------------------------------------
Sun Nov 21 08:49:59 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>

- add upstream signing key and verify source signature

-------------------------------------------------------------------
Tue Sep 14 14:44:11 UTC 2021 - Stefan Schubert <schubi@suse.de>

- Use libalternatives instead of update-alternatives.

-------------------------------------------------------------------
Tue May 11 09:57:12 UTC 2021 - Fridrich Strba <fstrba@suse.com>

- Do not build against the compatibility version guava20 any more,
  but use the default guava package

-------------------------------------------------------------------
Tue Apr 27 07:25:29 UTC 2021 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.8.1
  * Security fixes:
    + CVE-2021-26291 and CVE-2020-13956
  * Bug:
    + MNG-7128: improve error message when blocked repository
      defined in build POM
  * New Feature
    + MNG-7116: Add support for mirror selector on
      external:http:*
    + MNG-7117: Add support for blocking mirrors
    + MNG-7118: Block external HTTP repositories by default
  * Dependency upgrade
    + MNG-7119: Upgrade Maven Wagon to 3.4.3
    + MNG-7123: Upgrade Maven Resolver to 1.6.2

-------------------------------------------------------------------
Sun Mar  1 08:27:38 UTC 2020 - Fridrich Strba <fstrba@suse.com>

- Let maven-lib obsolete maven-jansi

-------------------------------------------------------------------
Fri Feb  7 15:50:55 UTC 2020 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.6.3
- Modified patches:
  * 0002-Invoke-logback-via-reflection.patch
  * 0004-Use-non-shaded-HTTP-wagon.patch
    + Adapt to changed line endings

-------------------------------------------------------------------
Thu Nov 21 15:53:17 UTC 2019 - Fridrich Strba <fstrba@suse.com>

- Upgrade to upstream version 3.6.2
- Modified patch:
  * 0002-Invoke-logback-via-reflection.patch
    + adapt to changed context
- Removed patch:
  * 0003-Revert-MNG-6335-Update-Mockito-to-2.12.0.patch
    + we don't need this patch, since we are not running tests
      by default
- Added patch:
  * 0004-Use-non-shaded-HTTP-wagon.patch
    + we don't use/distribute shared wagon-http

-------------------------------------------------------------------
Mon Apr  1 23:29:07 UTC 2019 - Jan Engelhardt <jengelh@inai.de>

- Adjust RPM groups. Avoid bashisms in %postun.

-------------------------------------------------------------------
Fri Mar 29 07:58:04 UTC 2019 - Fridrich Strba <fstrba@suse.com>

- Initial packaging of maven 3.5.4
- Generate and customize ant build files

Places

File maven.changes of Package maven.35432

Places