hazelcast-hibernate
hazelcast-hibernate copied to clipboard
hazelcast
Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.4
Bumps org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.4.
Release notes
Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.
3.2.4
Release Notes - Maven GPG Plugin - Version 3.2.4
- [MGPG-125] - Fix "bestPractices" (#95)
@cstamas📦 Dependency updates
- Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#94)
@dependabot3.2.3
... (truncated)
Commits
789149e[maven-release-plugin] prepare release maven-gpg-plugin-3.2.4893aedc[MGPG-125] Fix "bestPractices" (#95)b6f0324[MGPG-126] Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#94)3c5878b[maven-release-plugin] prepare for next development iteration89b91a4[maven-release-plugin] prepare release maven-gpg-plugin-3.2.3fc2efa3[MGPG-123][MGPG-124] Dependency upgrades (#93)50222d3[MGPG-120] New mojo sign-deployed (#88)a6c3a09[MGPG-122] Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.0 to 3...78f5e37[MGPG-121] Return the workaround for pseudo security (#90)582df74[MGPG-117] Improve passphrase handling (#86)- Additional commits viewable in compare view
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
Test Results
128 tests ±0 128 :white_check_mark: ±0 1m 3s :stopwatch: -1s 24 suites ±0 0 :zzz: ±0 24 files ±0 0 :x: ±0
Results for commit 006c734e. ± Comparison against base commit e2a0442c.
:recycle: This comment has been updated with latest results.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This would be best reviewed by @nishaatr as it is used during the release.
This would be best reviewed by @nishaatr as it is used during the release.
Yes, correct @frant-hartm. Used during mvn deploy which can be seen in this build https://jenkins.hazelcast.com/view/release-automation/job/distribution-automation/77/consoleFull which generates the .asc file also deployed (search for gpg:3.1.0:sign)
We also use gpg to install the key here which is currently gpg (GnuPG) 2.2.27. The standalone gpg tool is baked in the Release Pipeline docker image in https://github.com/hazelcast/hazelcast-pipeline-library/blob/master/docker/Dockerfile#L12
I think both versions should be updated and tested. Testing is little tricky as we only run deploy when doing the actual release. If you prefer DevInfra to do the testing then I will raise a ticket and get it done at some point. Let me know?
Otherwise, we merge this and hope for the best but thats risky and prefer we get it tested
