ci: compare cves to main #2448
Merged
ci: compare cves to main #2448
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AustinAbro321
requested review from
jeff-mccoy,
Racer159,
Noxsios and
lucasrod16
as code owners
✅ Deploy Preview for zarf-docs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
Here is a run of this, added |
lucasrod16
approved these changes
Apr 24, 2024
mjnagel
referenced
this pull request
in defenseunicorns/uds-core
Apr 29, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | patch | `v0.33.0` -> `v0.33.1` | --- ### Release Notes <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
referenced
this pull request
in defenseunicorns/uds-package-gitlab
Apr 30, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.4` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.33.0` -> `v0.33.1` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.0` -> `v3.25.3` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.301.6` -> `37.329.0` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.0`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.0) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.11...v0.4.0) ##### Features - adds renovate to sh files ([#​110](https://togithub.com/defenseunicorns/uds-common/issues/110)) ([b604d2e](https://togithub.com/defenseunicorns/uds-common/commit/b604d2e1b3fc69f29122f9a709c605f5ecf4da18)) ##### Miscellaneous - add a default to setup to create an admin keycloak user ([#​111](https://togithub.com/defenseunicorns/uds-common/issues/111)) ([7fe0dd4](https://togithub.com/defenseunicorns/uds-common/commit/7fe0dd49a9b7032f9c06a83c5a1c6adbb17e8d63)) - **deps:** update uds common support dependencies ([#​106](https://togithub.com/defenseunicorns/uds-common/issues/106)) ([ab06724](https://togithub.com/defenseunicorns/uds-common/commit/ab067245249e63065d2c266fe3b1a45b155e9de2)) - fix the extract version template for env vars ([#​115](https://togithub.com/defenseunicorns/uds-common/issues/115)) ([72d5d26](https://togithub.com/defenseunicorns/uds-common/commit/72d5d263ce850eac20728eb9330c7b3e26143a2b)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.329.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.329.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.327.2...37.329.0) See https://github.com/renovatebot/renovate/releases/tag/37.329.0 for more changes ### [`v37.327.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.327.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.3...37.327.2) See https://github.com/renovatebot/renovate/releases/tag/37.327.2 for more changes ### [`v37.326.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.2...37.326.3) See https://github.com/renovatebot/renovate/releases/tag/37.326.3 for more changes ### [`v37.326.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.1...37.326.2) See https://github.com/renovatebot/renovate/releases/tag/37.326.2 for more changes ### [`v37.326.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.0...37.326.1) See https://github.com/renovatebot/renovate/releases/tag/37.326.1 for more changes ### [`v37.326.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.1...37.326.0) See https://github.com/renovatebot/renovate/releases/tag/37.326.0 for more changes ### [`v37.325.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.0...37.325.1) See https://github.com/renovatebot/renovate/releases/tag/37.325.1 for more changes ### [`v37.325.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.2...37.325.0) See https://github.com/renovatebot/renovate/releases/tag/37.325.0 for more changes ### [`v37.324.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.1...37.324.2) See https://github.com/renovatebot/renovate/releases/tag/37.324.2 for more changes ### [`v37.324.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.0...37.324.1) See https://github.com/renovatebot/renovate/releases/tag/37.324.1 for more changes ### [`v37.324.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.3...37.324.0) See https://github.com/renovatebot/renovate/releases/tag/37.324.0 for more changes ### [`v37.323.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.1...37.323.3) See https://github.com/renovatebot/renovate/releases/tag/37.323.3 for more changes ### [`v37.323.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.322.2...37.323.1) See https://github.com/renovatebot/renovate/releases/tag/37.323.1 for more changes ### [`v37.322.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.322.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.2...37.322.2) See https://github.com/renovatebot/renovate/releases/tag/37.322.2 for more changes ### [`v37.321.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.1...37.321.2) See https://github.com/renovatebot/renovate/releases/tag/37.321.2 for more changes ### [`v37.321.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.0...37.321.1) See https://github.com/renovatebot/renovate/releases/tag/37.321.1 for more changes ### [`v37.321.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.1...37.321.0) See https://github.com/renovatebot/renovate/releases/tag/37.321.0 for more changes ### [`v37.320.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.0...37.320.1) See https://github.com/renovatebot/renovate/releases/tag/37.320.1 for more changes ### [`v37.320.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.2...37.320.0) See https://github.com/renovatebot/renovate/releases/tag/37.320.0 for more changes ### [`v37.319.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.1...37.319.2) See https://github.com/renovatebot/renovate/releases/tag/37.319.2 for more changes ### [`v37.319.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.0...37.319.1) See https://github.com/renovatebot/renovate/releases/tag/37.319.1 for more changes ### [`v37.319.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.1...37.319.0) See https://github.com/renovatebot/renovate/releases/tag/37.319.0 for more changes ### [`v37.318.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.0...37.318.1) See https://github.com/renovatebot/renovate/releases/tag/37.318.1 for more changes ### [`v37.318.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.2...37.318.0) See https://github.com/renovatebot/renovate/releases/tag/37.318.0 for more changes ### [`v37.316.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.0...37.316.2) See https://github.com/renovatebot/renovate/releases/tag/37.316.2 for more changes ### [`v37.316.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.1...37.316.0) See https://github.com/renovatebot/renovate/releases/tag/37.316.0 for more changes ### [`v37.315.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.0...37.315.1) See https://github.com/renovatebot/renovate/releases/tag/37.315.1 for more changes ### [`v37.315.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.314.0...37.315.0) See https://github.com/renovatebot/renovate/releases/tag/37.315.0 for more changes ### [`v37.314.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.314.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.1...37.314.0) See https://github.com/renovatebot/renovate/releases/tag/37.314.0 for more changes ### [`v37.313.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.0...37.313.1) See https://github.com/renovatebot/renovate/releases/tag/37.313.1 for more changes ### [`v37.313.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.311.0...37.313.0) See https://github.com/renovatebot/renovate/releases/tag/37.313.0 for more changes ### [`v37.311.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.311.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.1...37.311.0) See https://github.com/renovatebot/renovate/releases/tag/37.311.0 for more changes ### [`v37.310.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.0...37.310.1) See https://github.com/renovatebot/renovate/releases/tag/37.310.1 for more changes ### [`v37.310.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.309.0...37.310.0) See https://github.com/renovatebot/renovate/releases/tag/37.310.0 for more changes ### [`v37.309.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.309.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.308.0...37.309.0) See https://github.com/renovatebot/renovate/releases/tag/37.309.0 for more changes ### [`v37.308.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.308.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.1...37.308.0) See https://github.com/renovatebot/renovate/releases/tag/37.308.0 for more changes ### [`v37.306.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.0...37.306.1) See https://github.com/renovatebot/renovate/releases/tag/37.306.1 for more changes ### [`v37.306.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.305.0...37.306.0) See https://github.com/renovatebot/renovate/releases/tag/37.306.0 for more changes ### [`v37.305.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.305.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.304.0...37.305.0) See https://github.com/renovatebot/renovate/releases/tag/37.305.0 for more changes ### [`v37.304.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.304.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.2...37.304.0) See https://github.com/renovatebot/renovate/releases/tag/37.304.0 for more changes ### [`v37.303.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.1...37.303.2) See https://github.com/renovatebot/renovate/releases/tag/37.303.2 for more changes ### [`v37.303.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.302.0...37.303.1) See https://github.com/renovatebot/renovate/releases/tag/37.303.1 for more changes ### [`v37.302.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.302.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.301.6...37.302.0) See https://github.com/renovatebot/renovate/releases/tag/37.302.0 for more changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-gitlab). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMDEuNCIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
referenced
this pull request
in defenseunicorns/uds-package-mattermost
Apr 30, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.4` | | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | minor | `v4.2.5` -> `v4.3.1` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.33.0` -> `v0.33.1` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.0` -> `v3.25.3` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.301.6` -> `37.329.0` | | [step-security/harden-runner](https://togithub.com/step-security/harden-runner) | action | patch | `v2.7.0` -> `v2.7.1` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.1`](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.1) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1) ### [`v4.3.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.0) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0) #### New Features - The `deny-packages` option can now be used without a version number to exclude *all* versions of a package. #### What's Changed - Fix action variable name for scorecard by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735) - Fix extra https:// in summary by [@​jhutchings1](https://togithub.com/jhutchings1) in [https://github.com/actions/dependency-review-action/pull/748](https://togithub.com/actions/dependency-review-action/pull/748) - Bump typescript from 5.3.3 to 5.4.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/744](https://togithub.com/actions/dependency-review-action/pull/744) - Bump eslint-plugin-github from 4.10.1 to 4.10.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/737](https://togithub.com/actions/dependency-review-action/pull/737) - Show denied packages with red X by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/750](https://togithub.com/actions/dependency-review-action/pull/750) - deny-packages configuration option can deny specified version or all packages by [@​febuiles](https://togithub.com/febuiles) and [@​bteng22](https://togithub.com/bteng22) in [https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733) #### New Contributors - [@​bteng22](https://togithub.com/bteng22) made their first contribution in [https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733) - [@​lukehinds](https://togithub.com/lukehinds) made their first contribution in [https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735) **Full Changelog**: actions/dependency-review-action@v4.2.5...V4.3.0 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.0`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.0) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.11...v0.4.0) ##### Features - adds renovate to sh files ([#​110](https://togithub.com/defenseunicorns/uds-common/issues/110)) ([b604d2e](https://togithub.com/defenseunicorns/uds-common/commit/b604d2e1b3fc69f29122f9a709c605f5ecf4da18)) ##### Miscellaneous - add a default to setup to create an admin keycloak user ([#​111](https://togithub.com/defenseunicorns/uds-common/issues/111)) ([7fe0dd4](https://togithub.com/defenseunicorns/uds-common/commit/7fe0dd49a9b7032f9c06a83c5a1c6adbb17e8d63)) - **deps:** update uds common support dependencies ([#​106](https://togithub.com/defenseunicorns/uds-common/issues/106)) ([ab06724](https://togithub.com/defenseunicorns/uds-common/commit/ab067245249e63065d2c266fe3b1a45b155e9de2)) - fix the extract version template for env vars ([#​115](https://togithub.com/defenseunicorns/uds-common/issues/115)) ([72d5d26](https://togithub.com/defenseunicorns/uds-common/commit/72d5d263ce850eac20728eb9330c7b3e26143a2b)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.329.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.329.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.327.2...37.329.0) See https://github.com/renovatebot/renovate/releases/tag/37.329.0 for more changes ### [`v37.327.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.327.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.3...37.327.2) See https://github.com/renovatebot/renovate/releases/tag/37.327.2 for more changes ### [`v37.326.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.2...37.326.3) See https://github.com/renovatebot/renovate/releases/tag/37.326.3 for more changes ### [`v37.326.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.1...37.326.2) See https://github.com/renovatebot/renovate/releases/tag/37.326.2 for more changes ### [`v37.326.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.0...37.326.1) See https://github.com/renovatebot/renovate/releases/tag/37.326.1 for more changes ### [`v37.326.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.1...37.326.0) See https://github.com/renovatebot/renovate/releases/tag/37.326.0 for more changes ### [`v37.325.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.0...37.325.1) See https://github.com/renovatebot/renovate/releases/tag/37.325.1 for more changes ### [`v37.325.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.2...37.325.0) See https://github.com/renovatebot/renovate/releases/tag/37.325.0 for more changes ### [`v37.324.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.1...37.324.2) See https://github.com/renovatebot/renovate/releases/tag/37.324.2 for more changes ### [`v37.324.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.0...37.324.1) See https://github.com/renovatebot/renovate/releases/tag/37.324.1 for more changes ### [`v37.324.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.3...37.324.0) See https://github.com/renovatebot/renovate/releases/tag/37.324.0 for more changes ### [`v37.323.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.1...37.323.3) See https://github.com/renovatebot/renovate/releases/tag/37.323.3 for more changes ### [`v37.323.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.322.2...37.323.1) See https://github.com/renovatebot/renovate/releases/tag/37.323.1 for more changes ### [`v37.322.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.322.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.2...37.322.2) See https://github.com/renovatebot/renovate/releases/tag/37.322.2 for more changes ### [`v37.321.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.1...37.321.2) See https://github.com/renovatebot/renovate/releases/tag/37.321.2 for more changes ### [`v37.321.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.0...37.321.1) See https://github.com/renovatebot/renovate/releases/tag/37.321.1 for more changes ### [`v37.321.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.1...37.321.0) See https://github.com/renovatebot/renovate/releases/tag/37.321.0 for more changes ### [`v37.320.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.0...37.320.1) See https://github.com/renovatebot/renovate/releases/tag/37.320.1 for more changes ### [`v37.320.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.2...37.320.0) See https://github.com/renovatebot/renovate/releases/tag/37.320.0 for more changes ### [`v37.319.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.1...37.319.2) See https://github.com/renovatebot/renovate/releases/tag/37.319.2 for more changes ### [`v37.319.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.0...37.319.1) See https://github.com/renovatebot/renovate/releases/tag/37.319.1 for more changes ### [`v37.319.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.1...37.319.0) See https://github.com/renovatebot/renovate/releases/tag/37.319.0 for more changes ### [`v37.318.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.0...37.318.1) See https://github.com/renovatebot/renovate/releases/tag/37.318.1 for more changes ### [`v37.318.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.2...37.318.0) See https://github.com/renovatebot/renovate/releases/tag/37.318.0 for more changes ### [`v37.316.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.0...37.316.2) See https://github.com/renovatebot/renovate/releases/tag/37.316.2 for more changes ### [`v37.316.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.1...37.316.0) See https://github.com/renovatebot/renovate/releases/tag/37.316.0 for more changes ### [`v37.315.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.0...37.315.1) See https://github.com/renovatebot/renovate/releases/tag/37.315.1 for more changes ### [`v37.315.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.314.0...37.315.0) See https://github.com/renovatebot/renovate/releases/tag/37.315.0 for more changes ### [`v37.314.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.314.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.1...37.314.0) See https://github.com/renovatebot/renovate/releases/tag/37.314.0 for more changes ### [`v37.313.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.0...37.313.1) See https://github.com/renovatebot/renovate/releases/tag/37.313.1 for more changes ### [`v37.313.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.311.0...37.313.0) See https://github.com/renovatebot/renovate/releases/tag/37.313.0 for more changes ### [`v37.311.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.311.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.1...37.311.0) See https://github.com/renovatebot/renovate/releases/tag/37.311.0 for more changes ### [`v37.310.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.0...37.310.1) See https://github.com/renovatebot/renovate/releases/tag/37.310.1 for more changes ### [`v37.310.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.309.0...37.310.0) See https://github.com/renovatebot/renovate/releases/tag/37.310.0 for more changes ### [`v37.309.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.309.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.308.0...37.309.0) See https://github.com/renovatebot/renovate/releases/tag/37.309.0 for more changes ### [`v37.308.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.308.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.1...37.308.0) See https://github.com/renovatebot/renovate/releases/tag/37.308.0 for more changes ### [`v37.306.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.0...37.306.1) See https://github.com/renovatebot/renovate/releases/tag/37.306.1 for more changes ### [`v37.306.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.305.0...37.306.0) See https://github.com/renovatebot/renovate/releases/tag/37.306.0 for more changes ### [`v37.305.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.305.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.304.0...37.305.0) See https://github.com/renovatebot/renovate/releases/tag/37.305.0 for more changes ### [`v37.304.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.304.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.2...37.304.0) See https://github.com/renovatebot/renovate/releases/tag/37.304.0 for more changes ### [`v37.303.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.1...37.303.2) See https://github.com/renovatebot/renovate/releases/tag/37.303.2 for more changes ### [`v37.303.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.302.0...37.303.1) See https://github.com/renovatebot/renovate/releases/tag/37.303.1 for more changes ### [`v37.302.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.302.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.301.6...37.302.0) See https://github.com/renovatebot/renovate/releases/tag/37.302.0 for more changes </details> <details> <summary>step-security/harden-runner (step-security/harden-runner)</summary> ### [`v2.7.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.0...v2.7.1) ##### What's Changed Release v2.7.1 by [@​varunsh-coder](https://togithub.com/varunsh-coder), [@​h0x0er](https://togithub.com/h0x0er), [@​ashishkurmi](https://togithub.com/ashishkurmi) in [https://github.com/step-security/harden-runner/pull/397](https://togithub.com/step-security/harden-runner/pull/397) This release: - Improves the capability to [inspect outbound HTTPS traffic](https://www.stepsecurity.io/blog/monitor-outbound-https-requests-from-github-actions-runners) on GitHub-hosted and self-hosted VM runners - Updates README to add link to [case study video](https://www.youtube.com/watch?v=Yz72qAOrN9s) on how Harden-Runner detected a supply chain attack on a Google open-source project - Addresses minor bugs **Full Changelog**: step-security/harden-runner@v2.7.0...v2.7.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMDEuNCIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
referenced
this pull request
in defenseunicorns/uds-package-sonarqube
Apr 30, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.4` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | minor | `v0.3.11` -> `v0.4.0` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.33.0` -> `v0.33.1` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.0` -> `v3.25.3` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.301.6` -> `37.329.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.0`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.0) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.11...v0.4.0) ##### Features - adds renovate to sh files ([#​110](https://togithub.com/defenseunicorns/uds-common/issues/110)) ([b604d2e](https://togithub.com/defenseunicorns/uds-common/commit/b604d2e1b3fc69f29122f9a709c605f5ecf4da18)) ##### Miscellaneous - add a default to setup to create an admin keycloak user ([#​111](https://togithub.com/defenseunicorns/uds-common/issues/111)) ([7fe0dd4](https://togithub.com/defenseunicorns/uds-common/commit/7fe0dd49a9b7032f9c06a83c5a1c6adbb17e8d63)) - **deps:** update uds common support dependencies ([#​106](https://togithub.com/defenseunicorns/uds-common/issues/106)) ([ab06724](https://togithub.com/defenseunicorns/uds-common/commit/ab067245249e63065d2c266fe3b1a45b155e9de2)) - fix the extract version template for env vars ([#​115](https://togithub.com/defenseunicorns/uds-common/issues/115)) ([72d5d26](https://togithub.com/defenseunicorns/uds-common/commit/72d5d263ce850eac20728eb9330c7b3e26143a2b)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.329.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.329.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.327.2...37.329.0) See https://github.com/renovatebot/renovate/releases/tag/37.329.0 for more changes ### [`v37.327.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.327.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.3...37.327.2) See https://github.com/renovatebot/renovate/releases/tag/37.327.2 for more changes ### [`v37.326.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.2...37.326.3) See https://github.com/renovatebot/renovate/releases/tag/37.326.3 for more changes ### [`v37.326.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.1...37.326.2) See https://github.com/renovatebot/renovate/releases/tag/37.326.2 for more changes ### [`v37.326.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.0...37.326.1) See https://github.com/renovatebot/renovate/releases/tag/37.326.1 for more changes ### [`v37.326.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.1...37.326.0) See https://github.com/renovatebot/renovate/releases/tag/37.326.0 for more changes ### [`v37.325.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.0...37.325.1) See https://github.com/renovatebot/renovate/releases/tag/37.325.1 for more changes ### [`v37.325.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.2...37.325.0) See https://github.com/renovatebot/renovate/releases/tag/37.325.0 for more changes ### [`v37.324.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.1...37.324.2) See https://github.com/renovatebot/renovate/releases/tag/37.324.2 for more changes ### [`v37.324.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.0...37.324.1) See https://github.com/renovatebot/renovate/releases/tag/37.324.1 for more changes ### [`v37.324.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.3...37.324.0) See https://github.com/renovatebot/renovate/releases/tag/37.324.0 for more changes ### [`v37.323.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.1...37.323.3) See https://github.com/renovatebot/renovate/releases/tag/37.323.3 for more changes ### [`v37.323.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.322.2...37.323.1) See https://github.com/renovatebot/renovate/releases/tag/37.323.1 for more changes ### [`v37.322.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.322.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.2...37.322.2) See https://github.com/renovatebot/renovate/releases/tag/37.322.2 for more changes ### [`v37.321.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.1...37.321.2) See https://github.com/renovatebot/renovate/releases/tag/37.321.2 for more changes ### [`v37.321.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.0...37.321.1) See https://github.com/renovatebot/renovate/releases/tag/37.321.1 for more changes ### [`v37.321.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.1...37.321.0) See https://github.com/renovatebot/renovate/releases/tag/37.321.0 for more changes ### [`v37.320.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.0...37.320.1) See https://github.com/renovatebot/renovate/releases/tag/37.320.1 for more changes ### [`v37.320.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.2...37.320.0) See https://github.com/renovatebot/renovate/releases/tag/37.320.0 for more changes ### [`v37.319.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.1...37.319.2) See https://github.com/renovatebot/renovate/releases/tag/37.319.2 for more changes ### [`v37.319.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.0...37.319.1) See https://github.com/renovatebot/renovate/releases/tag/37.319.1 for more changes ### [`v37.319.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.1...37.319.0) See https://github.com/renovatebot/renovate/releases/tag/37.319.0 for more changes ### [`v37.318.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.0...37.318.1) See https://github.com/renovatebot/renovate/releases/tag/37.318.1 for more changes ### [`v37.318.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.2...37.318.0) See https://github.com/renovatebot/renovate/releases/tag/37.318.0 for more changes ### [`v37.316.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.0...37.316.2) See https://github.com/renovatebot/renovate/releases/tag/37.316.2 for more changes ### [`v37.316.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.1...37.316.0) See https://github.com/renovatebot/renovate/releases/tag/37.316.0 for more changes ### [`v37.315.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.0...37.315.1) See https://github.com/renovatebot/renovate/releases/tag/37.315.1 for more changes ### [`v37.315.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.314.0...37.315.0) See https://github.com/renovatebot/renovate/releases/tag/37.315.0 for more changes ### [`v37.314.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.314.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.1...37.314.0) See https://github.com/renovatebot/renovate/releases/tag/37.314.0 for more changes ### [`v37.313.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.0...37.313.1) See https://github.com/renovatebot/renovate/releases/tag/37.313.1 for more changes ### [`v37.313.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.311.0...37.313.0) See https://github.com/renovatebot/renovate/releases/tag/37.313.0 for more changes ### [`v37.311.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.311.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.1...37.311.0) See https://github.com/renovatebot/renovate/releases/tag/37.311.0 for more changes ### [`v37.310.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.0...37.310.1) See https://github.com/renovatebot/renovate/releases/tag/37.310.1 for more changes ### [`v37.310.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.309.0...37.310.0) See https://github.com/renovatebot/renovate/releases/tag/37.310.0 for more changes ### [`v37.309.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.309.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.308.0...37.309.0) See https://github.com/renovatebot/renovate/releases/tag/37.309.0 for more changes ### [`v37.308.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.308.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.1...37.308.0) See https://github.com/renovatebot/renovate/releases/tag/37.308.0 for more changes ### [`v37.306.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.0...37.306.1) See https://github.com/renovatebot/renovate/releases/tag/37.306.1 for more changes ### [`v37.306.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.305.0...37.306.0) See https://github.com/renovatebot/renovate/releases/tag/37.306.0 for more changes ### [`v37.305.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.305.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.304.0...37.305.0) See https://github.com/renovatebot/renovate/releases/tag/37.305.0 for more changes ### [`v37.304.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.304.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.2...37.304.0) See https://github.com/renovatebot/renovate/releases/tag/37.304.0 for more changes ### [`v37.303.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.1...37.303.2) See https://github.com/renovatebot/renovate/releases/tag/37.303.2 for more changes ### [`v37.303.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.302.0...37.303.1) See https://github.com/renovatebot/renovate/releases/tag/37.303.1 for more changes ### [`v37.302.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.302.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.301.6...37.302.0) See https://github.com/renovatebot/renovate/releases/tag/37.302.0 for more changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-sonarqube). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMDEuNCIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
mjnagel
referenced
this pull request
in defenseunicorns/uds-core
May 10, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | minor | `v0.32.3` -> `v0.33.2` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | patch | `v0.33.1` -> `v0.33.2` | --- ### Release Notes <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463) - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466) - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424) - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476) - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475) - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456) - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478) - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474) - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481) - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483) - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482) ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) **Full Changelog**: zarf-dev/zarf@v0.33.1...v0.33.2 ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 ### [`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) #### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399) - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402) - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366) - feat(tools): add yq by [@​zachariahmiller](https://togithub.com/zachariahmiller) in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404) - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411) - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418) - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://togithub.com/bburky) in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409) - feat: add option to skip cosign lookup during find images by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427) - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403) - chore: update pull_request_template.md by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428) - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430) - feat(docs): port docs to starlight by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315) #### New Contributors - [@​zachariahmiller](https://togithub.com/zachariahmiller) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - [@​bburky](https://togithub.com/bburky) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) **Full Changelog**: zarf-dev/zarf@v0.32.6...v0.33.0 ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) #### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: zarf-dev/zarf@v0.32.5...v0.32.6 ### [`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) #### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://togithub.com/eddiezane) in [#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://togithub.com/waveywaves) in [#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://togithub.com/Racer159) in [#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://togithub.com/renovate)\[bot] in [#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://togithub.com/mdaizcorbe) in [#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://togithub.com/Noxsios) in [#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://togithub.com/Noxsios) in [#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://togithub.com/beholdenkey) in [#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://togithub.com/AustinAbro321) by [@​Racer159](https://togithub.com/Racer159) in [#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://togithub.com/Noxsios) in [#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://togithub.com/Noxsios) in [#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374) #### First Time Contributors - [@​eddiezane](https://togithub.com/eddiezane) made their first contribution in [#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://togithub.com/beholdenkey) made their first contribution in [#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first contribution in [#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: zarf-dev/zarf@v0.32.4...v0.32.5 ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) #### What's Changed #### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) #### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) #### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) #### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) #### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: zarf-dev/zarf@v0.32.3...v0.32.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
referenced
this pull request
in defenseunicorns/maru-runner
May 22, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://togithub.com/actions/create-github-app-token) | action | minor | `v1.9.0` -> `v1.10.0` | | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [anchore/sbom-action](https://togithub.com/anchore/sbom-action) | action | minor | `v0.15.11` -> `v0.16.0` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.32.5` -> `v0.33.2` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.10.0`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.0) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0) ##### Features - **`private-key`:** escaped newlines will be replaced ([#​132](https://togithub.com/actions/create-github-app-token/issues/132)) ([9d23fb9](https://togithub.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f)) ### [`v1.9.3`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.3) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3) ##### Bug Fixes - **deps:** bump undici from 6.10.2 to 6.11.1 ([#​125](https://togithub.com/actions/create-github-app-token/issues/125)) ([3c223c7](https://togithub.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)), closes [#​3024](https://togithub.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](https://togithub.com/nodejs/undici/issues/3044) [#​3023](https://togithub.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](https://togithub.com/nodejs/undici/issues/3025) [nodejs/undici#3024](https://togithub.com/nodejs/undici/issues/3024) [nodejs/undici#3034](https://togithub.com/nodejs/undici/issues/3034) [nodejs/undici#3038](https://togithub.com/nodejs/undici/issues/3038) [nodejs/undici#2947](https://togithub.com/nodejs/undici/issues/2947) [nodejs/undici#3040](https://togithub.com/nodejs/undici/issues/3040) [nodejs/undici#3036](https://togithub.com/nodejs/undici/issues/3036) [nodejs/undici#3041](https://togithub.com/nodejs/undici/issues/3041) [#​3024](https://togithub.com/actions/create-github-app-token/issues/3024) [#​3041](https://togithub.com/actions/create-github-app-token/issues/3041) [#​3036](https://togithub.com/actions/create-github-app-token/issues/3036) ### [`v1.9.2`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.2) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2) ##### Bug Fixes - **deps:** bump the production-dependencies group with 1 update ([#​123](https://togithub.com/actions/create-github-app-token/issues/123)) ([beea7b8](https://togithub.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)), closes [nodejs/undici#2978](https://togithub.com/nodejs/undici/issues/2978) [nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980) [#​2982](https://togithub.com/actions/create-github-app-token/issues/2982) [nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991) [#​2986](https://togithub.com/actions/create-github-app-token/issues/2986) [nodejs/undici#2992](https://togithub.com/nodejs/undici/issues/2992) [nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985) [nodejs/undici#2993](https://togithub.com/nodejs/undici/issues/2993) [nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995) [nodejs/undici#2998](https://togithub.com/nodejs/undici/issues/2998) [#​2863](https://togithub.com/actions/create-github-app-token/issues/2863) [nodejs/undici#2999](https://togithub.com/nodejs/undici/issues/2999) [nodejs/undici#3001](https://togithub.com/nodejs/undici/issues/3001) [nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980) [nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991) [nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985) [nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995) [nodejs/undici#2960](https://togithub.com/nodejs/undici/issues/2960) [nodejs/undici#2959](https://togithub.com/nodejs/undici/issues/2959) [nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962) [nodejs/undici#2974](https://togithub.com/nodejs/undici/issues/2974) [nodejs/undici#2967](https://togithub.com/nodejs/undici/issues/2967) [nodejs/undici#2966](https://togithub.com/nodejs/undici/issues/2966) [nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962) [nodejs/undici#2826](https://togithub.com/nodejs/undici/issues/2826) [nodejs/undici#2952](https://togithub.com/nodejs/undici/issues/2952) [#​3001](https://togithub.com/actions/create-github-app-token/issues/3001) [#​2863](https://togithub.com/actions/create-github-app-token/issues/2863) [#​2999](https://togithub.com/actions/create-github-app-token/issues/2999) [#​2998](https://togithub.com/actions/create-github-app-token/issues/2998) [#​2993](https://togithub.com/actions/create-github-app-token/issues/2993) [#​2986](https://togithub.com/actions/create-github-app-token/issues/2986) [#​2992](https://togithub.com/actions/create-github-app-token/issues/2992) [#​2991](https://togithub.com/actions/create-github-app-token/issues/2991) [#​2987](https://togithub.com/actions/create-github-app-token/issues/2987) ### [`v1.9.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.1) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1) ##### Bug Fixes - clarify `owner` input description ([#​118](https://togithub.com/actions/create-github-app-token/issues/118)) ([d9bc169](https://togithub.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f)) </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://togithub.com/dependabot) , [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465) - Update documentation with latest V5 release notes by [@​ab](https://togithub.com/ab) in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) - Update version documentation by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458) - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://togithub.com/chenrui333) in [https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449) #### New Contributors - [@​ab](https://togithub.com/ab) made their first contribution in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>anchore/sbom-action (anchore/sbom-action)</summary> ### [`v0.16.0`](https://togithub.com/anchore/sbom-action/releases/tag/v0.16.0): v0.16 [Compare Source](https://togithub.com/anchore/sbom-action/compare/v0.15.11...v0.16.0) #### Changes in v0.16.0 - Update Syft to v1.4.1 ([#​465](https://togithub.com/anchore/sbom-action/issues/465)) - Update GitHub artifact client ([#​463](https://togithub.com/anchore/sbom-action/issues/463)) \[[kzantow](https://togithub.com/kzantow)] </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463) - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466) - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424) - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476) - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475) - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456) - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478) - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474) - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481) - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483) - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482) ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) **Full Changelog**: zarf-dev/zarf@v0.33.1...v0.33.2 ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 ### [`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) #### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399) - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402) - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366) - feat(tools): add yq by [@​zachariahmiller](https://togithub.com/zachariahmiller) in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404) - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411) - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418) - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://togithub.com/bburky) in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409) - feat: add option to skip cosign lookup during find images by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427) - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403) - chore: update pull_request_template.md by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428) - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430) - feat(docs): port docs to starlight by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315) #### New Contributors - [@​zachariahmiller](https://togithub.com/zachariahmiller) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - [@​bburky](https://togithub.com/bburky) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) **Full Changelog**: zarf-dev/zarf@v0.32.6...v0.33.0 ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) #### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: zarf-dev/zarf@v0.32.5...v0.32.6 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@​crazy-max](https://togithub.com/crazy-max) in [https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435) - chore(deps): bump docker/bake-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436) - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437) - chore(deps): bump actions/setup-go from 4 to 5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443) - chore(deps): bump actions/upload-artifact from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444) - Delete .kodiak.toml by [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446) - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448) - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450) - Upgrade setup-go action version in README by [@​kishaningithub](https://togithub.com/kishaningithub) in [https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455) - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456) - chore: use corepack to install yarn by [@​crazy-max](https://togithub.com/crazy-max) in [https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458) - feat: lock this major version of the action to use '~> v1' as 'latest' by [@​caarlos0](https://togithub.com/caarlos0) in [https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461) - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462) - chore(deps): bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451) #### New Contributors - [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446) **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377) For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279) - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352) - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376) **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/maru-runner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
referenced
this pull request
in defenseunicorns/uds-package-gitlab-runner
May 29, 2024
](https://renovatebot.com){kind=link}
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v4.3.1` -> `v4.3.2` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | patch | `v0.4.2` -> `v0.4.4` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | patch | `v0.4.0` -> `v0.4.4` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.31.0` -> `v0.34.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action) | action | patch | `v4.1.0` -> `v4.1.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5 </details> <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/761](https://togithub.com/actions/dependency-review-action/pull/761) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.4) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.3...v0.4.4) ##### Miscellaneous - pull debug / log actions from uds-core ([#​135](https://togithub.com/defenseunicorns/uds-common/issues/135)) ([b3c9928](https://togithub.com/defenseunicorns/uds-common/commit/b3c99286e4200c98a61d86484030f2be5ebb5c70)) ### [`v0.4.3`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.3) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.2...v0.4.3) ##### Bug Fixes - update renovate config to use docker versioning for zarf images ([#​128](https://togithub.com/defenseunicorns/uds-common/issues/128)) ([c18e125](https://togithub.com/defenseunicorns/uds-common/commit/c18e12507384328bb53b81c096bc9827f96ba114)) ##### Miscellaneous - add an airgap note to UDS Package Practices (clarity is kindness) ([#​126](https://togithub.com/defenseunicorns/uds-common/issues/126)) ([b70e1fe](https://togithub.com/defenseunicorns/uds-common/commit/b70e1fe165a521a33789298a7e69aa6a59d54968)) - adjust UDS package practice formatting ([#​123](https://togithub.com/defenseunicorns/uds-common/issues/123)) ([f351d04](https://togithub.com/defenseunicorns/uds-common/commit/f351d04732a6e6e6fc2c62eff13f625a613effcc)) - **deps:** update uds common package dependencies to v6.6.3 ([#​132](https://togithub.com/defenseunicorns/uds-common/issues/132)) ([0ebdd1f](https://togithub.com/defenseunicorns/uds-common/commit/0ebdd1f5f2aa32720c88347027215305573bc716)) - **deps:** update uds common support dependencies ([#​125](https://togithub.com/defenseunicorns/uds-common/issues/125)) ([e014724](https://togithub.com/defenseunicorns/uds-common/commit/e01472454d2b3ef9665546fbb24c9980f090d238)) - **deps:** update uds common support dependencies to v0.22.0 ([#​133](https://togithub.com/defenseunicorns/uds-common/issues/133)) ([2cf903d](https://togithub.com/defenseunicorns/uds-common/commit/2cf903d41d0dbfda1baaa9629d1fa3c5d1a88110)) - initial package practices ([#​117](https://togithub.com/defenseunicorns/uds-common/issues/117)) ([d292b21](https://togithub.com/defenseunicorns/uds-common/commit/d292b216da73493743cd0a67b9763549c87c1819)) - update package practices with a bit more feedback ([#​129](https://togithub.com/defenseunicorns/uds-common/issues/129)) ([af34fc9](https://togithub.com/defenseunicorns/uds-common/commit/af34fc90104c57d11a08678186b8b2aeaaac135d)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.34.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.34.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0) ##### What's Changed - refactor: move validate to expose it as receivers by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2419](https://togithub.com/defenseunicorns/zarf/pull/2419) - docs: add additional detail to security policy by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2488](https://togithub.com/defenseunicorns/zarf/pull/2488) - chore: cleanup stale grype ignores and patch golang.org/x/net CVE by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2492](https://togithub.com/defenseunicorns/zarf/pull/2492) - docs: injector and init package reference material by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2468](https://togithub.com/defenseunicorns/zarf/pull/2468) - chore: patch CVE-2024-3817 by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2498](https://togithub.com/defenseunicorns/zarf/pull/2498) - refactor: cleaner image pulls by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2460](https://togithub.com/defenseunicorns/zarf/pull/2460) - chore: adding [@​dgershman](https://togithub.com/dgershman) by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2506](https://togithub.com/defenseunicorns/zarf/pull/2506) - refactor: context usage in k8s code by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2405](https://togithub.com/defenseunicorns/zarf/pull/2405) - ci: run revive using golang-lint-ci by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2499](https://togithub.com/defenseunicorns/zarf/pull/2499) - feat: update injector away from rouille to axum by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2457](https://togithub.com/defenseunicorns/zarf/pull/2457) - refactor: enable testifylint linter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2504](https://togithub.com/defenseunicorns/zarf/pull/2504) - chore: remove rouille CVE from grype ignore by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2515](https://togithub.com/defenseunicorns/zarf/pull/2515) - fix(agent): missing path for pod without labels by [@​brandtkeller](https://togithub.com/brandtkeller) in [https://github.com/defenseunicorns/zarf/pull/2518](https://togithub.com/defenseunicorns/zarf/pull/2518) - fix: adopt namespace metadata by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2494](https://togithub.com/defenseunicorns/zarf/pull/2494) - refactor: enable ineffassign linter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2500](https://togithub.com/defenseunicorns/zarf/pull/2500) - test: cluster getDeployedPackages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2523](https://togithub.com/defenseunicorns/zarf/pull/2523) - test: add unit tests for merge zarf state by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2522](https://togithub.com/defenseunicorns/zarf/pull/2522) - test: pod agent unit tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2526](https://togithub.com/defenseunicorns/zarf/pull/2526) - docs: add google analytics for docs pages by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2530](https://togithub.com/defenseunicorns/zarf/pull/2530) - test: add unit tests for detect distro by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2521](https://togithub.com/defenseunicorns/zarf/pull/2521) - test: add tests for injector by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2534](https://togithub.com/defenseunicorns/zarf/pull/2534) - chore: add codecov by [@​schristoff-du](https://togithub.com/schristoff-du) in [https://github.com/defenseunicorns/zarf/pull/2529](https://togithub.com/defenseunicorns/zarf/pull/2529) - chore: add unit tests for creator.LoadPackageDefinition by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2531](https://togithub.com/defenseunicorns/zarf/pull/2531) - test: refactor network test by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2533](https://togithub.com/defenseunicorns/zarf/pull/2533) - test: agent flux unit test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2528](https://togithub.com/defenseunicorns/zarf/pull/2528) - chore: fix codecov by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2538](https://togithub.com/defenseunicorns/zarf/pull/2538) - test: creator.ComposeComponents by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2537](https://togithub.com/defenseunicorns/zarf/pull/2537) - refactor: remove use of k8s serivce account by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2544](https://togithub.com/defenseunicorns/zarf/pull/2544) - refactor: remove use of k8s service by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2543](https://togithub.com/defenseunicorns/zarf/pull/2543) - refactor: remove use of k8s configmap by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2541](https://togithub.com/defenseunicorns/zarf/pull/2541) - refactor: remove use of k8s hpa by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2542](https://togithub.com/defenseunicorns/zarf/pull/2542) - test: add secrets tests by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2540](https://togithub.com/defenseunicorns/zarf/pull/2540) - refactor: allow callers to directly set logfile location by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2545](https://togithub.com/defenseunicorns/zarf/pull/2545) - test: add test for packager source by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2525](https://togithub.com/defenseunicorns/zarf/pull/2525) - chore: add unit tests to variables pkg by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2519](https://togithub.com/defenseunicorns/zarf/pull/2519) - test: clean up tests for composer by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2532](https://togithub.com/defenseunicorns/zarf/pull/2532) - test: argo agent unit tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2536](https://togithub.com/defenseunicorns/zarf/pull/2536) - fix(release): do not delete testdata in release workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2547](https://togithub.com/defenseunicorns/zarf/pull/2547) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0 ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463) - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466) - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424) - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476) - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475) - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456) - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478) - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474) - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481) - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483) - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482) ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2 ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) ##### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) ##### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1 ### [`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) ##### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399) - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402) - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366) - feat(tools): add yq by [@​zachariahmiller](https://togithub.com/zachariahmiller) in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404) - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411) - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418) - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://togithub.com/bburky) in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409) - feat: add option to skip cosign lookup during find images by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427) - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403) - chore: update pull_request_template.md by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428) - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430) - feat(docs): port docs to starlight by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315) ##### New Contributors - [@​zachariahmiller](https://togithub.com/zachariahmiller) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - [@​bburky](https://togithub.com/bburky) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0 ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) ##### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6 ### [`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) ##### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://togithub.com/eddiezane) in [#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://togithub.com/waveywaves) in [#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://togithub.com/Racer159) in [#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://togithub.com/renovate)\[bot] in [#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://togithub.com/mdaizcorbe) in [#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://togithub.com/Noxsios) in [#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://togithub.com/Noxsios) in [#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://togithub.com/beholdenkey) in [#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://togithub.com/AustinAbro321) by [@​Racer159](https://togithub.com/Racer159) in [#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://togithub.com/Noxsios) in [#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://togithub.com/Noxsios) in [#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374) ##### First Time Contributors - [@​eddiezane](https://togithub.com/eddiezane) made their first contribution in [#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://togithub.com/beholdenkey) made their first contribution in [#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first contribution in [#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5 ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) ##### What's Changed ##### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) ##### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) ##### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) ##### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) ##### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4 ### [`v0.32.3`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.3) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3) ##### What's Changed ##### Fixes - Properly handle panic that could occur during checksum validation by [@​mjnagel](https://togithub.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2262](https://togithub.com/defenseunicorns/zarf/pull/2262) - Add the `--key` flag to the init cmd to properly allow for signed init packages by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2259](https://togithub.com/defenseunicorns/zarf/pull/2259) - Restore destroy script functionality during `zarf destroy` by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2274](https://togithub.com/defenseunicorns/zarf/pull/2274) - Fix symlink inclusion within component resources by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2256](https://togithub.com/defenseunicorns/zarf/pull/2256) - Use memory friendly file split logic for partial packages by [@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) in [https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264) - Fix reproducible tarball creation on Windows systems by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2293](https://togithub.com/defenseunicorns/zarf/pull/2293) ##### Docs - Make branding more consistent and add community meetup references to docs by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2258](https://togithub.com/defenseunicorns/zarf/pull/2258) ##### Dependencies - Update github.com/anchore/clio digest by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2277](https://togithub.com/defenseunicorns/zarf/pull/2277) and [https://github.com/defenseunicorns/zarf/pull/2283](https://togithub.com/defenseunicorns/zarf/pull/2283) - Update all non-major dependencies (including Gitea v1.21.5, Syft v0.100.0, K9s v0.31.7 and Crane v0.19.0) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2187](https://togithub.com/defenseunicorns/zarf/pull/2187) ##### Development - Add a more robust chart search regexManager by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2278](https://togithub.com/defenseunicorns/zarf/pull/2278) and [https://github.com/defenseunicorns/zarf/pull/2284](https://togithub.com/defenseunicorns/zarf/pull/2284) - Partial refactor of injector logic in `k8s`, and `cluster` packages by [@​chrishorton](https://togithub.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2271](https://togithub.com/defenseunicorns/zarf/pull/2271) ##### New Contributors - [@​daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3 ### [`v0.32.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2) ##### What's Changed ##### Features - Support authenticated Helm repositories that have been configured with `helm repo add` by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2196](https://togithub.com/defenseunicorns/zarf/pull/2196) - Verify that the specified storage class exists during `zarf init` by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2180](https://togithub.com/defenseunicorns/zarf/pull/2180) - Check for available node resources before building injector pod by [@​chrishorton](https://togithub.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220) - Officially support yaml extensions within the `zarf.yaml` using `x-` keys by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2217](https://togithub.com/defenseunicorns/zarf/pull/2217) ##### Fixes - Fix the inclusion of helm sub commands when rendering `zarf tools help` by [@​jbrewer3](https://togithub.com/jbrewer3) in [https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216) ##### Docs - Fix typos in the extension `README.md` by [@​mjnagel](https://togithub.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2227](https://togithub.com/defenseunicorns/zarf/pull/2227) - Fix a small grammatical error in the base `README.md` by [@​cmwylie19](https://togithub.com/cmwylie19) in [https://github.com/defenseunicorns/zarf/pull/2219](https://togithub.com/defenseunicorns/zarf/pull/2219) ##### Dependencies - Update github.com/anchore/clio digest to [`89e2fe8`](https://togithub.com/defenseunicorns/zarf/commit/89e2fe8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2214](https://togithub.com/defenseunicorns/zarf/pull/2214) - Update github.com/anchore/clio digest to [`a5e93b6`](https://togithub.com/defenseunicorns/zarf/commit/a5e93b6) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2229](https://togithub.com/defenseunicorns/zarf/pull/2229) - Update github.com/anchore/stereoscope digest to [`eb656fc`](https://togithub.com/defenseunicorns/zarf/commit/eb656fc) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2230](https://togithub.com/defenseunicorns/zarf/pull/2230) ##### Development - Remove workflow for automatically adding issues to the zarf project by [@​YrrepNoj](https://togithub.com/YrrepNoj) in [https://github.com/defenseunicorns/zarf/pull/2239](https://togithub.com/defenseunicorns/zarf/pull/2239) - Delete unnecessary waitgroup from concurrencyTools by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2244](https://togithub.com/defenseunicorns/zarf/pull/2244) - Update `NewOrasRemote` to take `ocispec.Platform` as an argument by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2241](https://togithub.com/defenseunicorns/zarf/pull/2241) ##### New Contributors - [@​jbrewer3](https://togithub.com/jbrewer3) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216) - [@​chrishorton](https://togithub.com/chrishorton) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2 ### [`v0.32.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.0...v0.32.1) ##### What's Changed ##### Fixes - `ResolveRoot` now properly returns an error when a target platform is not provided when used as a library by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2212](https://togithub.com/defenseunicorns/zarf/pull/2212) - Fix reproducibility of internal tarballs for components + sboms to allow better OCI layer reuse by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2210](https://togithub.com/defenseunicorns/zarf/pull/2210) ##### Docs - Remove `dos-games` skeleton references and instead use the skeleton architecture index by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2208](https://togithub.com/defenseunicorns/zarf/pull/2208) ##### Dependencies - \[security] Update github.com/go-git/go-git/v5 to v5.11.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2209](https://togithub.com/defenseunicorns/zarf/pull/2209) - \[security] Update github.com/containerd/containerd to v1.7.11 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2209](https://togithub.com/defenseunicorns/zarf/pull/2209) - Update github.com/anchore/syft to v0.99.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2185](https://togithub.com/defenseunicorns/zarf/pull/2185) - Update github.com/anchore/clio digest to [`3e50431`](https://togithub.com/defenseunicorns/zarf/commit/3e50431) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2207](https://togithub.com/defenseunicorns/zarf/pull/2207) - Update github.com/anchore/stereoscope digest to [`590920d`](https://togithub.com/defenseunicorns/zarf/commit/590920d) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2206](https://togithub.com/defenseunicorns/zarf/pull/2206) - Update github/codeql-action action to v3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2191](https://togithub.com/defenseunicorns/zarf/pull/2191) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.0...v0.32.1 ### [`v0.32.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.31.4...v0.32.0) ##### What's Changed ##### :warning: Breaking Changes - Gitea has been updated from the 8.x series chart (app version 1.19.3) to the 10.x series chart (app version 1.21.2) - this update contains breaking changes and should be tested if you are using this component - default Zarf installs will upgrade automatically but more advanced configurations / use cases should be reviewed. [Gitea Release Notes](https://togithub.com/go-gitea/gitea/releases) - Zarf package OCI references now use OCI indexes / platforms to handle architecture - packages published to OCI with this version of Zarf will be placed within an index and won't be able to be pulled with older versions - old packages will still be able to be pulled however. - Component and package names can no longer start with a leading `-` as this is used within the deselect syntax introduced for `--components` ##### Features <img src="https://github.com/defenseunicorns/zarf/assets/3977569/b9f9e158-d70d-48dd-bcda-f37d728e700a" width=555px/> - Add `zarf dev deploy` for quickly testing packages and restructure `zarf prepare` into `zarf dev` by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2170](https://togithub.com/defenseunicorns/zarf/pull/2170) - Introduce unpinned resources (`images`/`repos`/`files`) warning for `zarf dev lint` by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2171](https://togithub.com/defenseunicorns/zarf/pull/2171) - Add glob selection and deselection support to `--components` by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2175](https://togithub.com/defenseunicorns/zarf/pull/2175) - Switch to indexed platforms for OCI architectures (eliminate `-amd64`, `-arm64` tag mangling) by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2184](https://togithub.com/defenseunicorns/zarf/pull/2184) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Introduce `zarf prepare lint` to perform schema validation and lay groundwork for standardizing best practices by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2075](https://togithub.com/defenseunicorns/zarf/pull/2075) - Add `zarf package remove/inspect` completion for package names from cluster sources by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2151](https://togithub.com/defenseunicorns/zarf/pull/2151) - Add a warning when no components are selected for deployment in a package by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2167](https://togithub.com/defenseunicorns/zarf/pull/2167) - Allow passing additional arguments to `k9s` when invoked by `zarf tools monitor` by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2095](https://togithub.com/defenseunicorns/zarf/pull/2095) - Add `REGISTRY_CA_BUNDLE` variable to registry package and chart to improve S3 backed registries by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [https://github.com/defenseunicorns/zarf/pull/2008](https://togithub.com/defenseunicorns/zarf/pull/2008) - Add `GIT_SERVER_DISABLE_REGISTRATION` variable to allow for Gitea registration, so that SSO can be used by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2118](https://togithub.com/defenseunicorns/zarf/pull/2118) - `[Library Only]` Initial implementation of Helm Chart overrides at deploy time by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2131](https://togithub.com/defenseunicorns/zarf/pull/2131) </details> ##### Fixes - Update error message when the image doesn't exist locally or on a remote by [@​bdw617](https://togithub.com/bdw617) in [https://github.com/defenseunicorns/zarf/pull/2160](https://togithub.com/defenseunicorns/zarf/pull/2160) - Corrected k8s / helm k8s client version within Helm templating by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2197](https://togithub.com/defenseunicorns/zarf/pull/2197) - Properly handle tunnel error channels to force retries of image pushing by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2190](https://togithub.com/defenseunicorns/zarf/pull/2190) <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Fix helm chart clobbering and differences with Zarf and Helm `chart` names along with new [`repoName` key](https://docs.zarf.dev/docs/create-a-zarf-package/zarf-schema#zarfchart) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2174](https://togithub.com/defenseunicorns/zarf/pull/2174) - Add message asking if the user has init'ed their cluster and slim down error messages more generally by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2177](https://togithub.com/defenseunicorns/zarf/pull/2177) - Fix compose dropping the `only.localOS` filter from the composed package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2173](https://togithub.com/defenseunicorns/zarf/pull/2173) - Improve Helm rollback logic, messaging, and support for local tarballs by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2157](https://togithub.com/defenseunicorns/zarf/pull/2157) - Add warnings to better log the errors encountered on image push retries by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2147](https://togithub.com/defenseunicorns/zarf/pull/2147) - Make `set -e` (and `$ErrorActionPreference = 'Stop';`) the default for multiline actions so that they fail correctly by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2148](https://togithub.com/defenseunicorns/zarf/pull/2148) - Properly handle `variable` and `constant` merging when using composable components by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2129](https://togithub.com/defenseunicorns/zarf/pull/2129) - Use the node name instead of the hostname label to build the injector pod by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2119](https://togithub.com/defenseunicorns/zarf/pull/2119) - Resolve pathing issues while loading images with Zarf on Windows by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2106](https://togithub.com/defenseunicorns/zarf/pull/2106) - Add an error channel for progress bar rendering to properly stop the progress bar when used as a library by [@​UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/zarf/pull/2117](https://togithub.com/defenseunicorns/zarf/pull/2117) - Keep a useable empty dir volume within the registry even when persistence is disabled by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2124](https://togithub.com/defenseunicorns/zarf/pull/2124) </details> ##### Docs <details> <summary><h4>Rollup From v0.31 Patch Releases</h4></summary> - Update the[ Airgap Software Delivery course](https://docs.zarf.dev/docs/getting-started/understand-the-basics#airgap-basics) name by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2172](https://togithub.com/defenseunicorns/zarf/pull/2172) - Promote the Quick Start section to [Getting Started](https://docs.zarf.dev/docs/getting-started/) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2182](https://togithub.com/defenseunicorns/zarf/pull/2182) - Fix link and content issues across the docs by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2168](https://togithub.com/defenseunicorns/zarf/pull/2168) - Improve the docs for [`zarf tools k9s` options](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_tools_monitor) and other [command examples](https://docs.zarf.dev/docs/the-zarf-cli/cli-commands/zarf_package_mirror-resources#examples) by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2132](https://togithub.com/defenseunicorns/zarf/pull/2132) - Update the [Zarf overview](https://docs.zarf.dev/docs/zarf-overview) to be more clear about how Zarf works by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2122](https://togithub.com/defenseunicorns/zarf/pull/2122) </details> ##### Dependencies - Update gitea chart from 8.3.0 to 10.0.0 by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [https://github.com/defenseunicorns/zarf/pull/2123](https://togithub.com/defenseunicorns/zarf/pull/2123) - Update module golang.org/x/crypto to v0.17.0 \[security] by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2201](https://togithub.com/defenseunicorns/zarf/pull/2201) - Update sigstore/cosign-installer action to v3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/1400](https://togithub.com/defenseunicorns/zarf/pull/1400) - Update github.com/anchore/stereoscope digest to [`4b999b7`](https://togithub.com/defenseunicorns/zarf/commit/4b999b7) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2198](https://togithub.com/defenseunicorns/zarf/pull/2198) - Update dependency pepr to v20 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2193](https://togithub.com </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-gitlab-runner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMzEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM3Ny44IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <me@racer159.com>
rjferguson21
referenced
this pull request
in defenseunicorns/uds-core
Jul 11, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | patch | `v0.33.0` -> `v0.33.1` | --- ### Release Notes <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMjEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
rjferguson21
referenced
this pull request
in defenseunicorns/uds-core
Jul 11, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | minor | `v0.32.3` -> `v0.33.2` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | patch | `v0.33.1` -> `v0.33.2` | --- ### Release Notes <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463) - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466) - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424) - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476) - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475) - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456) - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478) - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474) - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481) - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483) - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482) ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) **Full Changelog**: zarf-dev/zarf@v0.33.1...v0.33.2 ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432) - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433) - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438) - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439) - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436) - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415) - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442) - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444) - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414) - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449) - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450) - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431) - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447) - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448) - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459) - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458) - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429) #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440) **Full Changelog**: zarf-dev/zarf@v0.33.0...v0.33.1 ### [`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) #### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399) - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402) - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366) - feat(tools): add yq by [@​zachariahmiller](https://togithub.com/zachariahmiller) in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404) - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411) - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418) - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://togithub.com/bburky) in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409) - feat: add option to skip cosign lookup during find images by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427) - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403) - chore: update pull_request_template.md by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428) - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430) - feat(docs): port docs to starlight by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315) #### New Contributors - [@​zachariahmiller](https://togithub.com/zachariahmiller) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406) - [@​bburky](https://togithub.com/bburky) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416) **Full Changelog**: zarf-dev/zarf@v0.32.6...v0.33.0 ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) #### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: zarf-dev/zarf@v0.32.5...v0.32.6 ### [`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) #### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://togithub.com/eddiezane) in [#​2232](https://togithub.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://togithub.com/waveywaves) in [#​2309](https://togithub.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2282](https://togithub.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://togithub.com/Racer159) in [#​2345](https://togithub.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://togithub.com/renovate)\[bot] in [#​2347](https://togithub.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2353](https://togithub.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://togithub.com/mdaizcorbe) in [#​2352](https://togithub.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://togithub.com/Noxsios) in [#​2367](https://togithub.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://togithub.com/Noxsios) in [#​2376](https://togithub.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2333](https://togithub.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://togithub.com/beholdenkey) in [#​2350](https://togithub.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2349](https://togithub.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2340](https://togithub.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://togithub.com/AustinAbro321) by [@​Racer159](https://togithub.com/Racer159) in [#​2354](https://togithub.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2235](https://togithub.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2355](https://togithub.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2342](https://togithub.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [#​2341](https://togithub.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://togithub.com/Noxsios) in [#​2368](https://togithub.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://togithub.com/Noxsios) in [#​2374](https://togithub.com/defenseunicorns/zarf/pull/2374) #### First Time Contributors - [@​eddiezane](https://togithub.com/eddiezane) made their first contribution in [#​2232](https://togithub.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://togithub.com/beholdenkey) made their first contribution in [#​2350](https://togithub.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://togithub.com/mdaizcorbe) made their first contribution in [#​2352](https://togithub.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: zarf-dev/zarf@v0.32.4...v0.32.5 ### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) #### What's Changed #### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) #### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) #### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) #### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) #### New Contributors - [@​docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@​naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@​waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: zarf-dev/zarf@v0.32.3...v0.32.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-core). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This would add a compare CVEs to main workflow to replace the "analyze cves" which currently runs on PRs. This new workflow would only fail on PRs is new CVE's were added rather than always failing if CVE's exist in the PR.
Assuming we want to move forward with this we would need to add some extra signal for ourselves to notify us when we do have CVEs on PRs. Maybe a status icon on the repo? Maybe emails? Maybe auto opened issues ? Github security also opens up alerts though those don't take into account the .grype.yaml so there is more noise