chore(deps): bump the security group across 1 directory with 11 updates

[dependabot]

Bumps the security group with 6 updates in the / directory:

Package	From	To
github.com/Masterminds/semver/v3	3.3.0	3.3.1
github.com/bitnami-labs/sealed-secrets	0.27.2	0.27.3
github.com/replicatedhq/yaml/v3	3.0.0-beta5-replicatedhq	3.0.1-beta0-replicatedhq
github.com/schemahero/schemahero	0.17.12	0.17.13
helm.sh/helm/v3	3.16.2	3.16.3
sigs.k8s.io/controller-runtime	0.19.1	0.19.3

Updates github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.1

What's Changed

• Fix for allowing some version that were invalid by @​mattfarina in Masterminds/semver#253

Full Changelog: Masterminds/semver@v3.3.0...v3.3.1

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

Changelog

Commits

• 1558ca3 Merge pull request #253 from mattfarina/fix-bad-versions
• 252dd61 Fix for allowing some version that were invalid
• See full diff in compare view

Updates github.com/bitnami-labs/sealed-secrets from 0.27.2 to 0.27.3

Release notes

Sourced from github.com/bitnami-labs/sealed-secrets's releases.

sealed-secrets-v0.27.3

v0.27.3 (2024-12-05T15:57:57Z)

New v0.27.3 release!

Changelog

• ba32f424 Adding keyttl and keycutofftime options to helm chart (#1610)
• 91c908b4 Bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0 (#1623)
• c2aef0d7 Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 (#1641)
• 65f58f90 Bump github.com/onsi/gomega from 1.34.2 to 1.35.1 (#1624)
• 186ba503 Bump github.com/onsi/gomega from 1.35.1 to 1.36.0 (#1645)
• 5d31d46c Bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#1635)
• 76680941 Bump k8s.io/apimachinery from 0.31.2 to 0.31.3 (#1642)
• 2e9f885e Bump k8s.io/code-generator from 0.31.2 to 0.31.3 (#1643)
• e822b413 Configure max retries (#1633)
• 2c6d400c Label "app.kubernetes.io/instance" in the Prometheus metric (#1620)
• 46e13729 Properly error out when input file doesn't exist (#1640)
• fa9307a0 Release Notes for 0.27.3 (#1651)
• 6ccea08e Release carvel package 2.16.2 (#1632)
• b4971920 re-introduce install instructions with to releases (#1649)

Installation Instructions

Cluster-side

Install the SealedSecret CRD and server-side controller into the kube-system namespace:

kubectl apply -f https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.3/controller.yaml

Client-side

Install the client-side tool into /usr/local/bin/:

Linux x86_64:

curl -OL "https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.3/kubeseal-0.27.3-linux-amd64.tar.gz"
tar -xvzf kubeseal-0.27.3-linux-amd64.tar.gz kubeseal
sudo install -m 755 kubeseal /usr/local/bin/kubeseal

macOS: The kubeseal client is available on homebrew:

brew install kubeseal

MacPorts:

... (truncated)

Changelog

Sourced from github.com/bitnami-labs/sealed-secrets's changelog.

v0.27.3

• Bump k8s.io/apimachinery from 0.31.2 to 0.31.3 (#1642)
• Bump k8s.io/code-generator from 0.31.2 to 0.31.3 (#1643)
• Bump github.com/onsi/gomega from 1.35.1 to 1.36.0 (#1645)
• re-introduce install instructions with to releases (#1649)
• Properly error out when input file doesn't exist (#1640)
• Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 (#1641)
• Bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#1635)
• Configure max retries (#1633)
• Label "app.kubernetes.io/instance" in the Prometheus metric (#1620)
• Bump github.com/onsi/gomega from 1.34.2 to 1.35.1 (#1624)
• Adding keyttl and keycutofftime options to helm chart (#1610)
• Bump github.com/onsi/ginkgo/v2 from 2.20.2 to 2.21.0 (#1623)

Commits

• fa9307a Release Notes for 0.27.3 (#1651)
• 7668094 Bump k8s.io/apimachinery from 0.31.2 to 0.31.3 (#1642)
• 2e9f885 Bump k8s.io/code-generator from 0.31.2 to 0.31.3 (#1643)
• 186ba50 Bump github.com/onsi/gomega from 1.35.1 to 1.36.0 (#1645)
• b497192 re-introduce install instructions with to releases (#1649)
• 46e1372 Properly error out when input file doesn't exist (#1640)
• c2aef0d Bump github.com/onsi/ginkgo/v2 from 2.21.0 to 2.22.0 (#1641)
• 5d31d46 Bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#1635)
• e822b41 Configure max retries (#1633)
• 2c6d400 Label "app.kubernetes.io/instance" in the Prometheus metric (#1620)
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.20.2 to 2.22.0

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.22.0

2.22.0

Features

• Add label to serial nodes [0fcaa08]

This allows serial tests to be filtered using the label-filter

Maintenance

Various doc fixes

v2.21.0

2.21.0

Features

• add support for GINKGO_TIME_FORMAT [a69eb39]
• add GINKGO_NO_COLOR to disable colors via environment variables [bcab9c8]

Fixes

• increase threshold in timeline matcher [e548367]
• Fix the document by replacing SpecsThatWillBeRun with SpecsThatWillRun [c2c4d3c]

Maintenance

• bump various dependencies [7e65a00]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.22.0

Features

• Add label to serial nodes [0fcaa08]

This allows serial tests to be filtered using the label-filter

Maintenance

Various doc fixes

2.21.0

Features

• add support for GINKGO_TIME_FORMAT [a69eb39]
• add GINKGO_NO_COLOR to disable colors via environment variables [bcab9c8]

Fixes

• increase threshold in timeline matcher [e548367]
• Fix the document by replacing SpecsThatWillBeRun with SpecsThatWillRun [c2c4d3c]

Maintenance

• bump various dependencies [7e65a00]

Commits

• 9e2f337 v2.22.0
• 0fcaa08 Add label to serial nodes
• 38febf2 docs: remove extra erroneous backtick
• 7e753c4 fix: minor doc fixes
• 21765a2 fix: missing commas
• b101e0c Fix some typos in docs
• 7512021 fix: remove trailing comma
• 9d33507 fix: grammar
• 55f3de1 fix: typos
• 3d6e16d fix: missing comma
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.34.2 to 1.36.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.0

1.36.0

Features

• new: make collection-related matchers Go 1.23 iterator aware [4c964c6]

Maintenance

• Replace min/max helpers with built-in min/max [ece6872]
• Fix some typos in docs [8e924d7]

v1.35.1

1.35.1

Fixes

• Export EnforceDefaultTimeoutsWhenUsingContexts and DisableDefaultTimeoutsWhenUsingContext [ca36da1]

v1.35.0

1.35.0

Features

• You can now call EnforceDefaultTimeoutsWhenUsingContexts() to have Eventually honor the default timeout when passed a context. (prior to this you had to expclility add a timeout) [e4c4265]
• You can call StopTrying(message).Successfully() to abort a Consistently early without failure [eeca931]

Fixes

• Stop memoizing the result of HaveField to avoid unexpected errors when used with async assertions. [3bdbc4e]

Maintenance

• Bump all dependencies [a05a416]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.0

Features

• new: make collection-related matchers Go 1.23 iterator aware [4c964c6]

Maintenance

• Replace min/max helpers with built-in min/max [ece6872]
• Fix some typos in docs [8e924d7]

1.35.1

Fixes

• Export EnforceDefaultTimeoutsWhenUsingContexts and DisableDefaultTimeoutsWhenUsingContext [ca36da1]

1.35.0

Features

• You can now call EnforceDefaultTimeoutsWhenUsingContexts() to have Eventually honor the default timeout when passed a context. (prior to this you had to expclility add a timeout) [e4c4265]
• You can call StopTrying(message).Successfully() to abort a Consistently early without failure [eeca931]

Fixes

• Stop memoizing the result of HaveField to avoid unexpected errors when used with async assertions. [3bdbc4e]

Maintenance

• Bump all dependencies [a05a416]

Commits

• f1ff459 v1.36.0
• 4c964c6 new: make collection-related matchers Go 1.23 iterator aware
• ece6872 Replace min/max helpers with built-in min/max
• 8e924d7 Fix some typos in docs
• 9f5a208 v1.35.1
• ca36da1 Export EnforceDefaultTimeoutsWhenUsingContexts and DisableDefaultTimeoutsWhen...
• d6331f9 v1.35.0
• 5deaf23 fix tests, but like actually this time
• eeca931 Add Successfully() to StopTrying() to signal that Consistently can end early ...
• 3bdbc4e stop memoizing result of HaveField
• Additional commits viewable in compare view

Updates github.com/replicatedhq/yaml/v3 from 3.0.0-beta5-replicatedhq to 3.0.1-beta0-replicatedhq

Commits

• d1efe90 Merge pull request #2 from replicatedhq/divolgin/trailing-spaces
• 674ebf2 Use LITERAL_SCALAR_STYLE for space breaks unless they are trailing
• bc8a41d remove .travis.yml - it was mistakenly kept in the merge
• 0f0de01 Merge remote-tracking branch 'go-yaml/v3' into v3
• f6f7691 The Billion Dollar Mistake
• 00bbc09 github: drop broken semgrep workflow
• 8f96da9 Explicitly check the parser for errors on peek
• 539c8e7 Fix decoding of merge tags.
• 496545a Improve inline comments on map keys (#656).
• 749611f Allow encoding Node by value (#673).
• Additional commits viewable in compare view

Updates github.com/schemahero/schemahero from 0.17.12 to 0.17.13

Commits

• 02e68f5 Merge pull request #1128 from schemahero/fix-retention-policy
• 7f7f8ac Close the parens
• See full diff in compare view

Updates golang.org/x/crypto from 0.28.0 to 0.29.0

Commits

• 6018723 go.mod: update golang.org/x dependencies
• 71ed71b README: don't recommend go get
• 750a45f sha3: add MarshalBinary, AppendBinary, and UnmarshalBinary
• 36b1725 sha3: avoid trailing permutation
• 80ea76e sha3: fix padding for long cSHAKE parameters
• c17aa50 sha3: avoid buffer copy
• 7cfb916 ssh: return unexpected msg error when server fails keyboard-interactive auth ...
• b61b08d chacha20: extend ppc64le support to ppc64
• 6c21748 internal/poly1305: extend ppc64le support to ppc64
• See full diff in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

• 151027e README: don't recommend go get
• See full diff in compare view

Updates helm.sh/helm/v3 from 3.16.2 to 3.16.3

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.3. The common platform binaries are here:

• MacOS amd64 (checksum / 495d75b404a96fb664f1ca3f8cb01db2210aacc62dbfa1bbab30916abbb20a57)
• MacOS arm64 (checksum / 3a39f690173086e6eea17674751eb3c8b970c02697e49cecd4093eaa3cf89dcd)
• Linux amd64 (checksum / f5355c79190951eed23c5432a3b920e071f4c00a64f75e077de0dd4cb7b294ea)
• Linux arm (checksum / 02ba2f3b1524113f49be6df25a0b4b3190010d6e218c8e2b2fde4578a8439a9c)
• Linux arm64 (checksum / 5bd34ed774df6914b323ff84a0a156ea6ff2ba1eaf0113962fa773f3f9def798)
• Linux i386 (checksum / 70318f60fec3219680fff86c9293e2a92fb8b9a691d41791661074588f22768e)
• Linux ppc64le (checksum / 266f7698c56a724fddd3a2f2b862ad496c4338dce79f0282fdbc6e23e1738608)
• Linux s390x (checksum / bac414c409faead9c2b8af11d29281aa4f1aeb9139c62d5178baf982d71fc9bb)
• Linux riscv64 (checksum / 492843d2584bb14bd38a735a9708af2d7f3ea7e1b6c43e650968f16fce0b5064)
• Windows amd64 (checksum / 1a52aa56e55168c3d3d2e45fa833a32290e4e3790559851dce1e707eb7728b81)
• Windows arm64 (checksum / 247a63269a83bb73c14e8f62b0cfd5a2e1d32b7d3f93977d3a6ef3902d218ff1)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.16.4 is the next patch release and will be on December 11, 2024
• 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

• fix: fix label name cfd07493f46efc9debd9cc1b02a0961186df7fdf (wangjingcun)
• Fix typo in pkg/lint/rules/chartfile_test.go a303060fc60bc713cd0757503b3fcb4636b14f34 (Zach Burgess)
• Increasing the size of the runner used for releases. ab45e8a861e929e40163a7ad5a8636cb41f381ac (Matt Farina)
• fix(hooks): correct hooks delete order 19fe320ae87e8d1d4bc1952d9da8ea2fe435aa6e (Suleiman Dibirov)
• Bump github.com/containerd/containerd from 1.7.12 to 1.7.23 4fcc5c2cadf49d1399adfdbc5ab7222b2dff1d5b (dependabot[bot])

Commits

• cfd0749 fix: fix label name
• a303060 Fix typo in pkg/lint/rules/chartfile_test.go
• ab45e8a Increasing the size of the runner used for releases.
• 19fe320 fix(hooks): correct hooks delete order
• 4fcc5c2 Bump github.com/containerd/containerd from 1.7.12 to 1.7.23
• See full diff in compare view

Updates k8s.io/apimachinery from 0.31.2 to 0.31.3

Commits

• See full diff in compare view

Updates sigs.k8s.io/controller-runtime from 0.19.1 to 0.19.3

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.19.3

What's Changed

• 🐛 Refactor certificate watcher to use polling, instead of fsnotify by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3023
• 🐛 Use leader elector with client timeout by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3031

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.2...v0.19.3

v0.19.2

What's Changed

• ✨ Add EnableWatchBookmarks option to cache informers by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3018

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.1...v0.19.2

Commits

• 3e66810 Merge pull request #3037 from kubernetes-sigs/backport019-watch
• 2085acc add watch deprecated to certwatcher
• 0823530 Merge pull request #3031 from k8s-infra-cherrypick-robot/cherry-pick-3028-to-...
• e727239 [release-0.19] 🐛 Refactor certificate watcher to use polling, instead of fsno...
• 2a0ce59 🌱 Make using leader elector with client timeout non-breaking
• 4bc3811 🐛 Fix RenewDeadline typo in leader election
• 0170742 warning: Use leader elector with client timeout
• bfd1cf9 [release-0.19] ✨ Add EnableWatchBookmarks option to cache informers (#3018)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[emosbaugh]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.