chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.8#100
Conversation
🤖 Augment PR SummarySummary: Updates the build’s artifact-signing tooling by bumping Why: Keeps release/signing infrastructure current with upstream fixes and dependency updates. 🤖 Was this summary useful? React with 👍 or 👎 |
| <groupId>org.apache.maven.plugins</groupId> | ||
| <artifactId>maven-gpg-plugin</artifactId> | ||
| <version>3.0.1</version> | ||
| <version>3.2.8</version> |
There was a problem hiding this comment.
This is a major version jump (3.0.1 → 3.2.8); newer maven-gpg-plugin releases introduce additional “best practices” warnings/behavior that can break non-interactive signing depending on the CI GnuPG/pinentry setup. Consider validating that the release profile still signs successfully with the current --pinentry-mode loopback configuration in your release environment.
Severity: medium
🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.
This PR contains the following updates:
3.0.1→3.2.8Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.