Bump github.com/cert-manager/cert-manager from 1.12.3 to 1.13.0

[dependabot]

Bumps github.com/cert-manager/cert-manager from 1.12.3 to 1.13.0.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.13.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This is the 1.13 release of cert-manager!

cert-manager 1.13 brings support for DNS over HTTPS, support for loading options from a versioned config file for the cert-manager controller, and more. This release also includes the promotion of the StableCertificateRequestName and SecretsFilteredCaching feature gates to Beta.

Breaking Changes (You MUST read this before you upgrade!)

1. BREAKING : If you deploy cert-manager using helm and have .featureGates value set, the features defined there will no longer be passed to cert-manager webhook, only to cert-manager controller. Use webhook.featureGates field instead to define features to be enabled on webhook. (#6093, @​irbekrm)
2. Potentially breaking: If you were, for some reason, passing cert-manager controller's features to webhook's --feature-gates flag, this will now break (unless the webhook actually has a feature by that name). (#6093, @​irbekrm)
3. Potentially breaking: Webhook validation of CertificateRequest resources is stricter now: all KeyUsages and ExtendedKeyUsages must be defined directly in the CertificateRequest resource, the encoded CSR can never contain more usages that defined there. (#6182, @​inteon)

Community

Welcome to these new cert-manager members (more info - cert-manager/cert-manager#6260): @​jsoref @​FlorianLiebhart @​hawksight @​erikgb

Thanks again to all open-source contributors with commits in this release, including: @​AcidLeroy @​FlorianLiebhart @​lucacome @​cypres @​erikgb @​ubergesundheit @​jkroepke @​jsoref @​gdvalle @​rouke-broersma @​schrodit @​zhangzhiqiangcs @​arukiidou @​hawksight @​Richardds @​kahirokunn

Thanks also to the following cert-manager maintainers for their contributions during this release: @​SgtCoDFish @​maelvls @​irbekrm @​inteon

Equally thanks to everyone who provided feedback, helped users and raised issues on Github and Slack and joined our meetings!

... (truncated)

Commits

• d34bd7a Merge pull request #6339 from inteon/release-1.13_cmrel
• 37d3b66 update cert-manager version imported by cmctl to the latest 'release-1.13' co...
• a7a7fab Merge pull request #6338 from jetstack-bot/cherry-pick-6332-to-release-1.13
• d540b36 upgrade dependencies
• 84d51a1 Merge pull request #6335 from jetstack-bot/cherry-pick-6333-to-release-1.13
• 2bf89ee fix trivy CVE alert for cyphar/filepath-securejoin
• 156c25d Merge pull request #6320 from inteon/upgrade_docker
• 2d4ee5c upgrade docker dependencies
• e1f6498 Merge pull request #6319 from inteon/upgrade_cert-manager_ctl_dependency
• 079b329 upgrade cert-manager to latest master digest
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ❌ 1 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 11 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

go.mod

Name	Version	Vulnerability	Severity
k8s.io/apiserver	0.28.1	Kubernetes API Server DoS Via API Requests	moderate

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.13.0	Null	Unknown License
golang.org/x/exp	0.0.0-20230905200255-921286631fa9	Null	Unknown License
golang.org/x/net	0.15.0	Null	Unknown License
golang.org/x/oauth2	0.12.0	Null	Unknown License
golang.org/x/sys	0.12.0	Null	Unknown License
golang.org/x/term	0.12.0	Null	Unknown License
golang.org/x/text	0.13.0	Null	Unknown License
golang.org/x/tools	0.13.0	Null	Unknown License
google.golang.org/protobuf	1.31.0	Null	Unknown License
github.com/go-ldap/ldap/v3	3.4.5	Null	Unknown License
github.com/pmezard/go-difflib	1.0.1-0.20181226105442-5d4384ee4fb2	Null	Unknown License

Allowed Licenses: Apache-1.1, Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSL-1.0, ISC, MIT, NCSA, OpenSSL, Python-2.0, X11

Scanned Manifest Files

go.mod

• k8s.io/apiserver@0.28.1
• k8s.io/apiserver@0.28.0
• github.com/azure/go-ntlmssp@0.0.0-20221128193559-754e69321358
• github.com/cert-manager/cert-manager@1.13.0
• github.com/davecgh/go-spew@1.1.2-0.20180830191138-d8f796af33cc
• github.com/emicklei/go-restful/v3@3.10.2
• github.com/go-ldap/ldap/v3@3.4.5
• github.com/golang/glog@1.1.0
• github.com/google/uuid@1.3.1
• github.com/pmezard/go-difflib@1.0.1-0.20181226105442-5d4384ee4fb2
• github.com/rogpeppe/go-internal@1.11.0
• go.uber.org/zap@1.25.0
• golang.org/x/crypto@0.13.0
• golang.org/x/exp@0.0.0-20230905200255-921286631fa9
• golang.org/x/net@0.15.0
• golang.org/x/oauth2@0.12.0
• golang.org/x/sys@0.12.0
• golang.org/x/term@0.12.0
• golang.org/x/text@0.13.0
• golang.org/x/tools@0.13.0
• google.golang.org/genproto@0.0.0-20230803162519-f966b187b2e5
• google.golang.org/genproto/googleapis/api@0.0.0-20230803162519-f966b187b2e5
• google.golang.org/genproto/googleapis/rpc@0.0.0-20230911183012-2d3300fd4832
• google.golang.org/grpc@1.57.0
• google.golang.org/protobuf@1.31.0
• k8s.io/api@0.28.1
• k8s.io/apiextensions-apiserver@0.28.1
• k8s.io/apimachinery@0.28.1
• k8s.io/client-go@0.28.1
• k8s.io/code-generator@0.28.1
• k8s.io/component-base@0.28.1
• k8s.io/gengo@0.0.0-20230829151522-9cce18d56c01
• k8s.io/kube-aggregator@0.28.1
• k8s.io/kube-openapi@0.0.0-20230905202853-d090da108d2f
• k8s.io/utils@0.0.0-20230726121419-3b25d923346b
• sigs.k8s.io/gateway-api@0.8.0
• sigs.k8s.io/structured-merge-diff/v4@4.3.0
• github.com/azure/go-ntlmssp@0.0.0-20220621081337-cb9428e4ac1e
• github.com/cert-manager/cert-manager@1.12.3
• github.com/davecgh/go-spew@1.1.1
• github.com/emicklei/go-restful/v3@3.10.0
• github.com/go-ldap/ldap/v3@3.4.4
• github.com/golang/glog@1.0.0
• github.com/google/uuid@1.3.0
• github.com/pmezard/go-difflib@1.0.0
• github.com/rogpeppe/go-internal@1.10.0
• go.uber.org/atomic@1.10.0
• go.uber.org/zap@1.24.0
• golang.org/x/crypto@0.12.0
• golang.org/x/exp@0.0.0-20230522175609-2e198f4a06a1
• golang.org/x/net@0.14.0
• golang.org/x/oauth2@0.8.0
• golang.org/x/sys@0.11.0
• golang.org/x/term@0.11.0
• golang.org/x/text@0.12.0
• golang.org/x/tools@0.12.0
• google.golang.org/genproto@0.0.0-20230526161137-0005af68ea54
• google.golang.org/genproto/googleapis/api@0.0.0-20230525234035-dd9d682886f9
• google.golang.org/genproto/googleapis/rpc@0.0.0-20230525234030-28d5490b6b19
• google.golang.org/grpc@1.54.0
• google.golang.org/protobuf@1.30.0
• k8s.io/api@0.28.0
• k8s.io/apiextensions-apiserver@0.28.0
• k8s.io/apimachinery@0.28.0
• k8s.io/client-go@0.28.0
• k8s.io/code-generator@0.28.0
• k8s.io/component-base@0.28.0
• k8s.io/gengo@0.0.0-20220902162205-c0856e24416d
• k8s.io/kube-aggregator@0.27.2
• k8s.io/kube-openapi@0.0.0-20230717233707-2695361300d9
• k8s.io/utils@0.0.0-20230505201702-9f6742963106
• sigs.k8s.io/gateway-api@0.7.0
• sigs.k8s.io/structured-merge-diff/v4@4.2.3

[codecov]

Codecov Report

Merging #4381 (4a2f755) into main (749b402) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #4381   +/-   ##
=======================================
  Coverage   52.19%   52.19%           
=======================================
  Files          59       59           
  Lines       16929    16929           
=======================================
  Hits         8836     8836           
  Misses       7796     7796           
  Partials      297      297           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more