Bump apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0 from 11.3.0 to 12.0.0

[dependabot]

Bumps apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0 from 11.3.0 to 12.0.0.

Release notes

Sourced from apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0's releases.

12.0.0

This major release contains several small improvements and certain backward incompatible changes.

Changed

• Activate flatten-bom execution of flatten-maven-plugin using a .logging-parent-bom-activator file (#265)
• Don't keep parent in flatten-bom configuration (#265, #37)
• Switch from maven-deploy-plugin to nexus-staging-maven-plugin, which helps with fetching the Nexus repository URL during a release. generate-email.sh will be called with a fourth argument containing the Nexus repository URL. (#246)
• Update deploy-*-reusable workflows to export the URL of the Nexus repository and the project version as nexus-url and project-version workflow outputs, respectively (#246)
• Add maven-args input to build-reusable and merge-dependabot-reusable (#266)
• Move from [ge.apache.org](http://ge.apache.org/) to new [develocity.apache.org](http://develocity.apache.org/) server (#313)
• Add the verify-reproducibility-reusable.yaml workflow to check reproducibility of artifacts in a Maven repository. Deprecate the reproducibility check in build-reusable.yaml. (#246)

Removed

• Remove following managed dependencies to avoid polluting BOMs: biz.aQute.bnd:biz.aQute.bnd.annotation, com.github.spotbugs:spotbugs-annotations, org.jspecify:jspecify, org.osgi:osgi.annotation, org.osgi:org.osgi.annotation.bundle, org.osgi:org.osgi.annotation.versioning (#265, apache/logging-log4j24)

Updated

• Update biz.aQute.bnd:bnd-baseline-maven-plugin to version 7.1.0 (#290)
• Update biz.aQute.bnd:bnd-maven-plugin to version 7.1.0 (#289)
• Update com.diffplug.spotless:spotless-maven-plugin to version 2.44.2 (#314)
• Update com.github.spotbugs:spotbugs-maven-plugin to version 4.8.6.6 (#293)
• Update com.google.errorprone:error_prone_core to version 2.36.0 (#287)
• Update org.apache.groovy:groovy to version 4.0.25 (#320)
• Update org.apache.maven.plugins:maven-artifact-plugin to version 3.6.0 (#312)
• Update org.asciidoctor:asciidoctor-maven-plugin to version 3.1.1 (#285)
• Update org.codehaus.gmavenplus:gmavenplus-plugin to version 4.1.1 (#307)
• Update org.codehaus.mojo:exec-maven-plugin to version 3.5.0 (#274)
• Update org.cyclonedx:cyclonedx-maven-plugin to version 2.9.1 (#291)

Commits

• 2e2af91 Update the project.build.outputTimestamp property
• 21341d1 Install Subversion package in the deployment workflow
• 3b88a69 Update the project.build.outputTimestamp property
• a57f3bd Use deploy:deploy for staging distribution artifacts
• 0002085 Update the project.build.outputTimestamp property
• 4a77285 Release changelog
• 3327a20 Prepare changelog contents for the release
• 7d7ee1f Bump the version to 12.0.0
• 409e59a Update github/codeql-action to version 3.28.9 (#326)
• 45aeff4 Update github/codeql-action to version 3.28.8 (#325)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

A newer version of apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@​rel/11.3.0 exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.