build(deps): bump plugin from 4.16 to 4.40

Created by: dependabot[bot]

Bumps plugin from 4.16 to 4.40.

Release notes

Sourced from plugin's releases.

4.40

🎉 Major features and improvements

This release of the plugin build toolchain contains support for Java 17 when running on Jenkins 2.341 or later. (#525, #524, #529) @​basil

Please begin testing your plugins on Java 17 by taking the following actions:

1. Upgrade to this release of the plugin parent POM.
2. Delete <java.level>8</java.level> from your plugin POM.
3. Update your Jenkinsfile to include a test run on Jenkins 2.341 or later and Java 17.

See jenkinsci/email-ext-plugin#357 and jenkinsci/timestamper-plugin#167 for examples.

⚠️ Deprecated

The java.level property has been deprecated and should be removed from your plugin's POM. In the future this warning will be changed to an error and will break the build. (#522) @​basil

💥 Breaking changes

The addition of @{jenkins.addOpens} and @{jenkins.insaneHook} to argLine exposes a bug in IntelliJ IDEA. A patch has been merged in JetBrains/intellij-community#1976. Pending the release of this patch, IntelliJ IDEA users should work around the problem as follows:

1. Go to Settings > Build, Execution, Deployment > Build Tools > Maven > Running Tests.
2. Under "Pass to JUnit process [the] following maven-surefire-plugin and maven-failsafe-plugin settings", uncheck argLine.

Failure to work around the problem as described above will result in a could not open '{jenkins.addOpens}' failure when running tests in IntelliJ IDEA.

Also note that the workaround does not suffice for Java 17 support. For Java 17 support in IntelliJ IDEA, we must wait for the release of JetBrains/intellij-community#1976.

📦 Dependency updates

• Bump Jenkins Test Harness from 1723.vcd938b_e66072 to 1736.vc72c458c5103 (#537, #527) @​dependabot
• Bump JaCoCo Maven Plugin from 0.8.7 to 0.8.8 (#536) @​dependabot
• Bump Maven Clean Plugin from 3.1.0 to 3.2.0 (#535) @​dependabot
• Bump Maven Failsafe Plugin from 3.0.0-M4 to 3.0.0-M6 (#532) @​dependabot
• Bump Maven Surefire Plugin from 3.0.0-M4 to 3.0.0-M6 (#533) @​dependabot
• Bump Maven HPI Plugin from 3.26 to 3.27 (#528) @​dependabot

👻 Maintenance

• Remove unneeded SUREFIRE-1226 workaround (#534) @​timja
• Setting source and target are unnecessary when setting release (#530) @​basil
• JENKINS-54842: Use Java 9+ built-in functionality instead of Animal Sniffer (#523) @​basil

4.39

💥 Breaking changes

• Enforce existence of src/main/resources/index.jelly (jenkinsci/maven-hpi-plugin#302) @​jglick

If your plugin is missing a src/main/resources/index.jelly file, delete any <description> from pom.xml and create src/main/resources/index.jelly:

... (truncated)

Commits

• 8feaac2 [maven-release-plugin] prepare release plugin-4.40
• 63cd0f3 Bump jenkins-test-harness from 1731.v383b_5d6c3393 to 1736.vc72c458c5103 (#537)
• efde61c Bump jacoco-maven-plugin from 0.8.7 to 0.8.8 (#536)
• bb1f9f6 Bump maven-clean-plugin from 3.1.0 to 3.2.0 (#535)
• 029d6c7 Remove unneeded SUREFIRE-1226 workaround (#534)
• ac5910b Bump maven-failsafe-plugin from 3.0.0-M4 to 3.0.0-M6 (#532)
• b3841de Bump maven-surefire-plugin from 3.0.0-M4 to 3.0.0-M6 (#533)
• 921f152 Avoid unnecessary defining and clearing of properties (#531)
• 3ed41c5 Setting source and target are unnecessary when setting release (#530)
• 240d139 Provide a default value of jenkins.addOpens for the benefit of IDEs (#529)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)