chore(deps): bump org.jenkins-ci.plugins:plugin from 3.57 to 4.0 in /stackrox-container-image-scanner

[dependabot]

Bumps org.jenkins-ci.plugins:plugin from 3.57 to 4.0.

Release notes

Sourced from org.jenkins-ci.plugins:plugin's releases.

4.0

Breaking changes in order to make Plugin POM simpler to use and maintain. See this discussion in the developer mailing list for more info. All changes target JENKINS-60474 from #269 by @​jtnord

Note: Jenkins 2.164.x is the minimum supported version as it's the first version that includes the Jenkins bom

💥 Breaking changes

• Update HtmlUnit to 2.36.0 in Jenkins Test Harness (#271) @​dependabot
  • API has some binary compatibility breaking changes, plugin maintainers may need to update the test codebase if they use WebClient-based tests
• JENKINS-58028 - Remove GMaven from dependencyManagement (#209, #277) @​bitwiseman @​oleg-nenashev
  • GMavenPlus should be used instead

🚀 New features and improvements

• JENKINS-58028 - Switch from GMaven to GMavenPlus (#209) @​bitwiseman
• JENKINS-60474 - Libraries that are shipped with jenkins-core now have their dependency versions unconditionally managed by the Jenkins Core Bill of Materials
  • The jenkins-bom and no-jenkins-bom profiles have been removed
  • With this change the libaries used will be correct for a given jenkins.version however this requires a version of Jenkins that was published with the bom (2.195 or higher), or has been explicitly published
  • See here for a list of supported versions
• A quick-build profile has been introduced that disabled things not related to just producing the desired artifacts. This is activated on the command line in the standard maven way (e.g. mvn -P quick-build package)
• Add an extra enforcer rule prevent releases from containing SNAPSHOT versions
• JMH benchmarks are now run by activating the jmh-benchmark directly rather than via a property. (mvn -P jmh-benchmark test)
• Skipping tests using surefire's skipTest property no longer skips other mojos execution.

🚨 Removed

• Removed Deprecated findbugs properties, use the equivalent spotbugs property (#269) @​jtnord
• Removed support for compiling plugins with java.level < 8. The only supported java.level is 8
• Deprecated concurrency property has been removed. use the forkCount surefire option directly from the command line (or pom) (e.g. mvn -DforkCount=4 verify)
• Support for the jgit provider of the release plugin has been removed. Git executable is now required to be installed and available in the PATH
• Automatic re-running of failing tests has been removed.
  • If this is desired it should be set per project by configuring surefire's rerunFailingTestsCount parameter

🐛 Bug Fixes

• JENKINS-60694 - Update Jenkins Test Harness to 2.60 with the hanging injected test fix (#284) @​jtnord

📦 Dependency updates

• Bump spotbugs-maven-plugin from 3.1.12.2 to 4.0.0 (#302) @​dependabot
• Bump flatten-maven-plugin from 1.2.1 to 1.2.2 (#305) @​dependabot
• Introduce powermock.version property, update PowerMock to 2.0.7 (#309) @​oleg-nenashev
• Bump powermock-api-mockito2 from 2.0.4 to 2.0.6 (#286, #304) @​dependabot
• Bump powermock-module-junit4 from 2.0.4 to 2.0.6 (#285, #303) @​dependabot
• Bump maven-site-plugin from 3.8.2 to 3.9.0 (#301) @​dependabot
• Bump build-helper-maven-plugin from 3.0.0 to 3.1.0 (#300) @​dependabot
• Bump maven-javadoc-plugin from 3.1.1 to 3.2.0 (#298) @​dependabot
• Bump mockito-core from 3.3.1 to 3.3.3 (#299) @​dependabot

... (truncated)

Commits

• 6d039d0 [maven-release-plugin] prepare release plugin-4.0
• b432149 Merge pull request #302 from jenkinsci/dependabot/maven/com.github.spotbugs-s...
• ce6b2bb Merge pull request #305 from jenkinsci/dependabot/maven/org.codehaus.mojo-fla...
• f92566d Merge pull request #309 from jenkinsci/powermock-version
• 21ff057 Merge pull request #306 from jenkinsci/dependabot/maven/org.codehaus.gmavenpl...
• 1a48b87 Introduce powermock.version property, update PowerMock to 2.0.7
• 4900d5c Bump gmavenplus-plugin from 1.8.1 to 1.9.0
• 658f1b8 Bump flatten-maven-plugin from 1.2.1 to 1.2.2
• a9ad272 Merge pull request #304 from jenkinsci/dependabot/maven/org.powermock-powermo...
• b173290 Merge pull request #303 from jenkinsci/dependabot/maven/org.powermock-powermo...
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
org.jenkins-ci.plugins:plugin	[>= 4.a, < 5]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #389.