Skip to content

Bump github.com/shipwright-io/build from 0.17.0 to 0.18.0 #171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump github.com/shipwright-io/build from 0.17.0 to 0.18.0 #171

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 24, 2025
edited
Loading

Bumps github.com/shipwright-io/build from 0.17.0 to 0.18.0.

Release notes

Sourced from github.com/shipwright-io/build's releases.

Shipwright Build release v0.18.0

Draft Release changes since v0.17.0

Features

#1972 by @​hasanawad94: Added support for Tekton PipelineRuns as an alternative to TaskRuns for build execution. Configurable executor selection - users can now choose between TaskRun and PipelineRun executors via configuration.

Fixes

API Changes

Docs

Misc

#2042 by @​hasanawad94: Action Required: The minimum supported Tekton version is now v0.68, the minimum supported Kubernetes version is now v1.32, the maximum supported Kubernetes version is now v1.34

#2025 by @​shipwright-ci-bot: Update to the new latest Tekton LTS release v1.6.0

#2020 by @​hasanawad94: Pointed writes to volumes and enabled readOnlyRootFilesystem in buildah,buildkit, and ko strategies.

#2015 by @​hasanawad94: The source and image processing steps are now configured with ReadOnlyRootFilesystem. The default lock file path of the waiter container has been set to a volume instead of the rootfs.

#2000 by @​SaschaSchwarze0: The image processing step now runs Trivy vulnerability scans with disabled telemetry

#1998 by @​hasanawad94: Mounting a volume to be used as a home directory for source,build, image-processing containers.

#1996 by @​shipwright-ci-bot: Update to the new latest Tekton LTS release v1.3.2

Shipwright Build release v0.17.3

Release changes since v0.17.2

Features

Fixes

API Changes

Docs

Misc

#2052 by @​SaschaSchwarze0: Update golang.org/x/crypto to v0.45.0 to address GO-2025-4134 and GO-2025-4135

Shipwright Build release v0.17.2

Release changes since v0.17.1

Features

Fixes

... (truncated)

Commits
  • e74543a Merge pull request #2054 from SaschaSchwarze0/sascha-add-missing-releases
  • bc04f56 Update Readme with new Tag v0.17.3
  • 7328a82 Update Readme with new Tag v0.17.2
  • 07515e1 Update Readme with new Tag v0.17.1
  • 448ecd5 Merge pull request #2050 from shipwright-io/dependabot/go_modules/github.com/...
  • ad6cd15 Merge pull request #2051 from shipwright-io/dependabot/github_actions/actions...
  • 71e95fb Merge pull request #2048 from shipwright-io/quay.io/containers/buildah
  • 8fe9a4b build(deps): bump github.com/jedib0t/go-pretty/v6 from 6.7.3 to 6.7.5
  • 456b4bf Merge pull request #2047 from shipwright-io/moby/buildkit
  • 6ee3300 Merge pull request #2046 from shipwright-io/dependabot/go_modules/go.uber.org...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/shipwright-io/build from 0.17.0 to 0.18.0
cdf04f3 
Bumps [github.com/shipwright-io/build](https://github.com/shipwright-io/build) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/shipwright-io/build/releases)
- [Commits](shipwright-io/build@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/shipwright-io/build
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added kind/dependency-change Categorizes issue or PR as related to changing dependencies release-note-none labels Nov 24, 2025
@dependabot dependabot bot mentioned this pull request Nov 24, 2025
Closed
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Nov 24, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign heavywombat for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@pull-request-size pull-request-size bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Nov 24, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 1, 2025

Looks like github.com/shipwright-io/build is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Dec 1, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/shipwright-io/build-0.18.0 branch December 1, 2025 15:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adambkaplan adambkaplan Awaiting requested review from adambkaplan

@HeavyWombat HeavyWombat Awaiting requested review from HeavyWombat

Assignees

No one assigned

Labels

kind/dependency-change Categorizes issue or PR as related to changing dependencies release-note-none size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

Shipwright Overview
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant