Dependencies updated to fix vulnerabilities detected

ThalesGroup · Feb 4, 2024 · 0172b55 · 0172b55
1 parent 1f621af
commit 0172b55
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 22 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Release Notes
 
+## Version 4.0.12 - 02/03/2024
+* Updated build dependencies
+
 ## Version 4.0.12 - 07/07/2023
 * Updated build dependencies
 

diff --git a/README.md b/README.md
@@ -48,8 +48,8 @@ Please follow this [page](https://kubernetes.io/docs/tasks/tools/install-kubectl
 ```
 
 Helm Spray shall always be called on the umbrella chart, whatever it is for upgrading the full set of charts, or for upgrading individual sub-charts (using the `--target` option).
-For a proper usage of helm spray, the umbrella chart shall have a `requirement.yaml` file listing all the sub-charts to be deployed (under the `dependencies` element). Sub-charts may have an `alias` element and the `condition` element shall be set to the value `<chart name or alias>.enabled`.
-Here is an example of `requirement.yaml` file for an umbrella chart having three sub-charts, one of them having an alias:
+For a proper usage of helm spray, the umbrella chart shall have a `requirements.yaml` file listing all the sub-charts to be deployed (under the `dependencies` element). Sub-charts may have an `alias` element and the `condition` element shall be set to the value `<chart name or alias>.enabled`.
+Here is an example of `requirements.yaml` file for an umbrella chart having three sub-charts, one of them having an alias:
 ```
 dependencies:
 - name: micro-service-1
@@ -68,7 +68,7 @@ dependencies:
 ```
 
 A "values" file shall also be set with the weight it be applied to each individual sub-chart. This weight shall be set in the `<chart name or alias>.weight` element. A good practice is that thei weigths are statically set in the default `values.yaml` file of the umbrella chart (and not in a yaml file provided using the `-f` option), as sub-chart's weight is not likely to change over time.
-As an example corresponding to the above `requirement.yaml` file, the `values.yaml` file of the umbrella chart might be:
+As an example corresponding to the above `requirements.yaml` file, the `values.yaml` file of the umbrella chart might be:
 ```
 micro-service-1:
  weight: 0

diff --git a/go.mod b/go.mod
@@ -3,10 +3,10 @@ module github.com/gemalto/helm-spray/v4
 go 1.19
 
 require (
- github.com/spf13/cobra v1.7.0
- helm.sh/helm/v3 v3.12.1
- k8s.io/api v0.27.3
- k8s.io/client-go v0.27.3
+ github.com/spf13/cobra v1.8.0
+ helm.sh/helm/v3 v3.14.0
+ k8s.io/api v0.29.1
+ k8s.io/client-go v0.29.1
 )
 
 require (
@@ -15,12 +15,12 @@ require (
  github.com/Masterminds/semver/v3 v3.2.1 // indirect
  github.com/beorn7/perks v1.0.1 // indirect
  github.com/cespare/xxhash/v2 v2.2.0 // indirect
- github.com/containerd/containerd v1.7.0 // indirect
- github.com/cyphar/filepath-securejoin v0.2.3 // indirect
+ github.com/containerd/containerd v1.7.13 // indirect
+ github.com/cyphar/filepath-securejoin v0.2.4 // indirect
  github.com/davecgh/go-spew v1.1.1 // indirect
  github.com/docker/cli v20.10.21+incompatible // indirect
  github.com/docker/distribution v2.8.2+incompatible // indirect
- github.com/docker/docker v20.10.24+incompatible // indirect
+ github.com/docker/docker v20.10.27+incompatible // indirect
  github.com/docker/docker-credential-helpers v0.7.0 // indirect
  github.com/docker/go-connections v0.4.0 // indirect
  github.com/docker/go-metrics v0.0.1 // indirect
@@ -77,7 +77,7 @@ require (
  go.opentelemetry.io/otel v1.14.0 // indirect
  go.opentelemetry.io/otel/trace v1.14.0 // indirect
  go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
- golang.org/x/net v0.8.0 // indirect
+ golang.org/x/net v0.20.0 // indirect
  golang.org/x/oauth2 v0.4.0 // indirect
  golang.org/x/sync v0.1.0 // indirect
  golang.org/x/sys v0.6.0 // indirect
@@ -86,21 +86,21 @@ require (
  golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
  google.golang.org/appengine v1.6.7 // indirect
  google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect
- google.golang.org/grpc v1.53.0 // indirect
+ google.golang.org/grpc v1.61.0 // indirect
  google.golang.org/protobuf v1.28.1 // indirect
  gopkg.in/inf.v0 v0.9.1 // indirect
  gopkg.in/yaml.v2 v2.4.0 // indirect
  gopkg.in/yaml.v3 v3.0.1 // indirect
- k8s.io/apiextensions-apiserver v0.27.2 // indirect
- k8s.io/apimachinery v0.27.3 // indirect
- k8s.io/cli-runtime v0.27.2 // indirect
- k8s.io/klog/v2 v2.90.1 // indirect
- k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
- k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect
+ k8s.io/apiextensions-apiserver v0.29.1 // indirect
+ k8s.io/apimachinery v0.29.1 // indirect
+ k8s.io/cli-runtime v0.29.1 // indirect
+ k8s.io/klog/v2 v2.120.1 // indirect
+ k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec // indirect
+ k8s.io/utils v0.0.0-20240102154912-e7106e64919e // indirect
  oras.land/oras-go v1.2.2 // indirect
  sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
- sigs.k8s.io/kustomize/api v0.13.2 // indirect
- sigs.k8s.io/kustomize/kyaml v0.14.1 // indirect
- sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
- sigs.k8s.io/yaml v1.3.0 // indirect
+ sigs.k8s.io/kustomize/api v0.16.0 // indirect
+ sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect
+ sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+ sigs.k8s.io/yaml v1.4.0 // indirect
 )