Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update all dependencies #112

Merged
merged 1 commit into from
Oct 4, 2023
Merged

chore(deps): update all dependencies #112

merged 1 commit into from
Oct 4, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 26, 2023

Mend Renovate

This PR contains the following updates:

Package Update Change
anchore/grype patch 0.69.0 -> 0.69.1
anchore/syft minor 0.91.0 -> 0.92.0
awscli patch 2.13.21 -> 2.13.24
defenseunicorns/build-harness minor 1.11.2 -> 1.12.0
helm minor 3.12.3 -> 3.13.0
https://github.com/bridgecrewio/checkov.git minor 2.4.48 -> 2.5.3

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.


Release Notes

anchore/grype (anchore/grype)

v0.69.1

Compare Source

Bug Fixes
Additional Changes

(Full Changelog)

anchore/syft (anchore/syft)

v0.92.0

Compare Source

Added Features
  • Support for multiple image refs of same sha in OCI layout [#​1544]
Bug Fixes
Additional Changes

(Full Changelog)

aws/aws-cli (awscli)

v2.13.24

Compare Source

v2.13.23

Compare Source

v2.13.22

Compare Source

defenseunicorns/build-harness (defenseunicorns/build-harness)

v1.12.0

Compare Source

Features
Miscellaneous Chores
helm/helm (helm)

v3.13.0: Helm v3.13.0

Compare Source

Helm v3.13.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • The --dry-run flag now has multiple options which can enable Helm to connect to a Kubernetes instance. The default, when --dry-run is used, is unchanged.
  • Values handling had numerous issues fixed and now consistently has a priority of (1) User specified values (e.g CLI), (2) imported values, (3) parent chart values, and (4) subchart values. Additionally, null can now consistently be used to remove values.
  • Can work with OCI registries over HTTP using the --plain-http flag
  • Helm now adds the OCI creation annotation
  • New helm get metadata command
  • The SQL driver now only needs write on the first run or when the schema is updated
  • Added labels support for install and upgrade commands
  • The ability to have index.yaml holding JSON content instead of YAML using the --json flag when creating it. JSON is faster to parse and uses less memory which impacts larger files. This is backwards compatible as Helm, all the way back to 3.0.0, parsing can handle JSON content in the index.yaml file.

Installation and Upgrading

Download Helm v3.13.0. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.13.1 is the next bug fix release and will be on October 11, 2023.
  • 3.14.0 is the next feature release and be on January 17, 2024.

Changelog

  • bump version to v3.13.0 825e86f (Matt Farina)
  • Fix leaking goroutines in Install 169561a (Michał Słapek)
  • chore(deps): bump github.com/containerd/containerd from 1.7.3 to 1.7.6 417040d (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.21.5 to 2.21.7 610217f (dependabot[bot])
  • Update Helm to use k8s 1.28.2 libraries c2ab954 (Matt Farina)
  • chore(deps): bump github.com/cyphar/filepath-securejoin b9fd7f5 (dependabot[bot])
  • make the dependabot k8s.io group explicit ca3a05e (Joe Julian)
  • use dependabot's group support for k8s.io dependencies 04ec71a (Joe Julian)
  • chore(deps): bump transparencylog/github-releases-asset-transparency-verify-action ebb3168 (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.21.4 to 2.21.5 fa45978 (dependabot[bot])
  • doc:Executing helm rollback release 0 will roll back to the previous release e01731d (ithrael)
  • fix conflict 4944acb (Maxim Trofimov)
  • add big tests 6138e10 (Maxim Trofimov)
  • fix conflict 199784f (Maxim Trofimov)
  • fix b786cb4 (Maxim Trofimov)
  • add check if all migrations already applied df5904d (Maxim Trofimov)
  • chore(deps): bump github.com/moby/term fa89665 (dependabot[bot])
  • chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 4283b2c (dependabot[bot])
  • chore(deps): bump golang.org/x/term from 0.10.0 to 0.11.0 d82cc90 (dependabot[bot])
  • Use labels instead of selectorLabels for pod labels 479be0c (Tim Chaplin)
  • fix(helm): fix GetPodLogs, the hooks should be sorted before get the logs of each hook 4e5e68d (Bingtan Lu)
  • chore(deps): bump github.com/rubenv/sql-migrate from 1.5.1 to 1.5.2 3c26d65 (dependabot[bot])
  • remove blank ee1cbed (ithrael)
  • add blank 0eb3df6 (ithrael)
  • add rollback unit test 0688046 (ithrael)
  • fix: helm rollback err tips db9460c (ithrael)
  • chore(deps): bump github.com/containerd/containerd from 1.7.0 to 1.7.3 817e646 (dependabot[bot])
  • Add Ian Zink (z4ce) as triage maintainer 758dc01 (Ian Zink)
  • chore(deps): bump github/codeql-action from 2.21.3 to 2.21.4 04850dc (dependabot[bot])
  • chore: HTTPGetter add default timeout 2011a31 (0xff-dev)
  • fix: precedence typo bf543d9 (guoguangwu)
  • Avoid nil dereference if passing a nil resolver 3607cd7 (Antonio Gamez Diaz)
  • Add required changes after merge 197d1de (Antonio Gamez Diaz)
  • goimports 5b08985 (satoru)
  • Fix #​3352, add support for --ignore-not-found just like kubectl delete 48dbda2 (suzaku)
  • chore(deps): bump github/codeql-action from 2.21.2 to 2.21.3 aab4c45 (dependabot[bot])
  • chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 c3a4122 (dependabot[bot])
  • Fix helm may identify achieve of the application/x-gzip as application/vnd.ms-fontobject 5c7a631 (MR ZHAO)
  • Restore helm get metadata command 0b5e9d3 (Mikhail Kopylov)
  • Revert "Add helm get metadata command" e8e6da2 (Joe Julian)
  • Update pkg/action/install.go 735ff8f (Dmitry Chepurovskiy)
  • test: replace ensure.TempDir with t.TempDir 2ceebff (Eng Zer Jun)
  • chore(deps): bump github/codeql-action from 2.21.0 to 2.21.2 95ba0c6 (dependabot[bot])
  • use json api url + report curl/wget error on fail 9d038a2 (shoce)
  • Added error in case try to supply custom label with name of system label during install/upgrade 7b13ac9 (Dmitry Chepurovskiy)
  • Updated per feedback from gjenkins8 e8a748d (Matt Farina)
  • fix(main): fix basic auth for helm pull or push 4a27baa (cuisongliu)
  • chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 48cf02b (dependabot[bot])
  • cmd: support generating index in JSON format 2544aa2 (Hidde Beydals)
  • repo: detect JSON and unmarshal efficiently e21c9cf (Hidde Beydals)
  • Tweaking new dry-run internal handling 96e33e2 (Matt Farina)
  • chore(deps): bump github/codeql-action from 2.20.3 to 2.21.0 2e22395 (dependabot[bot])
  • chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.4 7d0deb3 (dependabot[bot])
  • chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.2 f11e2da (dependabot[bot])
  • chore(deps): bump github.com/opencontainers/image-spec ef0f3e5 (dependabot[bot])
  • bump kubernetes modules to v0.27.3 9c4f733 (Joe Julian)
  • chore(deps): bump actions/checkout from 3.2.0 to 3.5.3 f9e5db3 (dependabot[bot])
  • chore(deps): bump actions/setup-go from 3.5.0 to 4.0.1 6e2bddd (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.1.37 to 2.20.3 31e9e54 (dependabot[bot])
  • chore(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 87cbd34 (dependabot[bot])
  • chore(deps): bump golang.org/x/crypto from 0.5.0 to 0.11.0 91a3f73 (dependabot[bot])
  • chore(deps): bump golang.org/x/text from 0.9.0 to 0.11.0 0ff4b74 (dependabot[bot])
  • chore(deps): bump k8s.io/klog/v2 from 2.90.1 to 2.100.1 b1fe927 (dependabot[bot])
  • chore(deps): bump github.com/docker/docker b262738 (dependabot[bot])
  • Remove warning for template directory not found. 9dab6e9 (James Blair)
  • Add gjenkins8 as triage maintainer 5840269 (George Jenkins)
  • Added tests for created OCI annotation time format d72b42d (Andrew Block)
  • Add created OCI annotation c4870d9 (Andrew Block)
  • Fix multiple bugs in values handling 0a5148f (Matt Farina)
  • chore: fix a typo in manager.go 15e6066 (Yarden Shoham)
  • chore(deps): bump github.com/rubenv/sql-migrate from 1.3.1 to 1.5.1 d0febd5 (dependabot[bot])
  • add GetRegistryClient method c87f846 (wujunwei)
  • chore(deps): bump oras.land/oras-go from 1.2.2 to 1.2.3 d8caa67 (dependabot[bot])
  • oci: add tests for plain HTTP and insecure HTTPS registries 6defb96 (Sanskar Jaiswal)
  • chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 2bfc367 (dependabot[bot])
  • oci: Add flag --plain-http to enable working with HTTP registries 2538b92 (Sanskar Jaiswal)
  • docs: add an example for using the upgrade command with existing values e35bf1f (Jose Diaz-Gonzalez)
  • Replace fmt.Fprintf with fmt.Fprint in get_metadata.go 587c85f (Mikhail Kopylov)
  • Replace fmt.Fprintln with fmt.Fprintf in get_metadata.go 5eb1e9d (Mikhail Kopylov)
  • update kubernetes dependencies from v0.27.0 to v0.27.1 54ca3a8 (Joe Julian)
  • Add ClientOptResolver to test util file 770c51e (Antonio Gamez Diaz)
  • Check that missing keys are still handled in tpl f235f0f (Graham Reed)
  • chore(deps): bump github.com/docker/distribution 36dee32 (dependabot[bot])
  • tests: change crd golden file to match after #​11870 126e4f4 (Joe Julian)
  • Adding details on the Factory interface 8b19f8d (Matt Farina)
  • move Joe Julian to maintainer a8cd281 (Joe Julian)
  • update autoscaling/v2beta1 to autoscaling/v2 in skeleton chart b4a4c7a (Dmitry Kamenskikh)
  • chore(deps): bump github.com/Masterminds/squirrel from 1.5.3 to 1.5.4 2098f60 (dependabot[bot])
  • chore(deps): bump github.com/lib/pq from 1.10.7 to 1.10.9 b750ee6 (dependabot[bot])
  • chore(deps): bump github.com/Masterminds/semver/v3 from 3.2.0 to 3.2.1 1a7981a (dependabot[bot])
  • bump version to v3.12.0 1800554 (Matt Farina)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster to be able to render lookup functions. Closes #​8137 b7a2d47 (Tapas Kapadia)
  • Updating the Helm maintainers 82e132c (Matt Farina)
  • strip trailing newline from Files.Lines b3707e6 (Joe Julian)
  • add some test case cd2609d (wujunwei)
  • fix comment grammar error. 8e1c3d0 (wujunwei)
  • bugfix:(#​11391) helm lint infinite loop when malformed template object 316d3fb (wujunwei)
  • pkg/engine: fix nil-dereference 2a9594c (AdamKorcz)
  • pkg/chartutil: fix nil-dereference 2f13355 (AdamKorcz)
  • pkg/action: fix nil-dereference 6fc815d (AdamKorcz)
  • full source path when output-dir is not provided ddf8356 (Craig O'Donnell)
  • Update cmd/helm/upgrade.go dafc77d (Dmitry Chepurovskiy)
  • Update cmd/helm/install.go 98697c7 (Dmitry Chepurovskiy)
  • added Contributing.md section and ref link in the README 96ff353 (abhiram11)
  • fix: add podLabels b441f53 (genofire)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 f9e54b6 (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 25ac62e (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 9a0025f (Tapas Kapadia)
  • feat(helm): add ability for a dry-run to evaluate lookup functions When a helm command is run with the --dry-run-option=server flag, it will try to connect to the cluster to be able to render lookup functions. Closes #​8137 5ec7913 (Tapas Kapadia)
  • feat(helm): add ability for a dry-run to evaluate lookup functions When a helm command is run with the --dry-run-option=server flag, it will try to connect to the cluster to be able to render lookup functions. Closes #​8137 d66c7db (Tapas Kapadia)
  • feat(helm): add ability for a dry-run to evaluate lookup functions When a helm command is run with the --dry-run-option=server flag, it will try to connect to the cluster to be able to render lookup functions. Closes #​8137 ddb3358 (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 be99ebe (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 fc16ea7 (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions When a helm command is run with the --dry-run flag, it will try to connect to the cluster if the value is 'server' to be able to render lookup functions. Closes #​8137 4d67dfa (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions 51281c1 (Tapas Kapadia)
  • feat(helm): add ability for --dry-run to do lookup functions 92a6640 (Tapas Kapadia)
  • Add CHART, VERSION and APP_VERSION fields to get all command output 9e118ef (Mikhail Kopylov)
  • Adjust get command description to account metadata 290397b (Mikhail Kopylov)
  • fix typo: mountPath fc1a5a1 (Eugene Zuev)
  • add volumes and volumeMounts in chartutil fd44c0f (Eugene Zuev)
  • Seed a default switch to control automountServiceAccountToken 4f35343 (Pat Riehecky)
  • Avoid confusing error when passing in '--version X.Y.Z' 0d9eb13 (Justin Wood)
  • Use errors.Is to compare a2b9828 (Xin Ruan)
  • Add helm get metadata command 593dd0a (Mikhail Kopylov)
  • Use wrapped error so that ErrNoObjectsVisited can be compared after return. f01486a (Xin Ruan)
  • Add exact version test. See also #​7563 Signed-off-by: Igor Manushin igor.manushin@gmail.com 203f31d (Igor Manushin)
  • Update dependabot config to include github actions 115151b (Ashish Kurmi)
  • strict file permissions of repository.yaml 33121a8 (shankeerthan-kasilingam)
  • Check redefinition of define and include in tpl 9fe912f (Graham Reed)
  • Check that .Template is passed through tpl ebf5e1e (Graham Reed)
  • Make sure empty tpl values render empty. 0a6e7d9 (Graham Reed)
  • Pick the test improvement out of PR#8371 d1e9a24 (Graham Reed)
  • #​11369 Use the correct index repo cache directory in the parallelRepoUpdate method as well e844f9c (Vincent van ’t Zand)
  • #​11369 Add a test case to prove the bug and its resolution 90d204a (Vincent van ’t Zand)
  • ref(helm): export DescriptorPullSummary fields 62be6f1 (Antonio Gamez Diaz)
  • feat(helm): add 'ClientOptResolver' ClientOption 80bc7df (Antonio Gamez Diaz)
  • Fix flaky TestSQLCreate test by making sqlmock ignore order of sql requests 28ab648 (Dmitry Chepurovskiy)
  • Fixing tests after adding labels to release fixture 512970a (Dmitry Chepurovskiy)
  • Make default release fixture contain custom labels to make tests check that labels are not lost 2f29ccb (Dmitry Chepurovskiy)
  • Added support for storing custom labels in SQL storage driver 68721de (Dmitry Chepurovskiy)
  • Adding support merging new custom labels with original release labels during upgrade f96acb4 (Dmitry Chepurovskiy)
  • Added note to install/upgrade commands that original release labels wouldn't be persisted in upgraded release 71e55f9 (Dmitry Chepurovskiy)
  • Added unit tests for implemented install/upgrade labels logic f1700e8 (Dmitry Chepurovskiy)
  • Remove redudant types from util_test.go 083e66f (Dmitry Chepurovskiy)
  • Added tests for newly introduced util.go functions 3a2ed70 (Dmitry Chepurovskiy)
  • Fix broken tests for SQL storage driver c7eedbd (Dmitry Chepurovskiy)
  • Fix broken tests for configmap and secret storage drivers 95bb77c (Dmitry Chepurovskiy)
  • Make superseded releases keep labels 627ec6a (Dmitry Chepurovskiy)
  • Support configmap storage driver for install/upgrade actions --labels argument ff3e55f (Dmitry Chepurovskiy)
  • Added upgrade --install labels argument support 6afad6b (Dmitry Chepurovskiy)
  • Add labels support for install action with secret storage backend 6ef79e4 (Dmitry Chepurovskiy)
  • test: added tests to load plugin from home dir with space d7a5f54 (Suresh Kumar)
  • fix: plugin does not load when helm base dir contains space 2b49de0 (Suresh Kumar)
  • Add priority class to kind sorter f46eaf2 (Stepan Dohnal)
  • Fixes #​10566 c598a22 (alexandr.danilin)
  • test(search): add mixedCase test case 2ee3beb (Höhl, Lukas)
  • fix(search): print repo search result in original case 488add2 (Höhl, Lukas)
  • Adjust error message wrongly claiming that there is a resource conflict 8613770 (Moritz Clasmeier)
  • Throw an error from jobReady() if the job exceeds its BackoffLimit cd04e3f (Rosenberg, Jeff)
  • github: add Asset Transparency action for GitHub releases 87d40c1 (Brandon Philips)
bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)

v2.5.3

Compare Source

v2.5.2

Compare Source

v2.5.1

Compare Source

v2.5.0

Compare Source

v2.4.61

Compare Source

Bug Fix
  • terraform: fix upload resource_subgraph_maps - #​5615
Platform
  • terraform: Upload resource subgraph map - #​5612

v2.4.60

Compare Source

v2.4.59

Compare Source

v2.4.58

Compare Source

v2.4.57

Compare Source

v2.4.56

Compare Source

v2.4.55

Compare Source

v2.4.54

Compare Source

v2.4.53

Compare Source

v2.4.52

Compare Source

v2.4.51

Compare Source

v2.4.50

Compare Source

Feature

v2.4.49

Compare Source


Configuration

📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner September 26, 2023 13:26
@renovate renovate bot added the renovate This PR was created by RenovateBot label Sep 26, 2023
@renovate renovate bot changed the title chore(deps): update dependency https://github.com/bridgecrewio/checkov.git to v2.4.50 chore(deps): update dependency https://github.com/bridgecrewio/checkov.git to v2.4.51 Sep 27, 2023
@renovate renovate bot changed the title chore(deps): update dependency https://github.com/bridgecrewio/checkov.git to v2.4.51 chore(deps): update all dependencies Sep 27, 2023
@renovate renovate bot force-pushed the renovate/all branch 15 times, most recently from 1312f9a to f49acef Compare October 4, 2023 12:02
@RothAndrew RothAndrew added this pull request to the merge queue Oct 4, 2023
Merged via the queue into main with commit 43f138f Oct 4, 2023
2 checks passed
@RothAndrew RothAndrew deleted the renovate/all branch October 4, 2023 18:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
renovate This PR was created by RenovateBot
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant