Bump org.apache.maven:maven-parent from 39 to 41

[dependabot]

Bumps org.apache.maven:maven-parent from 39 to 41.

Release notes

Sourced from org.apache.maven:maven-parent's releases.

41

Improvement

• [MPOM-426] - downgrade plexus-xml to 3.0.0: 4.0.0 is incompatible with Maven 3
• [MPOM-429] - Support development with Java 21 (palantirJavaFormat)
• [MPOM-443] - Skip empty surefire reports

Task

• [MPOM-427] - use version.artifactId property for dependency versions (like plugins)
• [MPOM-436] - Remove quality-checks profile with maven-docck-plugin
• [MPOM-445] - Use maven-checkstyle-plugin version from parent

Dependency upgrade

• [MPOM-425] - Bump com.diffplug.spotless:spotless-maven-plugin from 2.37.0 to 2.40.0
• [MPOM-441] - Bump maven-jxr-plugin from 3.3.0 to 3.3.1
• [MPOM-442] - Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.7.10
• [MPOM-444] - Bump maven-pmd-plugin from 3.21.0 to 3.21.2
• [MPOM-446] - Upgrade Parent to 31

40

New Feature

• [MPOM-346] - publish SBOM on release

Improvement

• [MPOM-397] - Don not run ITs during release
• [MPOM-422] - Bump modello from 2.1.1 to 2.1.2

Task

• [MPOM-200] - remove Apache Resource Bundles parent POM
• [MPOM-415] - Use surefire/failsafe version from ASF parent

Dependency upgrade

• [MPOM-390] - Upgrade to Maven Fluido Skin 1.11.2
• [MPOM-391] - Upgrade to Maven Surefire 3.0.0-M8
• [MPOM-392] - Upgrade to Maven Checkstyle Plugin 3.2.1
• [MPOM-393] - Upgrade to Maven PMD Plugin 3.21.0
• [MPOM-412] - Bump maven-enforcer-plugin to 3.3.0 and extra-enforcer-rules from 1.6.1 to 1.7.0

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[elharo]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[slawekjaranowski]

There is no report in maven-plugin-plugin

[slachiewicz]

What I shoud add?

[slawekjaranowski]

maven-plugin-report-plugin