OWASP / SecurityShepherd

Web and mobile application security training platform
https://owasp.org/www-project-security-shepherd/
GNU General Public License v3.0
1.35k stars 460 forks source link

Bump docker-maven-plugin from 0.40.1 to 0.40.2 #740

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps docker-maven-plugin from 0.40.1 to 0.40.2.

Release notes

Sourced from docker-maven-plugin's releases.

0.40.2 (2022-07-31)

  • Plugin doesn't abort building an image in case Podman is used and Dockerfile can't be processed (1562) @​jh-cd
  • Bump gson from 2.8.5 to 2.8.9 (1556) @​dependabot
  • Build and load native platform during build goal, build and push all platforms during push goal (1576) @​chonton
  • Remove buildx cache, don't delete builder instances after goal. Use builder instance to cache artifacts (1579) @​chonton
  • Multiple assemblies use the name "maven". Please assign each assembly a unique name (1558) @​tbfky
  • Use https://index.docker.io/v1/ as default buildx server registry (1574) @​chonton
  • When using buildx, do not force build of native platform (1572) @​chonton
Changelog

Sourced from docker-maven-plugin's changelog.

ChangeLog

  • 0.41-SNAPSHOT :

    • image/squash option is taken into account when using buildx (1605) @​kevinleturc
    • Allow having build args with same name but different value in various sources, which are overriden in the order of precedence in resulting build args map (1407) @​pavelsmolensky
    • Use double for docker.cpus property and interpret this value in the same way as Docker config option --cpus (1609) @​vjuranek
    • NPE from Assembly plugin when POM packaging is used (1146) @​slawekjaranowski
    • Bump org.yaml:snakeyaml to v1.32 (1619) @​pen4
    • Bump com.google.cloud.tools:jib-core to v0.23.0 (1620) @​pen4
    • Bump com.google.guava:guava to v31.1-jre @​rohanKanojia
  • 0.40.2 (2022-07-31):

    • Plugin doesn't abort building an image in case Podman is used and Dockerfile can't be processed (1562) @​jh-cd
    • Bump gson from 2.8.5 to 2.8.9 (1556) @​dependabot
    • Build and load native platform during build goal, build and push all platforms during push goal (1576) @​chonton
    • Remove buildx cache, don't delete builder instances after goal. Use builder instance to cache artifacts (1579) @​chonton
    • Multiple assemblies use the name "maven". Please assign each assembly a unique name (1558) @​tbfky
    • Use https://index.docker.io/v1/ as default buildx server registry (1574) @​chonton
    • When using buildx, do not force build of native platform (1572) @​chonton
  • 0.40.1 (2022-06-11):

    • buildx does not work when specifying Dockerfile location (1562) @​chonton
    • Use buildx, set tag to current version fails if it contains -SNAPSHOT (1566) @​chonton
  • 0.40.0 (2022-05-29):

  • 0.39.1 (2022-02-27):

    • determineFinalArgValue respect default value if key exists but value is null (1528) @​twendelmuth
  • 0.39.0 (2022-02-06):

  • 0.38.1 (2021-12-18):

    • Update to jnr-unixsocket 0.38.14 to solve UnsatisfiedLinkError on Apple M1 (#1257) @​henningn
    • Revert "Only push the latest tag if no other tags where specified in jib mode. This can break your build, if you rely on the automatic latest tag." (#1510) @​Postremus
    • Revert "Only push the latest tag if no other tags where specified in docker mode. This can break your build, if you rely on the automatic latest tag." (#1509) @​Postremus
  • 0.38.0 (2021-11-09):

    • Allow replacement in tags. Added a new replacement %T which always adds a timestamp. (#1491)
    • Only push the latest tag if no other tags where specified in docker mode. This can break your build, if you rely on the automatic latest tag. (#1496)
    • Only push the latest tag if no other tags where specified in jib mode. This can break your build, if you rely on the automatic latest tag. (#1498)
    • Deprecate entrypoint parameter in <run> configuration (1488)

... (truncated)

Commits
  • 192ca21 [RELEASE] Update project version to v0.40.2
  • d8befdb Fix #1512: Plugin doesn't abort building an image in case Podman is used and ...
  • da5feec revert back to 0.41-SNAPSHOT (#1589)
  • e461aec Bump gson from 2.8.5 to 2.8.9 (#1556)
  • 6a6c7fc Bump spring-boot-starter-web in /it/spring-boot-with-jib (#1538)
  • f42d9a3 Bump spring-boot-starter-web in /samples/spring-boot-with-jib (#1539)
  • b2a8ddc Build and load native platform during build goal, build and push all … (#1582)
  • df4d7d0 Remove buildx cache. Do not delete builder instances after goal. Use builde...
  • db7a69b Issue #1558: Multiple assemblies use the name "maven". Please assign each ass...
  • df303f0 Use https://index.docker.io/v1/ as default server registry
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #741.