Bump crazy-max/ghaction-import-gpg from 3 to 4.1.0

[dependabot]

Bumps crazy-max/ghaction-import-gpg from 3 to 4.1.0.

Release notes

Sourced from crazy-max/ghaction-import-gpg's releases.

v4.1.0

• Handle signing-only subkeys (#112)
• Bump @​actions/core from 1.5.0 to 1.6.0 (#114)
• Bump actions/github-script from 4 to 5 (#113)
• Bump ansi-regex from 5.0.0 to 5.0.1 (#111)
• Bump tmpl from 1.0.4 to 1.0.5 (#110)

v4.0.0

• OpenPGP.js v5 (#78)
• POSIX-compliant inputs names (#109)
  • Rename gpg-private-key input gpg_private_key
  • Rename git-config-global input git_config_global
  • Rename git-user-signingkey input git_user_signingkey
  • Rename git-commit-gpgsign input git_commit_gpgsign
  • Rename git-tag-gpgsign input git_tag_gpgsign
  • Rename git-push-gpgsign input git_push_gpgsign
  • Rename git-committer-name input git_committer_name
  • Rename git-committer-email input git_committer_email
• Bump @​actions/core from 1.4.0 to 1.5.0 (#106)

v3.2.0

• Add git-config-global input (#103)
• Use built-in getExecOutput (#102)
• Handle if-asked for git-push-gpgsign input (#100)
• Use getBooleanInput (#101)
• Bump @​actions/core from 1.2.7 to 1.4.0 (#97)
• Bump @​actions/exec from 1.0.4 to 1.1.0 (#96)
• Bump ws from 7.3.1 to 7.5.0 (#98)
• Fix setOutput (#86)
• Bump actions/github-script from v3 to v4.0.2 (#83)
• Bump @​actions/core from 1.2.6 to 1.2.7 (#81)
• Bump hosted-git-info from 2.8.8 to 2.8.9 (#85)
• Bump lodash from 4.17.20 to 4.17.21 (#84)
• Bump y18n from 4.0.0 to 4.0.1 (#79)
• Enhance workflow (#77)

v3.1.0

• Container based developer flow (#76)
• Bump openpgp from 4.10.9 to 4.10.10 (#75)
• Bump node-notifier from 8.0.0 to 8.0.1 (#72)
• Bump openpgp from 4.10.8 to 4.10.9 (#69)

v3.0.2

• Fix git committer email action input (#67)

v3.0.1

• Fix CVE-2020-15228

Changelog

Sourced from crazy-max/ghaction-import-gpg's changelog.

4.1.0 (2021/10/15)

• Handle signing-only subkeys (#112)
• Bump @​actions/core from 1.5.0 to 1.6.0 (#114)
• Bump actions/github-script from 4 to 5 (#113)
• Bump ansi-regex from 5.0.0 to 5.0.1 (#111)
• Bump tmpl from 1.0.4 to 1.0.5 (#110)

4.0.0 (2021/09/05)

• OpenPGP.js v5 (#78)
• POSIX-compliant inputs names (#109)
  • Rename gpg-private-key input gpg_private_key
  • Rename git-config-global input git_config_global
  • Rename git-user-signingkey input git_user_signingkey
  • Rename git-commit-gpgsign input git_commit_gpgsign
  • Rename git-tag-gpgsign input git_tag_gpgsign
  • Rename git-push-gpgsign input git_push_gpgsign
  • Rename git-committer-name input git_committer_name
  • Rename git-committer-email input git_committer_email
• Bump @​actions/core from 1.4.0 to 1.5.0 (#106)

3.2.0 (2021/08/10)

• Add git-config-global input (#103)
• Use built-in getExecOutput (#102)
• Handle if-asked for git-push-gpgsign input (#100)
• Use getBooleanInput (#101)
• Bump @​actions/core from 1.2.7 to 1.4.0 (#97)
• Bump @​actions/exec from 1.0.4 to 1.1.0 (#96)
• Bump ws from 7.3.1 to 7.5.0 (#98)
• Fix setOutput (#86)
• Bump actions/github-script from v3 to v4.0.2 (#83)
• Bump @​actions/core from 1.2.6 to 1.2.7 (#81)
• Bump hosted-git-info from 2.8.8 to 2.8.9 (#85)
• Bump lodash from 4.17.20 to 4.17.21 (#84)
• Bump y18n from 4.0.0 to 4.0.1 (#79)
• Enhance workflow (#77)

3.1.0 (2021/01/29)

• Container based developer flow (#76)
• Bump openpgp from 4.10.9 to 4.10.10 (#75)
• Bump node-notifier from 8.0.0 to 8.0.1 (#72)
• Bump openpgp from 4.10.8 to 4.10.9 (#69)

3.0.2 (2020/11/24)

• Fix git committer email action input (#67)

... (truncated)

Commits

• cb4264d Update CHANGELOG
• f0c29f1 Bump @​actions/core from 1.5.0 to 1.6.0 (#114)
• 60f6f3e Handle signing-only subkeys (#112)
• aaade0d Bump actions/github-script from 4 to 5 (#113)
• 1fb7d85 Bump ansi-regex from 5.0.0 to 5.0.1 (#111)
• 355a33c Bump tmpl from 1.0.4 to 1.0.5 (#110)
• 8c43807 Update CHANGELOG
• a8573c0 Bump @​actions/core from 1.4.0 to 1.5.0 (#106)
• 3a2a627 POSIX-compliant inputs names (#109)
• e8a90f2 OpenPGP.js v5 (#78)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information