search

s4u / sitemapxml-maven-plugin

Maven sitemap.xml generator plugin
https://www.simplify4u.org/sitemapxml-maven-plugin/
Apache License 2.0
4 stars 0 forks source link

Bump pgpverify-maven-plugin from 1.8.0 to 1.9.0 #19

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps pgpverify-maven-plugin from 1.8.0 to 1.9.0.

Release notes

Sourced from pgpverify-maven-plugin's releases.

v1.9.0

New features

  • Report duration of artifact resolution, download and signature validation phases. #111
  • Dependabot on GitHub #115
  • Extract signature form pgp message #120
  • Checksumming #119
  • Add hkps://keyserver.ubuntu.com to default key servers #122
  • Use Issuer Fingerprint signature subpacket to obtain key fingerprint #86

Deprecated feature

  • deprecates strictNoSignature #129

Improvements / bug fixes

  • Key not found - shouldn't break verification #113
  • Show, fix and start failing on compiler warnings. #109
  • Broken signature - shouldn't break verification #114
  • Separate weak-algorithm logic into utility and private method. #112
  • Misc small improvements and simplifications #121
  • Multiple key servers brake noKey feature #126
  • verifyPluginDependencies should enable verifyPlugins #128

Dependency updates

  • Bump vavr from 0.10.2 to 0.10.3 #108
  • Bump plexus-classworlds from 2.5.2 to 2.6.0 #107
  • Bump s4u/maven-settings-action from v2 to v2.1.0 #117
  • Bump actions/cache from v1 to v2 #116
  • Bump resilience4j-retry from 1.4.0 to 1.5.0 #118
  • Bump actions/checkout from v2 to v2.3.1 #123, #124
  • Bump parent from 2.5.0 to 2.6.0 #125
  • Bump slf4j-mock from 1.0.1 to 1.0.2 #127

Thanks

Many thanks for collaboration on this release for: @cobratbq

Commits
  • 02fedc0 [maven-release-plugin] prepare release v1.9.0
  • ea6836e warn if deprecated strictNoSignature is used
  • a8fc0dc Merge pull request #132 from s4u/deprecate-strictNoSignature
  • 5ea664d Deprecate use of 'strictNoSignature'. Replaced by 'noSig' in keysmap.
  • a2f776b Merge pull request #131 from s4u/verifyPluginDependencies
  • 7fcc061 Implicitly enable verifyPlugins if verifyPluginDependencies is enabled.
  • a38383d keysMap usage - examples
  • a958be5 use fingerprint in examples
  • b949c6d add facebook share button to site
  • 8cf1283 Use Issuer Fingerprint signature subpacket to obtain key fingerprint
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
sonarcloud[bot] commented 4 years ago

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication