Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): update mattermost support dependencies (#43)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | major | `v3.6.0` -> `v4.1.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | action | major | `v2.5.1` -> `v4.2.5` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | action | minor | `v4.0.0` -> `v4.3.1` | | [defenseunicorns/uds-common](https://github.com/defenseunicorns/uds-common) | | patch | `v0.3.3` -> `v0.3.9` | | [defenseunicorns/uds-common](https://github.com/defenseunicorns/uds-common) | action | patch | `v0.3.3` -> `v0.3.9` | | [defenseunicorns/uds-common-tasks](https://github.com/defenseunicorns/uds-common-tasks) | | patch | `v0.3.3` -> `v0.3.9` | | [defenseunicorns/zarf](https://github.com/defenseunicorns/zarf) | | minor | `v0.29.1` -> `v0.32.6` | | [docker/login-action](https://github.com/docker/login-action) | action | digest | `343f7c4` -> `e92390c` | | [github/codeql-action](https://github.com/github/codeql-action) | action | minor | `v3.22.12` -> `v3.24.9` | | [github/codeql-action](https://github.com/github/codeql-action) | action | major | `v2.24.5` -> `v3.24.9` | | [golangci/golangci-lint](https://github.com/golangci/golangci-lint) | repository | minor | `v1.55.2` -> `v1.57.2` | | [google-github-actions/release-please-action](https://github.com/google-github-actions/release-please-action) | action | minor | `v4.0.2` -> `v4.1.0` | | [python-jsonschema/check-jsonschema](https://github.com/python-jsonschema/check-jsonschema) | repository | minor | `0.27.4` -> `0.28.0` | | [renovatebot/pre-commit-hooks](https://github.com/renovatebot/pre-commit-hooks) | repository | minor | `37.165.5` -> `37.275.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://github.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.1`](https://github.com/actions/checkout/releases/tag/v4.1.1) [Compare Source](https://github.com/actions/checkout/compare/v4.1.0...v4.1.1) ##### What's Changed - Update CODEOWNERS to Launch team by [@​joshmgross](https://github.com/joshmgross) in [https://github.com/actions/checkout/pull/1510](https://github.com/actions/checkout/pull/1510) - Correct link to GitHub Docs by [@​peterbe](https://github.com/peterbe) in [https://github.com/actions/checkout/pull/1511](https://github.com/actions/checkout/pull/1511) - Link to release page from what's new section by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1514](https://github.com/actions/checkout/pull/1514) ##### New Contributors - [@​joshmgross](https://github.com/joshmgross) made their first contribution in [https://github.com/actions/checkout/pull/1510](https://github.com/actions/checkout/pull/1510) - [@​peterbe](https://github.com/peterbe) made their first contribution in [https://github.com/actions/checkout/pull/1511](https://github.com/actions/checkout/pull/1511) **Full Changelog**: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 ### [`v4.1.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410) [Compare Source](https://github.com/actions/checkout/compare/v4.0.0...v4.1.0) - [Add support for partial checkout filters](https://github.com/actions/checkout/pull/1396) ### [`v4.0.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400) [Compare Source](https://github.com/actions/checkout/compare/v3.6.0...v4.0.0) - [Support fetching without the --progress option](https://github.com/actions/checkout/pull/1067) - [Update to node20](https://github.com/actions/checkout/pull/1436) </details> <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.2.5`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.5): 4.2.5 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5) #### What's Changed - Fixed a bug where some configuration options in external files were not being properly picked up -- [https://github.com/actions/dependency-review-action/pull/722](https://github.com/actions/dependency-review-action/pull/722) - Bump eslint from 8.56.0 to 8.57.0 **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5 ### [`v4.2.4`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.4) [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4) #### What's Changed Fixed a bug in the output of OpenSSF cards for GitHub Actions. #### New Contributors - [@​sporkmonger](https://github.com/sporkmonger) made their first contribution in [https://github.com/actions/dependency-review-action/pull/721](https://github.com/actions/dependency-review-action/pull/721) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4 ### [`v4.2.3`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.3): 4.2.3 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3) #### What's Changed - Set comment as output by [@​jsoref](https://github.com/jsoref) in [https://github.com/actions/dependency-review-action/pull/698](https://github.com/actions/dependency-review-action/pull/698) - Add support for calculating OpenSSF Scorecards by [@​jhutchings1](https://github.com/jhutchings1) in [https://github.com/actions/dependency-review-action/pull/709](https://github.com/actions/dependency-review-action/pull/709) - Add outputs for the changes data by [@​laughedelic](https://github.com/laughedelic) in [https://github.com/actions/dependency-review-action/pull/707](https://github.com/actions/dependency-review-action/pull/707) #### New Contributors - [@​jhutchings1](https://github.com/jhutchings1) made their first contribution in [https://github.com/actions/dependency-review-action/pull/709](https://github.com/actions/dependency-review-action/pull/709) - [@​laughedelic](https://github.com/laughedelic) made their first contribution in [https://github.com/actions/dependency-review-action/pull/707](https://github.com/actions/dependency-review-action/pull/707) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3 ### [`v4.1.3`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.3): 4.1.3 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3) Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see [https://github.com/actions/dependency-review-action/issues/697](https://github.com/actions/dependency-review-action/issues/697)). **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3 ### [`v4.1.2`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.2): 4.1.2 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2) #### What's Changed - Expose dependency comment content by [@​jsoref](https://github.com/jsoref) in [https://github.com/actions/dependency-review-action/pull/696](https://github.com/actions/dependency-review-action/pull/696) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2 ### [`v4.1.1`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.1): 4.1.1 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1) #### What's Changed - Bump `undici` to fix [GHSA-wqq4-5wpv-mx2g](https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g) - Bump [@​types/node](https://github.com/types/node) from 20.11.17 to 20.11.19 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/693](https://github.com/actions/dependency-review-action/pull/693) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1 ### [`v4.1.0`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.0): 4.1.0 [Compare Source](https://github.com/actions/dependency-review-action/compare/v4.0.0...v4.1.0) #### What's Changed - Add `warn-only` by [@​tgrall](https://github.com/tgrall) in [https://github.com/actions/dependency-review-action/pull/432](https://github.com/actions/dependency-review-action/pull/432) Added a new configuration option (`warn-only`, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log. - Create stale.yaml by [@​jonjanego](https://github.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/671](https://github.com/actions/dependency-review-action/pull/671) - Use manual codeql config by [@​juxtin](https://github.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/678](https://github.com/actions/dependency-review-action/pull/678) - Multiple dependency updates (see the changelog below for more information) #### New Contributors - [@​jonjanego](https://github.com/jonjanego) made their first contribution in [https://github.com/actions/dependency-review-action/pull/671](https://github.com/actions/dependency-review-action/pull/671) - [@​tgrall](https://github.com/tgrall) made their first contribution in [https://github.com/actions/dependency-review-action/pull/432](https://github.com/actions/dependency-review-action/pull/432) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4...v4.1.0 ### [`v4.0.0`](https://github.com/actions/dependency-review-action/releases/tag/v4.0.0) [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0) - Update action to Node 20 by [@​takost](https://github.com/takost) in [https://github.com/actions/dependency-review-action/pull/639](https://github.com/actions/dependency-review-action/pull/639) - Dependabot updates, see the full changelog for more details. #### New Contributors - [@​takost](https://github.com/takost) made their first contribution in [https://github.com/actions/dependency-review-action/pull/639](https://github.com/actions/dependency-review-action/pull/639) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0 ### [`v3.1.5`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.5): 3.1.5 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5) #### What's Changed - Smaller `per_page` when requesting diff by [@​hmaurer](https://github.com/hmaurer) in [https://github.com/actions/dependency-review-action/pull/649](https://github.com/actions/dependency-review-action/pull/649) - Update dependencies: - Bump [@​typescript-eslint/parser](https://github.com/typescript-eslint/parser) from 6.10.0 to 6.13.1 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/630](https://github.com/actions/dependency-review-action/pull/630) - Bump prettier from 3.0.3 to 3.1.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/629](https://github.com/actions/dependency-review-action/pull/629) - Bump [@​types/jest](https://github.com/types/jest) from 29.5.8 to 29.5.11 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/637](https://github.com/actions/dependency-review-action/pull/637) - Bump nodemon from 3.0.1 to 3.0.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/636](https://github.com/actions/dependency-review-action/pull/636) - Replace pip -> pypi in PURL examples by [@​febuiles](https://github.com/febuiles) in [https://github.com/actions/dependency-review-action/pull/638](https://github.com/actions/dependency-review-action/pull/638) - Bump [@​typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/eslint-plugin) from 6.12.0 to 6.15.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/644](https://github.com/actions/dependency-review-action/pull/644) - Bump eslint from 8.53.0 to 8.56.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/640](https://github.com/actions/dependency-review-action/pull/640) - Bump [@​typescript-eslint/parser](https://github.com/typescript-eslint/parser) from 6.13.1 to 6.16.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/645](https://github.com/actions/dependency-review-action/pull/645) - Bump prettier from 3.1.0 to 3.1.1 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/646](https://github.com/actions/dependency-review-action/pull/646) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5 ### [`v3.1.4`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.4): 3.1.4 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.3...v3.1.4) #### What's Changed - Fixed a [bug](https://github.com/actions/dependency-review-action/issues/618) with severity filtering when using the `allow_ghsas` option: [https://github.com/actions/dependency-review-action/pull/623](https://github.com/actions/dependency-review-action/pull/623). - Updates dependencies: - Bump [@​types/node](https://github.com/types/node) from 16.18.61 to 16.18.62 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/619](https://github.com/actions/dependency-review-action/pull/619) action/pull/620 - Bump [@​typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/eslint-plugin) from 6.11.0 to 6.12.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/625](https://github.com/actions/dependency-review-action/pull/625) - Bump typescript from 5.2.2 to 5.3.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/624](https://github.com/actions/dependency-review-action/pull/624) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.1.4 ### [`v3.1.3`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.3): 3.1.3 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.2...v3.1.3) #### What's Changed - Fixes purl "version must be percent-encoded" by [@​theztefan](https://github.com/theztefan) in [https://github.com/actions/dependency-review-action/pull/617](https://github.com/actions/dependency-review-action/pull/617) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.1.3 ### [`v3.1.2`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.2): 3.1.2 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.1...v3.1.2) #### What's Changed - Fix a regression for setups using self-hosted runners behind HTTP proxies:[@​febuiles](https://github.com/febuiles) in [https://github.com/actions/dependency-review-action/pull/611](https://github.com/actions/dependency-review-action/pull/611) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.1.2 ### [`v3.1.1`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.1): 3.1.1 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1) #### What's Changed - Update a bunch of dependencies, including major version upgrades for `octokit`, `@actions/github` and `typescript`. **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1 ### [`v3.1.0`](https://github.com/actions/dependency-review-action/releases/tag/v3.1.0): 3.1.0 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.8...v3.1.0) #### What's New Added support for dependencies submitted through the [dependency submission API](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#best-practices-for-using-the-dependency-review-api-and-the-dependency-submission-api-together). This includes two new configuration parameters: `retry-on-snapshot-warnings` and `retry-on-snapshot-warnings-timeout`. #### What's Changed - Fix(docs): Correct action input name by [@​oerd](https://github.com/oerd) in [https://github.com/actions/dependency-review-action/pull/551](https://github.com/actions/dependency-review-action/pull/551) #### New Contributors - [@​oerd](https://github.com/oerd) made their first contribution in [https://github.com/actions/dependency-review-action/pull/551](https://github.com/actions/dependency-review-action/pull/551) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.1.0 ### [`v3.0.8`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.8): 3.0.8 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.7...v3.0.8) #### What's Changed Added `on-failure` option to `comment-summary-in-pr` setting by [@​sgmurphy](https://github.com/sgmurphy) in [https://github.com/actions/dependency-review-action/pull/540](https://github.com/actions/dependency-review-action/pull/540) Previous configuration files using `true`/`false` for `comment-summary-in-pr` will be mapped automatically to the new values, but we encourage you to update to `always`/`on-failure`/`never`. #### New Contributors - [@​sgmurphy](https://github.com/sgmurphy) made their first contribution in [https://github.com/actions/dependency-review-action/pull/540](https://github.com/actions/dependency-review-action/pull/540) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.8 ### [`v3.0.7`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.7): 3.0.7 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.6...v3.0.7) #### What's Changed - Make GHES support / setup more clear by [@​rajbos](https://github.com/rajbos) in [https://github.com/actions/dependency-review-action/pull/534](https://github.com/actions/dependency-review-action/pull/534) - Add an option to deny packages or groups of packages by [@​adrienpessu](https://github.com/adrienpessu) in [https://github.com/actions/dependency-review-action/pull/544](https://github.com/actions/dependency-review-action/pull/544) #### New Contributors - [@​rajbos](https://github.com/rajbos) made their first contribution in [https://github.com/actions/dependency-review-action/pull/534](https://github.com/actions/dependency-review-action/pull/534) - [@​adrienpessu](https://github.com/adrienpessu) made their first contribution in [https://github.com/actions/dependency-review-action/pull/544](https://github.com/actions/dependency-review-action/pull/544) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.7 ### [`v3.0.6`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.6): 3.0.6 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.5...v3.0.6) Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty `package_url`. ### [`v3.0.5`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.5): 3.0.5 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.4...v3.0.5) #### What's Changed Thanks to [@​theztefan](https://github.com/theztefan), we now have a new `allow-dependencies-licenses` option that takes a list of dependencies that will be excluded from license checks. See the [configuration options](https://github.com/actions/dependency-review-action#configuration-options) for more information on how to use it. - Exclude dependencies from license checks by [@​theztefan](https://github.com/theztefan) in [https://github.com/actions/dependency-review-action/pull/423](https://github.com/actions/dependency-review-action/pull/423) - Documentation examples by [@​theztefan](https://github.com/theztefan) in [https://github.com/actions/dependency-review-action/pull/423](https://github.com/actions/dependency-review-action/pull/423) - Show snapshot warnings in the summary by [@​juxtin](https://github.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/439](https://github.com/actions/dependency-review-action/pull/439) - Fix default values for fail-on-severity by [@​febuiles](https://github.com/febuiles) in [https://github.com/actions/dependency-review-action/pull/451](https://github.com/actions/dependency-review-action/pull/451) - Updated dependencies. #### New Contributors - [@​juxtin](https://github.com/juxtin) made their first contribution in [https://github.com/actions/dependency-review-action/pull/439](https://github.com/actions/dependency-review-action/pull/439) - [@​theztefan](https://github.com/theztefan) made their first contribution in [https://github.com/actions/dependency-review-action/pull/423](https://github.com/actions/dependency-review-action/pull/423) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.5 ### [`v3.0.4`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.4): 3.0.4 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.3...v3.0.4) #### What's New? The Action can now publish a comment in the pull request if the `comment-summary-in-pr` option is set. More information can be found in the [README](https://github.com/actions/dependency-review-action#configuration-options). #### New Contributors - [@​davelosert](https://github.com/davelosert) made their first contribution in [https://github.com/actions/dependency-review-action/pull/393](https://github.com/actions/dependency-review-action/pull/393) #### Changelog - Write Summary as comment to the pull request by [@​davelosert](https://github.com/davelosert) in [https://github.com/actions/dependency-review-action/pull/393](https://github.com/actions/dependency-review-action/pull/393) - Adjust summary format by [@​davelosert](https://github.com/davelosert) in [https://github.com/actions/dependency-review-action/pull/416](https://github.com/actions/dependency-review-action/pull/416) - Security updates. **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.4 ### [`v3.0.3`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.3): 3.0.3 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.2...v3.0.3) #### What's Changed - Use cache in check-dist.yml by [@​jongwooo](https://github.com/jongwooo) in [https://github.com/actions/dependency-review-action/pull/359](https://github.com/actions/dependency-review-action/pull/359) - Fix Dependency Review API response error handling by [@​felickz](https://github.com/felickz) in [https://github.com/actions/dependency-review-action/pull/370](https://github.com/actions/dependency-review-action/pull/370) - Security updates #### New Contributors - [@​jongwooo](https://github.com/jongwooo) made their first contribution in [https://github.com/actions/dependency-review-action/pull/359](https://github.com/actions/dependency-review-action/pull/359) - [@​felickz](https://github.com/felickz) made their first contribution in [https://github.com/actions/dependency-review-action/pull/370](https://github.com/actions/dependency-review-action/pull/370) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.3 ### [`v3.0.2`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.2): 3.0.2 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.1...v3.0.2) This release fixes spelling errors [https://github.com/actions/dependency-review-action/pull/348](https://github.com/actions/dependency-review-action/pull/348) and upgrades dependencies to fix known vulnerabilities **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.2 ### [`v3.0.1`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.1): 3.0.1 [Compare Source](https://github.com/actions/dependency-review-action/compare/v3.0.0...v3.0.1) This release contains the following bugfixes: - Fixing API URL for GHES: [https://github.com/actions/dependency-review-action/pull/331](https://github.com/actions/dependency-review-action/pull/331) - Improve list handling for external config files: [https://github.com/actions/dependency-review-action/pull/330](https://github.com/actions/dependency-review-action/pull/330) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v3...v3.0.1 ### [`v3.0.0`](https://github.com/actions/dependency-review-action/releases/tag/v3.0.0): 3.0.0 [Compare Source](https://github.com/actions/dependency-review-action/compare/v2.5.1...v3.0.0) #### Breaking Changes By default the action now expects [SPDX-compliant licenses](https://spdx.org/licenses/) everywhere. If you were previously using license names in the allow or deny lists make sure they're valid! #### What's Changed ##### Support for external configuration files You can now specify a [configuration file external to your repository](https://github.com/actions/dependency-review-action/#configuration-file). This allows organizations to have a single configuration file for all their repos. ##### Broader license support We've added support for a much broader set of project licenses by using GitHub's [Licenses API](https://docs.github.com/en/rest/licenses). ##### SPDX Compliance All of our license-related code now expects [SPDX-compliant licenses or expressions](https://spdx.org/licenses/). This allows us to standardize on a license naming scheme that already supports `OR`/`AND` expressions. ##### Disable individual checks You can now use the boolean options `license-check` and `vulnerability-check` to disable either one of the checks. More information in [our configuration options](https://github.com/actions/dependency-review-action/#configuration-options). #### Thanks Contributors for this release include: - [@​cnagadya](https://github.com/cnagadya) - [@​courtneycl](https://github.com/courtneycl) - [@​ericcornelissen](https://github.com/ericcornelissen) - [@​elireisman](https://github.com/elireisman) - [@​hmaurer](https://github.com/hmaurer) Thanks everyone! **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v2...v3.0.0 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.1`](https://github.com/actions/upload-artifact/releases/tag/v4.3.1) [Compare Source](https://github.com/actions/upload-artifact/compare/v4.3.0...v4.3.1) - Bump [@​actions/artifacts](https://github.com/actions/artifacts) to latest version to include [updated GHES host check](https://github.com/actions/toolkit/pull/1648) ### [`v4.3.0`](https://github.com/actions/upload-artifact/releases/tag/v4.3.0) [Compare Source](https://github.com/actions/upload-artifact/compare/v4.2.0...v4.3.0) ##### What's Changed - Reorganize upload code in prep for merge logic & add more tests by [@​robherley](https://github.com/robherley) in [https://github.com/actions/upload-artifact/pull/504](https://github.com/actions/upload-artifact/pull/504) - Add sub-action to merge artifacts by [@​robherley](https://github.com/robherley) in [https://github.com/actions/upload-artifact/pull/505](https://github.com/actions/upload-artifact/pull/505) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.3.0 ### [`v4.2.0`](https://github.com/actions/upload-artifact/releases/tag/v4.2.0) [Compare Source](https://github.com/actions/upload-artifact/compare/v4.1.0...v4.2.0) ##### What's Changed - Ability to overwrite an Artifact by [@​robherley](https://github.com/robherley) in [https://github.com/actions/upload-artifact/pull/501](https://github.com/actions/upload-artifact/pull/501) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.2.0 ### [`v4.1.0`](https://github.com/actions/upload-artifact/releases/tag/v4.1.0) [Compare Source](https://github.com/actions/upload-artifact/compare/v4.0.0...v4.1.0) #### What's Changed - Add migrations docs by [@​robherley](https://github.com/robherley) in [https://github.com/actions/upload-artifact/pull/482](https://github.com/actions/upload-artifact/pull/482) - Update README.md by [@​samuelwine](https://github.com/samuelwine) in [https://github.com/actions/upload-artifact/pull/492](https://github.com/actions/upload-artifact/pull/492) - Support artifact-url output by [@​konradpabjan](https://github.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/496](https://github.com/actions/upload-artifact/pull/496) - Update readme to reflect new 500 artifact per job limit by [@​robherley](https://github.com/robherley) in [https://github.com/actions/upload-artifact/pull/497](https://github.com/actions/upload-artifact/pull/497) #### New Contributors - [@​samuelwine](https://github.com/samuelwine) made their first contribution in [https://github.com/actions/upload-artifact/pull/492](https://github.com/actions/upload-artifact/pull/492) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4...v4.1.0 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.3.9`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.9) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.8...v0.3.9) ##### Miscellaneous - fix missing keys in setup actions ([#​93](https://github.com/defenseunicorns/uds-common/issues/93)) ([39d7395](https://github.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a)) ### [`v0.3.8`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.8) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.7...v0.3.8) ##### Miscellaneous - add upgrade tests to common ([#​91](https://github.com/defenseunicorns/uds-common/issues/91)) ([bb2e590](https://github.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d)) - **deps:** update dependency defenseunicorns/uds-cli to v0.10.1 ([#​84](https://github.com/defenseunicorns/uds-common/issues/84)) ([6b455b7](https://github.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7)) - **deps:** update dependency defenseunicorns/uds-core to v0.17.0 ([#​83](https://github.com/defenseunicorns/uds-common/issues/83)) ([b8d8181](https://github.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c)) - **deps:** update uds common package dependencies to v6.6.1 ([#​92](https://github.com/defenseunicorns/uds-common/issues/92)) ([862b635](https://github.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3)) - update registry login to happen in the common env setup action ([#​88](https://github.com/defenseunicorns/uds-common/issues/88)) ([b7bce88](https://github.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae)) ### [`v0.3.7`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.7) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.6...v0.3.7) ##### Miscellaneous - remove schedule on renovate ([#​85](https://github.com/defenseunicorns/uds-common/issues/85)) ([fda7e57](https://github.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27)) - update k3d-core-istio-dev to k3d-core-slim-dev ([#​86](https://github.com/defenseunicorns/uds-common/issues/86)) ([aa0e6da](https://github.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493)) ### [`v0.3.6`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.6) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.5...v0.3.6) ##### Miscellaneous - hotfix the spoof containing a dash in the input and add a publish step ([#​81](https://github.com/defenseunicorns/uds-common/issues/81)) ([f9c7aac](https://github.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39)) ### [`v0.3.5`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.5) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.4...v0.3.5) ##### Miscellaneous - fix spoof to not include a dash ([#​79](https://github.com/defenseunicorns/uds-common/issues/79)) ([5d1738b](https://github.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb)) ### [`v0.3.4`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.4) [Compare Source](https://github.com/defenseunicorns/uds-common/compare/v0.3.3...v0.3.4) ##### Miscellaneous - add the ability to spoof to common ([#​77](https://github.com/defenseunicorns/uds-common/issues/77)) ([49634e1](https://github.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38)) - **deps:** update dependency defenseunicorns/uds-core to v0.16.1 ([#​72](https://github.com/defenseunicorns/uds-common/issues/72)) ([32d1ad6](https://github.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855)) </details> <details> <summary>defenseunicorns/uds-common-tasks (defenseunicorns/uds-common-tasks)</summary> ### [`v0.3.9`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.9) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.8...v0.3.9) ##### Miscellaneous - fix missing keys in setup actions ([#​93](https://github.com/defenseunicorns/uds-common/issues/93)) ([39d7395](https://github.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a)) ### [`v0.3.8`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.8) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.7...v0.3.8) ##### Miscellaneous - add upgrade tests to common ([#​91](https://github.com/defenseunicorns/uds-common/issues/91)) ([bb2e590](https://github.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d)) - **deps:** update dependency defenseunicorns/uds-cli to v0.10.1 ([#​84](https://github.com/defenseunicorns/uds-common/issues/84)) ([6b455b7](https://github.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7)) - **deps:** update dependency defenseunicorns/uds-core to v0.17.0 ([#​83](https://github.com/defenseunicorns/uds-common/issues/83)) ([b8d8181](https://github.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c)) - **deps:** update uds common package dependencies to v6.6.1 ([#​92](https://github.com/defenseunicorns/uds-common/issues/92)) ([862b635](https://github.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3)) - update registry login to happen in the common env setup action ([#​88](https://github.com/defenseunicorns/uds-common/issues/88)) ([b7bce88](https://github.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae)) ### [`v0.3.7`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.7) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.6...v0.3.7) ##### Miscellaneous - remove schedule on renovate ([#​85](https://github.com/defenseunicorns/uds-common/issues/85)) ([fda7e57](https://github.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27)) - update k3d-core-istio-dev to k3d-core-slim-dev ([#​86](https://github.com/defenseunicorns/uds-common/issues/86)) ([aa0e6da](https://github.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493)) ### [`v0.3.6`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.6) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.5...v0.3.6) ##### Miscellaneous - hotfix the spoof containing a dash in the input and add a publish step ([#​81](https://github.com/defenseunicorns/uds-common/issues/81)) ([f9c7aac](https://github.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39)) ### [`v0.3.5`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.5) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.4...v0.3.5) ##### Miscellaneous - fix spoof to not include a dash ([#​79](https://github.com/defenseunicorns/uds-common/issues/79)) ([5d1738b](https://github.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb)) ### [`v0.3.4`](https://github.com/defenseunicorns/uds-common/releases/tag/v0.3.4) [Compare Source](https://github.com/defenseunicorns/uds-common-tasks/compare/v0.3.3...v0.3.4) ##### Miscellaneous - add the ability to spoof to common ([#​77](https://github.com/defenseunicorns/uds-common/issues/77)) ([49634e1](https://github.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38)) - **deps:** update dependency defenseunicorns/uds-core to v0.16.1 ([#​72](https://github.com/defenseunicorns/uds-common/issues/72)) ([32d1ad6](https://github.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.32.6`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) ##### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://github.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://github.com/andrewg-xyz) in [#​2269](https://github.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://github.com/Noxsios) in [#​2380](https://github.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://github.com/Noxsios) in [#​2321](https://github.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://github.com/lucasrod16) in [#​2223](https://github.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://github.com/AbrohamLincoln) in [#​2381](https://github.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://github.com/lucasrod16) in [#​2386](https://github.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2397](https://github.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://github.com/Noxsios) in [#​2398](https://github.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://github.com/Racer159) in [#​2379](https://github.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://github.com/lucasrod16) in [#​2361](https://github.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://github.com/lucasrod16) in [#​2391](https://github.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://github.com/Noxsios) in [#​2385](https://github.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6 ### [`v0.32.5`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.5) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5) ##### \[0.32.5] - 2024-03-11 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://github.com/Noxsios) ##### 🚀 Features - feat: add missing vendored tool version commands by [@​eddiezane](https://github.com/eddiezane) in [#​2232](https://github.com/defenseunicorns/zarf/pull/2232) - feat: add `--why` flag for `zarf dev find-images` by [@​waveywaves](https://github.com/waveywaves) in [#​2309](https://github.com/defenseunicorns/zarf/pull/2309) - feat: set variables on find images by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2282](https://github.com/defenseunicorns/zarf/pull/2282) - feat: add configurable backoff and retries for Zarf operations by [@​Racer159](https://github.com/Racer159) in [#​2345](https://github.com/defenseunicorns/zarf/pull/2345) ##### 🐛 Bug Fixes - *(deps)*: update github.com/anchore/clio digest to [`abcb719`](https://github.com/defenseunicorns/zarf/commit/abcb719) by [@​renovate](https://github.com/renovate)\[bot] in [#​2347](https://github.com/defenseunicorns/zarf/pull/2347) - *(ci)*: change ECR image to docker.io image by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2353](https://github.com/defenseunicorns/zarf/pull/2353) - fix: added OCI Image Index mediaType by [@​mdaizcorbe](https://github.com/mdaizcorbe) in [#​2352](https://github.com/defenseunicorns/zarf/pull/2352) - fix: package publish progress bar frozen at zero by [@​Noxsios](https://github.com/Noxsios) in [#​2367](https://github.com/defenseunicorns/zarf/pull/2367) - *(release)* hotfix `publish` not respecting source package architecture by [@​Noxsios](https://github.com/Noxsios) in [#​2376](https://github.com/defenseunicorns/zarf/pull/2376) ##### 📚 Documentation - chore: fix spelling by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2333](https://github.com/defenseunicorns/zarf/pull/2333) - docs: formatting and grammar by [@​beholdenkey](https://github.com/beholdenkey) in [#​2350](https://github.com/defenseunicorns/zarf/pull/2350) ##### ⚙️ Miscellaneous Tasks - chore: sorted go imports by [@​naveensrinivasan](https://github.com/naveensrinivasan) in [#​2349](https://github.com/defenseunicorns/zarf/pull/2349) - chore: fix bb test by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2340](https://github.com/defenseunicorns/zarf/pull/2340) - chore: update CODEOWNERS with [@​AustinAbro321](https://github.com/AustinAbro321) by [@​Racer159](https://github.com/Racer159) in [#​2354](https://github.com/defenseunicorns/zarf/pull/2354) - chore: refactor and purify the OCI library within Zarf by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2235](https://github.com/defenseunicorns/zarf/pull/2235) - chore: default to temp zarf cache in e2e tests by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2355](https://github.com/defenseunicorns/zarf/pull/2355) ##### 🛡️ Security - chore: configure agent server to avoid slowloris attack by [@​naveensrinivasan](https://github.com/naveensrinivasan) in [#​2342](https://github.com/defenseunicorns/zarf/pull/2342) - chore: fix implicit memory aliasing in for loop by [@​naveensrinivasan](https://github.com/naveensrinivasan) in [#​2341](https://github.com/defenseunicorns/zarf/pull/2341) - *(release)*: update release workflow to use token from gh app by [@​Noxsios](https://github.com/Noxsios) in [#​2368](https://github.com/defenseunicorns/zarf/pull/2368) - *(release)*: use release environment secrets by [@​Noxsios](https://github.com/Noxsios) in [#​2374](https://github.com/defenseunicorns/zarf/pull/2374) ##### First Time Contributors - [@​eddiezane](https://github.com/eddiezane) made their first contribution in [#​2232](https://github.com/defenseunicorns/zarf/issues/2232) - [@​beholdenkey](https://github.com/beholdenkey) made their first contribution in [#​2350](https://github.com/defenseunicorns/zarf/issues/2350) - [@​mdaizcorbe](https://github.com/mdaizcorbe) made their first contribution in [#​2352](https://github.com/defenseunicorns/zarf/issues/2352) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5 ### [`v0.32.4`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) ##### What's Changed ##### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@​docandrew](https://github.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://github.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@​lucasrod16](https://github.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://github.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://github.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@​WeaponX314](https://github.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://github.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://github.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://github.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for `--registry-override` in package create by [@​waveywaves](https://github.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://github.com/defenseunicorns/zarf/pull/2306) ##### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://github.com/defenseunicorns/zarf/commit/cb94e40) by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://github.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://github.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://github.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://github.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://github.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://github.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://github.com/defenseunicorns/zarf/pull/2318) ##### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://github.com/defenseunicorns/zarf/pull/2305) ##### Development - Included Dependency Review action for PR reviews by [@​naveensrinivasan](https://github.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://github.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://github.com/defenseunicorns/zarf/pull/2322) ##### New Contributors - [@​docandrew](https://github.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://github.com/defenseunicorns/zarf/pull/2301) - [@​naveensrinivasan](https://github.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://github.com/defenseunicorns/zarf/pull/2298) - [@​waveywaves](https://github.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://github.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4 ### [`v0.32.3`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.3) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3) ##### What's Changed ##### Fixes - Properly handle panic that could occur during checksum validation by [@​mjnagel](https://github.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2262](https://github.com/defenseunicorns/zarf/pull/2262) - Add the `--key` flag to the init cmd to properly allow for signed init packages by [@​dgershman](https://github.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2259](https://github.com/defenseunicorns/zarf/pull/2259) - Restore destroy script functionality during `zarf destroy` by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2274](https://github.com/defenseunicorns/zarf/pull/2274) - Fix symlink inclusion within component resources by [@​dgershman](https://github.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2256](https://github.com/defenseunicorns/zarf/pull/2256) - Use memory friendly file split logic for partial packages by [@​daniel-palmer-gu](https://github.com/daniel-palmer-gu) in [https://github.com/defenseunicorns/zarf/pull/2264](https://github.com/defenseunicorns/zarf/pull/2264) - Fix reproducible tarball creation on Windows systems by [@​Noxsios](https://github.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2293](https://github.com/defenseunicorns/zarf/pull/2293) ##### Docs - Make branding more consistent and add community meetup references to docs by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2258](https://github.com/defenseunicorns/zarf/pull/2258) ##### Dependencies - Update github.com/anchore/clio digest by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2277](https://github.com/defenseunicorns/zarf/pull/2277) and [https://github.com/defenseunicorns/zarf/pull/2283](https://github.com/defenseunicorns/zarf/pull/2283) - Update all non-major dependencies (including Gitea v1.21.5, Syft v0.100.0, K9s v0.31.7 and Crane v0.19.0) by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2187](https://github.com/defenseunicorns/zarf/pull/2187) ##### Development - Add a more robust chart search regexManager by [@​Racer159](https://github.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2278](https://github.com/defenseunicorns/zarf/pull/2278) and [https://github.com/defenseunicorns/zarf/pull/2284](https://github.com/defenseunicorns/zarf/pull/2284) - Partial refactor of injector logic in `k8s`, and `cluster` packages by [@​chrishorton](https://github.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2271](https://github.com/defenseunicorns/zarf/pull/2271) ##### New Contributors - [@​daniel-palmer-gu](https://github.com/daniel-palmer-gu) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2264](https://github.com/defenseunicorns/zarf/pull/2264) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3 ### [`v0.32.2`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.2) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2) #### What's Changed #### Features - Support authenticated Helm repositories that have been configured with `helm repo add` by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2196](https://github.com/defenseunicorns/zarf/pull/2196) - Verify that the specified storage class exists during `zarf init` by [@​lucasrod16](https://github.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2180](https://github.com/defenseunicorns/zarf/pull/2180) - Check for available node resources before building injector pod by [@​chrishorton](https://github.com/chrishorton) in [https://github.com/defenseunicorns/zarf/pull/2220](https://github.com/defenseunicorns/zarf/pull/2220) - Officially support yaml extensions within the `zarf.yaml` using `x-` keys by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2217](https://github.com/defenseunicorns/zarf/pull/2217) #### Fixes - Fix the inclusion of helm sub commands when rendering `zarf tools help` by [@​jbrewer3](https://github.com/jbrewer3) in [https://github.com/defenseunicorns/zarf/pull/2216](https://github.com/defenseunicorns/zarf/pull/2216) #### Docs - Fix typos in the extension `README.md` by [@​mjnagel](https://github.com/mjnagel) in [https://github.com/defenseunicorns/zarf/pull/2227](https://github.com/defenseunicorns/zarf/pull/2227) - Fix a small grammatical error in the base `README.md` by [@​cmwylie19](https://github.com/cmwylie19) in [https://github.com/defenseunicorns/zarf/pull/2219](https://github.com/defenseunicorns/zarf/pull/2219) #### Dependencies - Update github.com/anchore/clio digest to [`89e2fe8`](https://github.com/defenseunicorns/zarf/commit/89e2fe8) by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2214](https://github.com/defenseunicorns/zarf/pull/2214) - Update github.com/anchore/clio digest to [`a5e93b6`](https://github.com/defenseunicorns/zarf/commit/a5e93b6) by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2229](https://github.com/defenseunicorns/zarf/pull/2229) - Update github.com/anchore/stereoscope digest to [`eb656fc`](https://github.com/defenseunicorns/zarf/commit/eb656fc) by [@​renovate](https://github.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2230](https://github.com/defenseunicorns/zarf/pull/2230) #### Development - Remove workflow for automatically adding issues to the zarf project by [@​YrrepNoj](https://github.com/YrrepNoj) in [https://github.com/defenseunicorns/zarf/pull/2239](https://github.com/defenseunicorns/zarf/pull/2239) - Delete unnecessary waitgroup from concurrencyTools by [@​AustinAbro321](https://github.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2244](https://github.com/defenseunicorns/zarf/pull/2244) - Update `NewOrasRemote` to take `ocispec.Platform` as an argument by [@​decleaver](https://github.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2241](https://github.com/defenseunicorns/zarf/pull/2241) #### New Contributors - [@​jbrewer3](https://github.com/jbrewer3) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2216](https://github.com/defenseunicorns/zarf/pull/2216) - [@​chrishorton](https://github.com/chrishorton) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2220](https://github.com/defenseunicorns/zarf/pull/2220) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2 ### [`v0.32.1`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <me@racer159.com>
- Loading branch information