What's Changed
- bump google.golang.org/grpc to v1.79.3 to fix CVE-2026-33186 (backport to release-1.20) by @andyzhangx in #1044
- [release-1.20] security: Update trivy-action to use sha for v0.35.0 by @k8s-infra-cherrypick-robot in #1048
- [release-1.20] fix: pin github action to exact SHA by @k8s-infra-cherrypick-robot in #1050
- [release-1.20] test: fix trivy action failure by @k8s-infra-cherrypick-robot in #1056
- [release-1.20] chore: build with go1.25.9 by @andyzhangx in #1058
- [release-1.20] fix: update csi release tools to fix broken image build due to missing gcb-docker-gcloud image by @andyzhangx in #1066
- [release-1.20] test: add control-plane tolerations to smb-server deployments by @k8s-infra-cherrypick-robot in #1070
- [release-1.20] test: use Quantity.Cmp instead of string comparison in resize volume test by @k8s-infra-cherrypick-robot in #1073
- [release-1.20] fix: allow multiple CIFS krb5 mounts with the same CRUID by @k8s-infra-cherrypick-robot in #1074
- [release-1.20] chore: bump Go version to 1.25.10 in trivy workflow by @k8s-infra-cherrypick-robot in #1083
- [release-1.20] fix: CVE-2026-29181 by @andyzhangx in #1084
- [release-1.20] fix: propagate read-only mount from staging path and volume capability in NodePublishVolume by @k8s-infra-cherrypick-robot in #1085
- [release-1.20] fix: build with go1.26.3 to fix go CVE by @andyzhangx in #1092
- [release-1.20] chore(deps): bump build-image/debian-base from bookworm-v1.0.7 to bookworm-v1.0.8 in /cmd/smbplugin by @k8s-infra-cherrypick-robot in #1100
- [release-1.20] chore: bump Go version to 1.25.11 in trivy workflow by @k8s-infra-cherrypick-robot in #1113
- [release-1.20] test: set runAsUser 0 for smb-server to fix permission denied on /storage by @k8s-infra-cherrypick-robot in #1110
- [release-1.20] fix: CVE-2026-35469 by @andyzhangx in #1104
- [release-1.20] fix: build with go1.26.4 to fix go CVE by @andyzhangx in #1116
- Update csi-release-tools for release-1.20 by @andyzhangx in #1120
- [release-1.20] fix: CVE-2026-25680 by @andyzhangx in #1127
- [release-1.20] fix: increase liveness probe timeout for Windows node plugin by @andyzhangx in #1118
- [release-1.20] feat: add controller.extraArgs for sidecar containers (cherry-pick #1108) by @andyzhangx in #1133
- [release-1.20] chore: update CSI sidecar images to latest versions (cherry-pick #1131) by @andyzhangx in #1132
- [release-1.20] cleanup: add validation on volumeid by @k8s-infra-cherrypick-robot in #1136
- doc: cut v1.20.2 release by @andyzhangx in #1134
Full Changelog: v1.20.1...v1.20.2