Skip to content

ci(deps): update ingress dependencies #1793

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 15, 2025
Merged

ci(deps): update ingress dependencies #1793

merged 1 commit into from
Oct 15, 2025

Conversation

@graphops-renovate
Copy link
Contributor

@graphops-renovate graphops-renovate bot commented Oct 15, 2025

This PR contains the following updates:

Package Type Update Change
jetstack/cert-manager (source) jetstack patch v1.19.0 -> v1.19.1

Release Notes

cert-manager/cert-manager (jetstack/cert-manager)

v1.19.1

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

We reverted the CRD-based API defaults for Certificate.Spec.IssuerRef and CertificateRequest.Spec.IssuerRef after they were found to cause unexpected certificate renewals after upgrading to 1.19.0. We will try re-introducing these API defaults in cert-manager 1.20.
We fixed a bug that caused certificates to be re-issued unexpectedly if the issuerRef kind or group was changed to one of the "runtime" default values.
We upgraded Go to 1.25.3 to address the following security vulnerabilities: CVE-2025-61724, CVE-2025-58187, CVE-2025-47912, CVE-2025-58183, CVE-2025-61723, CVE-2025-58186, CVE-2025-58185, CVE-2025-58188, and CVE-2025-61725.

📖 Read the full 1.19 release notes on the cert-manager.io website before upgrading.

Changes since v1.19.0:

Bug or Regression
  • BUGFIX: in case kind or group in the issuerRef of a Certificate was omitted, upgrading to 1.19.x incorrectly caused the certificate to be renewed (#​8175, @​cert-manager-bot)
  • Bump Go to 1.25.3 to fix a backwards incompatible change to the validation of DNS names in X.509 SAN fields which prevented the use of DNS names with a trailing dot (#​8177, @​wallrj-cyberark)
  • Revert API defaults for issuer reference kind and group introduced in 0.19.0 (#​8178, @​cert-manager-bot)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@graphops-renovate
ci(deps): update ingress dependencies
36fe852 
| datasource | package      | from    | to      |
| ---------- | ------------ | ------- | ------- |
| helm       | cert-manager | v1.19.0 | v1.19.1 |
@coderabbitai
Copy link

coderabbitai bot commented Oct 15, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@graphops-renovate graphops-renovate bot merged commit d48dead into main Oct 15, 2025
2 checks passed
@graphops-renovate graphops-renovate bot deleted the renovate/ingress branch October 15, 2025 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@graphops-renovate-approve graphops-renovate-approve[bot] graphops-renovate-approve[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant