build(deps): bump systemd/mkosi from 10 to 12

[dependabot]

Bumps systemd/mkosi from 10 to 12.

Changelog

Sourced from systemd/mkosi's changelog.

mkosi Changelog

v12

• Fix handling of baselayout in Gentoo installations.

v11

• Support for Rocky Linux, Alma Linux, and Gentoo has been added!
• A new ManifestFormat= option can be used to generate "manifest" files that describe what packages were installed. With json, a JSON file that shows the names and versions of all installed packages will be created. With changelog, a longer human-readable file that shows package descriptions and changelogs will be generated. This latter format should be considered experimental and likely to change in later versions.
• A new RemovePackages= option can be used to uninstall packages after the build and finalize scripts have been done. This is useful for the case where packages are required by the build scripts, or pulled in as dependencies for scriptlets of other packages, but are not necessary in the final image.
• A new BaseImage= option can be used to build "system extensions" a.k.a. "sysexts" — partial images which are mounted on top of an existing system to provide additional files under /usr/. See the systemd-sysext man page for more information.
• A new CleanPackageMetadata= option can be used to force or disable the removal of package manager files. When this option is not used, they are removed when the package manager is not installed in the final image.
• A new UseHostRepositories= option instructs mkosi to use repository configuration from the host system, instead of the internal list.
• A new SshAgent= option configures the path to the ssh agent.
• A new SshPort= option overrides the port used for ssh.
• The Verity= setting supports a new value signed. When set, verity data will be signed and the result inserted as an additional partition in the image. See https://systemd.io/DISCOVERABLE_PARTITIONS for details about signed disk images. This information is used by systemd-nspawn, systemd-dissect, systemd-sysext, systemd-portabled and systemd's RootImage= setting (among others) to cryptographically validate the image file systems before use.
• The --build-environment= option was renamed to --environment= and extended to cover all invoked scripts, not just the mkosi.build. The old name is still understood.
• With --with-network=never, dnf is called with --cacheonly, so that the package lists are not refreshed. This gives a degree of reproducibility when doing repeated installs with the same package set (and also makes installs significantly faster).
• The --debug= option gained a new value disk to show information about disk sized and partition allocations.
• Some sections and settings have been renamed for clarity: [Packages] is now [Content], Password=, PasswordIsHashed=, and Autologin= are now in

... (truncated)

Commits

• bf884c3 Bump version numbers for v12
• 43505ea NEWS: add entries for v12
• 5c77e78 gentoo: unmerge baselayout early on.
• 044d517 Merge pull request #860 from bluca/lintian
• 8e33f65 resources: add +x to bash scripts
• 909c7e1 mkosi: fix typos found by Lintian
• f7d518e NEWS: c11 is actually released now, fix the NEWS entry post-tag
• 6575c82 Bump version numbers for v11
• bb3d7bb man: rebuild the man page
• b8ca4db tools/do-a-release: rebuild the man page in a separate commit
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #20.