OWASP / SecurityShepherd

Web and mobile application security training platform
https://owasp.org/www-project-security-shepherd/
GNU General Public License v3.0
1.35k stars 460 forks source link

Bump docker-maven-plugin from 0.40.1 to 0.40.3 #741

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps docker-maven-plugin from 0.40.1 to 0.40.3.

Release notes

Sourced from docker-maven-plugin's releases.

0.40.3 (2022-12-18)

  • image/squash option is taken into account when using buildx (1605) @​kevinleturc
  • Allow having build args with same name but different value in various sources, which are overriden in the order of precedence in resulting build args map (1407) @​pavelsmolensky
  • Use double for docker.cpus property and interpret this value in the same way as Docker config option --cpus (1609) @​vjuranek
  • NPE from Assembly plugin when POM packaging is used (1146) @​slawekjaranowski
  • Docker pulling progress only shown after pull has completed and not in real-time (1598) @​causalnet
  • Bump org.yaml:snakeyaml to v1.32 (1619) @​pen4
  • Bump com.google.cloud.tools:jib-core to v0.23.0 (1620) @​pen4
  • Bump com.google.guava:guava to v31.1-jre @​rohanKanojia

0.40.2 (2022-07-31)

  • Plugin doesn't abort building an image in case Podman is used and Dockerfile can't be processed (1562) @​jh-cd
  • Bump gson from 2.8.5 to 2.8.9 (1556) @​dependabot
  • Build and load native platform during build goal, build and push all platforms during push goal (1576) @​chonton
  • Remove buildx cache, don't delete builder instances after goal. Use builder instance to cache artifacts (1579) @​chonton
  • Multiple assemblies use the name "maven". Please assign each assembly a unique name (1558) @​tbfky
  • Use https://index.docker.io/v1/ as default buildx server registry (1574) @​chonton
  • When using buildx, do not force build of native platform (1572) @​chonton
Changelog

Sourced from docker-maven-plugin's changelog.

ChangeLog

  • 0.41-SNAPSHOT :

  • 0.40.3 (2022-12-18):

    • image/squash option is taken into account when using buildx (1605) @​kevinleturc
    • Allow having build args with same name but different value in various sources, which are overriden in the order of precedence in resulting build args map (1407) @​pavelsmolensky
    • Use double for docker.cpus property and interpret this value in the same way as Docker config option --cpus (1609) @​vjuranek
    • NPE from Assembly plugin when POM packaging is used (1146) @​slawekjaranowski
    • Docker pulling progress only shown after pull has completed and not in real-time (1598) @​causalnet
    • Bump org.yaml:snakeyaml to v1.32 (1619) @​pen4
    • Bump com.google.cloud.tools:jib-core to v0.23.0 (1620) @​pen4
    • Bump com.google.guava:guava to v31.1-jre @​rohanKanojia
  • 0.40.2 (2022-07-31):

    • Plugin doesn't abort building an image in case Podman is used and Dockerfile can't be processed (1562) @​jh-cd
    • Bump gson from 2.8.5 to 2.8.9 (1556) @​dependabot
    • Build and load native platform during build goal, build and push all platforms during push goal (1576) @​chonton
    • Remove buildx cache, don't delete builder instances after goal. Use builder instance to cache artifacts (1579) @​chonton
    • Multiple assemblies use the name "maven". Please assign each assembly a unique name (1558) @​tbfky
    • Use https://index.docker.io/v1/ as default buildx server registry (1574) @​chonton
    • When using buildx, do not force build of native platform (1572) @​chonton
  • 0.40.1 (2022-06-11):

    • buildx does not work when specifying Dockerfile location (1562) @​chonton
    • Use buildx, set tag to current version fails if it contains -SNAPSHOT (1566) @​chonton
  • 0.40.0 (2022-05-29):

  • 0.39.1 (2022-02-27):

    • determineFinalArgValue respect default value if key exists but value is null (1528) @​twendelmuth
  • 0.39.0 (2022-02-06):

  • 0.38.1 (2021-12-18):

    • Update to jnr-unixsocket 0.38.14 to solve UnsatisfiedLinkError on Apple M1 (#1257) @​henningn
    • Revert "Only push the latest tag if no other tags where specified in jib mode. This can break your build, if you rely on the automatic latest tag." (#1510) @​Postremus
    • Revert "Only push the latest tag if no other tags where specified in docker mode. This can break your build, if you rely on the automatic latest tag." (#1509) @​Postremus
  • 0.38.0 (2021-11-09):

    • Allow replacement in tags. Added a new replacement %T which always adds a timestamp. (#1491)

... (truncated)

Commits
  • dbcfbcc [RELEASE] Update project version to v0.40.3
  • 2ed5f12 chore : Remove unused property from pom.xml
  • e7de2d3 Avoid buffering and stream the response if the headers indicate it is definit...
  • 165b557 chore : Bump com.google.guava:guava to v31.1-jre
  • 828f2c0 update com.google.cloud.tools:jib-core 0.18.0 to 0.22.0
  • 7211bed update org.yaml:snakeyaml 1.26 to 1.32
  • be517e1 BuildMojo should require dependencies resolutions
  • 83cae7e Required Maven version should be the same as used Maven - 3.3.9
  • 2156a48 Issue #1608: use double for docker.cpus property
  • 79a4a33 Allow having build args with same name but different value in various sources...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #748.