Bump dependency io.github.git-commit-id:git-commit-id-maven-plugin to v9.1.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
io.github.git-commit-id:git-commit-id-maven-plugin	9.0.2 → 9.1.0

---

Release Notes

git-commit-id/git-commit-id-maven-plugin (io.github.git-commit-id:git-commit-id-maven-plugin)

v9.1.0: Version 9.1.0

Compare Source

Version 9.1.0 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

• git-commit-id/git-commit-id-plugin-core#247 / #​136 / #​535: Add support for perModuleVersions (thanks @​mharriger)
• Extended testing support to Java 24, 25, and 26
• Migrated from oss-parent to central-publishing-maven-plugin for deployment

• bump several plugins
  • bump io.github.git-commit-id:git-commit-id-plugin-core from 6.0.0 to 6.1.5
    • bump org.eclipse.jgit:org.eclipse.jgit from 6.10.0.202406032230-r to 6.10.1.202505221210-r
    • bump org.eclipse.jgit:org.eclipse.jgit.ssh.jsch from 6.10.0.202406032230-r to 6.10.1.202505221210-r
    • bump joda-time:joda-time from 2.14.0 to 2.14.1
    • bump org.yaml:snakeyaml from 2.4 to 2.6
    • Full list: https://github.com/git-commit-id/git-commit-id-plugin-core/releases/tag/v6.1.5
  • bump commons-io:commons-io from 2.19.0 to 2.21.0 (scope test)
  • bump org.junit.jupiter:* from 5.12.2 to 5.13.4 (scope test)
  • bump org.mockito:mockito-core from 5.18.0 to 5.23.0 (scope test)
  • bump org.assertj:assertj-core from 3.27.3 to 3.27.7 (scope test)
• bump several maven plugins
  • bump org.apache.maven.plugins:maven-antrun-plugin from 3.1.0 to 3.2.0
  • bump org.apache.maven.plugins:maven-assembly-plugin from 3.7.1 to 3.8.0
  • bump org.apache.maven.plugins:maven-clean-plugin from 3.4.1 to 3.5.0
  • bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.15.0
  • bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to 3.10.0
  • bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.2
  • bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8
  • bump org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0
  • bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.12.0
  • bump org.apache.maven.plugins:maven-plugin-plugin from 3.15.1 to 3.15.2
  • bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.3.1
  • bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.5.0
  • bump org.apache.maven.plugins:maven-source-plugin from 3.3.1 to 3.4.0
  • bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.5
  • bump org.codehaus.mojo:versions-maven-plugin from 2.18.0 to 2.21.0
  • bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.6.3
  • bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14
  • bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.15.1 to 3.15.2

Getting the latest release

The plugin is available from Maven Central (see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency:

<dependency>
    <groupId>io.github.git-commit-id</groupId>
    <artifactId>git-commit-id-maven-plugin</artifactId>
    <version>9.1.0</version>
</dependency>

Getting the latest snapshot (build automatically)

If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by github actions:

<pluginRepositories>
    <pluginRepository>
        <id>sonatype-snapshots</id>
        <name>Sonatype Snapshots</name>
         <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
    </pluginRepository>
</pluginRepositories>

Even though the github actions will only deploy a new snapshot once all tests have finished, it is recommended to rely on the released and more stable version.

Known Issues / Limitations:

• This plugin is unfortunately not working with Heroku which is due to the fact how Heroku works. In summary Heroku does not copy over the .git-repository but in order to determine the git properties this plugin relies on the fact that it has access to the git-repository. A somewhat workaround to get some information is outlined in ktoso/maven-git-commit-id-plugin#279 (comment)
• Using maven's plugin prefix resolution (e.g. mvn com.test.plugins:myPlugin:myMojo) might result in unresolved properties even with <injectAllReactorProjects>true</injectAllReactorProjects>. Please refer to git-commit-id/maven-git-commit-id-plugin#287 or git-commit-id/maven-git-commit-id-plugin#413 (comment) for details and potential workarounds

Reporting Problems

If you find any problem with this plugin, feel free to report it here

Full Changelog: git-commit-id/git-commit-id-maven-plugin@v9.0.2...v9.1.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

☀️   Quality Monitor

Tests

     Unit Tests: ✅ successful — 87 passed, 2 skipped
   ⛔   Architecture Tests: ✅ successful — 17 passed, 2 skipped

Coverage for New Code

   〰️   Line Coverage: 100.00% — perfect 🎉
   ➰   Branch Coverage: 100.00% — perfect 🎉
     Mutation Coverage: 100.00% — perfect 🎉
   💪   Test Strength: 100.00% — perfect 🎉

Coverage for Whole Project

   〰️   Line Coverage: 91.57% — 65 missed lines
   ➰   Branch Coverage: 90.45% — 21 missed branches
     Mutation Coverage: 91.61% — 26 survived mutations
   💪   Test Strength: 94.67% — 16 survived mutations in tested code

Style

     CheckStyle: No warnings
     PMD: No warnings
   ☕   Java Compiler: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: No bugs

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

   🛡️   OWASP Dependency Check: No vulnerabilities

Software Metrics

   🌀   Cyclomatic Complexity: 384 (total)
   💭   Cognitive Complexity: 174 (total)
   ➿   N-Path Complexity: 348 (total)
   📏   Lines of Code: 4410 (total)
   📝   Non Commenting Source Statements: 1274 (total)
   🔗   Class Cohesion: 71.43% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

🚦 Quality Gates

Overall Status: ✅ SUCCESS

✅ Passed Gates

• ✅ Overall Tests Success Rate: 100.00 >= 100.00
• ✅ Line Coverage in New Code: 100.00 >= 90.00
• ✅ Branch Coverage in New Code: 100.00 >= 90.00
• ✅ Mutation Coverage in New Code: 100.00 >= 90.00
• ✅ Potential Bugs in Whole Project: 0.00 <= 0.00
• ✅ Style Violation in Whole Project: 0.00 <= 0.00

---

Created by Quality Monitor v4.7.1 (#236fd54). More details are shown in the GitHub Checks Result.