Bump versions-maven-plugin from 2.5 to 2.8.1

[dependabot-preview]

Bumps versions-maven-plugin from 2.5 to 2.8.1.

Release notes

Sourced from versions-maven-plugin's releases.

2.8.1

⭐ New Features

• Remove cobertura-maven-plugin #409
• Removed plexus-i18n #405
• Fixes #82 ensure version change affects only the current directory (and child directories), not the parent or sibling directories #400
• Fixes #321 fail the build when parsing XML of child modules fails due to invalid XML #399
• Upgrade GitHub Actions #398
• Ensure display output is order, only order at point of printing #394
• use-latest-versions ignores dependencies with versions defined as properties #340
• make build reproducible #424

🪲 Bug Fixes

• Downgrade commons-lang3 to 3.8.1 to keep JDK7 promise #411
• Warning if plugin is executed in parallel #373
• display-plugin-updates fails if non-local parent is present in POM #422

🔨 Dependency Upgrades

• Upgrade maven-invoker-plugin to 3.2.1 #420
• Upgrade modello-maven-plugin from 1.9.1 to 1.11 #410
• Upgrade plugin version for versions-maven-plugin from 2.4 to 2.7 #408
• Upgrade doxia from 1.7 to 1.9.1 #407
• Upgrade wagon from 2.12 to 3.4.0 #406
• Upgrade plexus-interactivity-api from 1.0-alpha-6 to 1.0 #404
• Upgrade plexus-container-default from 1.7.1 to 2.1.0 #403
• Upgrade hamcrest-library from 1.3 to hamcrest-core 2.2 #402
• Upgrade mockito 1.9.5 to 2.28.2 #401
• Upgrade woodstox-core-asl from 4.2.0 to 4.4.1 #397
• Upgrade maven-common-artifact-filters to 3.1.0 #389
• Upgrade plexus-utils to 3.3.0 #388
• commons-lang3 v3.9 #380

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @stefanseifert
• @nhojpatrick

Changelog

Sourced from versions-maven-plugin's changelog.

Release Notes

2.6

• [Pull Request #252][pull-252]

  Thanks to Edward Maxwell-Lyte [email protected]

  Minor spelling corrections

• [Fixed Issue 157][issue-157]

  Document the end of versioning limitations in Maven 3.x There may remain good reasons for defining custom versioning rules to let versions-maven-plugin apply, but at least not the old Maven 2.x limitation

• [Fixed Issue 256][issue-256]

  if initial and new version are equals, just display initial this means this is a plugin version that requires a Maven version that is not compatible with project minimum version, not really a proposed upgrade

• [Fixed Issue 237][issue-237]

  Thanks to Julian Di Leonardo [email protected]

  Adding parent processing to UseLatestVersion/UseLatestSnapshot/UseLatestRelease

• [Fixed Issue 190][issue-190]

  Thanks to Julian Di Leonardo [email protected]

  Fixing issue in update-child-modules, where root module's version was being used in all downstream children even when a child's parent was different.

• [Fixed Issue 219][issue-219]

  Added threadSafe=true to goals to prevent warning in Maven builds if you start Maven via: mvn -T ..

• [Fixed Issue 215][issue-215]

Commits

• 2bd95c9 [maven-release-plugin] prepare release versions-maven-plugin-2.8.1
• f4b555b Merge pull request #423 from stefanseifert/issue/422-plugin-updates-parent-npe
• 979e363 make build reproducible #424
• 29b368d Fixes #422 Avoid NPE when non-local parent POM is present
• a6432f9 [maven-release-plugin] prepare for next development iteration
• db78f72 [maven-release-plugin] prepare release versions-maven-plugin-2.8
• 76f95b4 Fixed #420 - Upgrade maven-invoker-plugin to 3.2.1
• 0b90014 Fixes #413 - fix maven site generation (#414)
• 9915931 Fix #306: Adjust rules schemaLocation (#330)
• 6d91fe0 Fixed #411 - Downgrade commons-lang3 to 3.8.1 to keep JDK7 promise
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)