Releases: apache/creadur-rat
0.18
Apache Creadur RAT 0.18
RELEASE NOTES
The Apache Creadur RAT team is pleased to announce the release of Apache Creadur RAT 0.18
Apache RAT is a release audit tool. It improves accuracy and efficiency when checking
releases. It is heuristic in nature: making guesses about possible problems. It
will produce false positives and cannot find every possible issue with a release.
Its reports require interpretation.
In response to demands from project quality tool developers, RAT is available as a
library suitable for inclusion in tools. This POM describes that library.
Note that binary compatibility is not guaranteed between 0.x releases.
Apache RAT is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
=RELEASE 0.18 ABSTRACT=
This intermediate release addresses a severe performance issue encountered during RAT runs in version 0.17.
The issue has been resolved by reducing the sample size used for Tika charset detection
from 12,000 bytes to 256 bytes (thanks to Ryan Schmitt).
In addition, the Java language level required to build RAT has been raised to 17.
However, we recommend using at least JDK 21 due to a Javadoc issue affecting certain JDK versions (tracked under RAT-497).
RAT now also uses UTF-8 as its default character set.
These changes allowed us to adopt more modern language features, resolve numerous CVEs in dependent plugins and libraries,
and integrate with SonarCloud’s code analysis.
This release also includes a range of bug fixes, minor improvements, and dependency updates.
Furthermore, RAT’s generated report is now produced in XHTML5, and excessive INFO-level logging in the Maven plugin has been reduced.
Many thanks to all contributors and to our users for their valuable feedback.
Changes in this version include:
New features:
o RAT-440: Upgrade to doxia 2.0.0 and generate XHTML5 reports during RAT runs (fixes multiple CVEs implicitly).
Thanks to guptas6est.
o RAT-475, RAT-533: Speedup tests and avoid garbage collection workaround by changing to CleanupMode.NONE in jUnit's TempDir usages.
Thanks to Ryan Schmitt.
o RAT-293: Add integration of RAT into SonarCloud analysis now that JDK8 is dropped
and generate a test coverage report with JaCoCo.
o RAT-478: Due to the switch to Java17 language level we use UTF-8 as default charset to process configuration
and exclusion configuration files within RAT.
o RAT-478: Switch to Java17 language level in Creadur RAT. Due to RAT-497 we cannot generate Javadocs/the site
with JDK17, thus use JDK21 to build the project.
o RAT-524: Fixes case-sensitive detection time of underlying file system and removed MAVEN StandardCollection
from default Maven processing to improve overall processing time.
o RAT-504: Provide a migration guide to specific RAT versions for downstream users.
o RAT-513: Introduce new standard exclusion collection for Gradle projects. Thanks to Robert Stupp.
o RAT-501: Changed '/.externalToolBuilders' to '/.externalToolBuilders/' in the ECLIPSE standard exclusion list
and added '/bin/**' to ignore generated binary folders in Eclipse IDE. Thanks to pottlinger.
Fixed Bugs:
o RAT-533: Reduce sample size of charset detection from 12000 to 256 byte (Tika) to increase I/O performance of RAT scans.
Thanks to Ryan Schmitt.
o RAT-531: Fix NPE that license families is null if licenses are defined manually, reported by huangxiaoping from Hudi.
Thanks to huangxiaoping.
o RAT-512: Bugfix to mark PDF files as binary instead of standard files as they do not contain licenses.
Thanks to Niels Basjes.
o RAT-526: New version of maven-resources-plugin does not by default include hidden files, adapt our test setup accordingly.
o RAT-490: Update commons-lang3 to 3.20.0 to avoid deprecation warnings when building with JDK25
(Use of the three-letter time zone ID 'ACT' is deprecated and it will be removed in a future release).
Thanks to Lenny Primark.
o RAT-497: Fix javadoc generation problem with JDK17 (javadoc:javadoc) by removing reference to method itself and
fix other javadoc errors in IXmlWriter, but combined javadoc/site build still fails with certain JDK versions.
o RAT-500: Do not throw an exception if no arguments are provided in CLI, encourage to use --help instead.
o RAT-507: Fix CopyrightMatcher parsing issues if input contains non-space or formatting characters.
o RAT-501: Fix pom configuration issues from migration to using RAT 0.17.
Changes:
o RAT-498: Update assertj from 3.27.6 to 4.0.0-M1 and use bom for dependency management.
o RAT-498: Update plexus-utils from 3.5.1 to 3.6.0.
o RAT-498: Update exec-maven-plugin from 3.6.1 to 3.6.3.
o RAT-498: Update junit from 5.13.4 to 6.1.0-M1.
o RAT-498: Update mockito from 4.11.0 to 5.22.0 and use bom for dependency management.
o RAT-498: Update tika from 2.9.4 to 3.2.3 due to CVE-2025-66516.
o RAT-508: Removed excess INFO logging in Maven plugin.
Run with -X or use the verbose option in order to see output on debug level.
Thanks to Gary D. Gregory.
o RAT-498: Update Maven wrapper to v3.9.13.
o RAT-498: Update org.codehaus.plexus:plexus-testing from 1.6.0 to 2.1.0. Thanks to dependabot.
o RAT-498: Update maven-antrun-plugin from 3.1.0 to 3.2.0. Thanks to dependabot.
o RAT-498: Update actions/upload-artifact from 4 to 7. Thanks to dependabot.
o RAT-498: Update maven-plugin-annotations, maven-plugin-plugin and maven-plugin-report-plugin from 3.15.1 to 3.15.2. Thanks to dependabot.
o RAT-498: Update plugin-testing-harness from 3.3.0 to 3.5.1. Thanks to dependabot.
o RAT-498: Update develocity-maven-extension from 2.2 to 2.3.4. Thanks to dependabot.
o RAT-498: Update commons-io from 2.20.0 to 2.21.0. Thanks to dependabot.
o RAT-498: Update actions/checkout from 5 to 6. Thanks to dependabot.
o RAT-498: Update taglist-maven-plugin from 3.2.1 to 3.2.2. Thanks to dependabot.
o RAT-498: Update maven-resources-plugin from 3.3.1 to 3.5.0. Thanks to dependabot.
o RAT-498: Update commons-text from 1.14.0 to 1.15.0. Thanks to dependabot.
o RAT-498: Update actions/cache from 4 to 5. Thanks to dependabot.
o RAT-498: Update ASF parent pom org.apache:apache from 35 to 37 and minimum required Maven version set to 3.9. Thanks to dependabot.
o RAT-498: Update animal-sniffer-plugin from 1.26 to 1.27. Thanks to dependabot.
o RAT-498: Update maven-compiler-plugin from 3.14.1 to 3.15.0. Thanks to dependabot.
o RAT-498: Update maven-dependency-plugin from 3.9.0 to 3.10.0. Thanks to dependabot.
o RAT-498: Update maven-surefire-plugin from 3.5.4 to 3.5.5. Thanks to dependabot.
o RAT-498: Update maven-failsafe-plugin from 3.5.4 to 3.5.5. Thanks to dependabot.
Historical list of changes: https://creadur.apache.org/rat/changes.html
For complete information on Apache Creadur RAT, including instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Apache Creadur RAT website:
https://creadur.apache.org/rat/
Historical list of changes: https://creadur.apache.org/rat/changes.html
Known issues: https://creadur.apache.org/rat/apache-rat/known_issues.html
Migration guide: https://creadur.apache.org/rat/apache-rat/migration-guide.html
=WEBPAGE=
For complete information on Apache Creadur RAT, including instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Creadur RAT website:
https://creadur.apache.org/rat/
=DOWNLOAD=
Direct download (source, binary and signature files) can be found here:
https://creadur.apache.org/rat/download_rat.cgi
=VERIFICATION=
The KEYS file https://downloads.apache.org/creadur/KEYS links to the code signing keys used to sign the product:
https://creadur.apache.org/rat/download_rat.cgi
The PGP link downloads the OpenPGP compatible signature.
The SHA512 links download the checksum.
Enjoy and thanks for your patience!
-The Apache Creadur team
0.17
Apache Creadur RAT 0.17
RELEASE NOTES
The Apache Creadur RAT team is pleased to announce the release of Apache Creadur RAT 0.17
Apache RAT is a release audit tool. It improves accuracy and efficiency when checking
releases. It is heuristic in nature: making guesses about possible problems. It
will produce false positives and cannot find every possible issue with a release.
Its reports require interpretation.
In response to demands from project quality tool developers, RAT is available as a
library suitable for inclusion in tools. This POM describes that library.
Note that binary compatibility is not guaranteed between 0.x releases.
Apache RAT is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
Release 0.17
Apart from many dependency updates and multiple bugfixes, this release brings
a major harmonization among all available UIs (CLI, Apache Ant, Apache Maven)
concerning parameters and configuration options to run RAT. Therefore please
consult the available extended and updated documentation over at the project's
webpage in order to see examples and overviews of the new configuration options!
RAT generates a more expressive report now as certain individually configurable
limits for counters exist. In case you do preprocessing of the report, you need
to adapt your scripts according to RAT's XSD schema.
Furthermore, the inclusion/exclusion configuration (e.g. .gitignore), parsing
and processing in RAT was overhauled - see RAT-476 for a known issue in that regard.
Many checkstyle, spotbugs and documentation issues were fixed.
Additionally, a new automated test suite was developed in order to ease testing
of edge cases and example licenses and custom license definitions.
RAT's homepage contents and its generation method were modernized and a lot of
new documentation was added to ease configuration of RAT in your project.
The next release will remove deprecated options and classes.
Thanks for your patience and all the feedback in the making of this release!
#bigKudosToClaude would be a proper release name.
Changes in this version include:
New features:
o RAT-489: Provide a central known issues section to the RAT homepage in order
to inform users more directly about already known challenges with
the current RAT version.
o RAT-481: Update scripts to generate RAT's webpage and fix multiple linking,
menu and documentation errors.
o RAT-128: Properly distinguish between Apache licenses 1.0, 1.1 and 2.0 and
rename to Apache license in reports.
o RAT-485: Add documentation of environment variables used in the RAT engine.
o RAT-362: Improve test and test result reporting for .gitignore parsing.
Introduce environment variable abstraction.
o RAT-469: Add more integration tests for CLI and Maven plugin to verify
configuration of valid licenses, ensure copyleft has to be enabled
explicitly. Thanks to pottlinger.
o RAT-479: Cleanup documentation and remove deprecated and outdated README
files in RAT's main repository.
o RAT-406: Added integration tests for command line combinations to ensure
marking a license as denied works.
o RAT-397: Migrate webpage to newer site-plugin stack and change skin of site.
Removed some of the reports as plugins are discontinued.
Rename to RAT consistently.
o RAT-473: Take global gitignore into account when determining which files to
audit and which to skip.
o RAT-398: Deprecated certain Ant report functionality in favour of new CLI
functionality. Deprecation information is printed to indicate how
the new options can be configured.
o RAT-98: Report skipped/excluded files and integrate testing of inclusion-
exclusion and DocumentNames to work under Unix, Windows and Mac.
o RAT-471: Integrate Creadur RAT into the updated develocity.apache.org instance. Thanks to clayjohnson.
o RAT-469: Verify that projects that configure valid other licenses than
the defaults, report correctly as well. Thanks to pottlinger.
o RAT-467: Add .externalToolBuilders to the default Eclipse exclusions during RAT runs.
o RAT-453: Change layout and rendering of RAT report to contain RAT version
information, counter values, encoding information of scanned files
and aggregation by license type.
o RAT-178: Added tests to TikaProcessorTests and DefaultAnalyserFactoryTest to
properly handle non-existent and unreadable files during processing
runs of our BinaryGuesser.
o RAT-405: Do not show sample output of scanned files in XML anymore. As files
are report different tooling can be used to edit/check the files.
o RAT-259: Add new option --input-source to explicitly specify which files
to scan for licenses.
o RAT-455: Disallow GPL license family by default as ASF does not allow this
license family.
o RAT-458: Added core integration test to verify log level can be set from
the command line.
o RAT-2: Added --input-exclude-size as an option to skip the scanning of very small files.
o RAT-81: Added encoding information of the file being read to the RAT report
in case of STANDARD document files. Added media type attribute in report for all files.
o RAT-399: Moved the ignore code into apache-rat-core and provide more
statistics in RAT report. Furthermore the CLI allows configuration
of counter minimum and maximum values,
e.g. maximum number of allowed unapproved licenses.
o RAT-358: Overhaul documentation of the new functionality of RAT 0.17.
Improve and comprehend the whole project webpage.
o RAT-390: Move and reimplement exclusion configuration from Maven plugin to
RAT core. ExclusionProcessor is the central place to handle file
inclusions and exclusions now.
o RAT-383: As part of the usage the harmonization generation of Ant documentation was added.
o RAT-384: As part of the usage harmonization XSD generation was added.
o RAT-378: As part of the usage harmonization among all UIs command line options
and their arguments as well as the management of the license
exclusion/inclusion and stylesheets were refactored.
o RAT-380: Commons-cli >=1.8.0 properly reports when deprecated CLI options are
used. RAT does not need to check for deprecated options anymore as
part of the usage harmonization among all UIs.
o RAT-323: As part of the harmonization efforts CLI options are centralized
into one class, which is used to generate specific classes
for Ant and Maven runs of RAT.
o RAT-391: Integrate develocity service from Gradle and link to current results from badge in README.md.
o RAT-345: Update build scripts and Maven wrapper in the RAT repo to Maven 3.9.11.
o RAT-374, RAT-381: Automatically generate commandline options/CLI help during
the build and include it into the project webpage. Adapt READMEs.
o RAT-377: Added ability to specify the level of reporting on STANDARD files
within a project. This necessitated an addition of a command line
option "--output-standard" to limit specify the level of detail in
the STANDARD file reporting. See command line help for more details.
By default, there is no change in the reporting and
only the presence of archives are reported.
Change also fixed a major issue in license sorting. Resulting in a
change in order and expanding the name space for licenses.
Licenses now must have a unique id within the family name space.
(for example family1/one is different from family2/one).
o RAT-372: Added ability to process archive files within a project to look for
license files. This necessitated an addition of a command line
option "--output-archive" to limit specify the level of detail in
the archive report. See command line help for more details. By
default, there is no change in the reporting and only the presence
of archives is reported.
This change also marked as deprecated the "-a", "--dir" and command line options.
This change also marks an architecture change from processing Files
to processing Documents in order to facilitate processing nested files in archives.
o RAT-314: Add integration test for new default exclude .mvn, that was introduced with v0.16.
o RAT-369: Integrate checkstyle and spotbugs into the build and webpage generation.
Most charset-related errors cannot be fixed until we break
JDK8-compliance and move to newer versions. Configured a maximum of
allowed bugs to fail the build if new errors are introduced.
o RAT-54: MIME Detection Using Apache Tika.
o RAT-355: Optionally export XML configuration file as part of run.
Added framework to inspect available licenses and matchers.
o RAT-77: Adds another stylesheet to explicitly output files with missing-headers.
Thus, "plain-rat" (default), "missing-headers", and
"unapproved-licenses" can be used in all RAT clients. From the CLI
the --output-style option allows to use a short name
(e.g. "--output-style missing-headers" or "--output-style unapproved-licenses").
Fixed Bugs:
o RAT-475: Added a workaround garbage collection call to flaky tests
if running on GitHubAction in order to fix deferred I/O cleanup
with jUnit's TempDir. Thanks to Arnould Enge...
v0.16.1 - 2024-01-24
Apache Creadur Rat 0.16.1
RELEASE NOTES
The Apache Creadur Rat team is pleased to announce the release of Apache Creadur Rat 0.16.1
Apache Rat is a release audit tool. It improves accuracy and efficiency when checking
releases. It is heuristic in nature: making guesses about possible problems. It
will produce false positives and cannot find every possible issue with a release.
Its reports require interpretation.
In response to demands from project quality tool developers, Rat is available as a
library suitable for inclusion in tools. This POM describes that library.
Note that binary compatibility is not guaranteed between 0.x releases.
Apache Rat is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
As release 0.16 introduced breaking changes concerning the configurability of the Maven plugin, these configuration options are reintroduced albeit as deprecated elements. You need to adapt your configuration in contrast to pre-0.16 settings: please consult our webpage for more details and examples.
Apart from dependency updates the release contains new features in .gitignore-parser and reduces log spam of RAT.
The most important bugfix relates to performance issues (due to expensive regex scanning) in combination with the Copyright-matcher and SPDX-detection.
All feedback was used to overhaul the homepage to include how to configure custom licenses and matchers.
We migrated to jUnit5 and removed the 'apache-rat-api' module in this release.
Thanks for your patience and all the feedback in the making of this release!
Changes in this version include:
New features:
o RAT-342: Use Maven wrapper (with version 3.9.6) for reproducable local builds and on ASF Jenkins and Github Actions.
o RAT-348: Update gitignore-reader library to 1.3.1 to get latest changes in gitignore parsing. Thanks to Niels Basjes.
o RAT-346: Issue a warning if a user defined License family has the same name as an existing one. Thanks to Claude Warren.
o RAT-346: Migrate to JUnit5 and fix minor issues in tests and javadoc. Thanks to Claude Warren.
o RAT-325: Set log level default for CLI runs to WARN. This applies to test runs as well, as other UIs configure their logging natively. Thanks to Claude Warren.
o RAT-325: Add missing dejavu font in Javadoc, generate MOJO metadata in site and fix broken links in webpage.
Fixed Bugs:
o RAT-343: Reimplement old configuration elements for custom licenses in Maven plugin configurations (and updates to the webpage). Thanks to Claude Warren.
o RAT-343: Add integration test to allow enhanced testing of custom licenses. Thanks to Niels Basjes.
o RAT-349: Fix NPE by falling back to default stylesheet if none was configured before. Thanks to Niels Basjes.
o RAT-325: To improve the performance during SPDX processing a check to skip expensive regex operations was added. Thanks to Claude Warren.
o RAT-325: Internal logging feature enabled for license matching tests to avoid random test failures when manipulating System.out in test runs. Thanks to Claude Warren.
o RAT-325: Do not load fonts via Google/remotely, but use files hosted by ASF only and add privacy link to comply with ASF- and data protection/privacy regulations.
o RAT-344: Fix double output by deleting any existing RAT report before writing a fresh file during plugin runs.
Changes:
o RAT-339: Update mavenPluginPluginVersion from 3.10.2 to 3.11.0 and introduce goalPrefix in plugin configuration. Thanks to dependabot.
o RAT-339: Update junit-platform-runner from 1.8.1 to 1.10.1. Thanks to dependabot.
o RAT-339: Update junit from 5.10.0 to 5.10.1. Thanks to dependabot.
o RAT-339: Update actions/cache from 3.3.2 to 4.0.0. Thanks to dependabot.
o RAT-339: Update maven-surefire-plugin from 3.2.3 to 3.2.5. Thanks to dependabot.
o RAT-339: Update maven-jxr-plugin from 3.3.1 to 3.3.2. Thanks to dependabot.
o RAT-339: Update slf4j-simple from 2.0.9 to 2.0.11. Thanks to dependabot.
o RAT-339: Update assertj-core from 3.24.2 to 3.25.1. Thanks to dependabot.
Removed:
o RAT-346: Remove apache-rat-api module that contains misleading license-related classes. Thanks to Claude Warren.
Historical list of changes: https://creadur.apache.org/rat/changes-report.html
For complete information on Apache Creadur Rat, including instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Apache Creadur Rat website:
v0.16 - 2023-12-28
Apache Creadur Rat 0.16
RELEASE NOTES
The Apache Creadur Rat team is pleased to announce the release of Apache Creadur Rat 0.16
Apache Rat is a release audit tool. It improves accuracy and efficiency when checking
releases. It is heuristic in nature: making guesses about possible problems. It
will produce false positives and cannot find every possible issue with a release.
Its reports require interpretation.
In response to demands from project quality tool developers, Rat is available as a
library suitable for inclusion in tools. This POM describes that library.
Note that binary compatibility is not guaranteed between 0.x releases.
Apache Rat is developed by the Apache Creadur project, a language and build
agnostic home for software distribution comprehension and audit tools.
Apart from dependency updates and multiple bugfixes, this release brings the ability to use SPDX license identifiers and enhances the .gitignore-exclusion filterung during RAT runs.
Furthermore new CLI options were added and new file types can be used by default. This release makes RAT a fully Maven3-compatible plugin and removes deprecated Maven2 completely.
Thanks to all new contributors for improving RAT!
Changes in this version include:
New features:
o RAT-338: Update minimal build Maven version to 3.2.5 and maven dependencies to 3.9.6. Remove pre-JDK8 code constructs and minor refactorings. Thanks to Tamás Cservenák.
o RAT-335: Enhance .gitignore handling; support multiple .gitignore files and allow a more complete parsing of Git's ignore files. Thanks to Niels Basjes.
o RAT-322: Add configuration option to scan hidden directories: --scan-hidden-directories on the command line and scanHiddenDirectories as a Maven plugin parameter. Thanks to Jean-Baptiste Onofré.
o RAT-320: Add new command line option -o/--output to write RAT's output to a file. Thanks to Jean-Baptiste Onofré.
o RAT-329: Add markdown (MD) and yaml (YML/YAML) as a recognized extension for file and license processing. Thanks to Claude Warren.
o RAT-316: Add default exclusion of MANIFEST.MF as it must not contain comment lines to include a license.
o RAT-321: Allow text-based XML configuration of RAT. Thanks to Claude Warren.
Fixed Bugs:
o RAT-326: Fix existing javadoc build errors and add javadoc generation to existing GithubActions to not introduce build errors via merge requests.
o RAT-328: Ensure that System.out does not get closed during report generation and updated javadocs. Thanks to Claude Warren.
o RAT-311: Update commons-compress to 1.24.0 in order to circumvent CVE-2023-42503.
o RAT-251: Added SPDX processing for default licenses. Thanks to Claude Warren.
o RAT-315: Fix warnings when using RAT with newer Maven versions as methods from Maven v2 are deprecated. Minimum version of required Maven changed to 3.2.5. Thanks to Guillaume Nodet.
o RAT-317: Change log output level of SCM ignore parser from info to debug in order to produce less log output in RAT runs. Thanks to Gary Gregory.
o RAT-314: Add default recursive exclusion for maven-induced build artifacts in folder .mvn. Thanks to François Guillot.
o RAT-312: Remove Travis build as it is unreliable. Builds with ASF Jenkins and Github Actions remain as before.
Changes:
o RAT-311: Update actions/setup-java from 3.4.1 to 4.0.0. Thanks to dependabot.
o RAT-311: Update actions/cache from 3.0.11 to 3.3.2 Thanks to dependabot.
o RAT-311: Update actions/checkout from 3 to 4. Thanks to dependabot.
o RAT-311: Update mockito-core from 4.7.0 to 4.11.0, newer versions 5.x cannot be applied due to our JDK8-compatibility restriction. Thanks to dependabot.
o RAT-311: Update plexus-utils from 3.4.2 to 3.5.1, versions 4.x are for upcoming Maven4 and must not be applied here. Thanks to dependabot.
o RAT-311: Update maven-plugin-version from 3.6.4 to 3.8.2. Thanks to dependabot.
o RAT-311: Update wagon-ssh from 3.5.2 to 3.5.3. Thanks to dependabot.
o RAT-311: Update Ant from 1.10.12 to 1.10.14. Thanks to dependabot.
o RAT-311: Update ASF parent pom from 27 to 31 and update multiple maven plugin versions implicitly (surefire, release, project-info, enforcer, jxr). Thanks to dependabot.
o RAT-311: Update doxiaVersion from 1.11.1 to 1.12.0. Thanks to dependabot.
o RAT-311: Update maven-shared-utils from 3.3.4 to 3.4.2. Thanks to dependabot.
o RAT-311: Update org.slf4j:slf4j-simple from 1.7.36 to 2.0.9. Thanks to dependabot.
o RAT-311: Update commons-lang3 from 3.5 to 3.14.0. Thanks to dependabot.
o RAT-311: Update commons-compress from 1.21 to 1.25. Thanks to dependabot.
o RAT-311: Update commons-io from 2.11.0 to 2.15.1. Thanks to dependabot.
o RAT-311: Update commons-cli from 1.5.0 to 1.6.0. Thanks to dependabot.
o RAT-311: Update maven-pmd-plugin from 3.18.0 to 3.21.2. Thanks to dependabot.
o RAT-311: Update maven-dependency-plugin from 3.3.0 to 3.6.1. Thanks to dependabot.
o RAT-311: Update maven-compiler-plugin from 3.10.1 to 3.12.1. Thanks to dependabot.
o RAT-311: Update maven-javadoc-plugin from 3.4.1 to 3.6.3. Thanks to dependabot.
o RAT-311: Update maven-release-plugin from 2.5.3 to 3.0.1. Thanks to dependabot.
o RAT-311: Update maven-enforcer-plugin from 3.1.0 to 3.4.1. Thanks to dependabot.
o RAT-311: Update extra-enforcer-rules from 1.6.1 to 1.7.0 Thanks to dependabot.
o RAT-311: Update maven-release-plugin from 2.5.3 to 3.0.1. Thanks to dependabot.
o RAT-311: Update animal-sniffer-maven-plugin from 1.22 to 1.23. Thanks to dependabot.
o RAT-311: Update maven-project-info-reports-plugin from 3.4.1 to 3.5.0. Thanks to dependabot.
o RAT-311: Update maven-surefire-plugin from 3.2.2 to 3.2.3. Thanks to dependabot.
Historical list of changes: https://creadur.apache.org/rat/changes-report.html
For complete information on Apache Creadur Rat, including instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Apache Creadur Rat website: