New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: add security response process #3037
Conversation
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
Triaging problems allows maintainers to focus resources on the most critically | ||
impacting problems. Potential security problems should be evaluated against the | ||
following information: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Triaging problems allows maintainers to focus resources on the most critically | |
impacting problems. Potential security problems should be evaluated against the | |
following information: | |
Triaging issues allows maintainers to focus resources on the most critically | |
impacting problems. Potential security risks should be evaluated against the | |
following information: |
Any potential problem that has an exploit, permits privilege escalation, is | ||
simple, and does not require user interaction should be evaluated immediately. | ||
[CVSS Version 3.1](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator) can be | ||
a helpful tool in evaluating the criticality of reported problems. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
a helpful tool in evaluating the criticality of reported problems. | |
a helpful tool in evaluating the criticality of reported issues. |
Respond to the reporter and notify them you have received the problem and have | ||
begun reviewing it. Remind them of the [embargo policy](https://github.com/cncf/tag-security/blob/231b87f371274b2d68def2c6a35a719210836191/project-resources/templates/embargo-policy.md), and provide them | ||
information on who to contact/follow-up with if they have questions. Estimate a | ||
time frame that they can expect to receive an update on the problem. Create a | ||
calendar reminder to contact them again by that date to provide an update. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Respond to the reporter and notify them you have received the problem and have | |
begun reviewing it. Remind them of the [embargo policy](https://github.com/cncf/tag-security/blob/231b87f371274b2d68def2c6a35a719210836191/project-resources/templates/embargo-policy.md), and provide them | |
information on who to contact/follow-up with if they have questions. Estimate a | |
time frame that they can expect to receive an update on the problem. Create a | |
calendar reminder to contact them again by that date to provide an update. | |
Respond to the reporter and notify them that you have received and begun reviewing the problem. Remind them of the [embargo policy](https://github.com/cncf/tag-security/blob/231b87f371274b2d68def2c6a35a719210836191/project-resources/templates/embargo-policy.md), and provide them | |
information on who to contact/follow-up with if they have questions. Estimate when they can expect to receive an update. Create a calendar reminder to contact them again by that date to provide an update. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
uh I think I messed up the linebreaks a bit here...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, just have a couple of suggestions for removing duplicate words and adding a bit of clarity.
Thanks! I've opened #3056 to get your suggestions in! |
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Sai Charan Godasi <saicharangodasi@Sais-MacBook-Air.local>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Signed-off-by: Mike Serchenia <michael_serchenia@epam.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.11` -> `0.9.12` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.12`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.12) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.11...v0.9.12) Image: `ghcr.io/external-secrets/external-secrets:v0.9.12` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi-boringssl` #### What's Changed - bump 0.9.11 by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#2982 - chore(deps): bump golang from 1.20.1 to 1.21.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#2976 - fix: chart: update cert-manager cert. duration by [@​Tycale](https://togithub.com/Tycale) in [external-secrets/external-secrets#2986 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#2988 - Fix value name by [@​Aransh](https://togithub.com/Aransh) in [external-secrets/external-secrets#2985 - feat: add ability to define flavour for tag by [@​A1994SC](https://togithub.com/A1994SC) in [external-secrets/external-secrets#2881 - Fix typo in pushsecrets docs by [@​matusf](https://togithub.com/matusf) in [external-secrets/external-secrets#2998 - feat: add PushSecret and DeleteSecret to onepassword provider by [@​bthuilot](https://togithub.com/bthuilot) in [external-secrets/external-secrets#2646 - Configure codecov by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2995 - added some example for v2 literal templating by [@​rpasche](https://togithub.com/rpasche) in [external-secrets/external-secrets#3007 - Akeyless Provider - Add support for Certificate items by [@​barucoh](https://togithub.com/barucoh) in [external-secrets/external-secrets#3013 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3005 - Feat/allow keeper to work with complex types by [@​ppodevlabs](https://togithub.com/ppodevlabs) in [external-secrets/external-secrets#3016 - docs: update controller reconcile error rule by [@​aslafy-z](https://togithub.com/aslafy-z) in [external-secrets/external-secrets#3021 - Issue/2965 - Documentation does not reflect latest changes for datafrom for IBM Secret Manager by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3010 - doc: update bitwarden-cli image & version by [@​charlesthomas](https://togithub.com/charlesthomas) in [external-secrets/external-secrets#2971 - Update the ExternalSecret status even when data is empty by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2927 - grammar - it is by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2991 - gramar2 - intuitive not intuative by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2992 - docs: add command to install CRDs using kustomize by [@​PeterStolz](https://togithub.com/PeterStolz) in [external-secrets/external-secrets#3023 - Validator by [@​Mehrbod2002](https://togithub.com/Mehrbod2002) in [external-secrets/external-secrets#3003 - chore(deps): bump golang from 1.21.5 to 1.21.6 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3024 - feat: set default namespace on vault secretStore (namespaced ressource) by [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) in [external-secrets/external-secrets#2869 - Create OSSF scorecard job by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3032 - feat: add support for Hashicorp Vault mTLS by [@​rodrigorfk](https://togithub.com/rodrigorfk) in [external-secrets/external-secrets#3018 - \[Snyk] Fix for 5 vulnerabilities by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3036 - chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3051 - chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3050 - chore(deps): bump actions/cache from 3.3.3 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3049 - chore(deps): bump github/codeql-action from 2.2.4 to 3.23.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3048 - chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3047 - chore(deps): bump mkdocs-macros-plugin from 0.7.0 to 1.0.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3046 - chore(deps): bump actions/checkout from 3.1.0 to 4.1.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3044 - chore(deps): bump golang from `fd78f2f` to `fd78f2f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3042 - chore(deps): bump ubi8/ubi-minimal from `d8b81a3` to `2882390` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3041 - chore(deps): bump alpine from `13b7e62` to `51b6726` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3040 - chore(deps): bump golang from `04cf306` to `c4b696f` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3038 - chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3043 - chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.3.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3045 - docs: add security response process by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3037 - Fix wrong namespaceSelector configuration in snippet in document by [@​kyasbal](https://togithub.com/kyasbal) in [external-secrets/external-secrets#3054 - chore: refactor/centralise secretKeyRef usage by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3022 - chore: fixup security response suggestions by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3056 - feat: allow provider to return admission warnings by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3058 - chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3039 - chore: add tests for AWS/SM by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3057 - chore(deps): bump mkdocs-minify-plugin from 0.5.0 to 0.7.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3063 - chore(deps): bump markupsafe from 2.1.3 to 2.1.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3062 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3065 - added metrics support for akeyless by [@​charan986](https://togithub.com/charan986) in [external-secrets/external-secrets#3069 - chore: bump jwx pkg by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3075 - IBM provider: remove deprecated code for fetching secret by name by [@​Shanti-G](https://togithub.com/Shanti-G) in [external-secrets/external-secrets#3078 - chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3090 - chore(deps): bump golang from `fd78f2f` to `a6a7f1f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3086 - chore(deps): bump alpine from `51b6726` to `c5b1261` in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3088 - chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3089 - chore(deps): bump golang from `c4b696f` to `d8c365d` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3084 - chore(deps): bump alpine from `51b6726` to `c5b1261` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3087 - 🧹 refactor vault provider by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3072 - chore: bump ubi image by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3096 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3091 - chore(deps): bump alpine from 3.19.0 to 3.19.1 in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3083 - chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3104 - chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3103 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3113 - chore(deps): bump peter-evans/slash-command-dispatch from 3.0.2 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3102 - Feat/ready condition early by [@​ppatel1604](https://togithub.com/ppatel1604) in [external-secrets/external-secrets#3077 - chore(deps): bump mkdocs-material from 9.5.4 to 9.5.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3106 - chore(deps): bump platformdirs from 4.1.0 to 4.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3105 - chore(deps): bump markupsafe from 2.1.4 to 2.1.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3107 - chore(deps): bump urllib3 from 2.1.0 to 2.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3109 - chore(deps): bump mkdocs-minify-plugin from 0.7.2 to 0.8.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3108 #### New Contributors - [@​Tycale](https://togithub.com/Tycale) made their first contribution in [external-secrets/external-secrets#2986 - [@​Aransh](https://togithub.com/Aransh) made their first contribution in [external-secrets/external-secrets#2985 - [@​A1994SC](https://togithub.com/A1994SC) made their first contribution in [external-secrets/external-secrets#2881 - [@​matusf](https://togithub.com/matusf) made their first contribution in [external-secrets/external-secrets#2998 - [@​bthuilot](https://togithub.com/bthuilot) made their first contribution in [external-secrets/external-secrets#2646 - [@​rpasche](https://togithub.com/rpasche) made their first contribution in [external-secrets/external-secrets#3007 - [@​barucoh](https://togithub.com/barucoh) made their first contribution in [external-secrets/external-secrets#3013 - [@​aslafy-z](https://togithub.com/aslafy-z) made their first contribution in [external-secrets/external-secrets#3021 - [@​fdberlking](https://togithub.com/fdberlking) made their first contribution in [external-secrets/external-secrets#3010 - [@​charlesthomas](https://togithub.com/charlesthomas) made their first contribution in [external-secrets/external-secrets#2971 - [@​aviadkray](https://togithub.com/aviadkray) made their first contribution in [external-secrets/external-secrets#2991 - [@​PeterStolz](https://togithub.com/PeterStolz) made their first contribution in [external-secrets/external-secrets#3023 - [@​Mehrbod2002](https://togithub.com/Mehrbod2002) made their first contribution in [external-secrets/external-secrets#3003 - [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) made their first contribution in [external-secrets/external-secrets#2869 - [@​rodrigorfk](https://togithub.com/rodrigorfk) made their first contribution in [external-secrets/external-secrets#3018 - [@​kyasbal](https://togithub.com/kyasbal) made their first contribution in [external-secrets/external-secrets#3054 **Full Changelog**: external-secrets/external-secrets@v0.9.11...v0.9.12 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.11` -> `0.9.12` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.12`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.12) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.11...v0.9.12) Image: `ghcr.io/external-secrets/external-secrets:v0.9.12` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi-boringssl` #### What's Changed - bump 0.9.11 by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#2982 - chore(deps): bump golang from 1.20.1 to 1.21.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#2976 - fix: chart: update cert-manager cert. duration by [@​Tycale](https://togithub.com/Tycale) in [external-secrets/external-secrets#2986 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#2988 - Fix value name by [@​Aransh](https://togithub.com/Aransh) in [external-secrets/external-secrets#2985 - feat: add ability to define flavour for tag by [@​A1994SC](https://togithub.com/A1994SC) in [external-secrets/external-secrets#2881 - Fix typo in pushsecrets docs by [@​matusf](https://togithub.com/matusf) in [external-secrets/external-secrets#2998 - feat: add PushSecret and DeleteSecret to onepassword provider by [@​bthuilot](https://togithub.com/bthuilot) in [external-secrets/external-secrets#2646 - Configure codecov by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2995 - added some example for v2 literal templating by [@​rpasche](https://togithub.com/rpasche) in [external-secrets/external-secrets#3007 - Akeyless Provider - Add support for Certificate items by [@​barucoh](https://togithub.com/barucoh) in [external-secrets/external-secrets#3013 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3005 - Feat/allow keeper to work with complex types by [@​ppodevlabs](https://togithub.com/ppodevlabs) in [external-secrets/external-secrets#3016 - docs: update controller reconcile error rule by [@​aslafy-z](https://togithub.com/aslafy-z) in [external-secrets/external-secrets#3021 - Issue/2965 - Documentation does not reflect latest changes for datafrom for IBM Secret Manager by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3010 - doc: update bitwarden-cli image & version by [@​charlesthomas](https://togithub.com/charlesthomas) in [external-secrets/external-secrets#2971 - Update the ExternalSecret status even when data is empty by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2927 - grammar - it is by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2991 - gramar2 - intuitive not intuative by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2992 - docs: add command to install CRDs using kustomize by [@​PeterStolz](https://togithub.com/PeterStolz) in [external-secrets/external-secrets#3023 - Validator by [@​Mehrbod2002](https://togithub.com/Mehrbod2002) in [external-secrets/external-secrets#3003 - chore(deps): bump golang from 1.21.5 to 1.21.6 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3024 - feat: set default namespace on vault secretStore (namespaced ressource) by [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) in [external-secrets/external-secrets#2869 - Create OSSF scorecard job by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3032 - feat: add support for Hashicorp Vault mTLS by [@​rodrigorfk](https://togithub.com/rodrigorfk) in [external-secrets/external-secrets#3018 - \[Snyk] Fix for 5 vulnerabilities by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3036 - chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3051 - chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3050 - chore(deps): bump actions/cache from 3.3.3 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3049 - chore(deps): bump github/codeql-action from 2.2.4 to 3.23.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3048 - chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3047 - chore(deps): bump mkdocs-macros-plugin from 0.7.0 to 1.0.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3046 - chore(deps): bump actions/checkout from 3.1.0 to 4.1.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3044 - chore(deps): bump golang from `fd78f2f` to `fd78f2f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3042 - chore(deps): bump ubi8/ubi-minimal from `d8b81a3` to `2882390` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3041 - chore(deps): bump alpine from `13b7e62` to `51b6726` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3040 - chore(deps): bump golang from `04cf306` to `c4b696f` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3038 - chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3043 - chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.3.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3045 - docs: add security response process by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3037 - Fix wrong namespaceSelector configuration in snippet in document by [@​kyasbal](https://togithub.com/kyasbal) in [external-secrets/external-secrets#3054 - chore: refactor/centralise secretKeyRef usage by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3022 - chore: fixup security response suggestions by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3056 - feat: allow provider to return admission warnings by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3058 - chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3039 - chore: add tests for AWS/SM by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3057 - chore(deps): bump mkdocs-minify-plugin from 0.5.0 to 0.7.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3063 - chore(deps): bump markupsafe from 2.1.3 to 2.1.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3062 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3065 - added metrics support for akeyless by [@​charan986](https://togithub.com/charan986) in [external-secrets/external-secrets#3069 - chore: bump jwx pkg by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3075 - IBM provider: remove deprecated code for fetching secret by name by [@​Shanti-G](https://togithub.com/Shanti-G) in [external-secrets/external-secrets#3078 - chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3090 - chore(deps): bump golang from `fd78f2f` to `a6a7f1f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3086 - chore(deps): bump alpine from `51b6726` to `c5b1261` in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3088 - chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3089 - chore(deps): bump golang from `c4b696f` to `d8c365d` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3084 - chore(deps): bump alpine from `51b6726` to `c5b1261` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3087 - 🧹 refactor vault provider by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3072 - chore: bump ubi image by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3096 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3091 - chore(deps): bump alpine from 3.19.0 to 3.19.1 in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3083 - chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3104 - chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3103 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3113 - chore(deps): bump peter-evans/slash-command-dispatch from 3.0.2 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3102 - Feat/ready condition early by [@​ppatel1604](https://togithub.com/ppatel1604) in [external-secrets/external-secrets#3077 - chore(deps): bump mkdocs-material from 9.5.4 to 9.5.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3106 - chore(deps): bump platformdirs from 4.1.0 to 4.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3105 - chore(deps): bump markupsafe from 2.1.4 to 2.1.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3107 - chore(deps): bump urllib3 from 2.1.0 to 2.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3109 - chore(deps): bump mkdocs-minify-plugin from 0.7.2 to 0.8.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3108 #### New Contributors - [@​Tycale](https://togithub.com/Tycale) made their first contribution in [external-secrets/external-secrets#2986 - [@​Aransh](https://togithub.com/Aransh) made their first contribution in [external-secrets/external-secrets#2985 - [@​A1994SC](https://togithub.com/A1994SC) made their first contribution in [external-secrets/external-secrets#2881 - [@​matusf](https://togithub.com/matusf) made their first contribution in [external-secrets/external-secrets#2998 - [@​bthuilot](https://togithub.com/bthuilot) made their first contribution in [external-secrets/external-secrets#2646 - [@​rpasche](https://togithub.com/rpasche) made their first contribution in [external-secrets/external-secrets#3007 - [@​barucoh](https://togithub.com/barucoh) made their first contribution in [external-secrets/external-secrets#3013 - [@​aslafy-z](https://togithub.com/aslafy-z) made their first contribution in [external-secrets/external-secrets#3021 - [@​fdberlking](https://togithub.com/fdberlking) made their first contribution in [external-secrets/external-secrets#3010 - [@​charlesthomas](https://togithub.com/charlesthomas) made their first contribution in [external-secrets/external-secrets#2971 - [@​aviadkray](https://togithub.com/aviadkray) made their first contribution in [external-secrets/external-secrets#2991 - [@​PeterStolz](https://togithub.com/PeterStolz) made their first contribution in [external-secrets/external-secrets#3023 - [@​Mehrbod2002](https://togithub.com/Mehrbod2002) made their first contribution in [external-secrets/external-secrets#3003 - [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) made their first contribution in [external-secrets/external-secrets#2869 - [@​rodrigorfk](https://togithub.com/rodrigorfk) made their first contribution in [external-secrets/external-secrets#3018 - [@​kyasbal](https://togithub.com/kyasbal) made their first contribution in [external-secrets/external-secrets#3054 **Full Changelog**: external-secrets/external-secrets@v0.9.11...v0.9.12 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [external-secrets](https://togithub.com/external-secrets/external-secrets) | patch | `0.9.11` -> `0.9.12` | --- ### Release Notes <details> <summary>external-secrets/external-secrets (external-secrets)</summary> ### [`v0.9.12`](https://togithub.com/external-secrets/external-secrets/releases/tag/v0.9.12) [Compare Source](https://togithub.com/external-secrets/external-secrets/compare/v0.9.11...v0.9.12) Image: `ghcr.io/external-secrets/external-secrets:v0.9.12` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi` Image: `ghcr.io/external-secrets/external-secrets:v0.9.12-ubi-boringssl` #### What's Changed - bump 0.9.11 by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#2982 - chore(deps): bump golang from 1.20.1 to 1.21.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#2976 - fix: chart: update cert-manager cert. duration by [@​Tycale](https://togithub.com/Tycale) in [external-secrets/external-secrets#2986 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#2988 - Fix value name by [@​Aransh](https://togithub.com/Aransh) in [external-secrets/external-secrets#2985 - feat: add ability to define flavour for tag by [@​A1994SC](https://togithub.com/A1994SC) in [external-secrets/external-secrets#2881 - Fix typo in pushsecrets docs by [@​matusf](https://togithub.com/matusf) in [external-secrets/external-secrets#2998 - feat: add PushSecret and DeleteSecret to onepassword provider by [@​bthuilot](https://togithub.com/bthuilot) in [external-secrets/external-secrets#2646 - Configure codecov by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2995 - added some example for v2 literal templating by [@​rpasche](https://togithub.com/rpasche) in [external-secrets/external-secrets#3007 - Akeyless Provider - Add support for Certificate items by [@​barucoh](https://togithub.com/barucoh) in [external-secrets/external-secrets#3013 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3005 - Feat/allow keeper to work with complex types by [@​ppodevlabs](https://togithub.com/ppodevlabs) in [external-secrets/external-secrets#3016 - docs: update controller reconcile error rule by [@​aslafy-z](https://togithub.com/aslafy-z) in [external-secrets/external-secrets#3021 - Issue/2965 - Documentation does not reflect latest changes for datafrom for IBM Secret Manager by [@​fdberlking](https://togithub.com/fdberlking) in [external-secrets/external-secrets#3010 - doc: update bitwarden-cli image & version by [@​charlesthomas](https://togithub.com/charlesthomas) in [external-secrets/external-secrets#2971 - Update the ExternalSecret status even when data is empty by [@​shuheiktgw](https://togithub.com/shuheiktgw) in [external-secrets/external-secrets#2927 - grammar - it is by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2991 - gramar2 - intuitive not intuative by [@​aviadkray](https://togithub.com/aviadkray) in [external-secrets/external-secrets#2992 - docs: add command to install CRDs using kustomize by [@​PeterStolz](https://togithub.com/PeterStolz) in [external-secrets/external-secrets#3023 - Validator by [@​Mehrbod2002](https://togithub.com/Mehrbod2002) in [external-secrets/external-secrets#3003 - chore(deps): bump golang from 1.21.5 to 1.21.6 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3024 - feat: set default namespace on vault secretStore (namespaced ressource) by [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) in [external-secrets/external-secrets#2869 - Create OSSF scorecard job by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3032 - feat: add support for Hashicorp Vault mTLS by [@​rodrigorfk](https://togithub.com/rodrigorfk) in [external-secrets/external-secrets#3018 - \[Snyk] Fix for 5 vulnerabilities by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3036 - chore(deps): bump tornado from 6.3.3 to 6.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3051 - chore(deps): bump click from 8.1.3 to 8.1.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3050 - chore(deps): bump actions/cache from 3.3.3 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3049 - chore(deps): bump github/codeql-action from 2.2.4 to 3.23.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3048 - chore(deps): bump markupsafe from 2.1.1 to 2.1.3 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3047 - chore(deps): bump mkdocs-macros-plugin from 0.7.0 to 1.0.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3046 - chore(deps): bump actions/checkout from 3.1.0 to 4.1.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3044 - chore(deps): bump golang from `fd78f2f` to `fd78f2f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3042 - chore(deps): bump ubi8/ubi-minimal from `d8b81a3` to `2882390` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3041 - chore(deps): bump alpine from `13b7e62` to `51b6726` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3040 - chore(deps): bump golang from `04cf306` to `c4b696f` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3038 - chore(deps): bump mkdocs-material from 9.5.3 to 9.5.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3043 - chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.3.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3045 - docs: add security response process by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3037 - Fix wrong namespaceSelector configuration in snippet in document by [@​kyasbal](https://togithub.com/kyasbal) in [external-secrets/external-secrets#3054 - chore: refactor/centralise secretKeyRef usage by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3022 - chore: fixup security response suggestions by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3056 - feat: allow provider to return admission warnings by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3058 - chore(deps): bump alpine from 3.18 to 3.19 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3039 - chore: add tests for AWS/SM by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3057 - chore(deps): bump mkdocs-minify-plugin from 0.5.0 to 0.7.2 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3063 - chore(deps): bump markupsafe from 2.1.3 to 2.1.4 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3062 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3065 - added metrics support for akeyless by [@​charan986](https://togithub.com/charan986) in [external-secrets/external-secrets#3069 - chore: bump jwx pkg by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3075 - IBM provider: remove deprecated code for fetching secret by name by [@​Shanti-G](https://togithub.com/Shanti-G) in [external-secrets/external-secrets#3078 - chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3090 - chore(deps): bump golang from `fd78f2f` to `a6a7f1f` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3086 - chore(deps): bump alpine from `51b6726` to `c5b1261` in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3088 - chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3089 - chore(deps): bump golang from `c4b696f` to `d8c365d` in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3084 - chore(deps): bump alpine from `51b6726` to `c5b1261` by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3087 - 🧹 refactor vault provider by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3072 - chore: bump ubi image by [@​moolen](https://togithub.com/moolen) in [external-secrets/external-secrets#3096 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3091 - chore(deps): bump alpine from 3.19.0 to 3.19.1 in /e2e by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3083 - chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3104 - chore(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3103 - chore: update dependencies by [@​eso-service-account-app](https://togithub.com/eso-service-account-app) in [external-secrets/external-secrets#3113 - chore(deps): bump peter-evans/slash-command-dispatch from 3.0.2 to 4.0.0 by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3102 - Feat/ready condition early by [@​ppatel1604](https://togithub.com/ppatel1604) in [external-secrets/external-secrets#3077 - chore(deps): bump mkdocs-material from 9.5.4 to 9.5.7 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3106 - chore(deps): bump platformdirs from 4.1.0 to 4.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3105 - chore(deps): bump markupsafe from 2.1.4 to 2.1.5 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3107 - chore(deps): bump urllib3 from 2.1.0 to 2.2.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3109 - chore(deps): bump mkdocs-minify-plugin from 0.7.2 to 0.8.0 in /hack/api-docs by [@​dependabot](https://togithub.com/dependabot) in [external-secrets/external-secrets#3108 #### New Contributors - [@​Tycale](https://togithub.com/Tycale) made their first contribution in [external-secrets/external-secrets#2986 - [@​Aransh](https://togithub.com/Aransh) made their first contribution in [external-secrets/external-secrets#2985 - [@​A1994SC](https://togithub.com/A1994SC) made their first contribution in [external-secrets/external-secrets#2881 - [@​matusf](https://togithub.com/matusf) made their first contribution in [external-secrets/external-secrets#2998 - [@​bthuilot](https://togithub.com/bthuilot) made their first contribution in [external-secrets/external-secrets#2646 - [@​rpasche](https://togithub.com/rpasche) made their first contribution in [external-secrets/external-secrets#3007 - [@​barucoh](https://togithub.com/barucoh) made their first contribution in [external-secrets/external-secrets#3013 - [@​aslafy-z](https://togithub.com/aslafy-z) made their first contribution in [external-secrets/external-secrets#3021 - [@​fdberlking](https://togithub.com/fdberlking) made their first contribution in [external-secrets/external-secrets#3010 - [@​charlesthomas](https://togithub.com/charlesthomas) made their first contribution in [external-secrets/external-secrets#2971 - [@​aviadkray](https://togithub.com/aviadkray) made their first contribution in [external-secrets/external-secrets#2991 - [@​PeterStolz](https://togithub.com/PeterStolz) made their first contribution in [external-secrets/external-secrets#3023 - [@​Mehrbod2002](https://togithub.com/Mehrbod2002) made their first contribution in [external-secrets/external-secrets#3003 - [@​M0NsTeRRR](https://togithub.com/M0NsTeRRR) made their first contribution in [external-secrets/external-secrets#2869 - [@​rodrigorfk](https://togithub.com/rodrigorfk) made their first contribution in [external-secrets/external-secrets#3018 - [@​kyasbal](https://togithub.com/kyasbal) made their first contribution in [external-secrets/external-secrets#3054 **Full Changelog**: external-secrets/external-secrets@v0.9.11...v0.9.12 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: kireque-bot[bot] <143391978+kireque-bot[bot]@users.noreply.github.com>
This PR proposes a security incident response process / guideline just to have it in case.
This is taken from the CNC/tag-security Project Resources. Minor adaptations have been made.