chore(deps): update all github action dependencies (v1.14)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/upload-artifact	action	patch	v4.3.0 -> v4.3.1
anchore/scan-action	action	minor	v3.3.8 -> v3.6.4
aws-actions/configure-aws-credentials	action	patch	v4.0.1 -> v4.0.2
azure/login	action	minor	v1.5.1 -> v1.6.1
cilium/scale-tests-action	action	digest	8a522b9 -> 238d773
dorny/paths-filter	action	major	v2.11.1 -> v3.0.1
gcr.io/etcd-development/etcd		patch	v3.5.11 -> v3.5.12
github/codeql-action	action	major	v2.22.9 -> v3.24.5
google-github-actions/auth	action	minor	v2.0.0 -> v2.1.2
google-github-actions/setup-gcloud	action	minor	v2.0.0 -> v2.1.0
google-github-actions/setup-gcloud	action	major	v1.1.1 -> v2.1.0
helm/kind-action	action	minor	v1.8.0 -> v1.9.0
kindest/node		digest	59c989f -> 14d0a9a
kubernetes-sigs/bom		minor	v0.5.1 -> v0.6.0
kubernetes-sigs/kind		minor	v0.20.0 -> v0.22.0
kubernetes/kubernetes		minor	v1.28.4 -> v1.29.2
myrotvorets/set-commit-status-action	action	patch	v2.0.0 -> v2.0.1
nick-invision/retry	action	major	v2.9.0 -> v3.0.0
sigstore/cosign-installer	action	minor	v3.2.0 -> v3.4.0

---

Release Notes

actions/upload-artifact (actions/upload-artifact)

v4.3.1

Compare Source

• Bump @​actions/artifacts to latest version to include updated GHES host check

anchore/scan-action (anchore/scan-action)

v3.6.4

Compare Source

New in scan-action v3.6.4

• Update Grype to v0.74.4 (#​279) [anchore-actions-token-generator]

v3.6.3

Compare Source

New in scan-action v3.6.3

• chore: migrate action to use node v20.11.0 (Iron) FROM node v16.x.x (#​278) [spiffcs]

v3.6.2

Compare Source

New in scan-action v3.6.2

• chore(deps): update Grype to v0.74.3 (#​275) [anchore-actions-token-generator]

v3.6.1

Compare Source

New in scan-action v3.6.1

• chore(deps): update Grype to v0.74.2 (#​272) [anchore-actions-token-generator]
• chore(deps-dev): bump prettier from 3.2.2 to 3.2.4 (#​270) [dependabot]

v3.6.0

Compare Source

New in scan-action v3.6.0

• chore(deps): update Grype to v0.74.1 (#​271) [anchore-actions-token-generator]
• chore(deps-dev): bump prettier from 3.1.1 to 3.2.2 (#​268) [dependabot]

v3.5.0

Compare Source

New in scan-action v3.5.0

• chore(deps): update Grype to v0.74.0 (#​267) [anchore-actions-token-generator]
• chore(deps): bump @​actions/core from 1.10.0 to 1.10.1 (#​262) [dependabot]

v3.4.0

Compare Source

New in scan-action v3.4.0

• chore(deps-dev): bump tslib from 2.5.0 to 2.6.2 (#​258) [dependabot]
• chore(deps-dev): bump @​vercel/ncc from 0.36.1 to 0.38.1 (#​261) [dependabot]
• chore(deps): update Grype to v0.73.5 (#​264) [anchore-actions-token-generator]
• Add support for the --vex flag (#​254) [ferozsalam]

aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)

v4.0.2

Compare Source

See the changelog for details about the changes included in this release.

azure/login (azure/login)

v1.6.1: Azure Login Action v1.6.1

Compare Source

• Fix #​403: Do not break the workflow if az is not installed in pre and post steps

v1.6.0: Azure Login Action v1.6.0

Compare Source

• Added pre: and post: action for cleaning up (#​384)

dorny/paths-filter (dorny/paths-filter)

v3.0.1

Compare Source

• Compare base and ref when token is empty

v3.0.0

Compare Source

• Update to Node.js 20
• Update all dependencies

v2.12.0

Compare Source

github/codeql-action (github/codeql-action)

v3.24.5

Compare Source

v3.24.4

Compare Source

v3.24.3

Compare Source

v3.24.2

Compare Source

v3.24.1

Compare Source

v3.24.0

Compare Source

v3.23.2

Compare Source

v3.23.1

Compare Source

v3.23.0

Compare Source

v3.22.12

Compare Source

v3.22.11

Compare Source

v2.24.5

Compare Source

v2.24.4

Compare Source

v2.24.3

Compare Source

v2.24.2

Compare Source

v2.24.1

Compare Source

v2.24.0

Compare Source

v2.23.2

Compare Source

v2.23.1

Compare Source

v2.23.0

Compare Source

v2.22.12

Compare Source

v2.22.11

Compare Source

v2.22.10

Compare Source

google-github-actions/auth (google-github-actions/auth)

v2.1.2

Compare Source

What's Changed

• Remove documentation on retries (deprecated) by @​sethvargo in https://github.com/google-github-actions/auth/pull/392
• Add security considerations for Attribute Conditions by @​sethvargo in https://github.com/google-github-actions/auth/pull/393
• security: bump undici from 5.28.2 to 5.28.3 by @​dependabot in https://github.com/google-github-actions/auth/pull/394
• Reduce warnings to info level with a warning icon by @​sethvargo in https://github.com/google-github-actions/auth/pull/397
• Release: v2.1.2 by @​google-github-actions-bot in https://github.com/google-github-actions/auth/pull/399

New Contributors

• @​dependabot made their first contribution in https://github.com/google-github-actions/auth/pull/394

Full Changelog: google-github-actions/auth@v2...v2.1.2

v2.1.1

Compare Source

What's Changed

• Remove retry logic by @​sethvargo in https://github.com/google-github-actions/auth/pull/389
• Use an OAuth 2.0 access token for Domain-Wide Delegation by @​sethvargo in https://github.com/google-github-actions/auth/pull/388
• Release: v2.1.1 by @​google-github-actions-bot in https://github.com/google-github-actions/auth/pull/390

Full Changelog: google-github-actions/auth@v2...v2.1.1

v2.1.0

Compare Source

What's Changed

• Update deps by @​sethvargo in https://github.com/google-github-actions/auth/pull/384
• Release: v2.1.0 by @​google-github-actions-bot in https://github.com/google-github-actions/auth/pull/385

Full Changelog: google-github-actions/auth@v2...v2.1.0

v2.0.1

Compare Source

What's Changed

• Trigger release on pushes to release branches by @​sethvargo in https://github.com/google-github-actions/auth/pull/358
• Fix a small docs issue by @​sethvargo in https://github.com/google-github-actions/auth/pull/359
• Remove broken markdown links by @​sethvargo in https://github.com/google-github-actions/auth/pull/362
• Document that project_id might be required by @​sethvargo in https://github.com/google-github-actions/auth/pull/367
• Update README and CI to use latest version by @​sethvargo in https://github.com/google-github-actions/auth/pull/365
• Add service_account to WIF through SA example by @​sethvargo in https://github.com/google-github-actions/auth/pull/369
• Use new markdown syntax for alerts by @​sethvargo in https://github.com/google-github-actions/auth/pull/371
• Note .dockerignore in the exclusion for credentials by @​sethvargo in https://github.com/google-github-actions/auth/pull/376
• Support newline-separated inputs for delegates and access_token_scopes by @​sethvargo in https://github.com/google-github-actions/auth/pull/381
• Release: v2.0.1 by @​google-github-actions-bot in https://github.com/google-github-actions/auth/pull/382

Full Changelog: google-github-actions/auth@v2...v2.0.1

google-github-actions/setup-gcloud (google-github-actions/setup-gcloud)

v2.1.0

Compare Source

What's Changed

• Update deps by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/677
• Release: v2.1.0 by @​google-github-actions-bot in https://github.com/google-github-actions/setup-gcloud/pull/678

Full Changelog: google-github-actions/setup-gcloud@v2...v2.1.0

v2.0.1

Compare Source

What's Changed

• Update README and CI to use latest version by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/665
• Don't warn when version is "latest" by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/669
• Only warn when there are no authentications by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/671
• Fix edge case when gcloud is not installed at all by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/672
• Rename test step to a more accurate name by @​sethvargo in https://github.com/google-github-actions/setup-gcloud/pull/673
• Release: v2.0.1 by @​google-github-actions-bot in https://github.com/google-github-actions/setup-gcloud/pull/674

Full Changelog: google-github-actions/setup-gcloud@v2...v2.0.1

helm/kind-action (helm/kind-action)

v1.9.0

Compare Source

What's Changed

• Bump actions/checkout from 3.3.0 to 3.5.3 by @​dependabot in https://github.com/helm/kind-action/pull/90
• Bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in https://github.com/helm/kind-action/pull/96
• Bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot in https://github.com/helm/kind-action/pull/97
• Bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot in https://github.com/helm/kind-action/pull/98
• Bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in https://github.com/helm/kind-action/pull/99
• chore: Bump node version to node20 by @​sayboras in https://github.com/helm/kind-action/pull/102
• Fix arch detection in non-Debian distros by @​musse in https://github.com/helm/kind-action/pull/93
• docs: fix default version in action.yml by @​dunglas in https://github.com/helm/kind-action/pull/91
• docs: bump outdated action version in README by @​dunglas in https://github.com/helm/kind-action/pull/92

New Contributors

• @​musse made their first contribution in https://github.com/helm/kind-action/pull/93
• @​dunglas made their first contribution in https://github.com/helm/kind-action/pull/91

Full Changelog: helm/kind-action@v1.8.0...v1.9.0

kubernetes-sigs/bom (kubernetes-sigs/bom)

v0.6.0

Compare Source

Changes by Kind

Feature

• Add attestation in the release job (#​271, @​cpanato)
• Added support for scanning images with RPM package managers (#​342, @​micahhausler)
• Bom now ships with the SPDX license list version v3.21 embedded. (#​307, @​puerco)
• Improved the query help output, most importantly there is now help for the purl matcher
  • New flag --purl to output purls instead of names
  • The name matching filter now supports full regexes and not just substring matching
  • New pluggable printer interface to output in more formats
  • bom document query now can output in JSON and CSV in addition to the usual line printer using --format
  • New --fields flag controls which fields of the sbom will be printed on the query output
  • Piped data on STDIN is now autodetected, you can now pipe an SBOM to bom document query and skip the filename (#​291, @​puerco)
• OS Packages now can include an auto-generated download location. Initially supports Debian and Wolfi. (#​270, @​puerco)
• The bom json parser now supports top-level elements specified with a DESCRIBES relationship to the document. documentDescribes is, of course, still suppoirted
  • License printing in query results has better NOASSERTION detection when choosing which license to print. (#​304, @​puerco)
• Update license-data to v3.22 (#​357, @​cpanato)
• bom now supports scanning OS packages from images based on distroless.
  • Fixed a bug where bom would drop the last package read from the debian database
  • Fixed an encoding bug in oci-typed purls where the version had an unescaped colon. (#​345, @​puerco)
• bom will now autodetect when STDIN is open to outline an SBOM to avoid specifying it with a dash (#​260, @​puerco)

Bug or Regression

• Bom will now read the SBOM until it detects the SBOM encoding data, enabling it to parse SBOMs with the document data defined at the end of the file.
  • When trying to ingest a CycloneDX document, bom will now print a more useful warning (#​259, @​puerco)
• Fixed a race condition where concurrent files canning processes could clash and cause a segfault (thanks to @​howardjohn for reporting) (#​312, @​puerco)
• JSON-encoded files now include supplier and originator data. (#​269, @​puerco)

Other (Cleanup or Flake)

• Go.mod: Update github.com/uwu-tools/magex to v0.10.0 (#​275, @​cpanato)
• SPDX packages representing container images are now named using their full reference and digest: registry.com/repository/image@sha256:digest (#​289, @​puerco)

Dependencies

Added

• dario.cat/mergo: v1.0.0
• github.com/MakeNowJust/heredoc/v2: v2.0.1
• github.com/cyphar/filepath-securejoin: v0.2.4
• github.com/dustin/go-humanize: v1.0.1
• github.com/elazarl/goproxy: 2592e75
• github.com/glebarez/go-sqlite: v1.22.0
• github.com/go-jose/go-jose/v3: v3.0.0
• github.com/golang/groupcache: 41bb18b
• github.com/google/pprof: e6195bd
• github.com/hashicorp/errwrap: v1.0.0
• github.com/hashicorp/go-multierror: v1.1.1
• github.com/kballard/go-shellquote: 95032a8
• github.com/klauspost/cpuid/v2: v2.2.3
• github.com/knqyf263/go-rpmdb: 067d98b
• github.com/mattn/go-isatty: v0.0.20
• github.com/mattn/go-sqlite3: v1.14.16
• github.com/remyoudompheng/bigfft: 24d4a6f
• github.com/uwu-tools/magex: v0.10.0
• golang.org/x/exp: d852ddb
• golang.org/x/tools/go/vcs: v0.1.0-deprecated
• lukechampine.com/uint128: v1.3.0
• modernc.org/cc/v3: v3.41.0
• modernc.org/ccgo/v3: v3.16.15
• modernc.org/httpfs: v1.0.6
• modernc.org/libc: v1.37.6
• modernc.org/mathutil: v1.6.0
• modernc.org/memory: v1.7.2
• modernc.org/opt: v0.1.3
• modernc.org/sqlite: v1.28.0
• modernc.org/strutil: v1.2.0
• modernc.org/tcl: v1.15.2
• modernc.org/token: v1.1.0
• modernc.org/z: v1.7.3

Changed

• cloud.google.com/go/compute: v1.18.0 → v1.19.3
• github.com/BurntSushi/toml: v0.3.1 → v1.2.1
• github.com/Masterminds/semver/v3: v3.1.1 → v3.2.1
• github.com/Microsoft/go-winio: v0.6.0 → v0.6.1
• github.com/ProtonMail/go-crypto: 7d5c6f0 → 3c4c8a2
• github.com/cloudflare/circl: v1.1.0 → v1.3.3
• github.com/cpuguy83/go-md2man/v2: v2.0.2 → v2.0.3
• github.com/docker/cli: v23.0.1+incompatible → v24.0.0+incompatible
• github.com/docker/distribution: v2.8.1+incompatible → v2.8.2+incompatible
• github.com/docker/docker: v23.0.1+incompatible → v24.0.0+incompatible
• github.com/go-git/gcfg: v1.5.0 → 3a3c614
• github.com/go-git/go-billy/v5: v5.4.1 → v5.5.0
• github.com/go-git/go-git-fixtures/v4: v4.3.1 → 55a9409
• github.com/go-git/go-git/v5: v5.6.1 → v5.11.0
• github.com/google/go-cmp: v0.5.9 → v0.6.0
• github.com/google/go-containerregistry: v0.14.0 → v0.17.0
• github.com/google/uuid: v1.3.0 → v1.5.0
• github.com/in-toto/in-toto-golang: v0.7.0 → v0.9.0
• github.com/klauspost/compress: v1.16.0 → v1.16.5
• github.com/kr/pretty: v0.3.0 → v0.3.1
• github.com/magefile/mage: v1.14.0 → v1.15.0
• github.com/maxbrunsfeld/counterfeiter/v6: v6.6.1 → v6.8.1
• github.com/moby/term: 3f7ff69 → v0.5.0
• github.com/onsi/gomega: v1.26.0 → v1.30.0
• github.com/opencontainers/image-spec: v1.1.0-rc2 → v1.1.0-rc3
• github.com/package-url/packageurl-go: d704593 → v0.1.2
• github.com/rogpeppe/go-internal: v1.8.1 → v1.11.0
• github.com/secure-systems-lab/go-securesystemslib: v0.5.0 → v0.6.0
• github.com/sirupsen/logrus: v1.9.0 → v1.9.3
• github.com/skeema/knownhosts: v1.1.0 → v1.2.1
• github.com/spf13/cobra: v1.6.1 → v1.8.0
• github.com/spiffe/go-spiffe/v2: v2.1.2 → v2.1.3
• github.com/stretchr/testify: v1.8.2 → v1.8.4
• github.com/urfave/cli: v1.22.4 → v1.22.12
• github.com/vbatts/tar-split: v0.11.2 → v0.11.3
• gitlab.alpinelinux.org/alpine/go: v0.6.0 → v0.8.0
• golang.org/x/crypto: v0.6.0 → v0.18.0
• golang.org/x/mod: v0.9.0 → v0.14.0
• golang.org/x/net: v0.8.0 → v0.20.0
• golang.org/x/oauth2: v0.6.0 → v0.8.0
• golang.org/x/sync: v0.1.0 → v0.6.0
• golang.org/x/sys: v0.6.0 → v0.16.0
• golang.org/x/term: v0.6.0 → v0.16.0
• golang.org/x/text: v0.8.0 → v0.14.0
• golang.org/x/tools: v0.7.0 → v0.17.0
• golang.org/x/xerrors: 5ec99f8 → 104605a
• google.golang.org/genproto: 76db087 → 637eb22
• google.golang.org/grpc: v1.53.0 → v1.54.0
• google.golang.org/protobuf: v1.29.0 → v1.30.0
• mvdan.cc/sh/v3: v3.5.1 → v3.7.0
• sigs.k8s.io/release-utils: 2b998c6 → v0.7.7

Removed

• github.com/MakeNowJust/heredoc: v1.0.0
• github.com/acomagu/bufpipe: v1.0.4
• github.com/bwesterb/go-ristretto: v1.2.0
• github.com/carolynvs/magex: v0.9.0
• github.com/creack/pty: v1.1.17
• github.com/frankban/quicktest: v1.14.0
• github.com/google/renameio: v1.0.1
• github.com/imdario/mergo: v0.3.13
• github.com/jessevdk/go-flags: v1.5.0
• github.com/matryer/is: v1.2.0
• github.com/mmcloughlin/avo: v0.5.0
• github.com/niemeyer/pretty: a10e7ca
• github.com/pkg/diff: 20ebb0f
• github.com/shurcooL/sanitized_anchor_name: v1.0.0
• golang.org/x/arch: v0.1.0
• gopkg.in/errgo.v2: v2.1.0
• gopkg.in/square/go-jose.v2: v2.6.0
• mvdan.cc/editorconfig: v0.2.0
• rsc.io/pdf: v0.1.1

kubernetes-sigs/kind (kubernetes-sigs/kind)

v0.22.0

Compare Source

This release is a quick follow-up to v0.21.0 with bug fixes including not overriding the host's binfmt_misc (a regression in v0.20.0, see: https://github.com/kubernetes-sigs/kind/issues/3510).

Breaking Changes

• The default node image is now Kubernetes 1.29.2: kindest/node:v1.29.2@​sha256:51a1434a5397193442f0be2a297b488b6c919ce8a3931be0ce822606ea5ca245

If you haven't already, please see also v0.21.0 release notes given the short time between releases.

New Features

• Remove exclude-from-external-load-balancers from single node clusters https://github.com/kubernetes-sigs/kind/issues/3506
• Support for building node images on hosts with proxies

Images pre-built for this release:

• v1.29.2: kindest/node:v1.29.2@​sha256:51a1434a5397193442f0be2a297b488b6c919ce8a3931be0ce822606ea5ca245
• v1.29.1: kindest/node:v1.29.1@​sha256:0c06baa545c3bb3fbd4828eb49b8b805f6788e18ce67bff34706ffa91866558b
• v1.28.7: kindest/node:v1.28.7@​sha256:9bc6c451a289cf96ad0bbaf33d416901de6fd632415b076ab05f5fa7e4f65c58
• v1.28.6: kindest/node:v1.28.6@​sha256:e9e59d321795595d0eed0de48ef9fbda50388dc8bd4a9b23fb9bd869f370ec7e
• v1.27.11: kindest/node:v1.27.11@​sha256:681253009e68069b8e01aad36a1e0fa8cf18bb0ab3e5c4069b2e65cafdd70843
• v1.27.10: kindest/node:v1.27.10@​sha256:e6b2f72f22a4de7b957cd5541e519a8bef3bae7261dd30c6df34cd9bdd3f8476
• v1.26.14: kindest/node:v1.26.14@​sha256:5d548739ddef37b9318c70cb977f57bf3e5015e4552be4e27e57280a8cbb8e4f
• v1.26.13: kindest/node:v1.26.13@​sha256:8cb4239d64ff897e0c21ad19fe1d68c3422d4f3c1c1a734b7ab9ccc76c549605
• v1.25.16: kindest/node:v1.25.16@​sha256:e8b50f8e06b44bb65a93678a65a26248fae585b3d3c2a669e5ca6c90c69dc519
• v1.24.17: kindest/node:v1.24.17@​sha256:bad10f9b98d54586cba05a7eaa1b61c6b90bfc4ee174fdc43a7b75ca75c95e51
• v1.23.17: kindest/node:v1.23.17@​sha256:14d0a9a892b943866d7e6be119a06871291c517d279aedb816a4b4bc0ec0a5b3

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

• https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster
• https://kind.sigs.k8s.io/docs/user/quick-start/#building-images

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see https://github.com/kubernetes-sigs/kind/issues/2718

Fixes

• binfmt_misc no longer set by node images (regression in v0.20.0)
• fix runc hooks when non-root / usernamespaces
• Support multiple random extraPortMappings
• Docs fixes for contour and WSL2

Contributors

Thank you to everyone who contributed to this release! ❤️

Users whose commits are in this release (alphabetically by user name)

• @​BenTheElder
• @​dependabot[bot]
• @​dgl
• @​howardjohn
• @​k8s-ci-robot
• @​r-suke
• @​skriss
• @​wouterh-dev
• @​Zumium

Thank you as well to everyone else not listed here who contributed in other ways like filing issues, giving feedback, testing fixes, and helping users in slack!

v0.21.0

Compare Source

This release patches the recent runc CVEs, as well as an issue with kind build node-image and docker v25.0.0+

Breaking Changes

• The default node image is a Kubernetes v1.29.1 image: kindest/node:v1.29.1@​sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144

If you haven't already, please see also v0.20.0 release notes which had important announcements that still apply going forward.

New Features

• Upgraded go to 1.20.13
• Upgraded crictl to 1.28
• Upgraded containerd fuse overlayfs to 1.0.6
• Began marking some core images pinned in containerd, which may eventually make enabling imageGC safer
• kindnetd will ignore nodes with empty podCIDR, enabling some niche use-cases

Images pre-built for this release:

• v1.29.1: kindest/node:v1.29.1@​sha256:a0cc28af37cf39b019e2b448c54d1a3f789de32536cb5a5db61a49623e527144
• v1.28.6: kindest/node:v1.28.6@​sha256:b7e1cf6b2b729f604133c667a6be8aab6f4dde5bb042c1891ae248d9154f665b
• v1.27.10: kindest/node:v1.27.10@​sha256:3700c811144e24a6c6181065265f69b9bf0b437c45741017182d7c82b908918f
• v1.26.13: kindest/node:v1.26.13@​sha256:15ae92d507b7d4aec6e8920d358fc63d3b980493db191d7327541fbaaed1f789
• v1.25.16: kindest/node:v1.25.16@​sha256:9d0a62b55d4fe1e262953be8d406689b947668626a357b5f9d0cfbddbebbc727
• v1.24.17: kindest/node:v1.24.17@​sha256:ea292d57ec5dd0e2f3f5a2d77efa246ac883c051ff80e887109fabefbd3125c7
• v1.23.17: kindest/node:v1.23.17@​sha256:fbb92ac580fce498473762419df27fa8664dbaa1c5a361b5957e123b4035bdcf

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

• https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster
• https://kind.sigs.k8s.io/docs/user/quick-start/#building-images

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see https://github.com/kubernetes-sigs/kind/issues/2718

Fixes

• Updated runc to v1.1.12, containerd to v1.7.13 including the fix for GHSA-xr7r-f8xq-vfvv
• Fixed kind build node-image with docker v25.0.0+
  • NOTE: kind load docker-image is still broken with Docker v25.0.0 due to a docker bug, which has a fix merged that should be included in Docker v25.0.1+
• Assorted docs fixes

Contributors

Thank you to everyone who contributed to this release! ❤️

Users whose commits are in this release (alphabetically by user name)

• @​adelton
• @​ameukam
• @​AkihiroSuda
• @​AryanSharma9917
• @​BenTheElder
• @​bpfoster
• @​corneliusroemer
• @​dependabot[bot]
• @​k8s-ci-robot
• @​kir4h
• @​liangyuanpeng
• @​lixin963
• @​matzew
• @​mausearce
• @​ronaldpetty
• @​roman-kiselenko
• @​saschagrunert

Thank you as well to everyone else not listed here who contributed in other ways like filing issues, giving feedback, testing fixes, and helping users in slack!

kubernetes/kubernetes (kubernetes/kubernetes)

v1.29.2: Kubernetes v1.29.2

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.29.1: Kubernetes v1.29.1

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.29.0: Kubernetes v1.29.0

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.28.7: Kubernetes v1.28.7

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.28.6: Kubernetes v1.28.6

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.28.5: Kubernetes v1.28.5

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

myrotvorets/set-commit-status-action (myrotvorets/set-commit-status-action)

v2.0.1

Compare Source

What's Changed

• chore(deps): update dependency @​types/node to v20.6.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/440
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/441
• chore(deps): update dependency @​actions/core to v1.10.1 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/442
• chore(deps): update dependency @​octokit/webhooks-types to v7.3.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/443
• chore(deps): update github/codeql-action digest to 701f152 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/444
• chore(deps): update github/codeql-action digest to 04daf01 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/445
• chore(deps): update dependency @​types/node to v20.6.1 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/446
• chore(deps): update dependency @​types/node to v20.6.2 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/447
• chore(deps): update dependency @​octokit/webhooks-types to v7.3.1 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/448
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/449
• chore(deps): update github/codeql-action digest to 6a28655 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/450
• chore(deps): update dependency @​types/node to v20.6.3 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/451
• chore(deps): update actions/checkout digest to 8ade135 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/452
• chore(deps): update actions/checkout action to v4.1.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/453
• chore(deps): update dependency @​types/node to v20.6.4 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/454
• chore(deps): update dependency @​types/node to v20.6.5 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/455
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/456
• chore(deps): update dependency @​types/node to v20.7.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/457
• chore(deps): update github/codeql-action digest to ddccb87 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/458
• chore(deps): update dependency @​types/node to v20.7.1 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/459
• chore(deps): update dependency @​types/node to v20.7.2 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/460
• chore(deps): update dependency @​types/node to v20.8.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/461
• chore(deps): update dependency @​types/node to v20.8.2 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/462
• chore(deps): update github/codeql-action digest to 2cb752a by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/463
• chore(deps): update dependency @​types/node to v20.8.3 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/464
• chore(deps): update dependency @​myrotvorets/eslint-config-myrotvorets-ts to ^2.21.0 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/465
• chore(deps): update dependency typescript to ^5.2.2 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/466
• chore(deps): update devdependencies (non-major) by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/467
• chore(deps): update github/codeql-action digest to fdcae64 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/468
• chore(deps): update dependency @​types/node to ^20.8.4 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/469
• chore(deps): update dependency @​actions/github to v6 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/470
• chore(deps): update dependency @​myrotvorets/eslint-config-myrotvorets-ts to ^2.22.4 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/471
• chore(deps): update github/codeql-action digest to d90b8d7 by @​renovate in https://github.com/myrotvorets/set-commit-status-action/pull/472
• chore(deps): update dependency [@​types/node](https://togithub

---

Configuration

📅 Schedule: Branch creation - "on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[aanm]

/test-backport-1.14