Bump analysis-pom from 5.9.0 to 5.17.0

[dependabot]

Bumps analysis-pom from 5.9.0 to 5.17.0.

Release notes

Sourced from analysis-pom's releases.

v5.17.0 🎁

📦 Dependency updates

• Bump codingstyle from 2.13.0 to 2.14.0 (#375) @​dependabot

v5.16.0 🎁

📦 Dependency updates

• Bump version of SpotBugs to 4.5.1 (#374) @​uhafner
• Bump codingstyle from 2.12.0 to 2.13.0 (#373) @​dependabot
• Bump codingstyle from 2.11.0 to 2.12.0 (#371) @​dependabot
• Bump equalsverifier from 3.7.2 to 3.8 (#372) @​dependabot
• Bump junit.version from 5.8.1 to 5.8.2 (#367) @​dependabot
• Bump pmd.version from 6.40.0 to 6.41.0 (#368) @​dependabot
• Bump junit-platform-launcher from 1.8.1 to 1.8.2 (#369) @​dependabot
• Bump checkstyle from 9.1 to 9.2 (#370) @​dependabot
• Bump mockito.version from 4.0.0 to 4.1.0 (#364) @​dependabot
• Bump codingstyle from 2.10.0 to 2.11.0 (#365) @​dependabot
• Bump revapi-maven-plugin from 0.14.5 to 0.14.6 (#360) @​dependabot
• Bump kentaro-m/auto-assign-action from 1.2.0 to 1.2.1 (#363) @​dependabot
• Bump actions/cache from 2.1.6 to 2.1.7 (#366) @​dependabot
• Bump pitest-maven from 1.7.2 to 1.7.3 (#359) @​dependabot
• Bump revapi-java from 0.26.0 to 0.26.1 (#361) @​dependabot
• Bump plugin from 4.30 to 4.31 (#358) @​dependabot

v5.14.0 🎁

📦 Dependency updates

• Bump bom-2.289.x from 987.v4ade2e49fe70 to 1008.vb9e22885c9cf (#357) @​dependabot
• Bump bom-2.289.x from 961.vf0c9f6f59827 to 987.v4ade2e49fe70 (#351) @​dependabot
• Bump checkstyle from 9.0.1 to 9.1 (#352) @​dependabot
• Bump archunit.version from 0.21.0 to 0.22.0 (#353) @​dependabot
• Bump pmd.version from 6.39.0 to 6.40.0 (#354) @​dependabot
• Bump actions/checkout from 2.3.5 to 2.4.0 (#355) @​dependabot
• Bump plugin from 4.29 to 4.30 (#356) @​dependabot

v5.13.0 🎁

📦 Dependency updates

• Bump version of Jenkins baseline to LTS 2.289.1 (#350) @​uhafner
• Bump equalsverifier from 3.7.1 to 3.7.2 (#348) @​dependabot
• Bump actions/checkout from 2.3.4 to 2.3.5 (#349) @​dependabot

v5.12.0 🎁

📦 Dependency updates

• Bump version of Jenkins baseline to 2.277.4 since workflow-multibranch depends on it 😠 (jenkinsci/analysis-pom-plugin@d33641e) @​uhafner

v5.11.0 🎁

... (truncated)

Commits

• c036b26 [maven-release-plugin] prepare release v5.17.0
• a8d0adf Merge pull request #375 from jenkinsci/dependabot/maven/edu.hm.hafner-codings...
• 7b106fe Bump codingstyle from 2.13.0 to 2.14.0
• 07eab76 [maven-release-plugin] prepare for next development iteration
• 53404c4 [maven-release-plugin] prepare release v5.16.0
• a8411bf [maven-release-plugin] prepare for next development iteration
• 04dfc47 [maven-release-plugin] prepare release v5.15.0
• 0744ac5 Merge pull request #374 from jenkinsci/spotbugs-4.5.1
• a574af5 Bump version of SpotBugs to 4.5.1.
• cd3fd70 Merge pull request #373 from jenkinsci/dependabot/maven/edu.hm.hafner-codings...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #137 (96d50f1) into master (e408563) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##             master     #137   +/-   ##
=========================================
  Coverage     85.38%   85.38%           
  Complexity      152      152           
=========================================
  Files            17       17           
  Lines           746      746           
  Branches         57       57           
=========================================
  Hits            637      637           
  Misses           89       89           
  Partials         20       20           

Impacted Files	Coverage Δ
...a/io/jenkins/plugins/checks/api/ChecksDetails.java	100.00% <ø> (ø)
...va/io/jenkins/plugins/checks/api/ChecksOutput.java	95.34% <ø> (ø)
...io/jenkins/plugins/checks/api/TruncatedString.java	92.53% <ø> (ø)
.../checks/status/AbstractStatusChecksProperties.java	50.00% <ø> (ø)
...gins/checks/status/BuildStatusChecksPublisher.java	78.16% <ø> (ø)
...s/plugins/checks/status/FlowExecutionAnalyzer.java	80.00% <ø> (ø)
...enkins/plugins/checks/steps/PublishChecksStep.java	91.04% <ø> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e408563...96d50f1. Read the comment docs.

[uhafner]

@timja I fixed some warnings and enabled a quality gate for PMD in the build. If we don't want to react on PMD warnings it makes sense to disable PMD.

[dependabot]

A newer version of org.jvnet.hudson.plugins:analysis-pom exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.