Bump org.codehaus.mojo:flatten-maven-plugin from 1.6.0 to 1.7.3

[dependabot]

Bumps org.codehaus.mojo:flatten-maven-plugin from 1.6.0 to 1.7.3.

Release notes

Sourced from org.codehaus.mojo:flatten-maven-plugin's releases.

1.7.3

🐛 Bug Fixes

• Fixes condition-activated profiles not considered in effective model (#481) @​oldhen

📦 Dependency updates

• Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 (#482) @dependabot[bot]
• Bump org.codehaus.mojo:mojo-parent from 92 to 93 (#480) @dependabot[bot]
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#479) @dependabot[bot]

1.7.2

🐛 Bug Fixes

• Create missing target directories, use NIO for file block operations (#471) @​slawekjaranowski

📝 Documentation updates

• Clarify example in usage about updatePomFile behavior (#477) @​slawekjaranowski

👻 Maintenance

• Add stale GitHub Action (#476) @​slawekjaranowski
• Add Maven 4 to build matrix on GitHub Actions (#474) @​slawekjaranowski
• Improve assertions in no-overwrite tests (#475) @​slawekjaranowski
• Add a missing plugin version in ITS (#473) @​slawekjaranowski
• Add integration test for install and deploy flattened pom (#472) @​slawekjaranowski

📦 Dependency updates

• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#470) @dependabot[bot]
• Bump mavenVersion from 3.9.10 to 3.9.11 (#467) @dependabot[bot]
• Bump com.fasterxml.jackson.core:jackson-core from 2.3.3 to 2.15.0 in /src/it/projects/bom-flattenMode/bom (#464) @dependabot[bot]
• Bump com.fasterxml.jackson.core:jackson-core from 2.13.0 to 2.15.0 in /src/it/projects/bom-pomElements/bom (#463) @dependabot[bot]

1.7.1

🐛 Bug Fixes

• Fix #400 - Preserve POM content ordering (and formatting) on resolveCiFriendliesOnly flattenMode (#446) @​stechio
• Fix FilteringValueSourceWrapper for a newer version of plexus-interpolation, Maven 3.9.10 (#453) @​slawekjaranowski

📝 Documentation updates

• Use resolveCiFriendliesOnly in examples instead of minimum for flattenMode (#460) @​slawekjaranowski
• Remove a dead link to MOJO-2030 from documentation (#459) @​slawekjaranowski
• Rename 'Goals' to 'Plugin Documentation' in site manu (#456) @​slawekjaranowski

... (truncated)

Commits

• bd7c560 [maven-release-plugin] prepare release 1.7.3
• aee23ca Bump org.assertj:assertj-core from 3.27.4 to 3.27.5
• 7da52c3 Fixes condition-activated profiles not considered in effective model (#481)
• 7680ed4 Bump org.codehaus.mojo:mojo-parent from 92 to 93
• deae474 Bump org.assertj:assertj-core from 3.27.3 to 3.27.4
• 3189718 [maven-release-plugin] prepare for next development iteration
• 9d80041 [maven-release-plugin] prepare release 1.7.2
• 6c62863 Clarify example in usage about updatePomFile behavior
• fc35f4c Add stale GitHub Action
• 0fb1ea0 Add Maven 4 to build matrix on GitHub Actions (#474)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

pom.xml

Package	Version	License	Issue Type
org.codehaus.mojo:flatten-maven-plugin	1.7.3	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.codehaus.mojo:flatten-maven-plugin	1.7.3	🟢 3.5	Details Check Score Reason Code-Review ⚠️ 1 Found 2/16 approved changesets -- score normalized to 1 Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• pom.xml