Bump the libs group across 1 directory with 6 updates

[dependabot]

Bumps the libs group with 6 updates in the / directory:

Package	From	To
ch.qos.logback:logback-classic	1.5.12	1.5.16
org.owasp.dependencycheck	10.0.3	11.1.1
org.sonarqube	5.1.0.4882	6.0.1.5171
com.diffplug.spotless	6.25.0	7.0.1
org.jetbrains.dokka	1.9.20	2.0.0
com.vanniktech.maven.publish	0.29.0	0.30.0

Updates ch.qos.logback:logback-classic from 1.5.12 to 1.5.16

Commits

• 74c9ebd prepare release 1.5.16
• 9308a58 javadocs structure changed
• 8935470 adapt test to SLF4J version 2.0.16
• cb60369 addded StubEventEvaluator as default class for evaluator element so as to dir...
• 1da2f17 bump jxr version
• 5bde644 bump slf4j version to 2.0.16
• aa2ebae remove stax related code
• 80db86b fix issues/860
• a8a2303 start work on 1.5.16-SNAPSHOT
• bf14c2c minor javadoc update
• Additional commits viewable in compare view

Updates org.owasp.dependencycheck from 10.0.3 to 11.1.1

Updates org.sonarqube from 5.1.0.4882 to 6.0.1.5171

Updates com.diffplug.spotless from 6.25.0 to 7.0.1

Updates org.jetbrains.dokka from 1.9.20 to 2.0.0

Release notes

Sourced from org.jetbrains.dokka's releases.

2.0.0

Dokka 2.0.0 focuses on simplifying configuration and preparing for support of future Kotlin language features. Key highlights include:

• Dokka Gradle Plugin v2: revamped Gradle plugin based on Dokkatoo.
• Experimental K2 Analysis: support for K2 compiler frontend.
• HTML Improvements: better accessibility and easier customization.

More details about each of the changes below. See Dokka 2.0.0 milestone for the list of all changes.

Dokka's Gradle plugin v2 based on Dokkatoo

Please check the migration guide for the update procedure and give feedback!

Dokka 2.0.0 introduces significant improvements to Dokka Gradle plugin, aligning more closely with Gradle best practices:

• Adopts Gradle types, which leads to better performance.
• Uses an intuitive top-level DSL configuration instead of a low-level task-based setup, which simplifies the build scripts and their readability.
• Takes a more declarative approach to documentation aggregation, which makes multi-project documentation easier to manage.
• Uses a type-safe plugin configuration, which improves the reliability and maintainability of your build scripts.
• Fully supports Gradle configuration cache and build cache, which improves performance and simplifies build work.

Changes from Dokka 2.0.0-Beta

• Forward Dokka Generator messages to Gradle logger (Kotlin/dokka#3833)
• Add deprecated property to help migrate from JSON Dokka plugin configuration (Kotlin/dokka#3877)
• Rename dokkaPublicationDirectory to basePublicationsDirectory (Kotlin/dokka#3876)
• Rename dokkaModuleDirectory, and mark as internal (Kotlin/dokka#3880)
• Update and add KDoc for DGPv2 (Kotlin/dokka#3842)
• Remove DokkaPluginParametersBuilder (Kotlin/dokka#3872)
• Increase default max heap of Worker to 2G (Kotlin/dokka#3913)
• Remove the dependency of dokkaGenerate on dokkaGenerateModule* (Kotlin/dokka#3920)
• KT-71784 Fix classpath for KMP shared source sets (Kotlin/dokka#3942)
• Fix DGP/KMP integration, so Dokka can 'see' code from shared source sets in target source sets (Kotlin/dokka#3814)

Dokka's K2 analysis

Dokka 2.0.0 introduces K2 analysis, which is currently in an experimental stage. Dokka's K2 analysis leverages Kotlin's K2 compiler frontend for analysing code and uses the same shared Analysis API, which is used in IntelliJ IDEA’s K2 mode. The output with K2 analysis should mostly match that of K1 analysis, but there may be minor differences. We are actively working towards stabilizing K2 analysis and are planning to enable K2 analysis by default in future.

To opt in to Dokka's K2 analysis, add the following flag to your project's gradle.properties file:

org.jetbrains.dokka.experimental.tryK2=true

Known limitations:

• Intersecting source roots (#3701) and intersecting sample roots (#3373) may cause issues.
• Kotlin/JS libraries compiled with the legacy Kotlin/JS compiler are not supported (#3751).

We would greatly value your feedback if you encounter any of these limitations.

... (truncated)

Commits

• 3be1aa6 Update Kotlin/Dokka version references to 2.0.0 (#3957)
• 47ee7fb Update the version to the 2.0.0 release
• a2fe934 Avoid configuration resolution error for v2 migration helper task (#3950)
• a6e5b03 Update DGPv2 examples to use Kotlin 2.1.0 (#3949)
• 94eec02 Run integration tests with Kotlin 2.1.0 (#3865)
• 2b63314 KT-71784 Fix classpath for KMP shared source sets (#3942)
• 17871a0 Add new tests for KDoc links (#3947)
• f728e3a feat: implemented new UI for Navbar and Table of Contents (#3917)
• 9577dc7 Edit some tests to check the stability of the order (#3943)
• ae68eee Add a test for #3702 (#3941)
• Additional commits viewable in compare view

Updates com.vanniktech.maven.publish from 0.29.0 to 0.30.0

Release notes

Sourced from com.vanniktech.maven.publish's releases.

0.30.0

• Add support for Dokka 2.0.0-Beta
  • Supports org.jetbrains.dokka.experimental.gradle.pluginMode=V2Enabled
  • Supports both org.jetbrains.dokka and org.jetbrains.dokka-javadoc
  • If both are applied the javadoc output is published
  • Removed support for the old org.jetbrains.dokka-android plugin
• Support custom Sonatype hosts by providing a https url in SONATYPE_HOST Gradle property
• Remove usages of deprecated Gradle API that is scheduled to be removed in Gradle 9.0
• Raised minimum supported Gradle version
• Improve naming of javadoc jars

Minimum supported versions

• JDK 11
• Gradle 8.5
• Android Gradle Plugin 8.0.0
• Kotlin Gradle Plugin 1.9.20

Compatibility tested up to

• JDK 23
• Gradle 8.10.2
• Android Gradle Plugin 8.7.0
• Android Gradle Plugin 8.8.0-alpha05
• Kotlin Gradle Plugin 2.0.20
• Kotlin Gradle Plugin 2.1.0-Beta1

Configuration cache status

Configuration cache is generally supported, except for:

• Publishing releases to Maven Central (snapshots are fine), blocked by [Gradle issue #22779](gradle/gradle#22779).
• When using Dokka 1.x or Dokka 2.x without V2Enabled

Changelog

Sourced from com.vanniktech.maven.publish's changelog.

0.30.0 (2024-10-13)

• Add support for Dokka 2.0.0-Beta
  • Supports org.jetbrains.dokka.experimental.gradle.pluginMode=V2Enabled
  • Supports both org.jetbrains.dokka and org.jetbrains.dokka-javadoc
  • If both are applied the javadoc output is published
  • Removed support for the old org.jetbrains.dokka-android plugin
• Support custom Sonatype hosts by providing a https url in SONATYPE_HOST Gradle property
• Remove usages of deprecated Gradle API that is scheduled to be removed in Gradle 9.0
• Raised minimum supported Gradle version
• Improve naming of javadoc jars

Minimum supported versions

• JDK 11
• Gradle 8.5
• Android Gradle Plugin 8.0.0
• Kotlin Gradle Plugin 1.9.20

Compatibility tested up to

• JDK 23
• Gradle 8.10.2
• Android Gradle Plugin 8.7.0
• Android Gradle Plugin 8.8.0-alpha05
• Kotlin Gradle Plugin 2.0.20
• Kotlin Gradle Plugin 2.1.0-Beta1

Configuration cache status

Configuration cache is generally supported, except for:

• Publishing releases to Maven Central (snapshots are fine), blocked by [Gradle issue #22779](gradle/gradle#22779).
• When using Dokka 1.x or Dokka 2.x without V2Enabled

Commits

• 691e3ec Update to 0.30.0-rc1
• b642c08 update changelog for 0.30.0
• 21f10e3 chore(deps): update kotlin monorepo to v2.0.21 (#855)
• a40d994 update tested versions (#853)
• 9604ecd include project name in archivesBaseName (#852)
• bcc04d1 fix(deps): update dependency com.google.testparameterinjector:test-parameter-...
• 12c2b20 fix(deps): update dependency org.junit.jupiter:junit-jupiter to v5.11.2 (#850)
• dd9aa18 add support for Dokka 2 (#849)
• 441932f add warning about setting pom packaging (#847)
• 2dc9686 update tested versions, add unreleased changes to changelog (#848)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud