🌱 Bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.14.0 in /hack/tools

[dependabot]

Bumps sigs.k8s.io/kustomize/api from 0.13.2 to 0.14.0.

Release notes

Sourced from sigs.k8s.io/kustomize/api's releases.

kyaml/v0.14.0

Breaking changes

#4926: copyutils.CopyDir() now requires a FileSystem argument #4019: remove Resid.LegacySortString()

Features

#4886: add creation support to PathMatcher filter #4947: Allow fieldspecs (used in advanced transformer configuration) to start with a slash.

Bug fixes/performance improvements

#4944: Refactor mapping node traversal and optimize RNode.GetAnnotations and RNode.GetLabels #4890: Fix null value handling when applying strategic merge patches. A null in the patch is a deletion directive, but a null in the target should be preserved. #4967: fix data race when using openapi from multiple goroutines #4990: Improve panic error message for invalid openapi schema file to include the parse error #4806: runtimeutils.GetFunctionSpec throws error when resource metadata is not found #4582: update openapi scripts to fetch protobuffer schemas

Dependencies

#4877: Update minimum Go version to Go 1.19 #4889: fix: all module net and text dependent package CVE-2022-41717 and CVE-2022-32149 vulnerabilities #4965: Bump k8s.io/kube-openapi to remove archived dependency #4960: Update sigs.k8s.io/yaml to v1.3.0 #4970: Replace github/pkg/errors with sigs.k8s.io/kustomize/kyaml/errors

api/v0.14.0

#4949: add check that kustomization is empty #5170: components apply after all generators applied #5186: Update gnostic dependency with gnostic-models #5187: Bump to go 1.20 #5212: pin to kyaml v0.14.3

kyaml/v0.13.10

#4727: Improve invalid node kind errors #4754: Stop using deprecated ioutil functions #4758: Emit a warning when using missing field in FunctionSpec #4764: Update internal go-yaml fork to v3.0.1, picking up bug fixes and a panic fix that has an associated CVE #4806: update golangci-lint version to v1.49.0 #4820: preallocate memory for performance improvements #4830: update kyaml's dependency swag to v0.22.3

kyaml/v0.13.9

#4742: prevent testing lib from being compiled in

kyaml/v0.13.8

#4675: Update dependency of github.com/xlab/treeprint to v1.1.0 #4677: Add filesys.ConfirmDir function to ensure that a path is a directory and clean it

... (truncated)

Commits

• ded76df Merge pull request #5213 from natasha41575/pintocmdconfig
• d7362ed pin to cmd/config
• 4711bfe Merge pull request #5212 from natasha41575/pintokyaml
• 8c0e0b3 pin to kyaml
• 9e42f8d Merge pull request #5177 from annasong20/test-accumulate-remote-file
• 168e31b Add accumulateResources remote file error tests
• 336bc14 Merge pull request #5195 from natasha41575/updatemaintainers
• b2c39b6 add Anna to maintainers
• da31b96 Merge pull request #5187 from koba1t/update_go_1.20
• dce9426 Merge pull request #5030 from koba1t/fix/error_when_no_path_match
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sbueringer for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[killianmuldoon]

/retest

[killianmuldoon]

@dependabot rebase

[k8s-ci-robot]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-cluster-api-build-main	65937fb	link	true	/test pull-cluster-api-build-main
pull-cluster-api-test-main	65937fb	link	true	/test pull-cluster-api-test-main

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[sbueringer]

This doesn't compile because proto.NewOpenAPIData in k8s.io/kube-openapi (called by client-go) now expects a Document from gnostic-models and not from gnostic

/home/sbuerin/go/pkg/mod/k8s.io/client-go@v0.27.2/applyconfigurations/meta/v1/unstructured.go:64:38: cannot use doc (variable of type *"github.com/google/gnostic/openapiv2".Document) as *"github.com/google/gnostic-models/openapiv2".Document value in argument to proto.NewOpenAPIData

Basically this bump breaks the compatiblity with client-go.

I would suggest to add sigs.k8s.io/kustomize/api to the bump exclude list

[killianmuldoon]

/close

Added an exclude in #9059

[k8s-ci-robot]

@killianmuldoon: Closed this PR.

In response to this:

/close

Added an exclude in #9059

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.