Update dependency org.apache.maven:maven-core to v3.8.1 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.apache.maven:maven-core	3.0.5 -> 3.8.1

GitHub Vulnerability Alerts

CVE-2021-26291

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[0crat]

@renovate/z[bot] this pull request is too small, just 6 lines changed (less than 10), there will be no formal code review, see §53 and §28; in the future, try to make sure your pull requests are not too small; @yegor256/z please review this and merge or reject

[yegor256]

@rultor please, try to merge

[rultor]

@rultor please, try to merge

@yegor256 OK, I'll try to merge now. You can check the progress of the merge here.

[rultor]

@rultor please, try to merge

@renovate[bot] @yegor256 Oops, I failed. You can see the full log here (spent 7min).

Reading src/main/java/com/jcabi/aether/MavenRootArtifact.java ...
Reading src/main/java/com/jcabi/aether/RepositoryAuthentication.java ...
Reading src/main/java/com/jcabi/aether/RepositoryProxy.java ...
Reading src/main/java/com/jcabi/aether/Aether.java ...
Puzzle 11-2b91e5db 30/DEV at src/main/java/com/jcabi/aether/Aether.java
Puzzle 69-46002db1 30/DEV at src/main/java/com/jcabi/aether/Aether.java
Reading src/main/java/com/jcabi/aether/MavenClasspath.java ...
Reading src/main/java/com/jcabi/aether/SimpleRepository.java ...
Reading src/main/java/com/jcabi/aether/Classpath.java ...
Reading src/main/java/com/jcabi/aether/LogTransferListener.java ...
Reading src/main/java/com/jcabi/aether/AmazonWagonProvider.java ...
Reading src/main/java/com/jcabi/aether/RepositorySystemBuilder.java ...
Reading src/main/java/com/jcabi/aether/RootArtifact.java ...
Reading src/main/java/com/jcabi/aether/Repository.java ...
Reading src/main/java/com/jcabi/aether/package-info.java ...
Reading src/main/aspect/README.txt ...
Reading .gitattributes ...
Reading .gitignore ...
Reading .github/workflows/codecov.yml ...
Reading .github/workflows/xcop.yml ...
Reading .github/workflows/mvn.yml ...
Reading .github/workflows/pdd.yml ...
Reading README.md ...
Reading .rultor.yml ...
Reading pom.xml ...
Reading .0pdd.yml ...
Reading LICENSE.txt ...
sudo: unable to resolve host docker: Temporary failure in name resolution

Reading package lists... 0%

Reading package lists... 0%

Reading package lists... 0%

Reading package lists... 5%

Reading package lists... 5%

Reading package lists... 5%

Reading package lists... 5%

Reading package lists... 53%

Reading package lists... 53%

Reading package lists... 54%

Reading package lists... 54%

Reading package lists... 65%

Reading package lists... 65%

Reading package lists... 70%

Reading package lists... 72%

Reading package lists... 72%

Reading package lists... 77%

Reading package lists... 77%

Reading package lists... 77%

Reading package lists... 77%

Reading package lists... 78%

Reading package lists... 78%

Reading package lists... 78%

Reading package lists... 78%

Reading package lists... 87%

Reading package lists... 87%

Reading package lists... 93%

Reading package lists... 93%

Reading package lists... 97%

Reading package lists... 97%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... 98%

Reading package lists... Done


Building dependency tree... 0%

Building dependency tree... 0%

Building dependency tree... 50%

Building dependency tree... 50%

Building dependency tree       


Reading state information... 0%

Reading state information... 0%

Reading state information... Done

The following additional packages will be installed:
  openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless
Suggested packages:
  openjdk-8-demo openjdk-8-source visualvm fonts-ipafont-gothic
  fonts-ipafont-mincho fonts-wqy-microhei fonts-wqy-zenhei fonts-indic
The following NEW packages will be installed:
  openjdk-8-jdk openjdk-8-jdk-headless openjdk-8-jre openjdk-8-jre-headless
0 upgraded, 4 newly installed, 0 to remove and 6 not upgraded.
Need to get 40.6 MB of archives.
After this operation, 148 MB of additional disk space will be used.

0% [Working]
            
Ign:1 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jre-headless amd64 8u342-b07-0ubuntu1~20.04

0% [Working]
            
Ign:2 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jre amd64 8u342-b07-0ubuntu1~20.04

            
Ign:3 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jdk-headless amd64 8u342-b07-0ubuntu1~20.04

            
Ign:4 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jdk amd64 8u342-b07-0ubuntu1~20.04

0% [Connecting to security.ubuntu.com]
                                      
Err:1 http://security.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jre-headless amd64 8u342-b07-0ubuntu1~20.04
  404  Not Found [IP: 91.189.91.81 80]

                                      
0% [Working]
            
Err:2 http://security.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jre amd64 8u342-b07-0ubuntu1~20.04
  404  Not Found [IP: 91.189.91.81 80]

0% [Working]
            
Err:3 http://security.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jdk-headless amd64 8u342-b07-0ubuntu1~20.04
  404  Not Found [IP: 91.189.91.81 80]

0% [Working]
            
Err:4 http://security.ubuntu.com/ubuntu focal-updates/universe amd64 openjdk-8-jdk amd64 8u342-b07-0ubuntu1~20.04
  404  Not Found [IP: 91.189.91.81 80]

0% [Working]
            
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jre-headless_8u342-b07-0ubuntu1~20.04_amd64.deb  404  Not Found [IP: 91.189.91.81 80]
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jre_8u342-b07-0ubuntu1~20.04_amd64.deb  404  Not Found [IP: 91.189.91.81 80]
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jdk-headless_8u342-b07-0ubuntu1~20.04_amd64.deb  404  Not Found [IP: 91.189.91.81 80]
E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/universe/o/openjdk-8/openjdk-8-jdk_8u342-b07-0ubuntu1~20.04_amd64.deb  404  Not Found [IP: 91.189.91.81 80]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
container b191f5b84a2cef5e691499b9e63dc7c8c1e48fc3a1b9555eaac71715c2924d59 is dead
Wed Dec  4 15:06:11 UTC 2024