[8.x] build(deps): bump github.com/goreleaser/nfpm/v2 from 2.41.1 to 2.41.2 in /tools in the dependencies group (backport #15231)

[mergify]

Bumps the dependencies group in /tools with 1 update: github.com/goreleaser/nfpm/v2.

Updates github.com/goreleaser/nfpm/v2 from 2.41.1 to 2.41.2

Release notes

Sourced from github.com/goreleaser/nfpm/v2's releases.

v2.41.2

This is mainly dependency updates, but one of these dependencies breaks signing RPMs for RPM <=4.16. See #899 for more information.

Changelog

Bug fixes

• cc458ba98c9c447291952678398c16aada1cf58f: fix: testifylint and revive lint issues (#884) (@​alexandear)

Dependency updates

• e95ecbc924b09033a21e054819b66634232c4df5: feat(deps): bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 (#885) (@​dependabot[bot])
• 235d493828be18cac13addb2c5b9924d030a08ed: feat(deps): bump github.com/caarlos0/go-version from 0.1.1 to 0.2.0 (@​caarlos0)
• 08c4a0a2102e77b0aff527a2ee3fed3e9d635272: feat(deps): bump github.com/invopop/jsonschema from 0.12.0 to 0.13.0 (#897) (@​dependabot[bot])
• 4e676b1e96c2832ab92ce954b6c2e1c6fc1c3c45: feat(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#888) (@​dependabot[bot])
• b08b643ffe77d2bfb0561cf1c631c6cacb60e50c: feat(deps): bump golang.org/x/crypto from 0.23.0 to 0.31.0 (#893) (@​dependabot[bot])

Build process updates

• d87d9899e3be2c27cb3c0a8c55d6d013c4819845: ci: aur sources archive content (#896) (@​ldez)
• 07a1f8858e3ad8034360ac8f618e68159602c54b: ci: publish AUR from sources (#895) (@​ldez)
• 641bcf2d631555aac74d0fb09aa2d98b91fb2427: ci: release metadata (#882) (@​caarlos0)
• cf9e795a7e91dfdb321b5a27d2018a9906139216: ci: update dependabot config (@​caarlos0)

Other work

• a3331496ea1a5844b844db9a57fe5af26b421664: docs: sponsor logo (#887) (@​caarlos0)
• 6b5e6066e564c199ff240f6297a07cbfc66c5078: docs: update cmd docs (@​caarlos0)

Full Changelog: goreleaser/nfpm@v2.41.1...v2.41.2

Helping out

This release is only possible thanks to all the support of awesome people!

Want to be one of them? You can sponsor or contribute with code.

Where to go next?

• nFPM is a satellite project from GoReleaser. Check it out!
• Find examples and commented usage of all options in our website.
• Reach out on Discord and Twitter!

Commits

• f9d9d19 test: test centos10, fedora 40+ (#899)
• 641bcf2 ci: release metadata (#882)
• d87d989 ci: aur sources archive content (#896)
• cf9e795 ci: update dependabot config
• 61176d6 chore(deps): update chglog
• 235d493 feat(deps): bump github.com/caarlos0/go-version from 0.1.1 to 0.2.0
• 08c4a0a feat(deps): bump github.com/invopop/jsonschema from 0.12.0 to 0.13.0 (#897)
• 07a1f88 ci: publish AUR from sources (#895)
• 72c70bb chore(deps): bump anchore/sbom-action from 0.17.8 to 0.17.9 (#894)
• b08b643 feat(deps): bump golang.org/x/crypto from 0.23.0 to 0.31.0 (#893)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

This is an automatic backport of pull request #15231 done by [Mergify](https://mergify.com).

[kruskall]

@Mergifyio queue

[mergify]

queue

✅ The pull request has been merged automatically

The pull request has been merged automatically at cac9d3b

[mergify]

This pull request has been removed from the queue for the following reason: pull request branch update failed.

The pull request can't be updated

You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it.

If you want to requeue this pull request, you need to post a comment with the text: @mergifyio requeue