[!WARNING]
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
aws/aws-cli (awscli)
### [`v2.15.17`](https://togithub.com/aws/aws-cli/compare/2.15.16...2.15.17)
[Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.16...2.15.17)
defenseunicorns/build-harness (defenseunicorns/build-harness)
### [`v1.15.1`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#1151-2024-02-02)
[Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/1.15.0...1.15.1)
##### Miscellaneous Chores
- **deps:** update all dependencies ([#167](https://togithub.com/defenseunicorns/build-harness/issues/167)) ([2d096b8](https://togithub.com/defenseunicorns/build-harness/commit/2d096b8133aa56de6bfcc17353e1d5f38dca3902))
fluxcd/flux2 (flux2)
### [`v2.2.3`](https://togithub.com/fluxcd/flux2/releases/tag/v2.2.3)
[Compare Source](https://togithub.com/fluxcd/flux2/compare/v2.2.2...v2.2.3)
#### Highlights
Flux v2.2.3 is a patch release which comes with various fixes and improvements. Users are encouraged to upgrade for the best experience.
:bulb: For upgrading to Flux v2.2, please see [the procedure documented in 2.2.0](https://togithub.com/fluxcd/flux2/releases/tag/v2.0.0).
This release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs.
All controllers are built with Go 1.21.6 using Alpine Linux 3.19.1 base image.
> \[!NOTE]
> Due to breaking changes in [Helm v3.14.0](https://togithub.com/helm/helm/releases/tag/v3.14.0), the helm-controller version included in this patch release comes with Helm SDK v3.13.3.
> A preview build of the helm-controller with the latest Helm SDK is available at [helm-controller#879](https://togithub.com/fluxcd/helm-controller/pull/879).
Fixes:
- Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the kustomize-controller upgrade to Kustomize v5.3 and has been fixed in this patch release.
- The regression due to which `Roles` and `ClusterRoles` with aggregated roles were continuous reconciled by kustomize-controller has been fixed.
- The HelmRelease status reporting has been improved by ensuring that the stale failure conditions get updated after failure recovery.
See the components changelog for a full list of bug fixes.
#### Components changelog
- source-controller [v1.2.4](https://togithub.com/fluxcd/source-controller/blob/v1.2.4/CHANGELOG.md)
- kustomize-controller [v1.2.2](https://togithub.com/fluxcd/kustomize-controller/blob/v1.2.2/CHANGELOG.md)
- notification-controller [v1.2.4](https://togithub.com/fluxcd/notification-controller/blob/v1.2.4/CHANGELOG.md)
- helm-controller [v0.37.4](https://togithub.com/fluxcd/helm-controller/blob/v0.37.4/CHANGELOG.md)
- image-reflector-controller [v0.31.2](https://togithub.com/fluxcd/image-reflector-controller/blob/v0.31.2/CHANGELOG.md)
- image-automation-controller [v0.37.1](https://togithub.com/fluxcd/image-automation-controller/blob/v0.37.1/CHANGELOG.md)
#### CLI Changelog
- PR [#4589](https://togithub.com/fluxcd/flux2/issues/4589) - [@stefanprodan](https://togithub.com/stefanprodan) - Update dependencies
- PR [#4585](https://togithub.com/fluxcd/flux2/issues/4585) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates
- PR [#4583](https://togithub.com/fluxcd/flux2/issues/4583) - [@fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components
- PR [#4575](https://togithub.com/fluxcd/flux2/issues/4575) - [@stefanprodan](https://togithub.com/stefanprodan) - Update dependencies to Kubernetes v1.28.6
- PR [#4573](https://togithub.com/fluxcd/flux2/issues/4573) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 5 updates
- PR [#4558](https://togithub.com/fluxcd/flux2/issues/4558) - [@twinguy](https://togithub.com/twinguy) - `flux check` should error on unrecognised args
- PR [#4557](https://togithub.com/fluxcd/flux2/issues/4557) - [@twinguy](https://togithub.com/twinguy) - `flux stats` should error on unrecognised args
- PR [#4554](https://togithub.com/fluxcd/flux2/issues/4554) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates
- PR [#4553](https://togithub.com/fluxcd/flux2/issues/4553) - [@twinguy](https://togithub.com/twinguy) - Properly detect unexpected arguments during uninstall
- PR [#4535](https://togithub.com/fluxcd/flux2/issues/4535) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7
- PR [#4533](https://togithub.com/fluxcd/flux2/issues/4533) - [@darkowlzz](https://togithub.com/darkowlzz) - tests/int: Add separate resource cleanup step
bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)
### [`v3.2.8`](https://togithub.com/bridgecrewio/checkov/compare/3.2.7...3.2.8)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.7...3.2.8)
### [`v3.2.7`](https://togithub.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#327---2024-02-04)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.6...3.2.7)
##### Feature
- **azure:** create arm check StorageAccountMinimumTlsVersion CKV_AZURE\_236 - [#5986](https://togithub.com/bridgecrewio/checkov/pull/5986)
- **sast:** add dataflow to output - [#5987](https://togithub.com/bridgecrewio/checkov/pull/5987)
##### Bug Fix
- **terraform:** Correctly relace foreach_value inside \_update_attributes for complex cases - [#5994](https://togithub.com/bridgecrewio/checkov/pull/5994)
### [`v3.2.6`](https://togithub.com/bridgecrewio/checkov/compare/3.2.5...3.2.6)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.5...3.2.6)
Configuration
📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
2.15.16->2.15.171.15.0->1.15.12.2.2->2.2.33.2.5->3.2.8Release Notes
aws/aws-cli (awscli)
### [`v2.15.17`](https://togithub.com/aws/aws-cli/compare/2.15.16...2.15.17) [Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.16...2.15.17)defenseunicorns/build-harness (defenseunicorns/build-harness)
### [`v1.15.1`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#1151-2024-02-02) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/1.15.0...1.15.1) ##### Miscellaneous Chores - **deps:** update all dependencies ([#167](https://togithub.com/defenseunicorns/build-harness/issues/167)) ([2d096b8](https://togithub.com/defenseunicorns/build-harness/commit/2d096b8133aa56de6bfcc17353e1d5f38dca3902))fluxcd/flux2 (flux2)
### [`v2.2.3`](https://togithub.com/fluxcd/flux2/releases/tag/v2.2.3) [Compare Source](https://togithub.com/fluxcd/flux2/compare/v2.2.2...v2.2.3) #### Highlights Flux v2.2.3 is a patch release which comes with various fixes and improvements. Users are encouraged to upgrade for the best experience. :bulb: For upgrading to Flux v2.2, please see [the procedure documented in 2.2.0](https://togithub.com/fluxcd/flux2/releases/tag/v2.0.0). This release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs. All controllers are built with Go 1.21.6 using Alpine Linux 3.19.1 base image. > \[!NOTE] > Due to breaking changes in [Helm v3.14.0](https://togithub.com/helm/helm/releases/tag/v3.14.0), the helm-controller version included in this patch release comes with Helm SDK v3.13.3. > A preview build of the helm-controller with the latest Helm SDK is available at [helm-controller#879](https://togithub.com/fluxcd/helm-controller/pull/879). Fixes: - Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the kustomize-controller upgrade to Kustomize v5.3 and has been fixed in this patch release. - The regression due to which `Roles` and `ClusterRoles` with aggregated roles were continuous reconciled by kustomize-controller has been fixed. - The HelmRelease status reporting has been improved by ensuring that the stale failure conditions get updated after failure recovery. See the components changelog for a full list of bug fixes. #### Components changelog - source-controller [v1.2.4](https://togithub.com/fluxcd/source-controller/blob/v1.2.4/CHANGELOG.md) - kustomize-controller [v1.2.2](https://togithub.com/fluxcd/kustomize-controller/blob/v1.2.2/CHANGELOG.md) - notification-controller [v1.2.4](https://togithub.com/fluxcd/notification-controller/blob/v1.2.4/CHANGELOG.md) - helm-controller [v0.37.4](https://togithub.com/fluxcd/helm-controller/blob/v0.37.4/CHANGELOG.md) - image-reflector-controller [v0.31.2](https://togithub.com/fluxcd/image-reflector-controller/blob/v0.31.2/CHANGELOG.md) - image-automation-controller [v0.37.1](https://togithub.com/fluxcd/image-automation-controller/blob/v0.37.1/CHANGELOG.md) #### CLI Changelog - PR [#4589](https://togithub.com/fluxcd/flux2/issues/4589) - [@stefanprodan](https://togithub.com/stefanprodan) - Update dependencies - PR [#4585](https://togithub.com/fluxcd/flux2/issues/4585) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates - PR [#4583](https://togithub.com/fluxcd/flux2/issues/4583) - [@fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#4575](https://togithub.com/fluxcd/flux2/issues/4575) - [@stefanprodan](https://togithub.com/stefanprodan) - Update dependencies to Kubernetes v1.28.6 - PR [#4573](https://togithub.com/fluxcd/flux2/issues/4573) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 5 updates - PR [#4558](https://togithub.com/fluxcd/flux2/issues/4558) - [@twinguy](https://togithub.com/twinguy) - `flux check` should error on unrecognised args - PR [#4557](https://togithub.com/fluxcd/flux2/issues/4557) - [@twinguy](https://togithub.com/twinguy) - `flux stats` should error on unrecognised args - PR [#4554](https://togithub.com/fluxcd/flux2/issues/4554) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates - PR [#4553](https://togithub.com/fluxcd/flux2/issues/4553) - [@twinguy](https://togithub.com/twinguy) - Properly detect unexpected arguments during uninstall - PR [#4535](https://togithub.com/fluxcd/flux2/issues/4535) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 - PR [#4533](https://togithub.com/fluxcd/flux2/issues/4533) - [@darkowlzz](https://togithub.com/darkowlzz) - tests/int: Add separate resource cleanup stepbridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)
### [`v3.2.8`](https://togithub.com/bridgecrewio/checkov/compare/3.2.7...3.2.8) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.7...3.2.8) ### [`v3.2.7`](https://togithub.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#327---2024-02-04) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.6...3.2.7) ##### Feature - **azure:** create arm check StorageAccountMinimumTlsVersion CKV_AZURE\_236 - [#5986](https://togithub.com/bridgecrewio/checkov/pull/5986) - **sast:** add dataflow to output - [#5987](https://togithub.com/bridgecrewio/checkov/pull/5987) ##### Bug Fix - **terraform:** Correctly relace foreach_value inside \_update_attributes for complex cases - [#5994](https://togithub.com/bridgecrewio/checkov/pull/5994) ### [`v3.2.6`](https://togithub.com/bridgecrewio/checkov/compare/3.2.5...3.2.6) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.5...3.2.6)Configuration
📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.