Consider releasing new version to resolve JGit issue

[ciscoo]

Several of my company's build started failing due CVE-2023-4759 which was flagged by our internally hosted IQ Server.

None of our projects directly depend on JGit, but instead it is a transitive dependency from Gradle plugins such as gradle-git-publish and com.diffplug.spotless.

This is easily resolved using a constraint such as:

buildscript {
    dependencies {
        constraints {
            classpath("org.eclipse.jgit:org.eclipse.jgit") {
                version {
                    strictly("6.7.0.202309050840-r")
                }
            }
        }
    }
}

However, I think it would be better if a new version of this library was released since rich versions are used, so it should pick up the latest version when built/published.