chore(deps): bump io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.1 to 8.0.2

[dependabot]

Bumps io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.1 to 8.0.2.

Release notes

Sourced from io.github.git-commit-id:git-commit-id-maven-plugin's releases.

Version 8.0.2 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

• bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.1 to 4.0.2

• bump org.mockito:mockito-core from 5.10.0 to 5.11.0

• #718/#721: replace junit:junit:4.13.2:test with org.junit.jupiter:junit-jupiter-*:5.10.2:test

• #717/#720: update org.sonatype.plexus:plexus-build-api:0.0.7 to org.codehaus.plexus:plexus-build-api:1.2.0

• bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0

• bump org.apache.maven.plugins:maven-assembly-plugin from 3.6.0 to 3.7.0

• #717: Update maven-plugin-api.version from 3.9.2 to 3.9.6

Getting the latest release

The plugin is available from Maven Central (see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency:

<dependency>
    <groupId>io.github.git-commit-id</groupId>
    <artifactId>git-commit-id-maven-plugin</artifactId>
    <version>8.0.2</version>
</dependency>

Getting the latest snapshot (build automatically)

If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by github actions:

<pluginRepositories>
    <pluginRepository>
        <id>sonatype-snapshots</id>
        <name>Sonatype Snapshots</name>
         <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
    </pluginRepository>
</pluginRepositories>

Even though the github actions will only deploy a new snapshot once all tests have finished, it is recommended to rely on the released and more stable version.

Known Issues / Limitations:

• This plugin is unfortunately not working with Heroku which is due to the fact how Heroku works. In summary Heroku does not copy over the .git-repository but in order to determine the git properties this plugin relies on the fact that it has access to the git-repository. A somewhat workaround to get some information is outlined in ktoso/maven-git-commit-id-plugin#279
• Using maven's plugin prefix resolution (e.g. mvn com.test.plugins:myPlugin:myMojo) might result in unresolved properties even with <injectAllReactorProjects>true</injectAllReactorProjects>. Please refer to git-commit-id/maven-git-commit-id-plugin#287 or git-commit-id/maven-git-commit-id-plugin#413 for details and potential workarounds

Reporting Problems

If you find any problem with this plugin, feel free to report it here

Commits

• a653500 [maven-release-plugin] prepare release v8.0.2
• a47df92 Merge pull request #721 from git-commit-id/718
• 2abe48d Merge remote-tracking branch 'origin/master' into 718
• 95deae6 git-commit-id/git-commit-id-maven-plugin#718: repla...
• 2b06e3f Merge pull request #706 from git-commit-id/dependabot/maven/org.mockito-mocki...
• d7524f5 Bump org.mockito:mockito-core from 5.10.0 to 5.11.0
• f7048fc git-commit-id/git-commit-id-maven-plugin#717: updat...
• f257625 tell the versions-update-plugin to ignore alpha and M versions
• 78e192a add groupId to be more explicit and hopefully dependabot can update the depen...
• 02fac6f git-commit-id/git-commit-id-maven-plugin#717: Updat...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)