Bump eclipse-dash/dash-licenses from cbd9bd5d78742d3c9772ace91b129424b418c342 to e6a1bd11cb56d73b4119e19709402788386733e5

[dependabot]

Bumps eclipse-dash/dash-licenses from cbd9bd5d78742d3c9772ace91b129424b418c342 to e6a1bd11cb56d73b4119e19709402788386733e5.

Changelog

Sourced from eclipse-dash/dash-licenses's changelog.

ChangeLog

[1.1.0] - 2023-12-01

The biggest potential impact with this release should be that when the tool is used on a package-lock.json file, it may detect fewer entries as dependencies. Some additional work was done to refine how the tool identifies local dependencies, which are generally dependencies that are in the source repository (that is, local dependencies are most likely project code).

Changed

• Refactored out a core module that does not shade dependencies #283
• Update all dependencies to latest and greatest
• Now uses jakarta.inject annotations #264
• More resilient handling of Bad Gateway (502) errors
• More resilient handling of rate limiting on when connecting to IPLab #260
• Ignores all "local" dependencies when parsing a package-lock.json file #287

Added

• Created a new module for creating a shaded artifact (the shaded artifact uses the same naming convention as before, so this should not break anybody) #283
• Added a new repo property includes the URL of the Git repository as part of review requests #224

Commits

• e6a1bd1 Update default Maven version to 3.9.11
• 63dfd53 Be more resilient when parsing Package URLs.
• a44a54c Fix parsing of pnpm-lock.yaml with underscore in version
• 38d5c66 Update the PackageURLIdParser
• 1007e5d Show the correct code in the error message.
• 04a2a2d Extract Maven identifiers that are embedded in strings
• 48e53d2 Skip blank lines
• 3e37a75 Merge branch 'master' of git@github.com:eclipse-dash/dash-licenses.git
• 935ad36 The YarnLockFileReader is deprecated
• 8229864 Clarify GitLab API token requirement in README
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #61.