Skip to content

Bump github.com/buildpacks/pack from 0.40.6 to 0.40.7#176

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/buildpacks/pack-0.40.7
Open

Bump github.com/buildpacks/pack from 0.40.6 to 0.40.7#176
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/buildpacks/pack-0.40.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/buildpacks/pack from 0.40.6 to 0.40.7.

Release notes

Sourced from github.com/buildpacks/pack's releases.

pack v0.40.7

Prerequisites

  • A container runtime such as Docker or podman must be available to execute builds.

Install

For instructions on installing pack, see our installation docs.

Run

Run the command pack.

You should see the following output

CLI for building apps using Cloud Native Buildpacks

Usage: pack [command]

Available Commands: build Generate app image from source code builder Interact with builders buildpack Interact with buildpacks extension Interact with extensions config Interact with your local pack config file inspect Show information about a built app image stack (deprecated) Interact with stacks rebase Rebase app image with latest run image sbom Interact with SBoM completion Outputs completion script location report Display useful information for reporting an issue version Show current 'pack' version help Help about any command

Flags: --force-color Force color output -h, --help Help for 'pack' --no-color Disable color output -q, --quiet Show less output --timestamps Enable timestamps in output -v, --verbose Show more output --version Show current 'pack' version

Use "pack [command] --help" for more information about a command.

Info

... (truncated)

Commits
  • 2df3b8c chore: suppress unreachable docker daemon CVEs in grype config (#2644)
  • 7f2f74e build(deps): bump Go directive to 1.25.11 for stdlib security fixes (#2642)
  • 5185a57 build(deps): bump x/crypto, x/net, and go-git for security fixes (#2641)
  • e0e21cd fix(buildpack): fix malformed yank PR template body (#2631)
  • e7ca39a chore: remove direct dependency on github.com/docker/docker (#2617)
  • a7f39ca Suggest heroku/builder:26 instead of heroku/builder:24 (#2611)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/buildpacks/pack](https://github.com/buildpacks/pack) from 0.40.6 to 0.40.7.
- [Release notes](https://github.com/buildpacks/pack/releases)
- [Changelog](https://github.com/buildpacks/pack/blob/main/RELEASE.md)
- [Commits](buildpacks/pack@v0.40.6...v0.40.7)

---
updated-dependencies:
- dependency-name: github.com/buildpacks/pack
  dependency-version: 0.40.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 6, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 6, 2026 09:04
@dependabot dependabot Bot added the go Pull requests that update Go code label Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

Development

Successfully merging this pull request may close these issues.

0 participants