Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.5 (#…

…1985)

Bumps
[org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin)
from 3.1.0 to 3.2.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-gpg-plugin/releases">org.apache.maven.plugins:maven-gpg-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.2.5</h2>
<h1><a
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317521&amp;version=12354569">Release
Notes - Maven GPG Plugin - Version 3.2.5</a></h1>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<hr />
<!-- raw HTML omitted -->
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MGPG-134">[MGPG-134]</a> -
Update maven-invoker (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/110">#110</a>)
<a href="https://github.com/cstamas"><code>@​cstamas</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MGPG-130">[MGPG-130]</a> -
Update sigstore extension to &quot;.sigstore.json&quot; (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/109">#109</a>)
<a
href="https://github.com/loosebazooka"><code>@​loosebazooka</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MGPG-128">[MGPG-128]</a> -
Parent POM 42, prerequisite 3.6.3 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/100">#100</a>)
<a href="https://github.com/cstamas"><code>@​cstamas</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.17.0 to
1.18.2 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/105">#105</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.1 to
2.10.0 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/107">#107</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.maven.plugins:maven-plugins from 42 to 43 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/108">#108</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to
3.7.0 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/103">#103</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump bouncycastleVersion from 1.78 to 1.78.1 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/98">#98</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>3.2.4</h2>
<p><a
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317521&amp;version=12354486">Release
Notes - Maven GPG Plugin - Version 3.2.4</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/737d4eeea5bbc01779fd3b5b2a637c9d6453fe27"><code>737d4ee</code></a>
[maven-release-plugin] prepare release maven-gpg-plugin-3.2.5</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/77470635c506af97be4712c1133d94eb3a593b69"><code>7747063</code></a>
[MGPG-134] Update maven-invoker (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/110">#110</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/3df5f83ebb041384807127e761d4e28011da4f79"><code>3df5f83</code></a>
[MGPG-133] Bump org.simplify4u.plugins:pgpverify-maven-plugin from
1.17.0 to ...</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/58a20697aa0878f0ab5099bb01c059b03ac84061"><code>58a2069</code></a>
[MGPG-132] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.9.1
to 2...</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/e911b43d85ae48ab30d958c497c89c98c9aeed8e"><code>e911b43</code></a>
[MGPG-131] Bump org.apache.maven.plugins:maven-plugins from 42 to 43 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/108">#108</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/d2b60d383628d82a7f5098816ecb0db61a520ffe"><code>d2b60d3</code></a>
[MGPG-130] Update sigstore extension for exclusion (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/109">#109</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/091f3884a1de72e9dec2b12cda7cccd8bbacb699"><code>091f388</code></a>
Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to
3.7.0</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/899f4109920957da149a564e74bfc6dc74318e87"><code>899f410</code></a>
[MGPG-128] Parent POM 42, prerequisite 3.6.3 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/100">#100</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/f0be6f3f78972d9e9a797f57ca65e93af78a62cd"><code>f0be6f3</code></a>
[MGPG-127] Bump bouncycastleVersion from 1.78 to 1.78.1 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/98">#98</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/7dd5166a02e5b92192819c2c1c830c4176346078"><code>7dd5166</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.1.0...maven-gpg-plugin-3.2.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-gpg-plugin&package-manager=maven&previous-version=3.1.0&new-version=3.2.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

pom.xml

@@ -409,7 +409,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-gpg-plugin</artifactId>
-                <version>3.1.0</version>
+                <version>3.2.5</version>
                 <executions>
                     <execution>
                         <id>sign-artifacts</id>