Bump org.apache.maven.plugins:maven-pmd-plugin from 3.12.0 to 3.28.0

[dependabot]

Bumps org.apache.maven.plugins:maven-pmd-plugin from 3.12.0 to 3.28.0.

Release notes

Sourced from org.apache.maven.plugins:maven-pmd-plugin's releases.

3.28.0

🚀 New features and improvements

• Bump pmdVersion from 7.16.0 to 7.17.0 (#661) @​timpeeters
• Bump pmdVersion from 7.15.0 to 7.16.0 (#652) @dependabot[bot]
• Bump pmdVersion from 7.14.0 to 7.15.0 (#643) @dependabot[bot]

📝 Documentation updates

• Update historical PMD version in docs (#662) @​slawekjaranowski
• Document that excludes takes priority over includes (#645) @​elharo

👻 Maintenance

• feat: enable prevent branch protection rules (#653) @​sparsick
• Add Apache 2.0 LICENSE file (#650) @​Ndacyayisenga-droid
• Prefer JDK built-in methods for string joining (#646) @​elharo
• [MPMD-412] - More specific catch blocks (#642) @​elharo

📦 Dependency updates

• Bump org.apache.commons:commons-lang3 from 3.8.1 to 3.18.0 in ITs (#648) @dependabot[bot]
• Bump pmdVersion from 7.16.0 to 7.17.0 (#661) @​timpeeters
• Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#658) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-resources from 1.3.0 to 1.3.1 (#654) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#655) @dependabot[bot]
• Bump pmdVersion from 7.15.0 to 7.16.0 (#652) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#651) @dependabot[bot]
• Bump mavenVersion from 3.9.10 to 3.9.11 (#649) @dependabot[bot]
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#647) @dependabot[bot]
• Bump resolverVersion from 1.9.23 to 1.9.24 (#644) @dependabot[bot]
• Bump pmdVersion from 7.14.0 to 7.15.0 (#643) @dependabot[bot]

3.27.0

🚀 New features and improvements

• Use constant 3.6.3 in prerequisites/maven as minimal Maven version (#640) @​slawekjaranowski
• Bump pmdVersion from 7.12.0 to 7.14.0 (#213) @dependabot[bot]
• Allow plugin execute with Maven 4 (#209) @​slawekjaranowski
• Upgrade to PMD 7.12 (#196) @​elharo
• [MPMD-411] - Implement getOutputPath and identify getOutputName as deprecated, (#179) @​elharo

🐛 Bug Fixes

• [MPMD-410] - Number agreement (#181) @​elharo

📝 Documentation updates

... (truncated)

Commits

• f152a3a [maven-release-plugin] prepare release maven-pmd-plugin-3.28.0
• 0678fd1 Update historical PMD version in docs
• 41d5069 Bump org.apache.commons:commons-lang3 from 3.8.1 to 3.18.0 in ITs (#648)
• 3ef805b Bump pmdVersion from 7.16.0 to 7.17.0
• 592d703 Add hacktoberfest label to project
• ced9373 Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0 (#658)
• 3cf5bc1 Bump org.codehaus.plexus:plexus-resources from 1.3.0 to 1.3.1 (#654)
• 9077c3b Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#655)
• 12ed57a feat: enable prevent branch protection rules (#653)
• fff2b95 Bump pmdVersion from 7.15.0 to 7.16.0 (#652)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[DaanHoogland]

@blueorangutan package

[blueorangutan]

@DaanHoogland a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16616

[DaanHoogland]

@blueorangutan test

[blueorangutan]

@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-15334)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 81559 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12543-t15334-kvm-ol8.zip
Smoke tests completed. 147 look OK, 3 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_scale_up_verify	Failure	576.69	test_vm_autoscaling.py
test_02_update_vmprofile_and_vmgroup	Failure	251.94	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Failure	627.18	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Error	627.20	test_vm_autoscaling.py
test_01_migrate_VM_and_root_volume	Error	371.09	test_vm_life_cycle.py
test_02_migrate_VM_with_two_data_disks	Error	635.46	test_vm_life_cycle.py
ContextSuite context=TestVMLifeCycle>:setup	Error	319.27	test_vm_life_cycle.py
test_02_cancel_host_maintenace_with_migration_jobs	Error	308.82	test_host_maintenance.py
test_03_cancel_host_maintenace_with_migration_jobs_failure	Error	305.62	test_host_maintenance.py
test_03_cancel_host_maintenance_ssh_disabled_agent_connected	Failure	319.72	test_host_maintenance.py
ContextSuite context=TestHostMaintenanceAgents>:teardown	Error	48.11	test_host_maintenance.py

[DaanHoogland]

checking persistency
@blueorangutan test keepEnv

[blueorangutan]

@DaanHoogland a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-15343)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 49311 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12543-t15343-kvm-ol8.zip
Smoke tests completed. 150 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[Copilot]

Pull request overview

Bumps the Maven PMD plugin version used by the build from 3.12.0 to 3.28.0.

Changes:

• Update cs.pmd-plugin.version property to 3.28.0.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Updating maven-pmd-plugin to 3.28.0 upgrades the underlying PMD engine (per upstream release notes, PMD 7.x). Our configured ruleset cloud-pmd.xml (from org.apache.cloudstack:checkstyle) references legacy rule paths like rulesets/java/basic.xml (see tools/checkstyle/src/main/resources/cloud-pmd.xml:34), which are not compatible with PMD 7 rule category layouts. This will likely cause mvn pmd:check / cpd-check to fail because the referenced rulesets can’t be resolved. Please either update cloud-pmd.xml to PMD 7-compatible rule references (category-based rulesets), or keep/pin the plugin/PMD version to one that supports the current ruleset.

Suggested change

	<cs.pmd-plugin.version>3.28.0</cs.pmd-plugin.version>
	<cs.pmd-plugin.version>3.21.0</cs.pmd-plugin.version>