chore: bump io.github.ascopes:protobuf-maven-plugin from 3.10.3 to 5.1.4

[dependabot]

Bumps io.github.ascopes:protobuf-maven-plugin from 3.10.3 to 5.1.4.

Release notes

Sourced from io.github.ascopes:protobuf-maven-plugin's releases.

v5.1.4

Release notes

• Deprecated protocDigest parameter for removal in the future. It is now replaced with <digest> within a PathProtocDistribution or UriProtocDistribution object, which makes this API consistent with the Protoc plugin API.
  • Users may continue to use the current mechanism until the next major version but are advised to update their usages where possible.
  • The next major version will not support digests on Maven-based protoc distributions, as this is redundant functionality.
  • Documentation examples have been updated to reflect the change.
• Added missing digest verification functionality for path based protoc plugins.
• Optimised digest generation and decoding to utilise SIMD functionality within the JDK. This reduces both overhead and memory consumption in complex builds.
• Improved control flow for dependency resolution.
• Removed noisy logging during plexus configuration merging.

Other changes

• Build on Maven 3.9.15.
• Dependency updates, as usual.

v5.1.3

Fairly large update to existing code that bundles several QoL improvements and bugfixes to improve user experience.

Bugfixes

• Fix NullPointerException raised when failing to resolve dependencies in certain cases (@​askoog, GH-980).
• Abstract away class references from Plexus parameter converters entirely. This avoids edge cases where ClassWorlds within Maven may try to classload the same classes in multiple places, causing class definition mismatches and breaking type conversion within POMs. This is a defensive workaround to the issue originally addressed by GH-974.
• Remove caching of sealed types to further avoid issues such as those in GH-974.
• Make configurator classes into singletons to enforce fixes for GH-974.

UX improvements

• Users are now warned in cases where we mitigate issues caused by overriding a string attribute in a child POM with an object attribute in a parent POM. The erroneous configuration is now logged as a warning, and a suggested fix is logged to the user.
• Improved error messages reported during failures in artifact resolution.

Performance improvements

• Optimise resolution logic for skipped plugins to remove unneeded forking of threads (@​cdprete, GH-975).
• Avoid creation of entire mappings of type information within SealedTypePlexusConverter during parameter conversion.
• URL transfers from FTP servers and HTTP/HTTPS endpoints now supports requesting GZIP compression of the response.

Internal improvements

• Fixes to documentation typos and grammar issues.

... (truncated)

Commits

• 49cfe68 [maven-release-plugin] prepare release v5.1.4
• 666e799 Merge pull request #994 from ascopes/dependabot/maven/main/maven-703df8ac75
• 7a0378b Merge pull request #993 from ascopes/task/gh-968
• e67a64a Remove noisy logging of merge plexus issues that are spurious
• cc512cd Disable deprecated plugin generation steps
• be13f22 Bump the maven group across 2 directories with 2 updates
• 73ae44f GH-968: deprecate protocDigest and move inside protocDistribution models
• 83556fa Merge pull request #992 from ascopes/task/build(deps): bump aws.sdk.version from 2.18.7 to 2.18.8 #968-missing-plugin-path-digest
• eff1320 GH-968: add missing digest functionality to path plugins
• 54eae7d Merge pull request #991 from ascopes/dependabot/maven/protobuf-maven-plugin/s...
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
io.github.ascopes:protobuf-maven-plugin	[>= 4.0.a0, < 4.1]
io.github.ascopes:protobuf-maven-plugin	[>= 4.a0, < 5]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud