Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: update module helm.sh/helm/v3 to v3.14.1 - autoclosed #561

Closed
wants to merge 1 commit into from
Closed

deps: update module helm.sh/helm/v3 to v3.14.1 - autoclosed #561

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 17, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
helm.sh/helm/v3 v3.13.3 -> v3.14.1 age adoption passing confidence

Release Notes

helm/helm (helm.sh/helm/v3)

v3.14.1: Helm v3.14.1

Compare Source

Helm v3.14.1 is a security (patch) release. Users are strongly recommended to update to this release.

A Helm contributor discovered a path traversal vulnerability when Helm saves a chart including at download time.

Dominykas Blyžė with Nearform Ltd. discovered the vulnerability.

Installation and Upgrading

Download Helm v3.14.1. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.14.2 will contain only bug fixes and be released on March 13, 2024.
  • 3.15.0 is the next feature release and will be on May 08, 2024.

v3.14.0: Helm v3.14.0

Compare Source

Helm v3.14.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • New helm search flag of --fail-on-no-result
  • Allow a nested tpl invocation access to defines
  • Speed up the tpl function
  • Added qps/HELM_QPS parameter that tells Kubernetes packages how to operate
  • Added --kube-version to lint command
  • The ignore pkg is now public

Installation and Upgrading

Download Helm v3.14.0. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.14.1 will contain only bug fixes and will be on February 14, 2024.
  • 3.15.0 is the next feature release and will be on May 08, 2024.

Changelog

  • Improve release action 3fc9f4b (George Jenkins)
  • bump version to 69dcc92 (Matt Farina)
  • Fix issues when verify generation readiness was merged c042264 (Matt Farina)
  • fix test to use the default code's k8sVersionMinor 6e5332e (Joe Julian)
  • lint: Add --kube-version flag to set capabilities and deprecation rules 869c1d2 (Antoine Deschênes)
  • Update to Go 1.21 for builds 847369c (Matt Farina)
  • chore(deps): bump github.com/containerd/containerd from 1.7.6 to 1.7.11 08ea59c (dependabot[bot])
  • chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 30e1a2c (dependabot[bot])
  • Removing Asset Transparency 803cf2d (Matt Farina)
  • tests(pkg/engine): test RenderWithClientProvider a997de1 (Marcin Owsiany)
  • Make the ignore pkg public again 5586760 (Ismail Alidzhikov)
  • chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 b3cb20a (dependabot[bot])
  • Updating to Kubernetes 1.29.0 libraries e5fff68 (Matt Farina)
  • feature(pkg/engine): introduce RenderWithClientProvider bfec4ec (Marcin Owsiany)
  • chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11 70c1519 (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.22.9 to 2.22.10 be10183 (dependabot[bot])
  • Updating Helm libraries for k8s 1.28.4 015e174 (Matt Farina)
  • chore(deps): bump github/codeql-action from 2.22.8 to 2.22.9 2a211bf (dependabot[bot])
  • Remove excessive logging ce87ece (Sean Mills)
  • chore(deps): bump github/codeql-action from 2.22.7 to 2.22.8 3cb6b06 (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.22.5 to 2.22.7 42c5af2 (dependabot[bot])
  • Update CONTRIBUTING.md 312a073 (lixin18)
  • Fixing release labelling in rollback 8814bfb (Marcin Chojnacki)
  • chore(deps): bump github.com/docker/docker c54e39a (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.22.4 to 2.22.5 d6e9197 (dependabot[bot])
  • feat: move livenessProbe and readinessProbe values to default values file 9f0313e (Denis Policastro)
  • Revert "fix(main): fix basic auth for helm pull or push" 24e2864 (Matt Farina)
  • chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.56.3 c5fe7dd (dependabot[bot])
  • Revert "fix(registry): address anonymous pull issue" 992dc58 (Matt Farina)
  • Update get-helm-3 81362d9 (Marcel Humburg)
  • chore(deps): bump github/codeql-action from 2.22.3 to 2.22.4 6d1f6cd (dependabot[bot])
  • chore(deps): bump actions/checkout from 3.6.0 to 4.1.1 372ccca (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.21.8 to 2.22.3 a1a21ae (dependabot[bot])
  • Drop filterSystemLabels usage from Query method 250f0bd (Dmitry Chepurovskiy)
  • Apply review suggestions 0ec47f8 (Dmitry Chepurovskiy)
  • Update get-helm-3 to get version through get.helm.sh f94e5db (Ian Zink)
  • feat: print failed hook name b0d1637 (Serge Logvinov)
  • chore(deps): bump golang.org/x/net from 0.13.0 to 0.17.0 544cabb (dependabot[bot])
  • Fixing precedence issue with the import of values. 25371e2 (Matt Farina)
  • chore(create): indent to spaces 919bffe (genofire)
  • Allow using label selectors for system labels for sql backend. e6d9b99 (Dmitry Chepurovskiy)
  • Allow using label selectors for system labels for secrets and configmap backends. e219c75 (Dmitry Chepurovskiy)
  • remove useless print during prepareUpgrade f004d42 (b4nks)
  • Add missing with clause to release gh action 9d3d17a (Ian Zink)
  • FIX Default ServiceAccount yaml 828763e (Lars Zimmermann)
  • fix(registry): address anonymous pull issue fe4c01f (Hidde Beydals)
  • fix(registry): unswallow error da3c666 (Hidde Beydals)
  • Fix missing run statement on release action 21ea847 (Ian Zink)
  • Add qps/HELM_QPS parameter 415af5b (Andy Smith)
  • chore(deps): bump oras.land/oras-go from 1.2.3 to 1.2.4 102e931 (dependabot[bot])
  • chore(deps): bump github/codeql-action from 2.21.7 to 2.21.8 2505592 (dependabot[bot])
  • bump version to v3.13.0 c372b15 (Matt Farina)
  • chore(deps): bump github.com/evanphx/json-patch 8b0a78c (dependabot[bot])
  • chore(deps): bump golang.org/x/text from 0.11.0 to 0.13.0 58ccfc0 (dependabot[bot])
  • Write latest version to get.helm.sh bucket 0619d08 (Ian Zink)
  • Increased release information key name max length. 4199be8 (abrarcv170)
  • Pin gox to specific commit 0403305 (Antony Chazapis)
  • Remove GoFish from package managers for installing the binary a9377f9 (y-yagi)
  • Test update for "Allow a nested tpl invocation access to defines in a containing one" b261a1b (Graham Reed)
  • Test update for "Speed up tpl" 36d417d (Graham Reed)
  • addressing comment 1a3e9a9 (Stefan McShane)
  • Add support for RISC-V 786707c (Antony Chazapis)
  • lint and validate dependency metadata to reference dependencies with a unique key (name or alias) 6a4035a (Daniel Strobusch)
  • Work around template.Clone omitting options 95905f1 (Graham Reed)
  • fix: pass 'passCredentialsAll' as env-var to getter fa067ec (Mathias Neerup)
  • feat: pass basic auth to env-vars when running download plugins f28447c (Mathias Neerup)
  • helm search: New CLI Flag --fail-on-no-result b9cece6 (Bhargav Ravuri)
  • Update pkg/kube/ready.go 141fa4a (muang0)
  • Update pkg/kube/ready.go 4cb62d1 (muang0)
  • Update pkg/kube/ready.go dbb21fc (muang0)
  • Update pkg/kube/ready.go fcc0332 (muang0)
  • Update pkg/kube/ready.go a1a1aaf (muang0)
  • fix post install hook deletion due to before-hook-creation policy fa025fc (zak905)
  • Allow a nested tpl invocation access to defines in a containing one a7d3fd6 (Graham Reed)
  • Remove the 'reference templates' concept e2a7c79 (Graham Reed)
  • Speed up tpl db4f330 (Graham Reed)
  • ready checker- comment update Signed-off-by: James Oden james.oden.dev@gmail.com d008340 (James Oden)
  • ready checker- remove duplicate statefulset generational check Signed-off-by: James Oden james.oden.dev@gmail.com 4f99c86 (James Oden)
  • Verify generation in readiness checks d94c509 (James Oden)
  • feat(helm): add --reset-then-reuse-values flag to 'helm upgrade' a9d59f9 (Quentin Devos)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jan 17, 2024
@netlify Netlify
Copy link

netlify bot commented Jan 17, 2024
edited
Loading

Deploy Preview for marblerun-docs canceled.

Name Link
🔨 Latest commit cb69193
🔍 Latest deploy log https://app.netlify.com/sites/marblerun-docs/deploys/65cd2d583f056e0008eaeba9

@daniel-weisse daniel-weisse added the hold This cannot be merged right now label Jan 18, 2024
@daniel-weisse
Copy link
Member

Will require some manual changes

@renovate renovate bot force-pushed the renovate/helm.sh-helm-v3-3.x branch 2 times, most recently from 8d9adca to 3b6a849 Compare February 1, 2024 13:17
@renovate renovate bot force-pushed the renovate/helm.sh-helm-v3-3.x branch from 3b6a849 to cfaa821 Compare February 6, 2024 07:54
@renovate renovate bot force-pushed the renovate/helm.sh-helm-v3-3.x branch from cfaa821 to cb69193 Compare February 14, 2024 21:15
@renovate renovate bot changed the title deps: update module helm.sh/helm/v3 to v3.14.0 deps: update module helm.sh/helm/v3 to v3.14.1 Feb 14, 2024
@renovate renovate bot changed the title deps: update module helm.sh/helm/v3 to v3.14.1 deps: update module helm.sh/helm/v3 to v3.14.1 - autoclosed Feb 15, 2024
@renovate renovate bot closed this Feb 15, 2024
@renovate renovate bot deleted the renovate/helm.sh-helm-v3-3.x branch February 15, 2024 19:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@daniel-weisse daniel-weisse

Labels
dependencies Pull requests that update a dependency file hold This cannot be merged right now
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@daniel-weisse