Bump git-commit-id-plugin from 2.2.4 to 3.0.1

[dependabot-preview]

Bumps git-commit-id-plugin from 2.2.4 to 3.0.1.

Release notes

Sourced from git-commit-id-plugin's releases.

Version 3.0.1 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

• Added a new setting to control if the plugin should operate in offline mode -- git-commit-id/maven-git-commit-id-plugin#424 (by default the plugin will assume an 'online' mode and since version 3.0 will perform a git fetch operation to determine the properties git.local.branch.ahead and git.local.branch.behind. If the plugin is operating in 'offline' mode both those properties will only reflect the view of the local clone and thus might be off from the actual repository. Note this 'offline' mode is also respected when one set's the maven "-o" offline switch).
• Removed the org.apache.httpcomponents:httpclient dependency -- git-commit-id/maven-git-commit-id-plugin#425
• Since version 3.0.0 this plugin will now only ask for properties that are essential (proposal from #185). With this version the same technique is now also used when retrieving git.build.time since the TimeZone.getTimeZone() may also have an impact upon performance -- https://github-redirect.dependabot.com/git-commit-id/maven-git-commit-id-plugin/pull/428.
• Property caching now works properly for reactor builds using property caching when using injectAllReactorProjects -- https://github-redirect.dependabot.com/git-commit-id/maven-git-commit-id-plugin/pull/429.

Getting the latest release

The plugin is available from Maven Central (see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency:

<dependency>
    <groupId>pl.project13.maven</groupId>
    <artifactId>git-commit-id-plugin</artifactId>
    <version>3.0.1</version>
</dependency>

Getting the latest snapshot (build automatically)

If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by travis:

<pluginRepositories>
    <pluginRepository>
        <id>sonatype-snapshots</id>
        <name>Sonatype Snapshots</name>
        <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
    </pluginRepository>
</pluginRepositories>

Even though travis will only deploy a new snapshot once all tests have finished, it is recommended to rely on the released and more stable version.

Known Issues / Limitations:

• This plugin is unfortunately not working with Heroku which is due to the fact how Heroku works. In summary Heroku does not copy over the .git-repository but in order to determine the git properties this plugin relies on the fact that it has access to the git-repository. A somewhat workaround to get some information is outlined in https://github-redirect.dependabot.com/ktoso/maven-git-commit-id-plugin/issues/279#issuecomment-301284022
• Using maven's plugin prefix resolution (e.g. mvn com.test.plugins:myPlugin:myMojo) might result in unresolved properties even with <injectAllReactorProjects>true</injectAllReactorProjects>. Please refer to git-commit-id/maven-git-commit-id-plugin#287 or https://github-redirect.dependabot.com/git-commit-id/maven-git-commit-id-plugin/issues/413#issuecomment-487952607 for details and potential workarounds

Reporting Problems

If you find any problem with this plugin, feel free to report it here

Version 3.0.0 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

• Java 1.7 is no longer supported with this version and at least Java 8 is required - #346
• Introduced a more reliable way to deal with incremental builds for eclipse IDE - #385 / #366 / #269
• Added a new property for setting if branch name should be taken from build environment or not (e.g. set <useBranchNameFromBuildEnvironment>false</useBranchNameFromBuildEnvironment>). This behaviour might be useful in combination with the JGitflow maven plugin #393.
• Moved the project to a new git-commit-id organization account #384
• Fixed a problem where the plugin hangs on windows under certain conditions and when there are too many changes in the git-repo #396 / #336
• Allow the value of an replacementProperty to be empty #400 / #389
• Introduced the new properties git.local.branch.ahead and git.local.branch.behind that provide some information if the local branch is either ahead or behind the remote. Note that using this property will perform a git fetch operation and may have a performance impact on the overall execution of the plugin. #395

... (truncated)

Commits

• cec8487 [maven-release-plugin] prepare release v3.0.1
• 8f65b32 Merge pull request #430 from TheSnoozer/update-dependencies
• f048763 update org.mockito:mockito-core (test) 2.27.0 -> 3.0.0
• 49214f5 update org.junit.jupiter:junit-jupiter-api (test) 5.3.1 -> 5.5.1
• 7a72dd6 update org.eclipse.jgit:org.eclipse.jgit 5.2.0.201812061821-r -> 5.2.2.201904...
• c063736 update org.codehaus.plexus:plexus-utils (test) 3.2.0 -> 3.2.1
• 0159d85 update joda-time:joda-time 2.10.2 -> 2.10.3
• 3d76bb6 update com.google.guava:guava 27.1-jre -> 28.0-jre
• 1e8dd35 update com.fasterxml.jackson.core: 2.9.9 -> 2.9.9.3 (CVE-2019-14379 / CVE-201...
• 6b5e158 Merge pull request #429 from ryantse/fix-property-cache
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[codecov]

Codecov Report

Merging #94 into master will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##             master      #94   +/-   ##
=========================================
  Coverage     86.64%   86.64%           
  Complexity      476      476           
=========================================
  Files            89       89           
  Lines          1400     1400           
  Branches         30       30           
=========================================
  Hits           1213     1213           
  Misses          168      168           
  Partials         19       19

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1a29e87...563d2ea. Read the comment docs.

[dependabot-preview]

Superseded by #103.