set maven libs according to consumers

.github/dependabot.yml

@@ -11,6 +11,8 @@ updates:
       # migration is complete
       - dependency-name: "org.eclipse.jetty:jetty-maven-plugin"
         versions: [">=11.0.0"]
+      # maven core artifacts are provided by the running maven, do not update to prevent consuming something unavailable
+      - dependency-name: "org.apache.maven:*"
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

pom.xml

@@ -53,12 +53,16 @@
     <openbracket>{</openbracket>
     <gitHubRepo>jenkinsci/${project.artifactId}</gitHubRepo>
     <aether.version>1.1.0</aether.version>
-    <maven.version>3.9.0</maven.version>
+    <maven.version>3.8.1</maven.version> <!-- if we update this all consumers need to be running at least this version -->
     <maven-plugin-tools.version>3.8.1</maven-plugin-tools.version> <!-- extra work needed when https://issues.apache.org/jira/browse/MPLUGIN-449 is fixed -->
     <plexus-containers.version>2.1.1</plexus-containers.version>
     <aether.version>1.1.0</aether.version>
   </properties>
 
+  <prerequisites>
+      <maven>${maven.version}</maven>
+  </prerequisites>
+
   <dependencyManagement>
     <dependencies>
       <dependency>