[StepSecurity] ci: Harden GitHub Actions #377

step-security-bot · 2022-12-08T18:40:59Z

Summary

This pull request is created by Secure Workflows at the request of @bjhargrave. Please merge the Pull Request to incorporate the requested changes. Please tag @bjhargrave on your message if you have any questions related to the PR. You can also engage with the StepSecurity team by tagging @step-security-bot.

Security Fixes

Pinned Dependencies

A pinned dependency is a dependency that is explicitly set to a specific hashed version instead of a mutable version. Pinned dependencis ensure that development and deployment are done with the same software versions which reduces deployment risks, and enables reproducibility. It can help mitigate compromised dependencies from undermining the security of the project in certain scenarios. The dependencies were pinned using Secure WorkFlows

Harden Runner

Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access.

Harden runner usage

You can find link to view insights and policy recommendation in the build log

Please refer to documentation to find more details.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-workflows. To create such PRs, please visit https://app.stepsecurity.io/securerepo.

Signed-off-by: StepSecurity Bot [email protected]

Signed-off-by: StepSecurity Bot <[email protected]>

…gin to v1 (main) (#22046) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.eclipse.transformer:transformer-maven-plugin](https://projects.eclipse.org/projects/technology.transformer) ([source](https://redirect.github.com/eclipse/transformer)) | `0.5.0` -> `1.0.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.eclipse.transformer:transformer-maven-plugin/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.eclipse.transformer:transformer-maven-plugin/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.eclipse.transformer:transformer-maven-plugin/0.5.0/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.eclipse.transformer:transformer-maven-plugin/0.5.0/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>eclipse/transformer (org.eclipse.transformer:transformer-maven-plugin)</summary> ### [`v1.0.0`](https://redirect.github.com/eclipse/transformer/releases/tag/1.0.0): Eclipse Transformer 1.0.0 [Compare Source](https://redirect.github.com/eclipse/transformer/compare/0.5.0...1.0.0) See [Release Notes](https://redirect.github.com/eclipse/transformer/wiki/Release-Notes-1.0.0). #### What's Changed - build(deps): Bump maven-assembly-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/347](https://redirect.github.com/eclipse/transformer/pull/347) - build(deps): Bump exec-maven-plugin from 3.0.0 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/348](https://redirect.github.com/eclipse/transformer/pull/348) - build(deps): Bump maven-install-plugin from 2.5.2 to 3.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/349](https://redirect.github.com/eclipse/transformer/pull/349) - build(deps): Bump maven-install-plugin from 3.0.0 to 3.0.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/351](https://redirect.github.com/eclipse/transformer/pull/351) - build(deps): Bump maven-assembly-plugin from 3.4.1 to 3.4.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/350](https://redirect.github.com/eclipse/transformer/pull/350) - build(deps): Bump maven-resources-plugin from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/352](https://redirect.github.com/eclipse/transformer/pull/352) - rules: Add default Jakarta rule for orm.xml by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/357](https://redirect.github.com/eclipse/transformer/pull/357) - build(deps-dev): Bump byte-buddy from 1.12.12 to 1.12.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/354](https://redirect.github.com/eclipse/transformer/pull/354) - build(deps): Bump junit-bom from 5.8.2 to 5.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/353](https://redirect.github.com/eclipse/transformer/pull/353) - build(deps): Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/358](https://redirect.github.com/eclipse/transformer/pull/358) - build(deps): Bump flatten-maven-plugin from 1.2.7 to 1.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/359](https://redirect.github.com/eclipse/transformer/pull/359) - Organize imports by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/360](https://redirect.github.com/eclipse/transformer/pull/360) - build(deps-dev): Bump byte-buddy from 1.12.13 to 1.12.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/363](https://redirect.github.com/eclipse/transformer/pull/363) - build(deps-dev): Bump byte-buddy from 1.12.14 to 1.12.16 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/366](https://redirect.github.com/eclipse/transformer/pull/366) - build(deps): Bump maven-jar-plugin from 3.2.2 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/367](https://redirect.github.com/eclipse/transformer/pull/367) - build(deps): Bump junit-bom from 5.9.0 to 5.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/368](https://redirect.github.com/eclipse/transformer/pull/368) - build(deps-dev): Bump byte-buddy from 1.12.16 to 1.12.17 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/369](https://redirect.github.com/eclipse/transformer/pull/369) - build(deps): Bump actions/stale from 5 to 6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/370](https://redirect.github.com/eclipse/transformer/pull/370) - build(deps-dev): Bump byte-buddy from 1.12.17 to 1.12.18 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/371](https://redirect.github.com/eclipse/transformer/pull/371) - build(deps): Bump maven-plugin-plugin from 3.6.4 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/372](https://redirect.github.com/eclipse/transformer/pull/372) - build(deps-dev): Bump byte-buddy from 1.12.18 to 1.12.19 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/373](https://redirect.github.com/eclipse/transformer/pull/373) - build(deps): Bump maven-install-plugin from 3.0.1 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/374](https://redirect.github.com/eclipse/transformer/pull/374) - build(deps): Bump maven-dependency-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/375](https://redirect.github.com/eclipse/transformer/pull/375) - build(deps): Bump bnd.version from 6.3.1 to 6.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/376](https://redirect.github.com/eclipse/transformer/pull/376) - \[StepSecurity] ci: Harden GitHub Actions by [@step-security-bot](https://redirect.github.com/step-security-bot) in [https://github.com/eclipse/transformer/pull/377](https://redirect.github.com/eclipse/transformer/pull/377) - build(deps): Bump github/codeql-action from 2.1.35 to 2.1.36 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/378](https://redirect.github.com/eclipse/transformer/pull/378) - build(deps): Bump actions/checkout from 3.1.0 to 3.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/379](https://redirect.github.com/eclipse/transformer/pull/379) - build(deps): Bump github/codeql-action from 2.1.36 to 2.1.37 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/380](https://redirect.github.com/eclipse/transformer/pull/380) - build(deps): Bump actions/setup-java from 3.8.0 to 3.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/381](https://redirect.github.com/eclipse/transformer/pull/381) - build(deps-dev): Bump byte-buddy from 1.12.19 to 1.12.20 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/382](https://redirect.github.com/eclipse/transformer/pull/382) - build(deps): Bump maven-invoker-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/383](https://redirect.github.com/eclipse/transformer/pull/383) - build(deps): Bump actions/stale from 6.0.1 to 7.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/385](https://redirect.github.com/eclipse/transformer/pull/385) - build(deps-dev): Bump org.osgi.service.component.annotations from 1.5.0 to 1.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/384](https://redirect.github.com/eclipse/transformer/pull/384) - build: Update maven version to 3.8.7 by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/386](https://redirect.github.com/eclipse/transformer/pull/386) - build(deps-dev): Bump byte-buddy from 1.12.20 to 1.12.21 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/387](https://redirect.github.com/eclipse/transformer/pull/387) - build(deps): Bump actions/checkout from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/388](https://redirect.github.com/eclipse/transformer/pull/388) - build(deps-dev): Bump assertj-core from 3.23.1 to 3.24.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/389](https://redirect.github.com/eclipse/transformer/pull/389) - build(deps): Bump junit-bom from 5.9.1 to 5.9.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/390](https://redirect.github.com/eclipse/transformer/pull/390) - build(deps-dev): Bump xmlunit-assertj from 2.9.0 to 2.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/391](https://redirect.github.com/eclipse/transformer/pull/391) - build(deps): Bump maven-dependency-plugin from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/392](https://redirect.github.com/eclipse/transformer/pull/392) - build(deps): Bump github/codeql-action from 2.1.37 to 2.1.38 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/394](https://redirect.github.com/eclipse/transformer/pull/394) - build(deps-dev): Bump byte-buddy from 1.12.21 to 1.12.22 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/393](https://redirect.github.com/eclipse/transformer/pull/393) - build(deps): Bump step-security/harden-runner from 2.0.0 to 2.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/395](https://redirect.github.com/eclipse/transformer/pull/395) - build(deps-dev): Bump assertj-core from 3.24.1 to 3.24.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/397](https://redirect.github.com/eclipse/transformer/pull/397) - build(deps): Bump maven-plugin-plugin from 3.7.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/396](https://redirect.github.com/eclipse/transformer/pull/396) - build(deps): Bump github/codeql-action from 2.1.38 to 2.1.39 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/398](https://redirect.github.com/eclipse/transformer/pull/398) - build(deps): Bump github/codeql-action from 2.1.39 to 2.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/400](https://redirect.github.com/eclipse/transformer/pull/400) - build(deps): Bump github/codeql-action from 2.2.0 to 2.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/401](https://redirect.github.com/eclipse/transformer/pull/401) - build(deps-dev): Bump byte-buddy from 1.12.22 to 1.12.23 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/402](https://redirect.github.com/eclipse/transformer/pull/402) - build(deps): Bump github/codeql-action from 2.2.1 to 2.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/403](https://redirect.github.com/eclipse/transformer/pull/403) - build(deps): Bump actions/setup-java from 3.9.0 to 3.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/404](https://redirect.github.com/eclipse/transformer/pull/404) - build(deps): Bump github/codeql-action from 2.2.2 to 2.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/405](https://redirect.github.com/eclipse/transformer/pull/405) - build(deps): Bump github/codeql-action from 2.2.3 to 2.2.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/406](https://redirect.github.com/eclipse/transformer/pull/406) - build(deps-dev): Bump byte-buddy from 1.12.23 to 1.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/407](https://redirect.github.com/eclipse/transformer/pull/407) - build(deps): Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/408](https://redirect.github.com/eclipse/transformer/pull/408) - build(deps): Bump maven-assembly-plugin from 3.4.2 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/412](https://redirect.github.com/eclipse/transformer/pull/412) - build(deps): Bump maven-plugin-plugin from 3.7.1 to 3.8.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/414](https://redirect.github.com/eclipse/transformer/pull/414) - build(deps): Bump actions/stale from 7.0.0 to 8.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/421](https://redirect.github.com/eclipse/transformer/pull/421) - build(deps): Bump actions/setup-java from 3.10.0 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/424](https://redirect.github.com/eclipse/transformer/pull/424) - build(deps): Bump step-security/harden-runner from 2.1.0 to 2.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/428](https://redirect.github.com/eclipse/transformer/pull/428) - build(deps): Bump github/codeql-action from 2.2.4 to 2.2.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/433](https://redirect.github.com/eclipse/transformer/pull/433) - build(deps-dev): Bump byte-buddy from 1.13.0 to 1.14.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/430](https://redirect.github.com/eclipse/transformer/pull/430) - build(deps): Bump maven-invoker-plugin from 3.4.0 to 3.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/427](https://redirect.github.com/eclipse/transformer/pull/427) - build(deps): Bump actions/checkout from 3.3.0 to 3.5.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/434](https://redirect.github.com/eclipse/transformer/pull/434) - build(deps): Bump flatten-maven-plugin from 1.3.0 to 1.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/437](https://redirect.github.com/eclipse/transformer/pull/437) - build(deps): Bump maven-resources-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/435](https://redirect.github.com/eclipse/transformer/pull/435) - build(deps): Bump maven-compiler-plugin from 3.10.1 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/439](https://redirect.github.com/eclipse/transformer/pull/439) - build(deps): Bump maven-surefire-plugin from 2.22.2 to 3.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/438](https://redirect.github.com/eclipse/transformer/pull/438) - build(deps): Bump maven-install-plugin from 3.1.0 to 3.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/436](https://redirect.github.com/eclipse/transformer/pull/436) - build(deps): Bump github/codeql-action from 2.2.12 to 2.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/443](https://redirect.github.com/eclipse/transformer/pull/443) - build(deps): Bump maven-plugin-plugin from 3.8.1 to 3.8.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/444](https://redirect.github.com/eclipse/transformer/pull/444) - build(deps): Bump step-security/harden-runner from 2.3.0 to 2.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/442](https://redirect.github.com/eclipse/transformer/pull/442) - build(deps): Bump github/codeql-action from 2.3.0 to 2.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/446](https://redirect.github.com/eclipse/transformer/pull/446) - build(deps): Bump junit-bom from 5.9.2 to 5.9.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/445](https://redirect.github.com/eclipse/transformer/pull/445) - bnd: Avoid java imports in test case by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/447](https://redirect.github.com/eclipse/transformer/pull/447) - build(deps): Bump github/codeql-action from 2.3.1 to 2.3.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/448](https://redirect.github.com/eclipse/transformer/pull/448) - build(deps): Bump step-security/harden-runner from 2.3.1 to 2.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/450](https://redirect.github.com/eclipse/transformer/pull/450) - build(deps): Bump github/codeql-action from 2.3.2 to 2.3.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/449](https://redirect.github.com/eclipse/transformer/pull/449) - build(deps): Bump maven-surefire-plugin from 3.0.0 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/452](https://redirect.github.com/eclipse/transformer/pull/452) - build(deps): Bump maven-gpg-plugin from 3.0.1 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/451](https://redirect.github.com/eclipse/transformer/pull/451) - build(deps): Bump flatten-maven-plugin from 1.4.1 to 1.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/453](https://redirect.github.com/eclipse/transformer/pull/453) - build(deps): Bump maven-assembly-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/455](https://redirect.github.com/eclipse/transformer/pull/455) - build(deps): Bump maven-plugin-plugin from 3.8.2 to 3.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/454](https://redirect.github.com/eclipse/transformer/pull/454) - build(deps): Bump maven-source-plugin from 3.2.1 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/456](https://redirect.github.com/eclipse/transformer/pull/456) - build(deps): Bump maven-dependency-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/457](https://redirect.github.com/eclipse/transformer/pull/457) - build(deps): Bump github/codeql-action from 2.3.3 to 2.3.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/458](https://redirect.github.com/eclipse/transformer/pull/458) - build(deps): Bump github/codeql-action from 2.3.4 to 2.3.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/459](https://redirect.github.com/eclipse/transformer/pull/459) - build(deps): Bump github/codeql-action from 2.3.5 to 2.3.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/466](https://redirect.github.com/eclipse/transformer/pull/466) - build(deps-dev): Bump byte-buddy from 1.14.4 to 1.14.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/467](https://redirect.github.com/eclipse/transformer/pull/467) - build(deps): Bump maven-surefire-plugin from 3.1.0 to 3.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/469](https://redirect.github.com/eclipse/transformer/pull/469) - feat([#462](https://redirect.github.com/eclipse/transformer/issues/462)) add timings jar war by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/470](https://redirect.github.com/eclipse/transformer/pull/470) - feat([#464](https://redirect.github.com/eclipse/transformer/issues/464)) add date time cli option by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/471](https://redirect.github.com/eclipse/transformer/pull/471) - fix: small typos by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/473](https://redirect.github.com/eclipse/transformer/pull/473) - build(deps): Bump actions/checkout from 3.5.2 to 3.5.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/477](https://redirect.github.com/eclipse/transformer/pull/477) - build(deps): Bump github/codeql-action from 2.3.6 to 2.13.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/478](https://redirect.github.com/eclipse/transformer/pull/478) - build(deps): Bump maven-invoker-plugin from 3.5.1 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/479](https://redirect.github.com/eclipse/transformer/pull/479) - build(deps): Bump step-security/harden-runner from 2.4.0 to 2.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/480](https://redirect.github.com/eclipse/transformer/pull/480) - build(deps): Bump org.junit:junit-bom from 5.9.3 to 5.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/481](https://redirect.github.com/eclipse/transformer/pull/481) - build(deps): Bump step-security/harden-runner from 2.4.1 to 2.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/482](https://redirect.github.com/eclipse/transformer/pull/482) - build(deps): Bump actions/setup-java from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/483](https://redirect.github.com/eclipse/transformer/pull/483) - build(deps): Bump step-security/harden-runner from 2.5.0 to 2.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/484](https://redirect.github.com/eclipse/transformer/pull/484) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.5 to 1.14.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/490](https://redirect.github.com/eclipse/transformer/pull/490) - build(deps): Bump actions/checkout from 3.5.3 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/493](https://redirect.github.com/eclipse/transformer/pull/493) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.6 to 1.14.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/494](https://redirect.github.com/eclipse/transformer/pull/494) - build(deps): Bump actions/checkout from 3.6.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/495](https://redirect.github.com/eclipse/transformer/pull/495) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/496](https://redirect.github.com/eclipse/transformer/pull/496) - build(deps): Bump actions/setup-java from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/497](https://redirect.github.com/eclipse/transformer/pull/497) - build(deps): Bump actions/checkout from 4.0.0 to 4.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/498](https://redirect.github.com/eclipse/transformer/pull/498) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.7 to 1.14.8 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/499](https://redirect.github.com/eclipse/transformer/pull/499) - build(deps): Bump step-security/harden-runner from 2.5.1 to 2.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/500](https://redirect.github.com/eclipse/transformer/pull/500) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.8 to 1.14.9 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/503](https://redirect.github.com/eclipse/transformer/pull/503) - build(deps): Bump actions/checkout from 4.1.0 to 4.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/504](https://redirect.github.com/eclipse/transformer/pull/504) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.6.4 to 3.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/506](https://redirect.github.com/eclipse/transformer/pull/506) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.9.0 to 3.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/507](https://redirect.github.com/eclipse/transformer/pull/507) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.1.2 to 3.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/508](https://redirect.github.com/eclipse/transformer/pull/508) - build(deps): Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/509](https://redirect.github.com/eclipse/transformer/pull/509) - build(deps): Bump commons-cli:commons-cli from 1.5.0 to 1.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/510](https://redirect.github.com/eclipse/transformer/pull/510) - build(deps): Bump org.junit:junit-bom from 5.10.0 to 5.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/511](https://redirect.github.com/eclipse/transformer/pull/511) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.1 to 3.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/514](https://redirect.github.com/eclipse/transformer/pull/514) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/512](https://redirect.github.com/eclipse/transformer/pull/512) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.1 to 3.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/513](https://redirect.github.com/eclipse/transformer/pull/513) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.1 to 3.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/515](https://redirect.github.com/eclipse/transformer/pull/515) - build(deps): Bump step-security/harden-runner from 2.6.0 to 2.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/516](https://redirect.github.com/eclipse/transformer/pull/516) - build(deps): Bump org.codehaus.mojo:exec-maven-plugin from 3.1.0 to 3.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/517](https://redirect.github.com/eclipse/transformer/pull/517) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.9 to 1.14.10 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/518](https://redirect.github.com/eclipse/transformer/pull/518) - build(deps): Bump actions/setup-java from 3.13.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/520](https://redirect.github.com/eclipse/transformer/pull/520) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.2 to 3.6.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/521](https://redirect.github.com/eclipse/transformer/pull/521) - build(deps): Bump actions/stale from 8.0.0 to 9.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/523](https://redirect.github.com/eclipse/transformer/pull/523) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/524](https://redirect.github.com/eclipse/transformer/pull/524) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.10 to 1.14.11 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/526](https://redirect.github.com/eclipse/transformer/pull/526) - Fixes [#519](https://redirect.github.com/eclipse/transformer/issues/519) - Unable to run Eclipse Transformer on Java 21 using the Maven plugin by [@mnriem](https://redirect.github.com/mnriem) in [https://github.com/eclipse/transformer/pull/529](https://redirect.github.com/eclipse/transformer/pull/529) - build(deps-dev): Bump org.assertj:assertj-core from 3.24.2 to 3.25.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/530](https://redirect.github.com/eclipse/transformer/pull/530) - build(deps-dev): Bump org.assertj:assertj-core from 3.25.0 to 3.25.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/531](https://redirect.github.com/eclipse/transformer/pull/531) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/532](https://redirect.github.com/eclipse/transformer/pull/532) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/533](https://redirect.github.com/eclipse/transformer/pull/533) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.2 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/534](https://redirect.github.com/eclipse/transformer/pull/534) - build(deps): Bump step-security/harden-runner from 2.6.1 to 2.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/537](https://redirect.github.com/eclipse/transformer/pull/537) - build(deps): Bump actions/setup-java from 4.0.0 to 4.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/539](https://redirect.github.com/eclipse/transformer/pull/539) - build(deps): Bump actions/setup-java from 4.1.0 to 4.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/542](https://redirect.github.com/eclipse/transformer/pull/542) - build(deps): Bump actions/setup-java from 4.2.0 to 4.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/543](https://redirect.github.com/eclipse/transformer/pull/543) - build(deps): Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/545](https://redirect.github.com/eclipse/transformer/pull/545) - build(deps): Bump org.codehaus.mojo:flatten-maven-plugin from 1.5.0 to 1.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/535](https://redirect.github.com/eclipse/transformer/pull/535) - build(deps): Bump org.junit:junit-bom from 5.10.1 to 5.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/546](https://redirect.github.com/eclipse/transformer/pull/546) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/547](https://redirect.github.com/eclipse/transformer/pull/547) - build(deps): Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/527](https://redirect.github.com/eclipse/transformer/pull/527) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.11 to 1.14.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/550](https://redirect.github.com/eclipse/transformer/pull/550) - build(deps-dev): Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/549](https://redirect.github.com/eclipse/transformer/pull/549) - build(deps): Bump org.apache.maven.plugins:maven-assembly-plugin from 3.6.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/548](https://redirect.github.com/eclipse/transformer/pull/548) - build(deps): Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/551](https://redirect.github.com/eclipse/transformer/pull/551) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.1 to 3.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/552](https://redirect.github.com/eclipse/transformer/pull/552) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.12 to 1.14.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/553](https://redirect.github.com/eclipse/transformer/pull/553) - build(deps): Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/556](https://redirect.github.com/eclipse/transformer/pull/556) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/558](https://redirect.github.com/eclipse/transformer/pull/558) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/557](https://redirect.github.com/eclipse/transformer/pull/557) - build(deps): Bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/559](https://redirect.github.com/eclipse/transformer/pull/559) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.2 to 3.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/560](https://redirect.github.com/eclipse/transformer/pull/560) - build(deps): Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/561](https://redirect.github.com/eclipse/transformer/pull/561) - build(deps): Bump commons-cli:commons-cli from 1.6.0 to 1.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/562](https://redirect.github.com/eclipse/transformer/pull/562) - build(deps): Bump actions/checkout from 4.1.1 to 4.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/565](https://redirect.github.com/eclipse/transformer/pull/565) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.3 to 3.2.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/564](https://redirect.github.com/eclipse/transformer/pull/564) - build(deps): Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/563](https://redirect.github.com/eclipse/transformer/pull/563) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.13 to 1.14.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/566](https://redirect.github.com/eclipse/transformer/pull/566) - build(deps): Bump actions/checkout from 4.1.3 to 4.1.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/567](https://redirect.github.com/eclipse/transformer/pull/567) - build(deps-dev): Bump org.xmlunit:xmlunit-assertj from 2.9.1 to 2.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/568](https://redirect.github.com/eclipse/transformer/pull/568) - build(deps): Bump step-security/harden-runner from 2.7.0 to 2.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/570](https://redirect.github.com/eclipse/transformer/pull/570) - build(deps): Bump org.apache.maven.plugins:maven-install-plugin from 3.1.1 to 3.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/569](https://redirect.github.com/eclipse/transformer/pull/569) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/572](https://redirect.github.com/eclipse/transformer/pull/572) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/571](https://redirect.github.com/eclipse/transformer/pull/571) - build(deps): Bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/574](https://redirect.github.com/eclipse/transformer/pull/574) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.14 to 1.14.15 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/575](https://redirect.github.com/eclipse/transformer/pull/575) - build(deps): Bump actions/checkout from 4.1.5 to 4.1.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/576](https://redirect.github.com/eclipse/transformer/pull/576) - build(deps): Bump github/codeql-action from 2.13.4 to 3.25.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/577](https://redirect.github.com/eclipse/transformer/pull/577) - build(deps): Bump github/codeql-action from 3.25.5 to 3.25.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/578](https://redirect.github.com/eclipse/transformer/pull/578) - Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/579](https://redirect.github.com/eclipse/transformer/pull/579) - Bump net.bytebuddy:byte-buddy from 1.14.15 to 1.14.16 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/581](https://redirect.github.com/eclipse/transformer/pull/581) - Bump step-security/harden-runner from 2.7.1 to 2.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/580](https://redirect.github.com/eclipse/transformer/pull/580) - Bump commons-cli:commons-cli from 1.7.0 to 1.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/582](https://redirect.github.com/eclipse/transformer/pull/582) - Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/585](https://redirect.github.com/eclipse/transformer/pull/585) - Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/584](https://redirect.github.com/eclipse/transformer/pull/584) - Bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/586](https://redirect.github.com/eclipse/transformer/pull/586) - Bump net.bytebuddy:byte-buddy from 1.14.16 to 1.14.17 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/587](https://redirect.github.com/eclipse/transformer/pull/587) - Bump github/codeql-action from 3.25.6 to 3.25.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/588](https://redirect.github.com/eclipse/transformer/pull/588) - Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.13.0 to 3.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/591](https://redirect.github.com/eclipse/transformer/pull/591) - Bump org.apache.maven.plugins:maven-plugin-plugin from 3.13.0 to 3.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/589](https://redirect.github.com/eclipse/transformer/pull/589) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/590](https://redirect.github.com/eclipse/transformer/pull/590) - Bump github/codeql-action from 3.25.7 to 3.25.8 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/592](https://redirect.github.com/eclipse/transformer/pull/592) - Bump step-security/harden-runner from 2.8.0 to 2.8.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/593](https://redirect.github.com/eclipse/transformer/pull/593) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/594](https://redirect.github.com/eclipse/transformer/pull/594) - Bump github/codeql-action from 3.25.8 to 3.25.9 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/597](https://redirect.github.com/eclipse/transformer/pull/597) - Bump actions/checkout from 4.1.6 to 4.1.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/596](https://redirect.github.com/eclipse/transformer/pull/596) - Bump github/codeql-action from 3.25.9 to 3.25.10 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/598](https://redirect.github.com/eclipse/transformer/pull/598) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/599](https://redirect.github.com/eclipse/transformer/pull/599) - Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/601](https://redirect.github.com/eclipse/transformer/pull/601) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/602](https://redirect.github.com/eclipse/transformer/pull/602) - Bump org.junit:junit-bom from 5.10.2 to 5.10.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/604](https://redirect.github.com/eclipse/transformer/pull/604) - Bump github/codeql-action from 3.25.10 to 3.25.11 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/605](https://redirect.github.com/eclipse/transformer/pull/605) - Bump net.bytebuddy:byte-buddy from 1.14.17 to 1.14.18 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/608](https://redirect.github.com/eclipse/transformer/pull/608) - Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/609](https://redirect.github.com/eclipse/transformer/pull/609) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/610](https://redirect.github.com/eclipse/transformer/pull/610) - Bump github/codeql-action from 3.25.11 to 3.25.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/612](https://redirect.github.com/eclipse/transformer/pull/612) - Bump step-security/harden-runner from 2.8.1 to 2.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/613](https://redirect.github.com/eclipse/transformer/pull/613) - Bump github/codeql-action from 3.25.12 to 3.25.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/615](https://redirect.github.com/eclipse/transformer/pull/615) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/614](https://redirect.github.com/eclipse/transformer/pull/614) - Bump github/codeql-action from 3.25.13 to 3.25.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/616](https://redirect.github.com/eclipse/transformer/pull/616) - Bump github/codeql-action from 3.25.14 to 3.25.15 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/617](https://redirect.github.com/eclipse/transformer/pull/617) - Bump step-security/harden-runner from 2.9.0 to 2.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/619](https://redirect.github.com/eclipse/transformer/pull/619) - Bump actions/setup-java from 4.2.1 to 4.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/618](https://redirect.github.com/eclipse/transformer/pull/618) - Bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/621](https://redirect.github.com/eclipse/transformer/pull/621) - Bump github/codeql-action from 3.25.15 to 3.26.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/620](https://redirect.github.com/eclipse/transformer/pull/620) - Bump org.codehaus.mojo:exec-maven-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/622](https://redirect.github.com/eclipse/transformer/pull/622) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/623](https://redirect.github.com/eclipse/transformer/pull/623) - Bump github/codeql-action from 3.26.0 to 3.26.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/624](https://redirect.github.com/eclipse/transformer/pull/624) - Bump github/codeql-action from 3.26.1 to 3.26.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/627](https://redirect.github.com/eclipse/transformer/pull/627) - Bump org.junit:junit-bom from 5.10.3 to 5.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/626](https://redirect.github.com/eclipse/transformer/pull/626) - Bump commons-cli:commons-cli from 1.8.0 to 1.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/625](https://redirect.github.com/eclipse/transformer/pull/625) - Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.14.19 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/628](https://redirect.github.com/eclipse/transformer/pull/628) - Bump org.apache.maven.plugins:maven-plugin-plugin from 3.13.1 to 3.14.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/632](https://redirect.github.com/eclipse/transformer/pull/632) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/629](https://redirect.github.com/eclipse/transformer/pull/629) - Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.13.1 to 3.14.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/630](https://redirect.github.com/eclipse/transformer/pull/630) - Bump github/codeql-action from 3.26.2 to 3.26.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/634](https://redirect.github.com/eclipse/transformer/pull/634) - Bump org.apache.maven.plugins:maven-install-plugin from 3.1.2 to 3.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/633](https://redirect.github.com/eclipse/transformer/pull/633) - \[ISSUE 606] Discard signatures from jar file that was mutated by [@jluehe](https://redirect.github.com/jluehe) in [https://github.com/eclipse/transformer/pull/607](https://redirect.github.com/eclipse/transformer/pull/607) - Bump github/codeql-action from 3.26.3 to 3.26.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/636](https://redirect.github.com/eclipse/transformer/pull/636) - Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/638](https://redirect.github.com/eclipse/transformer/pull/638) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/637](https://redirect.github.com/eclipse/transformer/pull/637) - Prepare for 1.0 release by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/635](https://redirect.github.com/eclipse/transformer/pull/635) #### New Contributors - [@step-security-bot](https://redirect.github.com/step-security-bot) made their first contribution in [https://github.com/eclipse/transformer/pull/377](https://redirect.github.com/eclipse/transformer/pull/377) - [@jeanouii](https://redirect.github.com/jeanouii) made their first contribution in [https://github.com/eclipse/transformer/pull/470](https://redirect.github.com/eclipse/transformer/pull/470) - [@mnriem](https://redirect.github.com/mnriem) made their first contribution in [https://github.com/eclipse/transformer/pull/529](https://redirect.github.com/eclipse/transformer/pull/529) - [@jluehe](https://redirect.github.com/jluehe) made their first contribution in [https://github.com/eclipse/transformer/pull/607](https://redirect.github.com/eclipse/transformer/pull/607) **Full Changelog**: https://github.com/eclipse/transformer/compare/0.5.0...1.0.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/camunda/camunda).

…gin to v1 (main) (#22046) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.eclipse.transformer:transformer-maven-plugin](https://projects.eclipse.org/projects/technology.transformer) ([source](https://redirect.github.com/eclipse/transformer)) | `0.5.0` -> `1.0.0` | [![age](https://developer.mend.io/api/mc/badges/age/maven/org.eclipse.transformer:transformer-maven-plugin/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/org.eclipse.transformer:transformer-maven-plugin/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/org.eclipse.transformer:transformer-maven-plugin/0.5.0/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/org.eclipse.transformer:transformer-maven-plugin/0.5.0/1.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>eclipse/transformer (org.eclipse.transformer:transformer-maven-plugin)</summary> ### [`v1.0.0`](https://redirect.github.com/eclipse/transformer/releases/tag/1.0.0): Eclipse Transformer 1.0.0 [Compare Source](https://redirect.github.com/eclipse/transformer/compare/0.5.0...1.0.0) See [Release Notes](https://redirect.github.com/eclipse/transformer/wiki/Release-Notes-1.0.0). #### What's Changed - build(deps): Bump maven-assembly-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/347](https://redirect.github.com/eclipse/transformer/pull/347) - build(deps): Bump exec-maven-plugin from 3.0.0 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/348](https://redirect.github.com/eclipse/transformer/pull/348) - build(deps): Bump maven-install-plugin from 2.5.2 to 3.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/349](https://redirect.github.com/eclipse/transformer/pull/349) - build(deps): Bump maven-install-plugin from 3.0.0 to 3.0.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/351](https://redirect.github.com/eclipse/transformer/pull/351) - build(deps): Bump maven-assembly-plugin from 3.4.1 to 3.4.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/350](https://redirect.github.com/eclipse/transformer/pull/350) - build(deps): Bump maven-resources-plugin from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/352](https://redirect.github.com/eclipse/transformer/pull/352) - rules: Add default Jakarta rule for orm.xml by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/357](https://redirect.github.com/eclipse/transformer/pull/357) - build(deps-dev): Bump byte-buddy from 1.12.12 to 1.12.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/354](https://redirect.github.com/eclipse/transformer/pull/354) - build(deps): Bump junit-bom from 5.8.2 to 5.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/353](https://redirect.github.com/eclipse/transformer/pull/353) - build(deps): Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/358](https://redirect.github.com/eclipse/transformer/pull/358) - build(deps): Bump flatten-maven-plugin from 1.2.7 to 1.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/359](https://redirect.github.com/eclipse/transformer/pull/359) - Organize imports by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/360](https://redirect.github.com/eclipse/transformer/pull/360) - build(deps-dev): Bump byte-buddy from 1.12.13 to 1.12.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/363](https://redirect.github.com/eclipse/transformer/pull/363) - build(deps-dev): Bump byte-buddy from 1.12.14 to 1.12.16 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/366](https://redirect.github.com/eclipse/transformer/pull/366) - build(deps): Bump maven-jar-plugin from 3.2.2 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/367](https://redirect.github.com/eclipse/transformer/pull/367) - build(deps): Bump junit-bom from 5.9.0 to 5.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/368](https://redirect.github.com/eclipse/transformer/pull/368) - build(deps-dev): Bump byte-buddy from 1.12.16 to 1.12.17 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/369](https://redirect.github.com/eclipse/transformer/pull/369) - build(deps): Bump actions/stale from 5 to 6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/370](https://redirect.github.com/eclipse/transformer/pull/370) - build(deps-dev): Bump byte-buddy from 1.12.17 to 1.12.18 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/371](https://redirect.github.com/eclipse/transformer/pull/371) - build(deps): Bump maven-plugin-plugin from 3.6.4 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/372](https://redirect.github.com/eclipse/transformer/pull/372) - build(deps-dev): Bump byte-buddy from 1.12.18 to 1.12.19 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/373](https://redirect.github.com/eclipse/transformer/pull/373) - build(deps): Bump maven-install-plugin from 3.0.1 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/374](https://redirect.github.com/eclipse/transformer/pull/374) - build(deps): Bump maven-dependency-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/375](https://redirect.github.com/eclipse/transformer/pull/375) - build(deps): Bump bnd.version from 6.3.1 to 6.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/376](https://redirect.github.com/eclipse/transformer/pull/376) - \[StepSecurity] ci: Harden GitHub Actions by [@step-security-bot](https://redirect.github.com/step-security-bot) in [https://github.com/eclipse/transformer/pull/377](https://redirect.github.com/eclipse/transformer/pull/377) - build(deps): Bump github/codeql-action from 2.1.35 to 2.1.36 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/378](https://redirect.github.com/eclipse/transformer/pull/378) - build(deps): Bump actions/checkout from 3.1.0 to 3.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/379](https://redirect.github.com/eclipse/transformer/pull/379) - build(deps): Bump github/codeql-action from 2.1.36 to 2.1.37 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/380](https://redirect.github.com/eclipse/transformer/pull/380) - build(deps): Bump actions/setup-java from 3.8.0 to 3.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/381](https://redirect.github.com/eclipse/transformer/pull/381) - build(deps-dev): Bump byte-buddy from 1.12.19 to 1.12.20 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/382](https://redirect.github.com/eclipse/transformer/pull/382) - build(deps): Bump maven-invoker-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/383](https://redirect.github.com/eclipse/transformer/pull/383) - build(deps): Bump actions/stale from 6.0.1 to 7.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/385](https://redirect.github.com/eclipse/transformer/pull/385) - build(deps-dev): Bump org.osgi.service.component.annotations from 1.5.0 to 1.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/384](https://redirect.github.com/eclipse/transformer/pull/384) - build: Update maven version to 3.8.7 by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/386](https://redirect.github.com/eclipse/transformer/pull/386) - build(deps-dev): Bump byte-buddy from 1.12.20 to 1.12.21 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/387](https://redirect.github.com/eclipse/transformer/pull/387) - build(deps): Bump actions/checkout from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/388](https://redirect.github.com/eclipse/transformer/pull/388) - build(deps-dev): Bump assertj-core from 3.23.1 to 3.24.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/389](https://redirect.github.com/eclipse/transformer/pull/389) - build(deps): Bump junit-bom from 5.9.1 to 5.9.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/390](https://redirect.github.com/eclipse/transformer/pull/390) - build(deps-dev): Bump xmlunit-assertj from 2.9.0 to 2.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/391](https://redirect.github.com/eclipse/transformer/pull/391) - build(deps): Bump maven-dependency-plugin from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/392](https://redirect.github.com/eclipse/transformer/pull/392) - build(deps): Bump github/codeql-action from 2.1.37 to 2.1.38 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/394](https://redirect.github.com/eclipse/transformer/pull/394) - build(deps-dev): Bump byte-buddy from 1.12.21 to 1.12.22 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/393](https://redirect.github.com/eclipse/transformer/pull/393) - build(deps): Bump step-security/harden-runner from 2.0.0 to 2.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/395](https://redirect.github.com/eclipse/transformer/pull/395) - build(deps-dev): Bump assertj-core from 3.24.1 to 3.24.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/397](https://redirect.github.com/eclipse/transformer/pull/397) - build(deps): Bump maven-plugin-plugin from 3.7.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/396](https://redirect.github.com/eclipse/transformer/pull/396) - build(deps): Bump github/codeql-action from 2.1.38 to 2.1.39 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/398](https://redirect.github.com/eclipse/transformer/pull/398) - build(deps): Bump github/codeql-action from 2.1.39 to 2.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/400](https://redirect.github.com/eclipse/transformer/pull/400) - build(deps): Bump github/codeql-action from 2.2.0 to 2.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/401](https://redirect.github.com/eclipse/transformer/pull/401) - build(deps-dev): Bump byte-buddy from 1.12.22 to 1.12.23 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/402](https://redirect.github.com/eclipse/transformer/pull/402) - build(deps): Bump github/codeql-action from 2.2.1 to 2.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/403](https://redirect.github.com/eclipse/transformer/pull/403) - build(deps): Bump actions/setup-java from 3.9.0 to 3.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/404](https://redirect.github.com/eclipse/transformer/pull/404) - build(deps): Bump github/codeql-action from 2.2.2 to 2.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/405](https://redirect.github.com/eclipse/transformer/pull/405) - build(deps): Bump github/codeql-action from 2.2.3 to 2.2.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/406](https://redirect.github.com/eclipse/transformer/pull/406) - build(deps-dev): Bump byte-buddy from 1.12.23 to 1.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/407](https://redirect.github.com/eclipse/transformer/pull/407) - build(deps): Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/408](https://redirect.github.com/eclipse/transformer/pull/408) - build(deps): Bump maven-assembly-plugin from 3.4.2 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/412](https://redirect.github.com/eclipse/transformer/pull/412) - build(deps): Bump maven-plugin-plugin from 3.7.1 to 3.8.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/414](https://redirect.github.com/eclipse/transformer/pull/414) - build(deps): Bump actions/stale from 7.0.0 to 8.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/421](https://redirect.github.com/eclipse/transformer/pull/421) - build(deps): Bump actions/setup-java from 3.10.0 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/424](https://redirect.github.com/eclipse/transformer/pull/424) - build(deps): Bump step-security/harden-runner from 2.1.0 to 2.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/428](https://redirect.github.com/eclipse/transformer/pull/428) - build(deps): Bump github/codeql-action from 2.2.4 to 2.2.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/433](https://redirect.github.com/eclipse/transformer/pull/433) - build(deps-dev): Bump byte-buddy from 1.13.0 to 1.14.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/430](https://redirect.github.com/eclipse/transformer/pull/430) - build(deps): Bump maven-invoker-plugin from 3.4.0 to 3.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/427](https://redirect.github.com/eclipse/transformer/pull/427) - build(deps): Bump actions/checkout from 3.3.0 to 3.5.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/434](https://redirect.github.com/eclipse/transformer/pull/434) - build(deps): Bump flatten-maven-plugin from 1.3.0 to 1.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/437](https://redirect.github.com/eclipse/transformer/pull/437) - build(deps): Bump maven-resources-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/435](https://redirect.github.com/eclipse/transformer/pull/435) - build(deps): Bump maven-compiler-plugin from 3.10.1 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/439](https://redirect.github.com/eclipse/transformer/pull/439) - build(deps): Bump maven-surefire-plugin from 2.22.2 to 3.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/438](https://redirect.github.com/eclipse/transformer/pull/438) - build(deps): Bump maven-install-plugin from 3.1.0 to 3.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/436](https://redirect.github.com/eclipse/transformer/pull/436) - build(deps): Bump github/codeql-action from 2.2.12 to 2.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/443](https://redirect.github.com/eclipse/transformer/pull/443) - build(deps): Bump maven-plugin-plugin from 3.8.1 to 3.8.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/444](https://redirect.github.com/eclipse/transformer/pull/444) - build(deps): Bump step-security/harden-runner from 2.3.0 to 2.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/442](https://redirect.github.com/eclipse/transformer/pull/442) - build(deps): Bump github/codeql-action from 2.3.0 to 2.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/446](https://redirect.github.com/eclipse/transformer/pull/446) - build(deps): Bump junit-bom from 5.9.2 to 5.9.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/445](https://redirect.github.com/eclipse/transformer/pull/445) - bnd: Avoid java imports in test case by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/447](https://redirect.github.com/eclipse/transformer/pull/447) - build(deps): Bump github/codeql-action from 2.3.1 to 2.3.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/448](https://redirect.github.com/eclipse/transformer/pull/448) - build(deps): Bump step-security/harden-runner from 2.3.1 to 2.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/450](https://redirect.github.com/eclipse/transformer/pull/450) - build(deps): Bump github/codeql-action from 2.3.2 to 2.3.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/449](https://redirect.github.com/eclipse/transformer/pull/449) - build(deps): Bump maven-surefire-plugin from 3.0.0 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/452](https://redirect.github.com/eclipse/transformer/pull/452) - build(deps): Bump maven-gpg-plugin from 3.0.1 to 3.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/451](https://redirect.github.com/eclipse/transformer/pull/451) - build(deps): Bump flatten-maven-plugin from 1.4.1 to 1.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/453](https://redirect.github.com/eclipse/transformer/pull/453) - build(deps): Bump maven-assembly-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/455](https://redirect.github.com/eclipse/transformer/pull/455) - build(deps): Bump maven-plugin-plugin from 3.8.2 to 3.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/454](https://redirect.github.com/eclipse/transformer/pull/454) - build(deps): Bump maven-source-plugin from 3.2.1 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/456](https://redirect.github.com/eclipse/transformer/pull/456) - build(deps): Bump maven-dependency-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/457](https://redirect.github.com/eclipse/transformer/pull/457) - build(deps): Bump github/codeql-action from 2.3.3 to 2.3.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/458](https://redirect.github.com/eclipse/transformer/pull/458) - build(deps): Bump github/codeql-action from 2.3.4 to 2.3.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/459](https://redirect.github.com/eclipse/transformer/pull/459) - build(deps): Bump github/codeql-action from 2.3.5 to 2.3.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/466](https://redirect.github.com/eclipse/transformer/pull/466) - build(deps-dev): Bump byte-buddy from 1.14.4 to 1.14.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/467](https://redirect.github.com/eclipse/transformer/pull/467) - build(deps): Bump maven-surefire-plugin from 3.1.0 to 3.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/469](https://redirect.github.com/eclipse/transformer/pull/469) - feat([#462](https://redirect.github.com/eclipse/transformer/issues/462)) add timings jar war by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/470](https://redirect.github.com/eclipse/transformer/pull/470) - feat([#464](https://redirect.github.com/eclipse/transformer/issues/464)) add date time cli option by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/471](https://redirect.github.com/eclipse/transformer/pull/471) - fix: small typos by [@jeanouii](https://redirect.github.com/jeanouii) in [https://github.com/eclipse/transformer/pull/473](https://redirect.github.com/eclipse/transformer/pull/473) - build(deps): Bump actions/checkout from 3.5.2 to 3.5.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/477](https://redirect.github.com/eclipse/transformer/pull/477) - build(deps): Bump github/codeql-action from 2.3.6 to 2.13.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/478](https://redirect.github.com/eclipse/transformer/pull/478) - build(deps): Bump maven-invoker-plugin from 3.5.1 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/479](https://redirect.github.com/eclipse/transformer/pull/479) - build(deps): Bump step-security/harden-runner from 2.4.0 to 2.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/480](https://redirect.github.com/eclipse/transformer/pull/480) - build(deps): Bump org.junit:junit-bom from 5.9.3 to 5.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/481](https://redirect.github.com/eclipse/transformer/pull/481) - build(deps): Bump step-security/harden-runner from 2.4.1 to 2.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/482](https://redirect.github.com/eclipse/transformer/pull/482) - build(deps): Bump actions/setup-java from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/483](https://redirect.github.com/eclipse/transformer/pull/483) - build(deps): Bump step-security/harden-runner from 2.5.0 to 2.5.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/484](https://redirect.github.com/eclipse/transformer/pull/484) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.5 to 1.14.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/490](https://redirect.github.com/eclipse/transformer/pull/490) - build(deps): Bump actions/checkout from 3.5.3 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/493](https://redirect.github.com/eclipse/transformer/pull/493) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.6 to 1.14.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/494](https://redirect.github.com/eclipse/transformer/pull/494) - build(deps): Bump actions/checkout from 3.6.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/495](https://redirect.github.com/eclipse/transformer/pull/495) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/496](https://redirect.github.com/eclipse/transformer/pull/496) - build(deps): Bump actions/setup-java from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/497](https://redirect.github.com/eclipse/transformer/pull/497) - build(deps): Bump actions/checkout from 4.0.0 to 4.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/498](https://redirect.github.com/eclipse/transformer/pull/498) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.7 to 1.14.8 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/499](https://redirect.github.com/eclipse/transformer/pull/499) - build(deps): Bump step-security/harden-runner from 2.5.1 to 2.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/500](https://redirect.github.com/eclipse/transformer/pull/500) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.8 to 1.14.9 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/503](https://redirect.github.com/eclipse/transformer/pull/503) - build(deps): Bump actions/checkout from 4.1.0 to 4.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/504](https://redirect.github.com/eclipse/transformer/pull/504) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.6.4 to 3.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/506](https://redirect.github.com/eclipse/transformer/pull/506) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.9.0 to 3.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/507](https://redirect.github.com/eclipse/transformer/pull/507) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.1.2 to 3.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/508](https://redirect.github.com/eclipse/transformer/pull/508) - build(deps): Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/509](https://redirect.github.com/eclipse/transformer/pull/509) - build(deps): Bump commons-cli:commons-cli from 1.5.0 to 1.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/510](https://redirect.github.com/eclipse/transformer/pull/510) - build(deps): Bump org.junit:junit-bom from 5.10.0 to 5.10.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/511](https://redirect.github.com/eclipse/transformer/pull/511) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.1 to 3.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/514](https://redirect.github.com/eclipse/transformer/pull/514) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/512](https://redirect.github.com/eclipse/transformer/pull/512) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.1 to 3.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/513](https://redirect.github.com/eclipse/transformer/pull/513) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.1 to 3.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/515](https://redirect.github.com/eclipse/transformer/pull/515) - build(deps): Bump step-security/harden-runner from 2.6.0 to 2.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/516](https://redirect.github.com/eclipse/transformer/pull/516) - build(deps): Bump org.codehaus.mojo:exec-maven-plugin from 3.1.0 to 3.1.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/517](https://redirect.github.com/eclipse/transformer/pull/517) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.9 to 1.14.10 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/518](https://redirect.github.com/eclipse/transformer/pull/518) - build(deps): Bump actions/setup-java from 3.13.0 to 4.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/520](https://redirect.github.com/eclipse/transformer/pull/520) - build(deps): Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.2 to 3.6.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/521](https://redirect.github.com/eclipse/transformer/pull/521) - build(deps): Bump actions/stale from 8.0.0 to 9.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/523](https://redirect.github.com/eclipse/transformer/pull/523) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/524](https://redirect.github.com/eclipse/transformer/pull/524) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.10 to 1.14.11 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/526](https://redirect.github.com/eclipse/transformer/pull/526) - Fixes [#519](https://redirect.github.com/eclipse/transformer/issues/519) - Unable to run Eclipse Transformer on Java 21 using the Maven plugin by [@mnriem](https://redirect.github.com/mnriem) in [https://github.com/eclipse/transformer/pull/529](https://redirect.github.com/eclipse/transformer/pull/529) - build(deps-dev): Bump org.assertj:assertj-core from 3.24.2 to 3.25.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/530](https://redirect.github.com/eclipse/transformer/pull/530) - build(deps-dev): Bump org.assertj:assertj-core from 3.25.0 to 3.25.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/531](https://redirect.github.com/eclipse/transformer/pull/531) - build(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.3 to 3.2.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/532](https://redirect.github.com/eclipse/transformer/pull/532) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/533](https://redirect.github.com/eclipse/transformer/pull/533) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.2 to 3.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/534](https://redirect.github.com/eclipse/transformer/pull/534) - build(deps): Bump step-security/harden-runner from 2.6.1 to 2.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/537](https://redirect.github.com/eclipse/transformer/pull/537) - build(deps): Bump actions/setup-java from 4.0.0 to 4.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/539](https://redirect.github.com/eclipse/transformer/pull/539) - build(deps): Bump actions/setup-java from 4.1.0 to 4.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/542](https://redirect.github.com/eclipse/transformer/pull/542) - build(deps): Bump actions/setup-java from 4.2.0 to 4.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/543](https://redirect.github.com/eclipse/transformer/pull/543) - build(deps): Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/545](https://redirect.github.com/eclipse/transformer/pull/545) - build(deps): Bump org.codehaus.mojo:flatten-maven-plugin from 1.5.0 to 1.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/535](https://redirect.github.com/eclipse/transformer/pull/535) - build(deps): Bump org.junit:junit-bom from 5.10.1 to 5.10.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/546](https://redirect.github.com/eclipse/transformer/pull/546) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/547](https://redirect.github.com/eclipse/transformer/pull/547) - build(deps): Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/527](https://redirect.github.com/eclipse/transformer/pull/527) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.11 to 1.14.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/550](https://redirect.github.com/eclipse/transformer/pull/550) - build(deps-dev): Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/549](https://redirect.github.com/eclipse/transformer/pull/549) - build(deps): Bump org.apache.maven.plugins:maven-assembly-plugin from 3.6.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/548](https://redirect.github.com/eclipse/transformer/pull/548) - build(deps): Bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/551](https://redirect.github.com/eclipse/transformer/pull/551) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.1 to 3.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/552](https://redirect.github.com/eclipse/transformer/pull/552) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.12 to 1.14.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/553](https://redirect.github.com/eclipse/transformer/pull/553) - build(deps): Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/556](https://redirect.github.com/eclipse/transformer/pull/556) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/558](https://redirect.github.com/eclipse/transformer/pull/558) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.11.0 to 3.12.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/557](https://redirect.github.com/eclipse/transformer/pull/557) - build(deps): Bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/559](https://redirect.github.com/eclipse/transformer/pull/559) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.2 to 3.2.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/560](https://redirect.github.com/eclipse/transformer/pull/560) - build(deps): Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/561](https://redirect.github.com/eclipse/transformer/pull/561) - build(deps): Bump commons-cli:commons-cli from 1.6.0 to 1.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/562](https://redirect.github.com/eclipse/transformer/pull/562) - build(deps): Bump actions/checkout from 4.1.1 to 4.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/565](https://redirect.github.com/eclipse/transformer/pull/565) - build(deps): Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.3 to 3.2.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/564](https://redirect.github.com/eclipse/transformer/pull/564) - build(deps): Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/563](https://redirect.github.com/eclipse/transformer/pull/563) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.13 to 1.14.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/566](https://redirect.github.com/eclipse/transformer/pull/566) - build(deps): Bump actions/checkout from 4.1.3 to 4.1.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/567](https://redirect.github.com/eclipse/transformer/pull/567) - build(deps-dev): Bump org.xmlunit:xmlunit-assertj from 2.9.1 to 2.10.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/568](https://redirect.github.com/eclipse/transformer/pull/568) - build(deps): Bump step-security/harden-runner from 2.7.0 to 2.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/570](https://redirect.github.com/eclipse/transformer/pull/570) - build(deps): Bump org.apache.maven.plugins:maven-install-plugin from 3.1.1 to 3.1.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/569](https://redirect.github.com/eclipse/transformer/pull/569) - build(deps): Bump org.apache.maven.plugins:maven-plugin-plugin from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/572](https://redirect.github.com/eclipse/transformer/pull/572) - build(deps): Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.12.0 to 3.13.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/571](https://redirect.github.com/eclipse/transformer/pull/571) - build(deps): Bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/574](https://redirect.github.com/eclipse/transformer/pull/574) - build(deps-dev): Bump net.bytebuddy:byte-buddy from 1.14.14 to 1.14.15 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/575](https://redirect.github.com/eclipse/transformer/pull/575) - build(deps): Bump actions/checkout from 4.1.5 to 4.1.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/576](https://redirect.github.com/eclipse/transformer/pull/576) - build(deps): Bump github/codeql-action from 2.13.4 to 3.25.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/577](https://redirect.github.com/eclipse/transformer/pull/577) - build(deps): Bump github/codeql-action from 3.25.5 to 3.25.6 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/578](https://redirect.github.com/eclipse/transformer/pull/578) - Bump org.codehaus.mojo:exec-maven-plugin from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/579](https://redirect.github.com/eclipse/transformer/pull/579) - Bump net.bytebuddy:byte-buddy from 1.14.15 to 1.14.16 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/581](https://redirect.github.com/eclipse/transformer/pull/581) - Bump step-security/harden-runner from 2.7.1 to 2.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/580](https://redirect.github.com/eclipse/transformer/pull/580) - Bump commons-cli:commons-cli from 1.7.0 to 1.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/582](https://redirect.github.com/eclipse/transformer/pull/582) - Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/585](https://redirect.github.com/eclipse/transformer/pull/585) - Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/584](https://redirect.github.com/eclipse/transformer/pull/584) - Bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/586](https://redirect.github.com/eclipse/transformer/pull/586) - Bump net.bytebuddy:byte-buddy from 1.14.16 to 1.14.17 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/587](https://redirect.github.com/eclipse/transformer/pull/587) - Bump github/codeql-action from 3.25.6 to 3.25.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/588](https://redirect.github.com/eclipse/transformer/pull/588) - Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.13.0 to 3.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/591](https://redirect.github.com/eclipse/transformer/pull/591) - Bump org.apache.maven.plugins:maven-plugin-plugin from 3.13.0 to 3.13.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/589](https://redirect.github.com/eclipse/transformer/pull/589) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/590](https://redirect.github.com/eclipse/transformer/pull/590) - Bump github/codeql-action from 3.25.7 to 3.25.8 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/592](https://redirect.github.com/eclipse/transformer/pull/592) - Bump step-security/harden-runner from 2.8.0 to 2.8.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/593](https://redirect.github.com/eclipse/transformer/pull/593) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/594](https://redirect.github.com/eclipse/transformer/pull/594) - Bump github/codeql-action from 3.25.8 to 3.25.9 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/597](https://redirect.github.com/eclipse/transformer/pull/597) - Bump actions/checkout from 4.1.6 to 4.1.7 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/596](https://redirect.github.com/eclipse/transformer/pull/596) - Bump github/codeql-action from 3.25.9 to 3.25.10 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/598](https://redirect.github.com/eclipse/transformer/pull/598) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/599](https://redirect.github.com/eclipse/transformer/pull/599) - Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/601](https://redirect.github.com/eclipse/transformer/pull/601) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.0 to 3.7.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/602](https://redirect.github.com/eclipse/transformer/pull/602) - Bump org.junit:junit-bom from 5.10.2 to 5.10.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/604](https://redirect.github.com/eclipse/transformer/pull/604) - Bump github/codeql-action from 3.25.10 to 3.25.11 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/605](https://redirect.github.com/eclipse/transformer/pull/605) - Bump net.bytebuddy:byte-buddy from 1.14.17 to 1.14.18 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/608](https://redirect.github.com/eclipse/transformer/pull/608) - Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/609](https://redirect.github.com/eclipse/transformer/pull/609) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/610](https://redirect.github.com/eclipse/transformer/pull/610) - Bump github/codeql-action from 3.25.11 to 3.25.12 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/612](https://redirect.github.com/eclipse/transformer/pull/612) - Bump step-security/harden-runner from 2.8.1 to 2.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/613](https://redirect.github.com/eclipse/transformer/pull/613) - Bump github/codeql-action from 3.25.12 to 3.25.13 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/615](https://redirect.github.com/eclipse/transformer/pull/615) - Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/614](https://redirect.github.com/eclipse/transformer/pull/614) - Bump github/codeql-action from 3.25.13 to 3.25.14 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/616](https://redirect.github.com/eclipse/transformer/pull/616) - Bump github/codeql-action from 3.25.14 to 3.25.15 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/617](https://redirect.github.com/eclipse/transformer/pull/617) - Bump step-security/harden-runner from 2.9.0 to 2.9.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/619](https://redirect.github.com/eclipse/transformer/pull/619) - Bump actions/setup-java from 4.2.1 to 4.2.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/618](https://redirect.github.com/eclipse/transformer/pull/618) - Bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/621](https://redirect.github.com/eclipse/transformer/pull/621) - Bump github/codeql-action from 3.25.15 to 3.26.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/620](https://redirect.github.com/eclipse/transformer/pull/620) - Bump org.codehaus.mojo:exec-maven-plugin from 3.4.0 to 3.4.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/622](https://redirect.github.com/eclipse/transformer/pull/622) - Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/623](https://redirect.github.com/eclipse/transformer/pull/623) - Bump github/codeql-action from 3.26.0 to 3.26.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/624](https://redirect.github.com/eclipse/transformer/pull/624) - Bump github/codeql-action from 3.26.1 to 3.26.2 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/627](https://redirect.github.com/eclipse/transformer/pull/627) - Bump org.junit:junit-bom from 5.10.3 to 5.11.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/626](https://redirect.github.com/eclipse/transformer/pull/626) - Bump commons-cli:commons-cli from 1.8.0 to 1.9.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/625](https://redirect.github.com/eclipse/transformer/pull/625) - Bump net.bytebuddy:byte-buddy from 1.14.18 to 1.14.19 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/628](https://redirect.github.com/eclipse/transformer/pull/628) - Bump org.apache.maven.plugins:maven-plugin-plugin from 3.13.1 to 3.14.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/632](https://redirect.github.com/eclipse/transformer/pull/632) - Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/629](https://redirect.github.com/eclipse/transformer/pull/629) - Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.13.1 to 3.14.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/630](https://redirect.github.com/eclipse/transformer/pull/630) - Bump github/codeql-action from 3.26.2 to 3.26.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/634](https://redirect.github.com/eclipse/transformer/pull/634) - Bump org.apache.maven.plugins:maven-install-plugin from 3.1.2 to 3.1.3 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/633](https://redirect.github.com/eclipse/transformer/pull/633) - \[ISSUE 606] Discard signatures from jar file that was mutated by [@jluehe](https://redirect.github.com/jluehe) in [https://github.com/eclipse/transformer/pull/607](https://redirect.github.com/eclipse/transformer/pull/607) - Bump github/codeql-action from 3.26.3 to 3.26.4 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/636](https://redirect.github.com/eclipse/transformer/pull/636) - Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/638](https://redirect.github.com/eclipse/transformer/pull/638) - Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/eclipse/transformer/pull/637](https://redirect.github.com/eclipse/transformer/pull/637) - Prepare for 1.0 release by [@bjhargrave](https://redirect.github.com/bjhargrave) in [https://github.com/eclipse/transformer/pull/635](https://redirect.github.com/eclipse/transformer/pull/635) #### New Contributors - [@step-security-bot](https://redirect.github.com/step-security-bot) made their first contribution in [https://github.com/eclipse/transformer/pull/377](https://redirect.github.com/eclipse/transformer/pull/377) - [@jeanouii](https://redirect.github.com/jeanouii) made their first contribution in [https://github.com/eclipse/transformer/pull/470](https://redirect.github.com/eclipse/transformer/pull/470) - [@mnriem](https://redirect.github.com/mnriem) made their first contribution in [https://github.com/eclipse/transformer/pull/529](https://redirect.github.com/eclipse/transformer/pull/529) - [@jluehe](https://redirect.github.com/jluehe) made their first contribution in [https://github.com/eclipse/transformer/pull/607](https://redirect.github.com/eclipse/transformer/pull/607) **Full Changelog**: https://github.com/eclipse/transformer/compare/0.5.0...1.0.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/camunda/camunda).

[StepSecurity] ci: Harden GitHub Actions

4f3e8f6

Signed-off-by: StepSecurity Bot <[email protected]>

bjhargrave merged commit 2ad339d into eclipse-transformer:main Dec 8, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[StepSecurity] ci: Harden GitHub Actions #377

[StepSecurity] ci: Harden GitHub Actions #377

step-security-bot commented Dec 8, 2022

[StepSecurity] ci: Harden GitHub Actions #377

[StepSecurity] ci: Harden GitHub Actions #377

Conversation

step-security-bot commented Dec 8, 2022

Summary

Security Fixes

Pinned Dependencies

Harden Runner

Feedback