Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all github action dependencies (v0.13) (patch) #1394

Merged
merged 1 commit into from
Feb 23, 2024
Merged

chore(deps): update all github action dependencies (v0.13) (patch) #1394

merged 1 commit into from
Feb 23, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 23, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change
github/codeql-action action patch v3.24.3 -> v3.24.4
helm/helm patch v3.14.1 -> v3.14.2

Release Notes

github/codeql-action (github/codeql-action)

v3.24.4

Compare Source

helm/helm (helm/helm)

v3.14.2: Helm v3.14.2

Compare Source

Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release.

A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content.

Jakub Ciolek with AlphaSense discovered the vulnerability.

Installation and Upgrading

Download Helm v3.14.2. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.14.3 will contain only bug fixes and be released on March 13, 2024.
  • 3.15.0 is the next feature release and will be on May 08, 2024.

Configuration

📅 Schedule: Branch creation - "on friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate
chore(deps): update all github action dependencies
0b48335 
Signed-off-by: renovate[bot] <bot@renovateapp.com>
@renovate renovate bot requested review from a team as code owners February 23, 2024 04:12
@renovate renovate bot added kind/enhancement This would improve or streamline existing functionality. priority/release-blocker This issue will prevent the release of the next version of Cilium. labels Feb 23, 2024
@renovate renovate bot requested a review from a team as a code owner February 23, 2024 04:12
@renovate renovate bot added the release-note/misc This PR makes changes that have no direct user impact. label Feb 23, 2024
@renovate renovate bot requested review from brlbil and chancez and removed request for a team February 23, 2024 04:12
@rolinh rolinh merged commit 3389c56 into v0.13 Feb 23, 2024
3 checks passed
@rolinh rolinh deleted the renovate/v0.13-patch-all-github-action branch February 23, 2024 06:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rolinh rolinh rolinh approved these changes

@brlbil brlbil brlbil approved these changes

@chancez chancez Awaiting requested review from chancez chancez is a code owner automatically assigned from cilium/sig-hubble

Assignees
No one assigned
Labels
kind/enhancement This would improve or streamline existing functionality. priority/release-blocker This issue will prevent the release of the next version of Cilium. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rolinh @brlbil