security: upgrade dependencies to resolve multiple CVEs

[devinturner]

Closes https://github.com/plotly/dekn/issues/7259
Upgrade dependencies to resolve:

• CVE-2022-31836
• CVE-2021-30080
• CVE-2023-2253
• CVE-2023-39325
• GHSA-m425-mq94-257g

[antoinerg]

I forget why we have our fork of Harbor. Do you happen to remember?

I'm asking because it's too time-consuming to review/validate changes made here without any CI. It would be nicer to have this work land upstream and have the maintainers review it.

Anyway, in the interest of time, I'm OK with approving this and catching potential regressions in dek-deployment via e2e tests 🚀

[devinturner]

I forget why we have our fork of Harbor. Do you happen to remember?

I'm asking because it's too time-consuming to review/validate changes made here without any CI. It would be nicer to have this work land upstream and have the maintainers review it.

Anyway, in the interest of time, I'm OK with approving this and catching potential regressions in dek-deployment via e2e tests 🚀

Agreed. We forked it because it had vulnerabilities and was not really being maintained a few releases ago. I will be putting forward some changes to the upstream and see if we can get it back into a maintainable state, and we can get some CI jobs in place as well.

[antoinerg]

@devinturner it looks like their Helm chart is under more active development. Therefore, I think we should move away from their operator altogether since we only manage one instance anyway.