💥 Breaking changes
- Remove release-profile from super POM (#11999) @slawekjaranowski
- Remove deprecated plugin management from super POM (#11986) @slawekjaranowski
🚀 New features and improvements
- Feat: Align Maven 3.10.x and 4.0.x (#12442) @cstamas
- Feat: Align CP ordering with Maven 4 (#12327) @cstamas
- Feat: Apply latest Resolver 2.0.19 changes (#12246) @cstamas
- Feat: Maven 3.10.x super POM (#12032) @cstamas
- In failed build limit reactor summary to only failed modules (#11977) @slawekjaranowski
- Add time zone to Maven startup banner (#11972) @slawekjaranowski
- Feat: Version range filters plus (#11955) @cstamas
- Feat: Ability to disable site lifecycle (#11970) @cstamas
- Optimize log level rendering in MavenSimpleLogger (#11969) @slawekjaranowski
- Feat: Resolver 2.x update policy control via CLI (#11948) @cstamas
- Promote java version in JavaToolchain (#11968) @slawekjaranowski
- Feat: Transitive dep manager (#11939) @cstamas
- 3.10.x Upgrade slf4j to 2.0.17 (#11880) @olamy
- Do not force md download always (#11908) @cstamas
- Feat: user relocations backport (#11937) @cstamas
- Feat: Version range filtering (#11936) @cstamas
- Promote
project.rootDirectoryfor interpolation and profile activation (#11930) @slawekjaranowski - Feat: new artifact handler: fatjar (#11928) @cstamas
- Feat: migrate core to JSR330 (#11916) @cstamas
- Migrate from JAnsi to JLine, introduce MessageBuilderFactory (#11874) @slawekjaranowski
- Feat: Promote session.topDirectory and session.rootDirectory (#11779) @cstamas
- Feat: Maven 3.x with Resolver 2.x (#11778) @cstamas
- Feat: Generalize Maven 3.x extension handling (#11777) @cstamas
🐛 Bug Fixes
- [#12288] Backport: settings.xml activeByDefault profile props to LRM (#12333) @ascheman
- Fix illegal reflective access warning on JDK 11 (fixes #12167) (#12339) @gnodet
- Issue #12188 redirection of log output to a file does not redirect everything (#12189) @olamy
- Update binary distribution LICENSE with complete Apache License 2.0 text (#12063) @slawekjaranowski
- Bug: RSS was seeded but not exposed (#12033) @cstamas
- Export scope package from resolver-api 2.x (#12023) @slawekjaranowski
- Ensure
MavenProject#getPluginManagementnever returns null (#12010) @slawekjaranowski - Remove redundant required attributes from Settings model (#12005) @slawekjaranowski
- Remove redundant required attributes from Maven model (#11985) @slawekjaranowski
- Bug: Settings interpolation and strict parsing (#11776) @cstamas
- Trim
threadConfigurationto accept input surrounded with spaces (#11851) @pzygielo
📝 Documentation updates
- Add AGENTS.md + SECURITY.md security-model pointer for scanner discoverability (#12444) @potiuk
- document default plugin versions (#12382) @hboutemy
- Maven 3.10.x site (#12370) @cstamas
- [[ISSUE-10329] - ](https://issues.apache.org/jira/browse/ISSUE-10329) - Document behaviour of UrlNormalizer (backport) (#12294) @gnodet
- Update Maven deps diagram for maven-jline (#12068) @Will-thom
- document the only supported value: 4.0.0 (#11859) @slawekjaranowski
👻 Maintenance
- push-to-atr profile for source+binaries in apache-maven subproject (#12450) @hboutemy
- Add AGENTS.md + SECURITY.md security-model pointer for scanner discoverability (#12444) @potiuk
- Remove deprecated methods use (#12328) @cstamas
- Make def session builder have interface (#11967) @cstamas
- Feat: Add Automatic Module Names to Maven JAR Manifests (#11921) @cstamas
- Configure CI for 3.10.x branch (#11834) @slawekjaranowski
📦 Dependency updates
- Bump resolverVersion from 2.0.20-SNAPSHOT to 2.0.20 (#12426) @dependabot[bot]
- Bump jlineVersion from 3.30.14 to 3.30.15 (#12409) @dependabot[bot]
- Bump jlineVersion from 3.30.13 to 3.30.14 (#12400) @dependabot[bot]
- Bump org.apache.maven:maven-parent from 48 to 49 (#12399) @dependabot[bot]
- Bump actions/cache from 5.0.5 to 6.1.0 (#12362) @dependabot[bot]
- Bump actions/setup-java from 5.3.0 to 5.4.0 (#12374) @dependabot[bot]
- Bump version.sisu-maven-plugin from 1.0.0 to 1.0.1 (#12366) @dependabot[bot]
- Bump actions/checkout from 6.0.3 to 7.0.0 (#12321) @dependabot[bot]
- Bump actions/setup-java from 5.2.0 to 5.3.0 (#12283) @dependabot[bot]
- Bump xmlunitVersion from 2.11.0 to 2.12.0 (#12198) @dependabot[bot]
- Bump actions/checkout from 6.0.2 to 6.0.3 (#12212) @dependabot[bot]
- Bump org.ow2.asm:asm from 9.10 to 9.10.1 (#12153) @dependabot[bot]
- Bump org.codehaus.plexus:plexus-classworlds from 2.11.0 to 2.12.0 (#12127) @dependabot[bot]
- Bump org.ow2.asm:asm from 9.9.1 to 9.10 (#12060) @dependabot[bot]
- Deps: Resolver 2.0.18 and drop unused stuff (#12036) @cstamas
- Bump resolverVersion from 2.0.17 to 2.0.18 (#12104) @dependabot[bot]
- Deps: Bump Slf4j to 2.0.18 (#12048) @cstamas
- Bump org.codehaus.plexus:plexus-classworlds from 2.9.0 to 2.11.0 (#12041) @dependabot[bot]
- [3.10.x] Bump to parent POM 48 (#12025) @cstamas
- Bump jlineVersion from 3.30.12 to 3.30.13 (#12013) @dependabot[bot]
- Bump jlineVersion from 3.30.11 to 3.30.12 (#12003) @dependabot[bot]
- Bump resolverVersion from 2.0.17-SNAPSHOT to 2.0.17 (#12008) @dependabot[bot]
- Bump jlineVersion from 3.30.9 to 3.30.11 (#11996) @dependabot[bot]
- Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#11982) @dependabot[bot]
- Bump com.google.guava:guava from 33.5.0-jre to 33.6.0-jre (#11964) @dependabot[bot]
- Bump org.codehaus.modello:modello-maven-plugin from 2.6.0 to 2.7.0 (#11935) @dependabot[bot]
- Bump actions/cache from 5.0.4 to 5.0.5 (#11946) @dependabot[bot]
- Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#11934) @dependabot[bot]
- Update Resolver to 2.0.16 (#11907) @cstamas
- Bump org.codehaus.plexus:plexus-utils from 3.6.0 to 3.6.1 (#11878) @dependabot[bot]
- Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3 (#11867) @dependabot[bot]
- Bump actions/download-artifact from 8.0.0 to 8.0.1 (#11837) @dependabot[bot]
- Bump actions/cache from 5.0.3 to 5.0.4 (#11839) @dependabot[bot]