chore(deps): update actions/dependency-review-action action to v4 #2318
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
requested review from
jeff-mccoy,
Racer159,
Noxsios and
lucasrod16
as code owners
✅ Deploy Preview for zarf-docs canceled.
|
renovate
bot
force-pushed
the
renovate/actions-dependency-review-action-4.x
branch
from
6ff9c2d
to
e90d201
Compare
mjnagel
pushed a commit
to defenseunicorns/uds-core
that referenced
this pull request
Mar 8, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | patch | `v0.32.3` -> `v0.32.4` | --- ### Release Notes <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) ##### What's Changed ##### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [defenseunicorns/zarf#2301 - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2311 - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2314 - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [defenseunicorns/zarf#2310 - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2323 - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2319 - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [defenseunicorns/zarf#2306 ##### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2294, [defenseunicorns/zarf#2297 and [defenseunicorns/zarf#2300 - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2307 and [defenseunicorns/zarf#2329 - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2317 - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2318 ##### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2305 ##### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/zarf#2298 - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2322 ##### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [defenseunicorns/zarf#2301 - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [defenseunicorns/zarf#2298 - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [defenseunicorns/zarf#2306 **Full Changelog**: defenseunicorns/zarf@v0.32.3...v0.32.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIzMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Racer159
added a commit
to defenseunicorns/uds-package-sonarqube
that referenced
this pull request
Mar 29, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | minor | `v4.0.0` -> `v4.3.1` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | patch | `v0.3.6` -> `v0.3.9` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | patch | `v0.3.6` -> `v0.3.9` | | [defenseunicorns/uds-common-tasks](https://togithub.com/defenseunicorns/uds-common-tasks) | | patch | `v0.3.6` -> `v0.3.9` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.29.1` -> `v0.32.6` | | [docker/login-action](https://togithub.com/docker/login-action) | action | digest | `343f7c4` -> `e92390c` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.22.12` -> `v3.24.9` | | [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | repository | minor | `v1.54.1` -> `v1.57.2` | | [google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action) | action | minor | `v4.0.1` -> `v4.1.0` | | [pre-commit/pre-commit-hooks](https://togithub.com/pre-commit/pre-commit-hooks) | repository | minor | `v4.4.0` -> `v4.5.0` | | [python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema) | repository | minor | `0.24.1` -> `0.28.0` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | major | `36.43.1` -> `37.274.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.1`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.1) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.0...v4.3.1) - Bump [@​actions/artifacts](https://togithub.com/actions/artifacts) to latest version to include [updated GHES host check](https://togithub.com/actions/toolkit/pull/1648) ### [`v4.3.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.2.0...v4.3.0) ##### What's Changed - Reorganize upload code in prep for merge logic & add more tests by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/504](https://togithub.com/actions/upload-artifact/pull/504) - Add sub-action to merge artifacts by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/505](https://togithub.com/actions/upload-artifact/pull/505) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.3.0 ### [`v4.2.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.2.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.1.0...v4.2.0) ##### What's Changed - Ability to overwrite an Artifact by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/501](https://togithub.com/actions/upload-artifact/pull/501) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.2.0 ### [`v4.1.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.1.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.0.0...v4.1.0) #### What's Changed - Add migrations docs by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/482](https://togithub.com/actions/upload-artifact/pull/482) - Update README.md by [@​samuelwine](https://togithub.com/samuelwine) in [https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492) - Support artifact-url output by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/496](https://togithub.com/actions/upload-artifact/pull/496) - Update readme to reflect new 500 artifact per job limit by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/497](https://togithub.com/actions/upload-artifact/pull/497) #### New Contributors - [@​samuelwine](https://togithub.com/samuelwine) made their first contribution in [https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.1.0 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.8...v0.3.9) ##### Miscellaneous - fix missing keys in setup actions ([#​93](https://togithub.com/defenseunicorns/uds-common/issues/93)) ([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a)) ### [`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.7...v0.3.8) ##### Miscellaneous - add upgrade tests to common ([#​91](https://togithub.com/defenseunicorns/uds-common/issues/91)) ([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d)) - **deps:** update dependency defenseunicorns/uds-cli to v0.10.1 ([#​84](https://togithub.com/defenseunicorns/uds-common/issues/84)) ([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7)) - **deps:** update dependency defenseunicorns/uds-core to v0.17.0 ([#​83](https://togithub.com/defenseunicorns/uds-common/issues/83)) ([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c)) - **deps:** update uds common package dependencies to v6.6.1 ([#​92](https://togithub.com/defenseunicorns/uds-common/issues/92)) ([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3)) - update registry login to happen in the common env setup action ([#​88](https://togithub.com/defenseunicorns/uds-common/issues/88)) ([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae)) ### [`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.6...v0.3.7) ##### Miscellaneous - remove schedule on renovate ([#​85](https://togithub.com/defenseunicorns/uds-common/issues/85)) ([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27)) - update k3d-core-istio-dev to k3d-core-slim-dev ([#​86](https://togithub.com/defenseunicorns/uds-common/issues/86)) ([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493)) </details> <details> <summary>defenseunicorns/uds-common-tasks (defenseunicorns/uds-common-tasks)</summary> ### [`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9) [Compare Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.8...v0.3.9) ##### Miscellaneous - fix missing keys in setup actions ([#​93](https://togithub.com/defenseunicorns/uds-common/issues/93)) ([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a)) ### [`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8) [Compare Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.7...v0.3.8) ##### Miscellaneous - add upgrade tests to common ([#​91](https://togithub.com/defenseunicorns/uds-common/issues/91)) ([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d)) - **deps:** update dependency defenseunicorns/uds-cli to v0.10.1 ([#​84](https://togithub.com/defenseunicorns/uds-common/issues/84)) ([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7)) - **deps:** update dependency defenseunicorns/uds-core to v0.17.0 ([#​83](https://togithub.com/defenseunicorns/uds-common/issues/83)) ([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c)) - **deps:** update uds common package dependencies to v6.6.1 ([#​92](https://togithub.com/defenseunicorns/uds-common/issues/92)) ([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3)) - update registry login to happen in the common env setup action ([#​88](https://togithub.com/defenseunicorns/uds-common/issues/88)) ([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae)) ### [`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7) [Compare Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.6...v0.3.7) ##### Miscellaneous - remove schedule on renovate ([#​85](https://togithub.com/defenseunicorns/uds-common/issues/85)) ([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27)) - update k3d-core-istio-dev to k3d-core-slim-dev ([#​86](https://togithub.com/defenseunicorns/uds-common/issues/86)) ([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) ##### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6 ### [`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) ##### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://togithub.com/eddiezane) in [#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://togithub.com/waveywaves) in [#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://togithub.com/Racer159) in [#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://togithub.com/renovate)\[bot] in [#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://togithub.com/mdaizcorbe) in [#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://togithub.com/Noxsios) in [#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://togithub.com/Noxsios) in [#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://togithub.com/beholdenkey) in [#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://togithub.com/AustinAbro321) by [@​Racer159](https://togithub.com/Racer159) in [#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://togithub.com/Noxsios) in [#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://togithub.com/Noxsios) in [#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374) ##### First Time Contributors - [@​eddiezane](https://togithub.com/eddiezane) made their first contribution in [#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://togithub.com/beholdenkey) made their first contribution in [#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first contribution in [#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5 ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) ##### What's Changed ##### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) ##### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) ##### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) ##### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) ##### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4 ### [`v0.32.3`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.3) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3) ##### What's Changed ##### Fixes - Properly handle panic that could occur during checksum validation by [@​mjnagel](https://togithub.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2262](https://togithub.com/defenseunicorns/zarf/pull/2262) - Add the `--key` flag to the init cmd to properly allow for signed init packages by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2259](https://togithub.com/defenseunicorns/zarf/pull/2259) - Restore destroy script functionality during `zarf destroy` by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2274](https://togithub.com/defenseunicorns/zarf/pull/2274) - Fix symlink inclusion within component resources by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2256](https://togithub.com/defenseunicorns/zarf/pull/2256) - Use memory friendly file split logic for partial packages by [@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) in [https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264) - Fix reproducible tarball creation on Windows systems by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2293](https://togithub.com/defenseunicorns/zarf/pull/2293) ##### Docs - Make branding more consistent and add community meetup references to docs by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2258](https://togithub.com/defenseunicorns/zarf/pull/2258) ##### Dependencies - Update github.com/anchore/clio digest by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2277](https://togithub.com/defenseunicorns/zarf/pull/2277) and [https://github.com/defenseunicorns/zarf/pull/2283](https://togithub.com/defenseunicorns/zarf/pull/2283) - Update all non-major dependencies (including Gitea v1.21.5, Syft v0.100.0, K9s v0.31.7 and Crane v0.19.0) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2187](https://togithub.com/defenseunicorns/zarf/pull/2187) ##### Development - Add a more robust chart search regexManager by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2278](https://togithub.com/defenseunicorns/zarf/pull/2278) and [https://github.com/defenseunicorns/zarf/pull/2284](https://togithub.com/defenseunicorns/zarf/pull/2284) - Partial refactor of injector logic in `k8s`, and `cluster` packages by [@​chrishorton](https://togithub.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2271](https://togithub.com/defenseunicorns/zarf/pull/2271) ##### New Contributors - [@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3 ### [`v0.32.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2) #### What's Changed #### Features - Support authenticated Helm repositories that have been configured with `helm repo add` by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2196](https://togithub.com/defenseunicorns/zarf/pull/2196) - Verify that the specified storage class exists during `zarf init` by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2180](https://togithub.com/defenseunicorns/zarf/pull/2180) - Check for available node resources before building injector pod by [@​chrishorton](https://togithub.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220) - Officially support yaml extensions within the `zarf.yaml` using `x-` keys by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2217](https://togithub.com/defenseunicorns/zarf/pull/2217) #### Fixes - Fix the inclusion of helm sub commands when rendering `zarf tools help` by [@​jbrewer3](https://togithub.com/jbrewer3) in [https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216) #### Docs - Fix typos in the extension `README.md` by [@​mjnagel](https://togithub.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2227](https://togithub.com/defenseunicorns/zarf/pull/2227) - Fix a small grammatical error in the base `README.md` by [@​cmwylie19](https://togithub.com/cmwylie19) in [https://github.com/defenseunicorns/zarf/pull/2219](https://togithub.com/defenseunicorns/zarf/pull/2219) #### Dependencies - Update github.com/anchore/clio digest to [`89e2fe8`](https://togithub.com/defenseunicorns/zarf/commit/89e2fe8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2214](https://togithub.com/defenseunicorns/zarf/pull/2214) - Update github.com/anchore/clio digest to [`a5e93b6`](https://togithub.com/defenseunicorns/zarf/commit/a5e93b6) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2229](https://togithub.com/defenseunicorns/zarf/pull/2229) - Update github.com/anchore/stereoscope digest to [`eb656fc`](https://togithub.com/defenseunicorns/zarf/commit/eb656fc) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2230](https://togithub.com/defenseunicorns/zarf/pull/2230) #### Development - Remove workflow for automatically adding issues to the zarf project by [@​YrrepNoj](https://togithub.com/YrrepNoj) in [https://github.com/defenseunicorns/zarf/pull/2239](https://togithub.com/defenseunicorns/zarf/pull/2239) - Delete unnecessary waitgroup from concurrencyTools by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2244](https://togithub.com/defenseunicorns/zarf/pull/2244) - Update `NewOrasRemote` to take `ocispec.Platform` as an argument by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2241](https://togithub.com/defenseunicorns/zarf/pull/2241) #### New Contributors - [@​jbrewer3](https://togithub.com/jbrewer3) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216) - [@​chrishorton](https://togithub.com/chrishorton) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2 ### [`v0.32.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.0...v0.32.1) #### What's Changed #### Fixes - `ResolveRoot` now properly returns an error when a target platform is not provided when used as a library by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2212](https://togithub.com/defenseunicorns/zarf/pull/2212) - Fix reproducibility of internal tarballs for components + sboms to allow better OCI layer reuse by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2210](https://togithub.com/defenseunicorns/zarf/pull/2210) #### Docs - Remove `dos-games` skeleton references and instead use the skeleton architecture index by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2208](https://togithub.com/defenseunicorns/zarf/pull/2208) #### Dependencies - \[security] Update github.com/go-git/go-git/v5 to v5.11.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2209](https://togithub.com/defenseunicorns/zarf/pull/2209) - \[security] Update github.com/containerd/containerd to v1.7.11 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2209](https://togithub.com/defenseunicorns/zarf/pull/2209) - Update github.com/anchore/syft to v0.99.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2185](https://togithub.com/defenseunicorns/zarf/pull/2185) - Update github.com/anchore/clio digest to [`3e50431`](https://togithub.com/defenseunicorns/zarf/commit/3e50431) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2207](https://togithub.com/defenseunicorns/zarf/pull/2207) - Update github.com/anchore/stereoscope digest to [`590920d`](https://togithub.com/defenseunicorns/zarf/commit/590920d) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2206](https://togithub.com/defenseunicorns/zarf/pull/2206) - Update github/codeql-action action to v3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2191](https://togithub.com/defenseunicorns/zarf/pull/2191) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.0...v0.32.1 ### [`v0.32.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.4...v0.32.0) #### What's Changed #### :warning: Breaking Changes - Gitea has been updated from the 8.x series chart (app version 1.19.3) to the 10.x series chart (app version 1.21.2) - this update contains breaking changes and should be tested if you are using this component - default Zarf installs will upgrade automatically but more advanced configurations / use cases should be reviewed. [Gitea Release Notes](https://togithub.com/go-gitea/gitea/releases) - Zarf package OCI references now use OCI indexes / platforms to handle architecture - packages published to OCI with this version of Zarf will be placed within an index and won't be able to be pulled with older versions - old packages will still be able to be pulled however. - Component and package names can no longer start with a leading `-` as this is used within the deselect syntax introduced for `--components` #### Features <img src="https://github.com/defenseunicorns/zarf/assets/3977569/b9f9e158-d70d-48dd-bcda-f37d728e700a" width=555px/> - Add `zarf dev deploy` for quickly testing packages and restructure `zarf prepare` into `zarf dev` by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2170](https://togithub.com/defenseunicorns/zarf/pull/2170) - Introduce unpinned resources (`images`/`repos`/`files`) warning for `zarf dev lint` by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2171](https://togithub.com/defenseunicorns/zarf/pull/2171) - Add glob selection and deselection support to `--components` by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2175](https://togithub.com/defenseunicorns/zarf/pull/2175) - Switch to indexed platforms for OCI architectures (eliminate `-amd64`, `-arm64` tag mangling) by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2184](https://togithub.com/defenseunicorns/zarf/pull/2184) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Introduce `zarf prepare lint` to perform schema validation and lay groundwork for standardizing best practices by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2075](https://togithub.com/defenseunicorns/zarf/pull/2075) - Add `zarf package remove/inspect` completion for package names from cluster sources by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2151](https://togithub.com/defenseunicorns/zarf/pull/2151) - Add a warning when no components are selected for deployment in a package by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2167](https://togithub.com/defenseunicorns/zarf/pull/2167) - Allow passing additional arguments to `k9s` when invoked by `zarf tools monitor` by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2095](https://togithub.com/defenseunicorns/zarf/pull/2095) - Add `REGISTRY_CA_BUNDLE` variable to registry package and chart to improve S3 backed registries by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [https://github.com/defenseunicorns/zarf/pull/2008](https://togithub.com/defenseunicorns/zarf/pull/2008) - Add `GIT_SERVER_DISABLE_REGISTRATION` variable to allow for Gitea registration, so that SSO can be used by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2118](https://togithub.com/defenseunicorns/zarf/pull/2118) - `[Library Only]` Initial implementation of Helm Chart overrides at deploy time by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2131](https://togithub.com/defenseunicorns/zarf/pull/2131) </details> #### Fixes - Update error message when the image doesn't exist locally or on a remote by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2160](https://togithub.com/defenseunicorns/zarf/pull/2160) - Corrected k8s / helm k8s client version within Helm templating by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2197](https://togithub.com/defenseunicorns/zarf/pull/2197) - Properly handle tunnel error channels to force retries of image pushing by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2190](https://togithub.com/defenseunicorns/zarf/pull/2190) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Fix helm chart clobbering and differences with Zarf and Helm `chart` names along with new [`repoName` key](https://docs.zarf.dev/docs/create-a-zarf-package/zarf-schema#zarfchart) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2174](https://togithub.com/defenseunicorns/zarf/pull/2174) - Add message asking if the user has init'ed their cluster and slim down error messages more generally by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2177](https://togithub.com/defenseunicorns/zarf/pull/2177) - Fix compose dropping the `only.localOS` filter from the composed package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2173](https://togithub.com/defenseunicorns/zarf/pull/2173) - Improve Helm rollback logic, messaging, and support for local tarballs by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2157](https://togithub.com/defenseunicorns/zarf/pull/2157) - Add warnings to better log the errors encountered on image push retries by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2147](https://togithub.com/defenseunicorns/zarf/pull/2147) - Make `set -e` (and `$ErrorActionPreference = 'Stop';`) the default for multiline actions so that they fail correctly by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2148](https://togithub.com/defenseunicorns/zarf/pull/2148) - Properly handle `variable` and `constant` merging when using composable components by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2129](https://togithub.com/defenseunicorns/zarf/pull/2129) - Use the node name instead of the hostname label to build the injector pod by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2119](https://togithub.com/defenseunicorns/zarf/pull/2119) - Resolve pathing issues while loading images with Zarf on Windows by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2106](https://togithub.com/defenseunicorns/zarf/pull/2106) - Add an error channel for progress bar rendering to properly stop the progress bar when used as a library by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2117](https://togithub.com/defenseunicorns/zarf/pull/2117) - Keep a useable empty dir volume within the registry even when persistence is disabled by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2124](https://togithub.com/defenseunicorns/zarf/pull/2124) </details> #### Docs <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Update the[ Airgap Software Delivery course](https://docs.zarf.dev/docs/getting-started/understand-the-basics#airgap-basics) name by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2172](https://togithub.com/defenseunicorns/zarf/pull/2172) - Promote the Quick Start section to [Getting Started](https://docs.zarf.dev/docs/getting-started/) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2182](https://togithub.com/defenseunicorns/zarf/pull/2182) - Fix link and content issues across the docs by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2168](https://togithub.com/defenseunicorns/zarf/pull/2168) - Improve the docs for [`zarf tools k9s` options](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_tools_monitor) and other [command examples](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_package_mirror-resources#examples) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2132](https://togithub.com/defenseunicorns/zarf/pull/2132) - Update the [Zarf overview](https://docs.zarf.dev/docs/zarf-overview) to be more clear about how Zarf works by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2122](https://togithub.com/defenseunicorns/zarf/pull/2122) </details> #### Dependencies - Update gitea chart from 8.3.0 to 10.0.0 by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [https://github.com/defenseunicorns/zarf/pull/2123](https://togithub.com/defenseunicorns/zarf/pull/2123) - Update module golang.org/x/crypto to v0.17.0 \[security] by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2201](https://togithub.com/defenseunicorns/zarf/pull/2201) - Update sigstore/cosign-installer action to v3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/1400](https://togithub.com/defenseunicorns/zarf/pull/1400) - Update github.com/anchore/stereoscope digest to [`4b999b7`](https://togithub.com/defenseunicorns/zarf/commit/4b999b7) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2198](https://togithub.com/defenseunicorns/zarf/pull/2198) - Update dependency pepr to v20 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2193](https://togithub.com/defenseunicorns/zarf/pull/2193) - Update actions/download-artifact action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2194](https://togithub.com/defenseunicorns/zarf/pull/2194) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Update actions/setup-go action to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2179](https://togithub.com/defenseunicorns/zarf/pull/2179) - Update all non-major dependencies by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2099](https://togithub.com/defenseunicorns/zarf/pull/2099) - Update github.com/anchore/clio digest to [`767f622`](https://togithub.com/defenseunicorns/zarf/commit/767f622) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2186](https://togithub.com/defenseunicorns/zarf/pull/2186) - Update component-webhooks example to use new Pepr k8s fluent client by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2090](https://togithub.com/defenseunicorns/zarf/pull/2090) - Update k8s.io/utils digest to [`cf03d44`](https://togithub.com/defenseunicorns/zarf/commit/cf03d44) then to [`b307cd5`](https://togithub.com/defenseunicorns/zarf/commit/b307cd5) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2156](https://togithub.com/defenseunicorns/zarf/pull/2156) and [https://github.com/defenseunicorns/zarf/pull/2161](https://togithub.com/defenseunicorns/zarf/pull/2161) - Update github.com/anchore/stereoscope digest to [`3610f4e`](https://togithub.com/defenseunicorns/zarf/commit/3610f4e) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2155](https://togithub.com/defenseunicorns/zarf/pull/2155) - \[security] Update module github.com/sigstore/cosign/v2 to v2.2.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2134](https://togithub.com/defenseunicorns/zarf/pull/2134) </details> #### Development - Update the release workflow to accept sigstore terms and sign by digest by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2204](https://togithub.com/defenseunicorns/zarf/pull/2204) and [https://github.com/defenseunicorns/zarf/pull/2205](https://togithub.com/defenseunicorns/zarf/pull/2205) - Update references to new ironbank credentials in bigbang workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2192](https://togithub.com/defenseunicorns/zarf/pull/2192) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Move the `cluster` library from `internal` to `pkg` to make it available to consumers by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2162](https://togithub.com/defenseunicorns/zarf/pull/2162) - Promote [@​lucasrod16](https://togithub.com/lucasrod16) to be a full maintainer by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2166](https://togithub.com/defenseunicorns/zarf/pull/2166) - Fix race condition in TestValidateLastNonBreakingVersion unit test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2138](https://togithub.com/defenseunicorns/zarf/pull/2138) - Split up the e2e tests that need a cluster, versus ones that do not to speed up CI by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2139](https://togithub.com/defenseunicorns/zarf/pull/2139) - Update external tests to run in a unique k3d cluster and use the same Gitea chart as Zarf by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2145](https://togithub.com/defenseunicorns/zarf/pull/2145) </details> **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.31.4...v0.32.0 ### [`v0.31.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.31.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.3...v0.31.4) #### What's Changed #### Fixes - Fix helm chart clobbering and differences with Zarf and Helm `chart` names along with new [`repoName` key](https://docs.zarf.dev/docs/create-a-zarf-package/zarf-schema#zarfchart) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2174](https://togithub.com/defenseunicorns/zarf/pull/2174) - Add message asking if the user has init'ed their cluster and slim down error messages more generally by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2177](https://togithub.com/defenseunicorns/zarf/pull/2177) - Fix compose dropping the `only.localOS` filter from the composed package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2173](https://togithub.com/defenseunicorns/zarf/pull/2173) #### Docs - Update the[ Airgap Software Delivery course](https://docs.zarf.dev/docs/getting-started/understand-the-basics#airgap-basics) name by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2172](https://togithub.com/defenseunicorns/zarf/pull/2172) - Promote the Quick Start section to [Getting Started](https://docs.zarf.dev/docs/getting-started/) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2182](https://togithub.com/defenseunicorns/zarf/pull/2182) #### Deps - Update actions/setup-go action to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2179](https://togithub.com/defenseunicorns/zarf/pull/2179) - Update all non-major dependencies by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2099](https://togithub.com/defenseunicorns/zarf/pull/2099) - Update github.com/anchore/clio digest to [`767f622`](https://togithub.com/defenseunicorns/zarf/commit/767f622) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2186](https://togithub.com/defenseunicorns/zarf/pull/2186) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.31.3...v0.31.4 ### [`v0.31.3`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.31.3) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.2...v0.31.3) #### What's Changed #### Features - Introduce `zarf prepare lint` to perform schema validation and lay groundwork for standardizing best practices by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2075](https://togithub.com/defenseunicorns/zarf/pull/2075) - Add `zarf package remove/inspect` completion for package names from cluster sources by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2151](https://togithub.com/defenseunicorns/zarf/pull/2151) - Add a warning when no components are selected for deployment in a package by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2167](https://togithub.com/defenseunicorns/zarf/pull/2167) #### Fixes - Improve Helm rollback logic, messaging, and support for local tarballs by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2157](https://togithub.com/defenseunicorns/zarf/pull/2157) #### Docs - Fix link and content issues across the docs by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2168](https://togithub.com/defenseunicorns/zarf/pull/2168) #### Dependencies - Update component-webhooks example to use new Pepr k8s fluent client by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2090](https://togithub.com/defenseunicorns/zarf/pull/2090) - Update k8s.io/utils digest to [`cf03d44`](https://togithub.com/defenseunicorns/zarf/commit/cf03d44) then to [`b307cd5`](https://togithub.com/defenseunicorns/zarf/commit/b307cd5) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2156](https://togithub.com/defenseunicorns/zarf/pull/2156) and [https://github.com/defenseunicorns/zarf/pull/2161](https://togithub.com/defenseunicorns/zarf/pull/2161) - Update github.com/anchore/stereoscope digest to [`3610f4e`](https://togithub.com/defenseunicorns/zarf/commit/3610f4e) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2155](https://togithub.com/defenseunicorns/zarf/pull/2155) #### Development - Move the `cluster` library from `internal` to `pkg` to make it available to consumers by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2162](https://togithub.com/defenseunicorns/zarf/pull/2162) - Promote [@​lucasrod16](https://togithub.com/lucasrod16) to be a full maintainer by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2166](https://togithub.com/defenseunicorns/zarf/pull/2166) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.31.2...v0.31.3 ### [`v0.31.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.31.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.1...v0.31.2) #### What's Changed #### Fixes - Add warnings to better log the errors encountered on image push retries by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2147](https://togithub.com/defenseunicorns/zarf/pull/2147) - Make `set -e` (and `$ErrorActionPreference = 'Stop';`) the default for multiline actions so that they fail correctly by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2148](https://togithub.com/defenseunicorns/zarf/pull/2148) #### Docs - Improve the docs for [`zarf tools k9s` options](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_tools_monitor) and other [command examples](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_package_mirror-resources#examples) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2132](https://togithub.com/defenseunicorns/zarf/pull/2132) #### Dependencies - \[security] Update module github.com/sigstore/cosign/v2 to v2.2.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2134](https://togithub.com/defenseunicorns/zarf/pull/2134) #### Development - Fix race condition in TestValidateLastNonBreakingVersion unit test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2138](https://togithub.com/defenseunicorns/zarf/pull/2138) - Split up the e2e tests that need a cluster, versus ones that do not to speed up CI by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2139](https://togithub.com/defenseunicorns/zarf/pull/2139) - Update external tests to run in a unique k3d cluster and use the same Gitea chart as Zarf by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2145](https://togithub.com/defenseunicorns/zarf/pull/2145) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.31.1...v0.31.2 ### [`v0.31.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.31.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.0...v0.31.1) #### What's Changed #### Features - Allow passing additional arguments to `k9s` when invoked by `zarf tools monitor` by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2095](https://togithub.com/defenseunicorns/zarf/pull/2095) - Add `REGISTRY_CA_BUNDLE` variable to registry package and chart to improve S3 backed registries by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [https://github.com/defenseunicorns/zarf/pull/2008](https://togithub.com/defenseunicorns/zarf/pull/2008) - Add `GIT_SERVER_DISABLE_REGISTRATION` variable to allow for Gitea registration, so that SSO can be used by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2118](https://togithub.com/defenseunicorns/zarf/pull/2118) - `[Library Only]` Initial implementation of Helm Chart overrides at deploy time by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2131](https://togithub.com/defenseunicorns/zarf/pull/2131) #### Fixes - Properly handle `variable` and `constant` merging when using composable components by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2129](https://togithub.com/defenseunicorns/zarf/pull/2129) - Use the node name instead of the hostname label to build the injector pod by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2119](https://togithub.com/defenseunicorns/zarf/pull/2119) - Resolve pathing issues while loading images with Zarf on Windows by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2106](https://togithub.com/defenseunicorns/zarf/pull/2106) - Add an error channel for progress bar rendering to properly stop the progress bar when used as a library by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2117](https://togithub.com/defenseunicorns/zarf/pull/2117) - Keep a useable empty dir volume within the registry even when persistence is disabled by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2124](https://togithub.com/defenseunicorns/zarf/pull/2124) #### Docs - Update the [Zarf overview](https://docs.zarf.dev/docs/zarf-overview) to be more clear about how Zarf works by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2122](https://togithub.com/defenseunicorns/zarf/pull/2122) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.31.0...v0.31.1 ### [`v0.31.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.31.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.30.1...v0.31.0) #### What's Changed #### :warning: Breaking Changes - Signing Zarf packages is now done with `--signing-key` and `--signing-key-pass` - the old `--key` flag is deprecated on `zarf package create` and has been removed from `zarf package publish` to support public keys instead - Component composability (`import.path`) must point to a directory, pointing to a `zarf.yaml` directly is no longer supported > **NOTE**: These are mostly edge cases on `zarf package create` and don't impact `zarf package deploy`. If you are using either feature though ensure you update your package create process. #### Features - Introduce the [`only.flavor` filter](https://docs.zarf.dev/examples/package-flavors/) to allow building of package variants and provide a replacement for some `group` use cases by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2105](https://togithub.com/defenseunicorns/zarf/pull/2105) - Add `--no-progress` to the `zarf tools wait-for` sub command by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2093](https://togithub.com/defenseunicorns/zarf/pull/2093) - Expose Gitea image templates to [custom init packages](https://docs.zarf.dev/docs/zarf-tutorials/custom-init-packages#swapping-images) by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [https://github.com/defenseunicorns/zarf/pull/2069](https://togithub.com/defenseunicorns/zarf/pull/2069) <details> <summary><h4>Rollup From v0.30 Patch Releases</ </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-sonarqube). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <me@racer159.com>
Racer159
added a commit
to defenseunicorns/uds-package-mattermost
that referenced
this pull request
Mar 29, 2024
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
major | `v3.6.0` -> `v4.1.1` |
|
[actions/dependency-review-action](https://togithub.com/actions/dependency-review-action)
| action | major | `v2.5.1` -> `v4.2.5` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | minor | `v4.0.0` -> `v4.3.1` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| | patch | `v0.3.3` -> `v0.3.9` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| action | patch | `v0.3.3` -> `v0.3.9` |
|
[defenseunicorns/uds-common-tasks](https://togithub.com/defenseunicorns/uds-common-tasks)
| | patch | `v0.3.3` -> `v0.3.9` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
minor | `v0.29.1` -> `v0.32.6` |
| [docker/login-action](https://togithub.com/docker/login-action) |
action | digest | `343f7c4` -> `e92390c` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.22.12` -> `v3.24.9` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | major | `v2.24.5` -> `v3.24.9` |
| [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| repository | minor | `v1.55.2` -> `v1.57.2` |
|
[google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action)
| action | minor | `v4.0.2` -> `v4.1.0` |
|
[python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema)
| repository | minor | `0.27.4` -> `0.28.0` |
|
[renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks)
| repository | minor | `37.165.5` -> `37.275.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
Note: The `pre-commit` manager in Renovate is not supported by the
`pre-commit` maintainers or community. Please do not report any problems
there, instead [create a Discussion in the Renovate
repository](https://togithub.com/renovatebot/renovate/discussions/new)
if you have any questions.
---
### Release Notes
<details>
<summary>actions/checkout (actions/checkout)</summary>
###
[`v4.1.1`](https://togithub.com/actions/checkout/releases/tag/v4.1.1)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.0...v4.1.1)
##### What's Changed
- Update CODEOWNERS to Launch team by
[@​joshmgross](https://togithub.com/joshmgross) in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- Correct link to GitHub Docs by
[@​peterbe](https://togithub.com/peterbe) in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
- Link to release page from what's new section by
[@​cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1514](https://togithub.com/actions/checkout/pull/1514)
##### New Contributors
- [@​joshmgross](https://togithub.com/joshmgross) made their first
contribution in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- [@​peterbe](https://togithub.com/peterbe) made their first
contribution in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.0...v4.1.1
###
[`v4.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.0.0...v4.1.0)
- [Add support for partial checkout
filters](https://togithub.com/actions/checkout/pull/1396)
###
[`v4.0.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400)
[Compare
Source](https://togithub.com/actions/checkout/compare/v3.6.0...v4.0.0)
- [Support fetching without the --progress
option](https://togithub.com/actions/checkout/pull/1067)
- [Update to node20](https://togithub.com/actions/checkout/pull/1436)
</details>
<details>
<summary>actions/dependency-review-action
(actions/dependency-review-action)</summary>
###
[`v4.2.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.5):
4.2.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5)
#### What's Changed
- Fixed a bug where some configuration options in external files were
not being properly picked up --
[https://github.com/actions/dependency-review-action/pull/722](https://togithub.com/actions/dependency-review-action/pull/722)
- Bump eslint from 8.56.0 to 8.57.0
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5
###
[`v4.2.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.4)
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4)
#### What's Changed
Fixed a bug in the output of OpenSSF cards for GitHub Actions.
#### New Contributors
- [@​sporkmonger](https://togithub.com/sporkmonger) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/721](https://togithub.com/actions/dependency-review-action/pull/721)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4
###
[`v4.2.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.3):
4.2.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3)
#### What's Changed
- Set comment as output by [@​jsoref](https://togithub.com/jsoref)
in
[https://github.com/actions/dependency-review-action/pull/698](https://togithub.com/actions/dependency-review-action/pull/698)
- Add support for calculating OpenSSF Scorecards by
[@​jhutchings1](https://togithub.com/jhutchings1) in
[https://github.com/actions/dependency-review-action/pull/709](https://togithub.com/actions/dependency-review-action/pull/709)
- Add outputs for the changes data by
[@​laughedelic](https://togithub.com/laughedelic) in
[https://github.com/actions/dependency-review-action/pull/707](https://togithub.com/actions/dependency-review-action/pull/707)
#### New Contributors
- [@​jhutchings1](https://togithub.com/jhutchings1) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/709](https://togithub.com/actions/dependency-review-action/pull/709)
- [@​laughedelic](https://togithub.com/laughedelic) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/707](https://togithub.com/actions/dependency-review-action/pull/707)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3
###
[`v4.1.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.3):
4.1.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3)
Fixes a bug in 4.1.2 that would introduce comments in every pull
request, regardless of the user's configuration (see
[https://github.com/actions/dependency-review-action/issues/697](https://togithub.com/actions/dependency-review-action/issues/697)).
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3
###
[`v4.1.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.2):
4.1.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2)
#### What's Changed
- Expose dependency comment content by
[@​jsoref](https://togithub.com/jsoref) in
[https://github.com/actions/dependency-review-action/pull/696](https://togithub.com/actions/dependency-review-action/pull/696)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2
###
[`v4.1.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.1):
4.1.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1)
#### What's Changed
- Bump `undici` to fix
[GHSA-wqq4-5wpv-mx2g](https://togithub.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g)
- Bump [@​types/node](https://togithub.com/types/node) from
20.11.17 to 20.11.19 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/693](https://togithub.com/actions/dependency-review-action/pull/693)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1
###
[`v4.1.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.0):
4.1.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.0.0...v4.1.0)
#### What's Changed
- Add `warn-only` by [@​tgrall](https://togithub.com/tgrall) in
[https://github.com/actions/dependency-review-action/pull/432](https://togithub.com/actions/dependency-review-action/pull/432)
Added a new configuration option (`warn-only`, boolean) that makes the
action always succeed while still displaying found vulnerabilities in
the log.
- Create stale.yaml by
[@​jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/671](https://togithub.com/actions/dependency-review-action/pull/671)
- Use manual codeql config by
[@​juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/678](https://togithub.com/actions/dependency-review-action/pull/678)
- Multiple dependency updates (see the changelog below for more
information)
#### New Contributors
- [@​jonjanego](https://togithub.com/jonjanego) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/671](https://togithub.com/actions/dependency-review-action/pull/671)
- [@​tgrall](https://togithub.com/tgrall) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/432](https://togithub.com/actions/dependency-review-action/pull/432)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4...v4.1.0
###
[`v4.0.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.0.0)
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0)
- Update action to Node 20 by
[@​takost](https://togithub.com/takost) in
[https://github.com/actions/dependency-review-action/pull/639](https://togithub.com/actions/dependency-review-action/pull/639)
- Dependabot updates, see the full changelog for more details.
#### New Contributors
- [@​takost](https://togithub.com/takost) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/639](https://togithub.com/actions/dependency-review-action/pull/639)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0
###
[`v3.1.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.5):
3.1.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5)
#### What's Changed
- Smaller `per_page` when requesting diff by
[@​hmaurer](https://togithub.com/hmaurer) in
[https://github.com/actions/dependency-review-action/pull/649](https://togithub.com/actions/dependency-review-action/pull/649)
- Update dependencies:
- Bump
[@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.10.0 to 6.13.1 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/630](https://togithub.com/actions/dependency-review-action/pull/630)
- Bump prettier from 3.0.3 to 3.1.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/629](https://togithub.com/actions/dependency-review-action/pull/629)
- Bump [@​types/jest](https://togithub.com/types/jest) from 29.5.8
to 29.5.11 by [@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/637](https://togithub.com/actions/dependency-review-action/pull/637)
- Bump nodemon from 3.0.1 to 3.0.2 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/636](https://togithub.com/actions/dependency-review-action/pull/636)
- Replace pip -> pypi in PURL examples by
[@​febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/638](https://togithub.com/actions/dependency-review-action/pull/638)
- Bump
[@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.12.0 to 6.15.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/644](https://togithub.com/actions/dependency-review-action/pull/644)
- Bump eslint from 8.53.0 to 8.56.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/640](https://togithub.com/actions/dependency-review-action/pull/640)
- Bump
[@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.13.1 to 6.16.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/645](https://togithub.com/actions/dependency-review-action/pull/645)
- Bump prettier from 3.1.0 to 3.1.1 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/646](https://togithub.com/actions/dependency-review-action/pull/646)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5
###
[`v3.1.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.4):
3.1.4
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.3...v3.1.4)
#### What's Changed
- Fixed a
[bug](https://togithub.com/actions/dependency-review-action/issues/618)
with severity filtering when using the `allow_ghsas` option:
[https://github.com/actions/dependency-review-action/pull/623](https://togithub.com/actions/dependency-review-action/pull/623).
- Updates dependencies:
- Bump [@​types/node](https://togithub.com/types/node) from
16.18.61 to 16.18.62 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/619](https://togithub.com/actions/dependency-review-action/pull/619)
action/pull/620
- Bump
[@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.11.0 to 6.12.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/625](https://togithub.com/actions/dependency-review-action/pull/625)
- Bump typescript from 5.2.2 to 5.3.2 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/624](https://togithub.com/actions/dependency-review-action/pull/624)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.4
###
[`v3.1.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.3):
3.1.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.2...v3.1.3)
#### What's Changed
- Fixes purl "version must be percent-encoded" by
[@​theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/617](https://togithub.com/actions/dependency-review-action/pull/617)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.3
###
[`v3.1.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.2):
3.1.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.1...v3.1.2)
#### What's Changed
- Fix a regression for setups using self-hosted runners behind HTTP
proxies:[@​febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/611](https://togithub.com/actions/dependency-review-action/pull/611)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.2
###
[`v3.1.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.1):
3.1.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1)
#### What's Changed
- Update a bunch of dependencies, including major version upgrades for
`octokit`, `@actions/github` and `typescript`.
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1
###
[`v3.1.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.0):
3.1.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.8...v3.1.0)
#### What's New
Added support for dependencies submitted through the [dependency
submission
API](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#best-practices-for-using-the-dependency-review-api-and-the-dependency-submission-api-together).
This includes two new configuration parameters:
`retry-on-snapshot-warnings` and `retry-on-snapshot-warnings-timeout`.
#### What's Changed
- Fix(docs): Correct action input name by
[@​oerd](https://togithub.com/oerd) in
[https://github.com/actions/dependency-review-action/pull/551](https://togithub.com/actions/dependency-review-action/pull/551)
#### New Contributors
- [@​oerd](https://togithub.com/oerd) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/551](https://togithub.com/actions/dependency-review-action/pull/551)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.0
###
[`v3.0.8`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.8):
3.0.8
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.7...v3.0.8)
#### What's Changed
Added `on-failure` option to `comment-summary-in-pr` setting by
[@​sgmurphy](https://togithub.com/sgmurphy) in
[https://github.com/actions/dependency-review-action/pull/540](https://togithub.com/actions/dependency-review-action/pull/540)
Previous configuration files using `true`/`false` for
`comment-summary-in-pr` will be mapped automatically to the new values,
but we encourage you to update to `always`/`on-failure`/`never`.
#### New Contributors
- [@​sgmurphy](https://togithub.com/sgmurphy) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/540](https://togithub.com/actions/dependency-review-action/pull/540)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.8
###
[`v3.0.7`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.7):
3.0.7
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.6...v3.0.7)
#### What's Changed
- Make GHES support / setup more clear by
[@​rajbos](https://togithub.com/rajbos) in
[https://github.com/actions/dependency-review-action/pull/534](https://togithub.com/actions/dependency-review-action/pull/534)
- Add an option to deny packages or groups of packages by
[@​adrienpessu](https://togithub.com/adrienpessu) in
[https://github.com/actions/dependency-review-action/pull/544](https://togithub.com/actions/dependency-review-action/pull/544)
#### New Contributors
- [@​rajbos](https://togithub.com/rajbos) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/534](https://togithub.com/actions/dependency-review-action/pull/534)
- [@​adrienpessu](https://togithub.com/adrienpessu) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/544](https://togithub.com/actions/dependency-review-action/pull/544)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.7
###
[`v3.0.6`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.6):
3.0.6
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.5...v3.0.6)
Fixes a bug introduced in 3.0.5 where we raised PURL errors when
Dependency Graph returns an empty `package_url`.
###
[`v3.0.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.5):
3.0.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.4...v3.0.5)
#### What's Changed
Thanks to [@​theztefan](https://togithub.com/theztefan), we now
have a new `allow-dependencies-licenses` option that takes a list of
dependencies that will be excluded from license checks. See the
[configuration
options](https://togithub.com/actions/dependency-review-action#configuration-options)
for more information on how to use it.
- Exclude dependencies from license checks by
[@​theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
- Documentation examples by
[@​theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
- Show snapshot warnings in the summary by
[@​juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/439](https://togithub.com/actions/dependency-review-action/pull/439)
- Fix default values for fail-on-severity by
[@​febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/451](https://togithub.com/actions/dependency-review-action/pull/451)
- Updated dependencies.
#### New Contributors
- [@​juxtin](https://togithub.com/juxtin) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/439](https://togithub.com/actions/dependency-review-action/pull/439)
- [@​theztefan](https://togithub.com/theztefan) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.5
###
[`v3.0.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.4):
3.0.4
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.3...v3.0.4)
#### What's New?
The Action can now publish a comment in the pull request if the
`comment-summary-in-pr` option is set. More information can be found in
the
[README](https://togithub.com/actions/dependency-review-action#configuration-options).
#### New Contributors
- [@​davelosert](https://togithub.com/davelosert) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/393](https://togithub.com/actions/dependency-review-action/pull/393)
#### Changelog
- Write Summary as comment to the pull request by
[@​davelosert](https://togithub.com/davelosert) in
[https://github.com/actions/dependency-review-action/pull/393](https://togithub.com/actions/dependency-review-action/pull/393)
- Adjust summary format by
[@​davelosert](https://togithub.com/davelosert) in
[https://github.com/actions/dependency-review-action/pull/416](https://togithub.com/actions/dependency-review-action/pull/416)
- Security updates.
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.4
###
[`v3.0.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.3):
3.0.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.2...v3.0.3)
#### What's Changed
- Use cache in check-dist.yml by
[@​jongwooo](https://togithub.com/jongwooo) in
[https://github.com/actions/dependency-review-action/pull/359](https://togithub.com/actions/dependency-review-action/pull/359)
- Fix Dependency Review API response error handling by
[@​felickz](https://togithub.com/felickz) in
[https://github.com/actions/dependency-review-action/pull/370](https://togithub.com/actions/dependency-review-action/pull/370)
- Security updates
#### New Contributors
- [@​jongwooo](https://togithub.com/jongwooo) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/359](https://togithub.com/actions/dependency-review-action/pull/359)
- [@​felickz](https://togithub.com/felickz) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/370](https://togithub.com/actions/dependency-review-action/pull/370)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.3
###
[`v3.0.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.2):
3.0.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.1...v3.0.2)
This release fixes spelling errors
[https://github.com/actions/dependency-review-action/pull/348](https://togithub.com/actions/dependency-review-action/pull/348)
and upgrades dependencies to fix known vulnerabilities
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.2
###
[`v3.0.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.1):
3.0.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.0...v3.0.1)
This release contains the following bugfixes:
- Fixing API URL for GHES:
[https://github.com/actions/dependency-review-action/pull/331](https://togithub.com/actions/dependency-review-action/pull/331)
- Improve list handling for external config files:
[https://github.com/actions/dependency-review-action/pull/330](https://togithub.com/actions/dependency-review-action/pull/330)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.1
###
[`v3.0.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.0):
3.0.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v2.5.1...v3.0.0)
#### Breaking Changes
By default the action now expects [SPDX-compliant
licenses](https://spdx.org/licenses/) everywhere. If you were previously
using license names in the allow or deny lists make sure they're valid!
#### What's Changed
##### Support for external configuration files
You can now specify a [configuration file external to your
repository](https://togithub.com/actions/dependency-review-action/#configuration-file).
This allows organizations to have a single configuration file for all
their repos.
##### Broader license support
We've added support for a much broader set of project licenses by using
GitHub's [Licenses API](https://docs.github.com/en/rest/licenses).
##### SPDX Compliance
All of our license-related code now expects [SPDX-compliant licenses or
expressions](https://spdx.org/licenses/). This allows us to standardize
on a license naming scheme that already supports `OR`/`AND` expressions.
##### Disable individual checks
You can now use the boolean options `license-check` and
`vulnerability-check` to disable either one of the checks. More
information in [our configuration
options](https://togithub.com/actions/dependency-review-action/#configuration-options).
#### Thanks
Contributors for this release include:
- [@​cnagadya](https://togithub.com/cnagadya)
- [@​courtneycl](https://togithub.com/courtneycl)
- [@​ericcornelissen](https://togithub.com/ericcornelissen)
- [@​elireisman](https://togithub.com/elireisman)
- [@​hmaurer](https://togithub.com/hmaurer)
Thanks everyone!
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v2...v3.0.0
</details>
<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>
###
[`v4.3.1`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.1)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.0...v4.3.1)
- Bump
[@​actions/artifacts](https://togithub.com/actions/artifacts) to
latest version to include [updated GHES host
check](https://togithub.com/actions/toolkit/pull/1648)
###
[`v4.3.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.2.0...v4.3.0)
##### What's Changed
- Reorganize upload code in prep for merge logic & add more tests by
[@​robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/504](https://togithub.com/actions/upload-artifact/pull/504)
- Add sub-action to merge artifacts by
[@​robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/505](https://togithub.com/actions/upload-artifact/pull/505)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.3.0
###
[`v4.2.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.2.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.1.0...v4.2.0)
##### What's Changed
- Ability to overwrite an Artifact by
[@​robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/501](https://togithub.com/actions/upload-artifact/pull/501)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.2.0
###
[`v4.1.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.1.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.0.0...v4.1.0)
#### What's Changed
- Add migrations docs by
[@​robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/482](https://togithub.com/actions/upload-artifact/pull/482)
- Update README.md by
[@​samuelwine](https://togithub.com/samuelwine) in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
- Support artifact-url output by
[@​konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/496](https://togithub.com/actions/upload-artifact/pull/496)
- Update readme to reflect new 500 artifact per job limit by
[@​robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/497](https://togithub.com/actions/upload-artifact/pull/497)
#### New Contributors
- [@​samuelwine](https://togithub.com/samuelwine) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.1.0
</details>
<details>
<summary>defenseunicorns/uds-common
(defenseunicorns/uds-common)</summary>
###
[`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.8...v0.3.9)
##### Miscellaneous
- fix missing keys in setup actions
([#​93](https://togithub.com/defenseunicorns/uds-common/issues/93))
([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a))
###
[`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.7...v0.3.8)
##### Miscellaneous
- add upgrade tests to common
([#​91](https://togithub.com/defenseunicorns/uds-common/issues/91))
([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d))
- **deps:** update dependency defenseunicorns/uds-cli to v0.10.1
([#​84](https://togithub.com/defenseunicorns/uds-common/issues/84))
([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7))
- **deps:** update dependency defenseunicorns/uds-core to v0.17.0
([#​83](https://togithub.com/defenseunicorns/uds-common/issues/83))
([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c))
- **deps:** update uds common package dependencies to v6.6.1
([#​92](https://togithub.com/defenseunicorns/uds-common/issues/92))
([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3))
- update registry login to happen in the common env setup action
([#​88](https://togithub.com/defenseunicorns/uds-common/issues/88))
([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae))
###
[`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.6...v0.3.7)
##### Miscellaneous
- remove schedule on renovate
([#​85](https://togithub.com/defenseunicorns/uds-common/issues/85))
([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27))
- update k3d-core-istio-dev to k3d-core-slim-dev
([#​86](https://togithub.com/defenseunicorns/uds-common/issues/86))
([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493))
###
[`v0.3.6`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.6)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.5...v0.3.6)
##### Miscellaneous
- hotfix the spoof containing a dash in the input and add a publish step
([#​81](https://togithub.com/defenseunicorns/uds-common/issues/81))
([f9c7aac](https://togithub.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39))
###
[`v0.3.5`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.5)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.4...v0.3.5)
##### Miscellaneous
- fix spoof to not include a dash
([#​79](https://togithub.com/defenseunicorns/uds-common/issues/79))
([5d1738b](https://togithub.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb))
###
[`v0.3.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.4)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.3...v0.3.4)
##### Miscellaneous
- add the ability to spoof to common
([#​77](https://togithub.com/defenseunicorns/uds-common/issues/77))
([49634e1](https://togithub.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38))
- **deps:** update dependency defenseunicorns/uds-core to v0.16.1
([#​72](https://togithub.com/defenseunicorns/uds-common/issues/72))
([32d1ad6](https://togithub.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855))
</details>
<details>
<summary>defenseunicorns/uds-common-tasks
(defenseunicorns/uds-common-tasks)</summary>
###
[`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.8...v0.3.9)
##### Miscellaneous
- fix missing keys in setup actions
([#​93](https://togithub.com/defenseunicorns/uds-common/issues/93))
([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a))
###
[`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.7...v0.3.8)
##### Miscellaneous
- add upgrade tests to common
([#​91](https://togithub.com/defenseunicorns/uds-common/issues/91))
([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d))
- **deps:** update dependency defenseunicorns/uds-cli to v0.10.1
([#​84](https://togithub.com/defenseunicorns/uds-common/issues/84))
([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7))
- **deps:** update dependency defenseunicorns/uds-core to v0.17.0
([#​83](https://togithub.com/defenseunicorns/uds-common/issues/83))
([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c))
- **deps:** update uds common package dependencies to v6.6.1
([#​92](https://togithub.com/defenseunicorns/uds-common/issues/92))
([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3))
- update registry login to happen in the common env setup action
([#​88](https://togithub.com/defenseunicorns/uds-common/issues/88))
([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae))
###
[`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.6...v0.3.7)
##### Miscellaneous
- remove schedule on renovate
([#​85](https://togithub.com/defenseunicorns/uds-common/issues/85))
([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27))
- update k3d-core-istio-dev to k3d-core-slim-dev
([#​86](https://togithub.com/defenseunicorns/uds-common/issues/86))
([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493))
###
[`v0.3.6`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.6)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.5...v0.3.6)
##### Miscellaneous
- hotfix the spoof containing a dash in the input and add a publish step
([#​81](https://togithub.com/defenseunicorns/uds-common/issues/81))
([f9c7aac](https://togithub.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39))
###
[`v0.3.5`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.5)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.4...v0.3.5)
##### Miscellaneous
- fix spoof to not include a dash
([#​79](https://togithub.com/defenseunicorns/uds-common/issues/79))
([5d1738b](https://togithub.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb))
###
[`v0.3.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.4)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.3...v0.3.4)
##### Miscellaneous
- add the ability to spoof to common
([#​77](https://togithub.com/defenseunicorns/uds-common/issues/77))
([49634e1](https://togithub.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38))
- **deps:** update dependency defenseunicorns/uds-core to v0.16.1
([#​72](https://togithub.com/defenseunicorns/uds-common/issues/72))
([32d1ad6](https://togithub.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855))
</details>
<details>
<summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary>
###
[`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6)
##### \[0.32.6] - 2024-03-22
> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@​Noxsios](https://togithub.com/Noxsios)
##### 🚀 Features
- \[**ALPHA**] feat: package generation ALPHA by
[@​andrewg-xyz](https://togithub.com/andrewg-xyz) in
[#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269)
- *(lib)* feat(lib): configurable log file location by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380)
- \[**BREAKING**] feat!: filter package components with strategy
interface by [@​Noxsios](https://togithub.com/Noxsios) in
[#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321)
##### 🐛 Bug Fixes
- fix: refactor create stages into separate lib by
[@​lucasrod16](https://togithub.com/lucasrod16) in
[#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223)
- fix: handle registry caBundle as a multiline string by
[@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in
[#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381)
- *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and
`mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in
[#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386)
- fix: allow absolute paths for differential packages by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397)
- fix: hotfix skeleton publish by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398)
##### 🚜 Refactor
- refactor: split helpers/exec libs by
[@​Racer159](https://togithub.com/Racer159) in
[#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379)
##### 🧪 Testing
- test: data injection flake by
[@​lucasrod16](https://togithub.com/lucasrod16) in
[#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361)
##### ⚙️ Miscellaneous Tasks
- ci: add commitlint workflow and update contributing guide by
[@​lucasrod16](https://togithub.com/lucasrod16) in
[#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391)
##### 🛡️ Security
- *(release)* build: create PRs on `homebrew-tap` by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6
###
[`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5)
##### \[0.32.5] - 2024-03-11
> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@​Noxsios](https://togithub.com/Noxsios)
##### 🚀 Features
- feat: add missing vendored tool version commands by
[@​eddiezane](https://togithub.com/eddiezane) in
[#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232)
- feat: add `--why` flag for `zarf dev find-images` by
[@​waveywaves](https://togithub.com/waveywaves) in
[#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309)
- feat: set variables on find images by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282)
- feat: add configurable backoff and retries for Zarf operations by
[@​Racer159](https://togithub.com/Racer159) in
[#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345)
##### 🐛 Bug Fixes
- *(deps)*: update github.com/anchore/clio digest to
[`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by
[@​renovate](https://togithub.com/renovate)\[bot] in
[#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347)
- *(ci)*: change ECR image to docker.io image by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353)
- fix: added OCI Image Index mediaType by
[@​mdaizcorbe](https://togithub.com/mdaizcorbe) in
[#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352)
- fix: package publish progress bar frozen at zero by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367)
- *(release)* hotfix `publish` not respecting source package
architecture by [@​Noxsios](https://togithub.com/Noxsios) in
[#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376)
##### 📚 Documentation
- chore: fix spelling by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333)
- docs: formatting and grammar by
[@​beholdenkey](https://togithub.com/beholdenkey) in
[#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350)
##### ⚙️ Miscellaneous Tasks
- chore: sorted go imports by
[@​naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349)
- chore: fix bb test by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340)
- chore: update CODEOWNERS with
[@​AustinAbro321](https://togithub.com/AustinAbro321) by
[@​Racer159](https://togithub.com/Racer159) in
[#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354)
- chore: refactor and purify the OCI library within Zarf by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235)
- chore: default to temp zarf cache in e2e tests by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355)
##### 🛡️ Security
- chore: configure agent server to avoid slowloris attack by
[@​naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342)
- chore: fix implicit memory aliasing in for loop by
[@​naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341)
- *(release)*: update release workflow to use token from gh app by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368)
- *(release)*: use release environment secrets by
[@​Noxsios](https://togithub.com/Noxsios) in
[#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374)
##### First Time Contributors
- [@​eddiezane](https://togithub.com/eddiezane) made their first
contribution in
[#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232)
- [@​beholdenkey](https://togithub.com/beholdenkey) made their
first contribution in
[#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350)
- [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first
contribution in
[#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5
###
[`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4)
##### What's Changed
##### Fixes
- Improve `cmd` failure messaging when no timeout or retries are given
by [@​docandrew](https://togithub.com/docandrew) in
[https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- Revert init package storageclass checks for git server and seed
registry by [@​lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311)
- Fix multi-part tarballs being mismatched sizes by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314)
- Change text template detection to check first *and* last 512 bytes by
[@​WeaponX314](https://togithub.com/WeaponX314) in
[https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310)
- Improve `zarf tools registry prune` messaging by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323)
- Add http request header timeout to mitigate stalling image push by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319)
- Allow host+subpath as the source registry for `--registry-override` in
package create by [@​waveywaves](https://togithub.com/waveywaves)
in
[https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
##### Dependencies
- Update github.com/anchore/clio digest to
[`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294),
[https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297)
and
[https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300)
- **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307)
and
[https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329)
- Update actions/checkout action to v4 by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317)
- Update actions/dependency-review-action action to v4 by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318)
##### Docs
- Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024
goals by [@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305)
##### Development
- Included Dependency Review action for PR reviews by
[@​naveensrinivasan](https://togithub.com/naveensrinivasan) in
[https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- Resolve CodeQL linting issues across Zarf by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322)
##### New Contributors
- [@​docandrew](https://togithub.com/docandrew) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- [@​waveywaves](https://togithub.com/waveywaves) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4
###
[`v0.32.3`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.3)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3)
##### What's Changed
##### Fixes
- Properly handle panic that could occur during checksum validation by
[@​mjnagel](https://togithub.com/mjnagel) in
[https://github.com/defenseunicorns/zarf/pull/2262](https://togithub.com/defenseunicorns/zarf/pull/2262)
- Add the `--key` flag to the init cmd to properly allow for signed init
packages by [@​dgershman](https://togithub.com/dgershman) in
[https://github.com/defenseunicorns/zarf/pull/2259](https://togithub.com/defenseunicorns/zarf/pull/2259)
- Restore destroy script functionality during `zarf destroy` by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2274](https://togithub.com/defenseunicorns/zarf/pull/2274)
- Fix symlink inclusion within component resources by
[@​dgershman](https://togithub.com/dgershman) in
[https://github.com/defenseunicorns/zarf/pull/2256](https://togithub.com/defenseunicorns/zarf/pull/2256)
- Use memory friendly file split logic for partial packages by
[@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) in
[https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264)
- Fix reproducible tarball creation on Windows systems by
[@​Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2293](https://togithub.com/defenseunicorns/zarf/pull/2293)
##### Docs
- Make branding more consistent and add community meetup references to
docs by [@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2258](https://togithub.com/defenseunicorns/zarf/pull/2258)
##### Dependencies
- Update github.com/anchore/clio digest by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2277](https://togithub.com/defenseunicorns/zarf/pull/2277)
and
[https://github.com/defenseunicorns/zarf/pull/2283](https://togithub.com/defenseunicorns/zarf/pull/2283)
- Update all non-major dependencies (including Gitea v1.21.5, Syft
v0.100.0, K9s v0.31.7 and Crane v0.19.0) by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2187](https://togithub.com/defenseunicorns/zarf/pull/2187)
##### Development
- Add a more robust chart search regexManager by
[@​Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2278](https://togithub.com/defenseunicorns/zarf/pull/2278)
and
[https://github.com/defenseunicorns/zarf/pull/2284](https://togithub.com/defenseunicorns/zarf/pull/2284)
- Partial refactor of injector logic in `k8s`, and `cluster` packages by
[@​chrishorton](https://togithub.com/chrishorton) in
[https://github.com/defenseunicorns/zarf/pull/2271](https://togithub.com/defenseunicorns/zarf/pull/2271)
##### New Contributors
- [@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3
###
[`v0.32.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.2)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2)
#### What's Changed
#### Features
- Support authenticated Helm repositories that have been configured with
`helm repo add` by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2196](https://togithub.com/defenseunicorns/zarf/pull/2196)
- Verify that the specified storage class exists during `zarf init` by
[@​lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2180](https://togithub.com/defenseunicorns/zarf/pull/2180)
- Check for available node resources before building injector pod by
[@​chrishorton](https://togithub.com/chrishorton) in
[https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220)
- Officially support yaml extensions within the `zarf.yaml` using `x-`
keys by [@​AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2217](https://togithub.com/defenseunicorns/zarf/pull/2217)
#### Fixes
- Fix the inclusion of helm sub commands when rendering `zarf tools
help` by [@​jbrewer3](https://togithub.com/jbrewer3) in
[https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216)
#### Docs
- Fix typos in the extension `README.md` by
[@​mjnagel](https://togithub.com/mjnagel) in
[https://github.com/defenseunicorns/zarf/pull/2227](https://togithub.com/defenseunicorns/zarf/pull/2227)
- Fix a small grammatical error in the base `README.md` by
[@​cmwylie19](https://togithub.com/cmwylie19) in
[https://github.com/defenseunicorns/zarf/pull/2219](https://togithub.com/defenseunicorns/zarf/pull/2219)
#### Dependencies
- Update github.com/anchore/clio digest to
[`89e2fe8`](https://togithub.com/defenseunicorns/zarf/commit/89e2fe8) by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2214](https://togithub.com/defenseunicorns/zarf/pull/2214)
- Update github.com/anchore/clio digest to
[`a5e93b6`](https://togithub.com/defenseunicorns/zarf/commit/a5e93b6) by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2229](https://togithub.com/defenseunicorns/zarf/pull/2229)
- Update github.com/anchore/stereoscope digest to
[`eb656fc`](https://togithub.com/defenseunicorns/zarf/commit/eb656fc) by
[@​renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2230](https://togithub.com/defenseunicorns/zarf/pull/2230)
#### Development
- Remove workflow for automatically adding issues to the zarf project by
[@​YrrepNoj](https://togithub.com/YrrepNoj) in
[https://github.com/defenseunicorns/zarf/pull/2239](https://togithub.com/defenseunicorns/zarf/pull/2239)
- Delete unnecessary waitgroup from concurrencyTools by
[@​AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2244](https://togithub.com/defenseunicorns/zarf/pull/2244)
- Update `NewOrasRemote` to take `ocispec.Platform` as an argument by
[@​decleaver](https://togithub.com/decleaver) in
[https://github.com/defenseunicorns/zarf/pull/2241](https://togithub.com/defenseunicorns/zarf/pull/2241)
#### New Contributors
- [@​jbrewer3](https://togithub.com/jbrewer3) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216)
- [@​chrishorton](https://togithub.com/chrishorton) made their
first contribution in
[https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2
###
[`v0.32.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Wayne Starr <me@racer159.com>
Racer159
pushed a commit
to defenseunicorns/uds-package-postgres-operator
that referenced
this pull request
Mar 29, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | minor | `v4.0.0` -> `v4.3.1` | | [defenseunicorns/uds-cli](https://togithub.com/defenseunicorns/uds-cli) | | minor | `v0.9.2` -> `v0.10.1` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.32.3` -> `v0.32.6` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.22.12` -> `v3.24.9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.1`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.1) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.0...v4.3.1) - Bump [@​actions/artifacts](https://togithub.com/actions/artifacts) to latest version to include [updated GHES host check](https://togithub.com/actions/toolkit/pull/1648) ### [`v4.3.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.2.0...v4.3.0) ##### What's Changed - Reorganize upload code in prep for merge logic & add more tests by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#504 - Add sub-action to merge artifacts by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#505 **Full Changelog**: actions/upload-artifact@v4...v4.3.0 ### [`v4.2.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.2.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.1.0...v4.2.0) ##### What's Changed - Ability to overwrite an Artifact by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#501 **Full Changelog**: actions/upload-artifact@v4...v4.2.0 ### [`v4.1.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.1.0) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.0.0...v4.1.0) #### What's Changed - Add migrations docs by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#482 - Update README.md by [@​samuelwine](https://togithub.com/samuelwine) in [actions/upload-artifact#492 - Support artifact-url output by [@​konradpabjan](https://togithub.com/konradpabjan) in [actions/upload-artifact#496 - Update readme to reflect new 500 artifact per job limit by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#497 #### New Contributors - [@​samuelwine](https://togithub.com/samuelwine) made their first contribution in [actions/upload-artifact#492 **Full Changelog**: actions/upload-artifact@v4...v4.1.0 </details> <details> <summary>defenseunicorns/uds-cli (defenseunicorns/uds-cli)</summary> ### [`v0.10.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.1) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.0...v0.10.1) ##### What's Changed - chore(deps): update anchore/sbom-action action to v0.15.10 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#526 - fix(deps): update module github.com/charmbracelet/lipgloss to v0.10.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#525 - fix(deps): update module github.com/charmbracelet/bubbles to v0.18.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#524 - fix(deps): update golang.org/x/exp digest to [`a685a6e`](https://togithub.com/defenseunicorns/uds-cli/commit/a685a6e) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#522 - fix(deps): update module oras.land/oras-go/v2 to v2.5.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#520 - fix: err when deploying with BubbleTea with no cluster by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#527 **Full Changelog**: defenseunicorns/uds-cli@v0.10.0...v0.10.1 ### [`v0.10.0`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.10.0) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.4...v0.10.0) ##### What's Changed - chore: update uds to zarf v0.32.5 by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#511 - chore(deps): update github/codeql-action action to v3.24.8 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#512 - fix(deps): update golang.org/x/exp digest to [`a85f2c6`](https://togithub.com/defenseunicorns/uds-cli/commit/a85f2c6) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#510 - feat: adds --set to helm override vars by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#515 - fix: vendored in zarf version tag by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#518 - chore(deps): update github/codeql-action action to v3.24.9 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#519 - feat: beautiful TUI round 3 by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#509 **Full Changelog**: defenseunicorns/uds-cli@v0.9.4...v0.10.0 ### [`v0.9.4`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.4) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.3...v0.9.4) ##### What's Changed - fix: error when removing bundles with short names by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#490 - fix(deps): update module github.com/stretchr/testify to v1.9.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#484 - chore: enhance development workflow with unified linting and tool by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/uds-cli#472 - fix: add a wait to the registry startup during tests by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#499 - fix: ensure manifest config is included with pulls by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#503 - fix: autocomplete and vendor refactor by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#502 - chore(deps): update docker/setup-buildx-action action to v3.2.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#508 - chore(deps): update docker/login-action action to v3.1.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#504 - chore(deps): update github/codeql-action action to v3.24.7 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#501 - fix(deps): update module helm.sh/helm/v3 to v3.14.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#507 - fix: pass UDS_ARCHITECTURE to runner by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#506 - chore(deps): update anchore/sbom-action action to v0.15.9 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#489 **Full Changelog**: defenseunicorns/uds-cli@v0.9.3...v0.9.4 ### [`v0.9.3`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.3) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.2...v0.9.3) ##### What's Changed - fix: toctou for files by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/uds-cli#443 - fix: path traversal bug by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/uds-cli#454 - fix: updates Zarf version in README by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#460 - chore: fixed the dangerous workflow by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/uds-cli#465 - chore(deps): update docker/setup-buildx-action action to v3.1.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#470 - chore(deps): update actions/download-artifact action to v4.1.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#467 - chore(deps): update github/codeql-action action to v3.24.5 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#457 - fix(deps): update golang.org/x/exp digest to [`814bf88`](https://togithub.com/defenseunicorns/uds-cli/commit/814bf88) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#456 - fix: refactors tests and fixes bugs by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#464 - chore(deps): update podinfo to v6.6.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#462 - chore(deps): update zarf to v0.32.4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#468 - chore(deps): update github/codeql-action action to v3.24.6 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#482 - chore: refactor pull operation by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#473 - chore: add UDS Core smoke test by [@​justin-o12](https://togithub.com/justin-o12) in [defenseunicorns/uds-cli#474 - fix: adds better err messaging when remote fails to resolve by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#486 - chore(deps): update actions/download-artifact action to v4.1.4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#485 - fix(deps): update module golang.org/x/mod to v0.16.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#487 - chore: vendor runner by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#481 - fix: adds k3d to smoke test by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#488 ##### New Contributors - [@​justin-o12](https://togithub.com/justin-o12) made their first contribution in [defenseunicorns/uds-cli#474 **Full Changelog**: defenseunicorns/uds-cli@v0.9.2...v0.9.3 </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) ##### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: defenseunicorns/zarf@v0.32.5...v0.32.6 ### [`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) ##### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://togithub.com/eddiezane) in [#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://togithub.com/waveywaves) in [#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://togithub.com/Racer159) in [#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://togithub.com/renovate)\[bot] in [#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://togithub.com/mdaizcorbe) in [#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://togithub.com/Noxsios) in [#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://togithub.com/Noxsios) in [#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://togithub.com/beholdenkey) in [#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://togithub.com/AustinAbro321) by [@​Racer159](https://togithub.com/Racer159) in [#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://togithub.com/Noxsios) in [#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://togithub.com/Noxsios) in [#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374) ##### First Time Contributors - [@​eddiezane](https://togithub.com/eddiezane) made their first contribution in [#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://togithub.com/beholdenkey) made their first contribution in [#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first contribution in [#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: defenseunicorns/zarf@v0.32.4...v0.32.5 ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) ##### What's Changed ##### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [defenseunicorns/zarf#2301 - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2311 - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2314 - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [defenseunicorns/zarf#2310 - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2323 - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2319 - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [defenseunicorns/zarf#2306 ##### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2294, [defenseunicorns/zarf#2297 and [defenseunicorns/zarf#2300 - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2307 and [defenseunicorns/zarf#2329 - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2317 - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2318 ##### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2305 ##### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/zarf#2298 - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2322 ##### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [defenseunicorns/zarf#2301 - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [defenseunicorns/zarf#2298 - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [defenseunicorns/zarf#2306 **Full Changelog**: defenseunicorns/zarf@v0.32.3...v0.32.4 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.24.9`](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) ### [`v3.24.8`](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) ### [`v3.24.7`](https://togithub.com/github/codeql-action/compare/v3.24.6...v3.24.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.6...v3.24.7) ### [`v3.24.6`](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6) ### [`v3.24.5`](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5) ### [`v3.24.4`](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4) ### [`v3.24.3`](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3) ### [`v3.24.2`](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2) ### [`v3.24.1`](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1) ### [`v3.24.0`](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0) ### [`v3.23.2`](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2) ### [`v3.23.1`](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1) ### [`v3.23.0`](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-postgres-operator). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.5.1->v4.1.3Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/dependency-review-action (actions/dependency-review-action)
v4.1.3: 4.1.3Compare Source
Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see https://github.com/actions/dependency-review-action/issues/697).
Full Changelog: actions/dependency-review-action@v4.1.2...v4.1.3
v4.1.2: 4.1.2Compare Source
What's Changed
Full Changelog: actions/dependency-review-action@v4.1.1...v4.1.2
v4.1.1: 4.1.1Compare Source
What's Changed
undicito fix GHSA-wqq4-5wpv-mx2gFull Changelog: actions/dependency-review-action@v4.1.0...v4.1.1
v4.1.0: 4.1.0Compare Source
What's Changed
warn-onlyby @tgrall in https://github.com/actions/dependency-review-action/pull/432Added a new configuration option (
warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.New Contributors
Full Changelog: actions/dependency-review-action@v4...v4.1.0
v4.0.0Compare Source
New Contributors
Full Changelog: actions/dependency-review-action@v3.1.5...v4.0.0
v3.1.5: 3.1.5Compare Source
What's Changed
per_pagewhen requesting diff by @hmaurer in https://github.com/actions/dependency-review-action/pull/649Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5
v3.1.4: 3.1.4Compare Source
What's Changed
Fixed a bug with severity filtering when using the
allow_ghsasoption: https://github.com/actions/dependency-review-action/pull/623.Updates dependencies:
action/pull/620
Full Changelog: actions/dependency-review-action@v3...v3.1.4
v3.1.3: 3.1.3Compare Source
What's Changed
Full Changelog: actions/dependency-review-action@v3...v3.1.3
v3.1.2: 3.1.2Compare Source
What's Changed
Full Changelog: actions/dependency-review-action@v3...v3.1.2
v3.1.1: 3.1.1Compare Source
What's Changed
octokit,@actions/githubandtypescript.Full Changelog: actions/dependency-review-action@v3.1.0...v3.1.1
v3.1.0: 3.1.0Compare Source
What's New
Added support for dependencies submitted through the dependency submission API. This includes two new configuration parameters:
retry-on-snapshot-warningsandretry-on-snapshot-warnings-timeout.What's Changed
New Contributors
Full Changelog: actions/dependency-review-action@v3...v3.1.0
v3.0.8: 3.0.8Compare Source
What's Changed
Added
on-failureoption tocomment-summary-in-prsetting by @sgmurphy in https://github.com/actions/dependency-review-action/pull/540Previous configuration files using
true/falseforcomment-summary-in-prwill be mapped automatically to the new values, but we encourage you to update toalways/on-failure/never.New Contributors
Full Changelog: actions/dependency-review-action@v3...v3.0.8
v3.0.7: 3.0.7Compare Source
What's Changed
New Contributors
Full Changelog: actions/dependency-review-action@v3...v3.0.7
v3.0.6: 3.0.6Compare Source
Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty
package_url.v3.0.5: 3.0.5Compare Source
What's Changed
Thanks to @theztefan, we now have a new
allow-dependencies-licensesoption that takes a list of dependencies that will be excluded from license checks. See the configuration options for more information on how to use it.New Contributors
Full Changelog: actions/dependency-review-action@v3...v3.0.5
v3.0.4: 3.0.4Compare Source
What's New?
The Action can now publish a comment in the pull request if the
comment-summary-in-proption is set. More information can be found in the README.New Contributors
Changelog
Full Changelog: actions/dependency-review-action@v3...v3.0.4
v3.0.3: 3.0.3Compare Source
What's Changed
New Contributors
Full Changelog: actions/dependency-review-action@v3...v3.0.3
v3.0.2: 3.0.2Compare Source
This release fixes spelling errors https://github.com/actions/dependency-review-action/pull/348 and upgrades dependencies to fix known vulnerabilities
Full Changelog: actions/dependency-review-action@v3...v3.0.2
v3.0.1: 3.0.1Compare Source
This release contains the following bugfixes:
Full Changelog: actions/dependency-review-action@v3...v3.0.1
v3.0.0: 3.0.0Compare Source
Breaking Changes
By default the action now expects SPDX-compliant licenses everywhere. If you were previously using license names in the allow or deny lists make sure they're valid!
What's Changed
Support for external configuration files
You can now specify a configuration file external to your repository. This allows organizations to have a single configuration file for all their repos.
Broader license support
We've added support for a much broader set of project licenses by using GitHub's Licenses API.
SPDX Compliance
All of our license-related code now expects SPDX-compliant licenses or expressions. This allows us to standardize on a license naming scheme that already supports
OR/ANDexpressions.Disable individual checks
You can now use the boolean options
license-checkandvulnerability-checkto disable either one of the checks. More information in our configuration options.Thanks
Contributors for this release include:
Thanks everyone!
Full Changelog: actions/dependency-review-action@v2...v3.0.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.