Bump com.autonomousapps.dependency-analysis from 2.16.0 to 3.4.0

[dependabot]

Bumps com.autonomousapps.dependency-analysis from 2.16.0 to 3.4.0.

Changelog

Sourced from com.autonomousapps.dependency-analysis's changelog.

Version 3.4.0

• [Fix]: InferredCapability merging logic should use 'or', not 'and'.
• [Fix]: Improve IP safety of GlobalDslService.
• [Fix]: for builds with Gradle 9.1.0+, get the buildPath from the Gradle instance.
• [Chore]: update to Gradle 9.1.0 (from 9.0.0).

Version 3.3.0

• [Feat]: detect reflective access using Class.forName().

Version 3.2.0

• [Feat]: don't drop transitive runtime dependencies when removing 'unused' dependencies. See the PR description for more information.
• [Fix]: consider suspend function return types with type parameters.
• [Fix]: consider imports when computing usage of typealiases.
• [Fix]: annotation processors are not blank strings.
• [Fix]: update Kotlin metadata to 2.2.20 for Kotlin 2.3 support.
• [Chore]: always publish build scans on CI. Optionally publish them locally.

To publish build scans, add the following, as indicated:

# ~/.gradle/gradle.properties
dependency.analysis.scans.publish=true

Version 3.1.0

• [Fix] Updated asm to 9.9 (and use latest asm-relocated) for Java 25 support.
• [Fix]: Test fixtures in a Spring Boot project are allowed to have testFixturesApi dependencies.
• [Test]: run tests against Gradle 9.1.0.

Version 3.0.4

• [Fix] Remove auto-applied kotlin-stdlib for Gradle 8.11 support.

Version 3.0.3

• [Fix]: compare versions via VersionNumber, not raw strings.
• [Fix] Forcibly downgrade kotlin-stdlib to 2.0.21 for Gradle 8.11 support.

Version 3.0.2

• [Fix] Downgrade Kotlin to 2.0.21 for Gradle 8.11 support.
• [Fix]: min AGP version is 8.4.2.
• [Fix]: Remove kotlin-dsl plugin usage.
• [Fix]: correctly react to new/deleted/renamed files in Android projects.
• [Fix]: resource ref problem (#1525).
• [Chore]: update to AGP 8.13 stable.
• [Chore]: use gradle plugin publishing plugin 2.0.0.

Version 3.0.1

• [Fix] set apiVersion and languageVersion to 2.0 for Gradle 8.11 support.

Version 3.0.0

... (truncated)

Commits

• 95ce05b chore: prepare for release 3.4.0.
• d0ee602 fix: for builds with Gradle 9.1.0+, get the buildPath from the Gradle instance.
• 72d287c chore: update to Gradle 9.1.0 (from 9.0.0).
• cf1a873 fix: Improve IP safety of GlobalDslService (#1584)
• 901f882 fix: InferredCapability merging logic should use 'or', not 'and'.
• a2554a2 chore: prepare next development version.
• c94d94d chore: prepare for release 3.3.0.
• 79fa9bd chore(testkit): prepare next development version of testkit-support.
• e800e60 chore(testkit): prepare for testkit-support release 0.22.
• c50ef63 refactor: move producers.kt to producers package.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)