[ANN] Apache Archiva 2.2.6 released
The Apache Archiva team is pleased to announce the release of Archiva 2.2.6 Archiva is available for download from the web site. http://archiva.apache.org/download.cgi Archiva is an application for managing one or more remote repositories, including administration, artifact handling, browsing and searching. If you have any questions, please consult: the web site: http://archiva.apache.org/ the archiva-user mailing list: http://archiva.apache.org/mailing-lists.html Apache Archiva 2.2.6 is a security fix release. ** As this release contains security fixes, we highly recommend to update to the new version. ** See the release notes for more information: http://archiva.apache.org/docs/2.2.6/release-notes.html And security related information: http://archiva.apache.org/security.html
[GitHub] [archiva-parent] dependabot[bot] merged pull request #20: Bump buildnumber-maven-plugin from 1.4 to 3.0.0
dependabot[bot] merged pull request #20: URL: https://github.com/apache/archiva-parent/pull/20 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@archiva.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [archiva-parent] dependabot[bot] merged pull request #19: Bump maven-shared-resources from 2 to 4
dependabot[bot] merged pull request #19: URL: https://github.com/apache/archiva-parent/pull/19 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@archiva.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [archiva-redback-core] dependabot[bot] opened a new pull request #23: Bump actions/setup-java from 2.3.1 to 2.4.0
dependabot[bot] opened a new pull request #23: URL: https://github.com/apache/archiva-redback-core/pull/23 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2.3.1 to 2.4.0. Release notes Sourced from https://github.com/actions/setup-java/releases;>actions/setup-java's releases. v2.4.0 In scope of this pull request we add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/pull/225;>actions/setup-java#225). steps: - name: Checkout uses: actions/checkout@v2 - name: Setup-java uses: actions/setup-java@v2 with: distribution: liberica java-version: 11 Supported distributions Currently, the following distributions are supported: Keyword Distribution Official site License zulu Zulu OpenJDK https://www.azul.com/downloads/zulu-community/?package=jdk;>Link https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/;>Link adopt or adopt-hotspot Adopt OpenJDK Hotspot https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link adopt-openj9 Adopt OpenJDK OpenJ9 https://adoptopenjdk.net/;>Link https://adoptopenjdk.net/about.html;>Link temurin Eclipse Temurin https://adoptium.net/;>Link https://adoptium.net/about.html;>Link liberica Liberica JDK https://bell-sw.com/;>Link https://bell-sw.com/liberica_eula/;>Link Update actions/cache dependency to 1.0.8 version. We updated actions/cache depdendency to the latest version (1.0.8). For more information please refer to the https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md;>toolkit/cache. Commits https://github.com/actions/setup-java/commit/5f00602cd1b2819185d88dc7a1b1985f598c6705;>5f00602 Bumping up actions/cache version to 1.0.8 (https://github-redirect.dependabot.com/actions/setup-java/issues/254;>#254) https://github.com/actions/setup-java/commit/d61af71edfe1ca10c4bd4bdb96f0fddc0d002029;>d61af71 Add support for Liberica JDK (https://github-redirect.dependabot.com/actions/setup-java/issues/225;>#225) https://github.com/actions/setup-java/commit/ae26cabe43aaa84f8539613cdb171b33610fa704;>ae26cab Update to Java 17 (https://github-redirect.dependabot.com/actions/setup-java/issues/242;>#242) https://github.com/actions/setup-java/commit/ee43590bc7b34363aa6bc61411487a53541f5c96;>ee43590 Merge pull request https://github-redirect.dependabot.com/actions/setup-java/issues/241;>#241 from dmitry-shibanov/v-dmshib/audit-dependencies https://github.com/actions/setup-java/commit/c187df66d05b21ffe1fc0eba48158f28592e0dcc;>c187df6 update npm dependencies See full diff in https://github.com/actions/setup-java/compare/v2.3.1...v2.4.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java=github_actions=2.3.1=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@archiva.apache.org For queries about this