chore(deps): Bump io.github.ascopes:protobuf-maven-plugin from 2.3.0 to 2.4.0

[dependabot]

Bumps io.github.ascopes:protobuf-maven-plugin from 2.3.0 to 2.4.0.

Release notes

Sourced from io.github.ascopes:protobuf-maven-plugin's releases.

v2.4.0

Bugfixes and new functionality

• GH-304: Fix potential NPE in AetherMavenArtifactPathResolver#extensionToType by @​ascopes in ascopes/protobuf-maven-plugin#305
  • This fixes a potential NPE that could occur when using unrecognised extensions for dependencies, caused by debug logging.
• GH-302: Fix import scope not being respected by @​ascopes in ascopes/protobuf-maven-plugin#303
  • This fixes a bug where the plugin was not limiting the dependency scope to those documented (e.g. the main generation goal was also pulling in runtime-only dependencies erroneously).
  • The plugin now respects the documented rules correctly.
  • Users who were relying on undocumented behaviour where they were expecting a runtime-only dependency to provide protobuf sources implicitly despite the documentation will see a breaking change; dependencies must be declared compile or provided or system to be detected correctly.
  • A new parameter has been added to enable users to override this behaviour and return to the previous behaviour if needed.
  • This change is not marked as a breaking change as it was an undocumented regression between v2.0.3 and v2.3.0 that was unintentional.
• GH-299: Do not fail if we have partial dependency resolution failures by @​ascopes in ascopes/protobuf-maven-plugin#307
  • This fixes a bug where transitive dependencies that could not be resolved due to errors in upstream dependencies would always result in builds failing (such as ehcache's outdated JAXB dependency).
  • Resolution failures now result in a warning being logged and the dependency dropped.
  • This is not marked as a breaking change as it is a relaxing of existing constraints to closer match how Maven itself behaves.
  • A new parameter has been added to enable users to override this behaviour and return to the previous behaviour if needed.

Other changes

• Remove dedicated pages workflow by @​ascopes in ascopes/protobuf-maven-plugin#287
• Set up initial new documentation pages by @​ascopes in ascopes/protobuf-maven-plugin#288
• Update AbstractGenerateMojo.java to document order param for JVM plugins by @​ascopes in ascopes/protobuf-maven-plugin#290
• Bump org.apache.maven.resolver:maven-resolver-api from 1.9.20 to 2.0.0 by @​dependabot in ascopes/protobuf-maven-plugin#289
• Bump advanced-security/maven-dependency-submission-action from 4.0.0 to 4.1.0 by @​dependabot in ascopes/protobuf-maven-plugin#292
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @​dependabot in ascopes/protobuf-maven-plugin#293
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by @​dependabot in ascopes/protobuf-maven-plugin#294
• Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.6.1 to 3.6.2 by @​dependabot in ascopes/protobuf-maven-plugin#295
• Bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1 by @​dependabot in ascopes/protobuf-maven-plugin#296
• Bump org.jspecify:jspecify from 0.3.0 to 1.0.0 by @​dependabot in ascopes/protobuf-maven-plugin#297
• Bump me.fabriciorby:maven-surefire-junit5-tree-reporter from 1.2.1 to 1.3.0 by @​dependabot in ascopes/protobuf-maven-plugin#298
• Bump org.apache.maven.plugins:maven-site-plugin from 4.0.0-M15 to 4.0.0-M16 by @​dependabot in ascopes/protobuf-maven-plugin#301
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by @​dependabot in ascopes/protobuf-maven-plugin#300
• Clean up some unneeded code and simplify some logic by @​ascopes in ascopes/protobuf-maven-plugin#308

Full Changelog: ascopes/protobuf-maven-plugin@v2.3.0...v2.4.0

Commits

• 4b637b6 [maven-release-plugin] prepare release v2.4.0
• dffd4ae Merge pull request #307 from ascopes/bugfix/Update to Smack 4.0 #299-partial-dependency-resolut...
• 41579e3 GH-299: Log resolution errors as warnings rather than full errors
• b2f3a5b GH-299: Add options to return the old dependency resolution behaviour in v2.4.0
• 2082655 GH-299: Do not fail if we have a partial dependency resolution failure
• 77a08d6 GH-299: Add reproduction for GH-299 dependency issue
• 8a96b72 Merge pull request #303 from ascopes/bugfix/camel-jira: new issue producer #302-import-scope
• aa29e7b GH-302: use custom ScopeDependencyFilter to retain Maven 3.8.x compatibility
• db2659f Merge pull request #308 from ascopes/task/cleanup-code
• 33aa0e6 Clean up some unneeded code and simplify some logic
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🌟 Thank you for your contribution to the Apache Camel project! 🌟

🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

• First-time contributors require MANUAL approval for the GitHub Actions to run

• You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot.

• You can label PRs using build-all, build-dependents, skip-tests and test-dependents to fine-tune the checks executed by this PR.

• Build and test logs are available in the Summary page. Only Apache Camel committers have access to the summary.

• ⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

[oscerd]

There is another PR for this.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.