Skip to content

Commit c0b73f1

Browse files
dependabot[bot]dependabot[bot]
authored
Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.7 (#2010)
Bumps [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) from 3.2.5 to 3.2.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/maven-gpg-plugin/releases">org.apache.maven.plugins:maven-gpg-plugin's releases</a>.</em></p> <blockquote> <h2>3.2.7</h2> <p>Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in &quot;bad passphrase&quot; on Windows OS with GPG signer (see MGPG-136 for details).</p> <h2>What's Changed</h2> <ul> <li>[MGPG-136] Windows passphrase corruption by <a href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/120">apache/maven-gpg-plugin#120</a></li> <li>Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to 2.10.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/121">apache/maven-gpg-plugin#121</a></li> <li>Bump commons-io:commons-io from 2.16.1 to 2.17.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/119">apache/maven-gpg-plugin#119</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7">https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7</a></p> <h2>3.2.6</h2> <h1><a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317521&amp;version=12354997">Release Notes - Maven GPG Plugin - Version 3.2.6</a></h1> <!-- raw HTML omitted --> <!-- raw HTML omitted --> <hr /> <h2>What's Changed</h2> <ul> <li>[MGPG-135] Support Overriding / Enhance the signer in AbstractGpgMojo by <a href="https://github.com/laeubi"><code>@​laeubi</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/112">apache/maven-gpg-plugin#112</a></li> <li>Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/114">apache/maven-gpg-plugin#114</a></li> <li>[MGPG-140] Update Maven to 3.9.9 by <a href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/116">apache/maven-gpg-plugin#116</a></li> <li>[MGPG-138] Drop direct use of plexus-cipher and secdispatcher by <a href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/115">apache/maven-gpg-plugin#115</a></li> <li>[MGPG-141] Remove use of deprecated classes by <a href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/117">apache/maven-gpg-plugin#117</a></li> <li>Add FAQ for &quot;no pinentry&quot; issue by <a href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/118">apache/maven-gpg-plugin#118</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/laeubi"><code>@​laeubi</code></a> made their first contribution in <a href="https://redirect.github.com/apache/maven-gpg-plugin/pull/112">apache/maven-gpg-plugin#112</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/43af21cbe6e62e417e5037c359f79dd7878b4908"><code>43af21c</code></a> [maven-release-plugin] prepare release maven-gpg-plugin-3.2.7</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/8c5a8d2eb990b3d9db8bc2f5563a0aeb4dbb5eea"><code>8c5a8d2</code></a> [MGPG-144] Bump commons-io:commons-io from 2.16.1 to 2.17.0 (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/119">#119</a>)</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/cb5422fc4f2372a58772e0b8a9a20b072696a7f4"><code>cb5422f</code></a> [MGPG-143] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to ...</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/6b2a27f3a60e8c92079f14e5240ee8c353ccfa35"><code>6b2a27f</code></a> [MGPG-136] Windows passphrase corruption (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/120">#120</a>)</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/31e87e0062b7eacc3506fc6dea94e7ff509c16b9"><code>31e87e0</code></a> [maven-release-plugin] prepare for next development iteration</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/1c9a14c0eec9dae40baa4a5db674e6a7ec012be4"><code>1c9a14c</code></a> [maven-release-plugin] prepare release maven-gpg-plugin-3.2.6</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/bbe6156400212b3fe063d218399ba09c24795f44"><code>bbe6156</code></a> Add FAQ for &quot;no pinentry&quot; issue (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/118">#118</a>)</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/5b9427333ab4b7b48b297a8b9a4158688211f14a"><code>5b94273</code></a> [MGPG-141] Remove use of deprecated classes (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/117">#117</a>)</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/afdfd28bab4a0530cfd655397716a36adc1644b6"><code>afdfd28</code></a> [MGPG-138] Drop direct use of plexus-cipher and secdispatcher (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/115">#115</a>)</li> <li><a href="https://github.com/apache/maven-gpg-plugin/commit/7516e7c73d6e5c8c3d6c2cbab9d55deb3987f388"><code>7516e7c</code></a> [MGPG-140] Update Maven to 3.9.9 (<a href="https://redirect.github.com/apache/maven-gpg-plugin/issues/116">#116</a>)</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.2.5...maven-gpg-plugin-3.2.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-gpg-plugin&package-manager=maven&previous-version=3.2.5&new-version=3.2.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent c4812b2 commit c0b73f1

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: pom.xml

+1-1
Original file line numberDiff line numberDiff line change
@@ -409,7 +409,7 @@
409409
<plugin>
410410
<groupId>org.apache.maven.plugins</groupId>
411411
<artifactId>maven-gpg-plugin</artifactId>
412-
<version>3.2.5</version>
412+
<version>3.2.7</version>
413413
<executions>
414414
<execution>
415415
<id>sign-artifacts</id>

0 commit comments

Comments
 (0)