[!WARNING]
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
anchore/grype (anchore/grype)
### [`v0.74.7`](https://togithub.com/anchore/grype/releases/tag/v0.74.7)
[Compare Source](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7)
##### Bug Fixes
- return exit codes from install script \[[#1725](https://togithub.com/anchore/grype/pull/1725) [@hacst](https://togithub.com/hacst)]
- GitHub code scanning alerts missing information \[[#1715](https://togithub.com/anchore/grype/issues/1715) [#1720](https://togithub.com/anchore/grype/pull/1720) [@kzantow](https://togithub.com/kzantow)]
##### Additional Changes
- update Syft to v0.105.1 \[[#1728](https://togithub.com/anchore/grype/pull/1728)]
**[(Full Changelog)](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7)**
anchore/syft (anchore/syft)
### [`v0.105.1`](https://togithub.com/anchore/syft/releases/tag/v0.105.1)
[Compare Source](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1)
##### Bug Fixes
- return error codes from install script \[[#2664](https://togithub.com/anchore/syft/pull/2664) [@hacst](https://togithub.com/hacst)]
- SPDX tag value version selector \[[#2665](https://togithub.com/anchore/syft/pull/2665) [@kzantow](https://togithub.com/kzantow)]
##### Additional Changes
- Add syft version used to SBOM tool info by default \[[#2647](https://togithub.com/anchore/syft/pull/2647) [@wagoodman](https://togithub.com/wagoodman)]
**[(Full Changelog)](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1)**
aws/aws-cli (awscli)
### [`v2.15.23`](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23)
[Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23)
### [`v2.15.22`](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22)
[Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22)
dagger/dagger (dagger/dagger)
### [`v0.9.11`](https://togithub.com/dagger/dagger/blob/HEAD/CHANGELOG.md#v0911---2024-02-20)
[Compare Source](https://togithub.com/dagger/dagger/compare/sdk/typescript/v0.9.10...v0.9.11)
##### Fixed
- Improve docker error logging by [@jedevc](https://togithub.com/jedevc) in [https://github.com/dagger/dagger/pull/6676](https://togithub.com/dagger/dagger/pull/6676)
##### What to do next?
- Read the [documentation](https://docs.dagger.io)
- Join our [Discord server](https://discord.gg/dagger-io)
- Follow us on [Twitter](https://twitter.com/dagger_io)
defenseunicorns/uds-cli (defenseunicorns/uds-cli)
### [`v0.9.2`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.2)
[Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2)
##### What's Changed
- fix(deps): update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/450](https://togithub.com/defenseunicorns/uds-cli/pull/450)
- fix: relative paths for bundle create by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/453](https://togithub.com/defenseunicorns/uds-cli/pull/453)
**Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2
### [`v0.9.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.1)
[Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1)
##### What's Changed
- fix(deps): update module github.com/opencontainers/image-spec to v1.1.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/432](https://togithub.com/defenseunicorns/uds-cli/pull/432)
- fix(deps): update module helm.sh/helm/v3 to v3.14.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/429](https://togithub.com/defenseunicorns/uds-cli/pull/429)
- chore(deps): update github/codeql-action action to v3.24.3 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/421](https://togithub.com/defenseunicorns/uds-cli/pull/421)
- fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/defenseunicorns/uds-cli/commit/ec58324) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/420](https://togithub.com/defenseunicorns/uds-cli/pull/420)
- fix: add support for zarf dev lint by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/uds-cli/pull/436](https://togithub.com/defenseunicorns/uds-cli/pull/436)
- fix: case sensitivity in override vars by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/433](https://togithub.com/defenseunicorns/uds-cli/pull/433)
- feat: alias vendored zarf to z by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/424](https://togithub.com/defenseunicorns/uds-cli/pull/424)
- fix: use tmpdir if provided by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/431](https://togithub.com/defenseunicorns/uds-cli/pull/431)
- feat: import all vars exported from package by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/428](https://togithub.com/defenseunicorns/uds-cli/pull/428)
- fix: gosec lint issues for the pkg by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444)
- chore: ensure PR workflows can't write to GHCR by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/446](https://togithub.com/defenseunicorns/uds-cli/pull/446)
- chore: addresses github linter findings by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/447](https://togithub.com/defenseunicorns/uds-cli/pull/447)
- feat: imported vars as override values by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/423](https://togithub.com/defenseunicorns/uds-cli/pull/423)
- chore(deps): update github/codeql-action action to v3.24.4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/451](https://togithub.com/defenseunicorns/uds-cli/pull/451)
##### New Contributors
- [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444)
**Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1
defenseunicorns/zarf (defenseunicorns/zarf)
### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4)
[Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4)
#### What's Changed
#### Fixes
- Improve `cmd` failure messaging when no timeout or retries are given by [@docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- Revert init package storageclass checks for git server and seed registry by [@lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311)
- Fix multi-part tarballs being mismatched sizes by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314)
- Change text template detection to check first *and* last 512 bytes by [@WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310)
- Improve `zarf tools registry prune` messaging by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323)
- Add http request header timeout to mitigate stalling image push by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319)
- Allow host+subpath as the source registry for registry-override by [@waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
#### Dependencies
- Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300)
- **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329)
- Update actions/checkout action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317)
- Update actions/dependency-review-action action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318)
#### Docs
- Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305)
#### Development
- Included Dependency Review action for PR reviews by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- Resolve CodeQL linting issues across Zarf by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322)
#### New Contributors
- [@docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- [@waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
**Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4
helm/helm (helm)
### [`v3.14.2`](https://togithub.com/helm/helm/releases/tag/v3.14.2): Helm v3.14.2
[Compare Source](https://togithub.com/helm/helm/compare/v3.14.1...v3.14.2)
Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release.
A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content.
Jakub Ciolek with AlphaSense discovered the vulnerability.
#### Installation and Upgrading
Download Helm v3.14.2. The common platform binaries are here:
- [MacOS amd64](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz.sha256sum) / 64c633ae194bde77b7e7b7936a2814a7417817dc8b7bb7d270bd24a7a17b8d12)
- [MacOS arm64](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz.sha256sum) / ff502fd39b06497fa3d5a51ec2ced02b9fcfdb0e9a948d315fb1b2f13ddc39fb)
- [Linux amd64](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz.sha256sum) / 0885a501d586c1e949e9b113bf3fb3290b0bbf74db9444a1d8c2723a143006a5)
- [Linux arm](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz.sha256sum) / b70fb6fa2cdf0a5c782320c9d7e7b155fcaec260169218c98316bb3cf0d431d9)
- [Linux arm64](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz.sha256sum) / c65d6a9557bb359abc2c0d26670de850b52327dc3976ad6f9e14c298ea3e1b61)
- [Linux i386](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz.sha256sum) / 0e08cd56cc952ab4646c57c5ec7cde2412c39373aec3df659a14597dd9874461)
- [Linux ppc64le](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz.sha256sum) / f3bc8582ff151e619cd285d9cdf9fef1c5733ee5522d8bed2ef680ef07f87223)
- [Linux s390x](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz.sha256sum) / 7bda34aa26638e5116b31385f3b781172572175bf4c1ae00c87d8b154458ed94)
- [Linux riscv64](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz.sha256sum) / f6278facd3e2e6af52a5f6d038f2149428d115ba2b4523edbe5889d1170e9203)
- [Windows amd64](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip.sha256sum) / aa094e435da74ad574f96924c37ecd0c75f0be707ac604ef97ed6021d6bc0784)
This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@mattfarina](https://togithub.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`.
The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`.
#### What's Next
- 3.14.3 will contain only bug fixes and be released on March 13, 2024.
- 3.15.0 is the next feature release and will be on May 08, 2024.
bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)
### [`v3.2.26`](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26)
### [`v3.2.25`](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25)
### [`v3.2.24`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.24)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.23...3.2.24)
#### Feature
- **cloudformation:** add CFN policies for MSK - [#6021](https://togithub.com/bridgecrewio/checkov/pull/6021)
### [`v3.2.23`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.23)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.22...3.2.23)
#### Bug Fix
- **terraform:** support vertex reference based on foreach key - [#6039](https://togithub.com/bridgecrewio/checkov/pull/6039)
### [`v3.2.22`](https://togithub.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#3222---2024-02-18)
[Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.21...3.2.22)
##### Bug Fix
- **terraform:** CKV_AWS\_308 - checked if caching was enabled and only then check for encryption of cache - [#6034](https://togithub.com/bridgecrewio/checkov/pull/6034)
mikefarah/yq (mikefarah/yq)
### [`v4.42.1`](https://togithub.com/mikefarah/yq/releases/tag/v4.42.1)
[Compare Source](https://togithub.com/mikefarah/yq/compare/v4.41.1...v4.42.1)
- Can execute yq expression files directly with shebang [#1851](https://togithub.com/mikefarah/yq/issues/1851)
- Added --csv-separator flag [#1950](https://togithub.com/mikefarah/yq/issues/1950)
- Added --properties-separator option - thanks [@learnitall](https://togithub.com/learnitall) [#1864](https://togithub.com/mikefarah/yq/issues/1864)
- Added --properties-array-brackets flag for properties encoder [#1933](https://togithub.com/mikefarah/yq/issues/1933)
- Shell completion improvements - thanks [@scop](https://togithub.com/scop) [#1911](https://togithub.com/mikefarah/yq/issues/1911)
- Bumped dependencies
opentofu/opentofu (opentofu)
### [`v1.6.2`](https://togithub.com/opentofu/opentofu/releases/tag/v1.6.2)
[Compare Source](https://togithub.com/opentofu/opentofu/compare/v1.6.1...v1.6.2)
OpenTofu 1.6.2 is now out!
The main improvement is a [bug fix related to passing outputs from one test as inputs to another when using `tofu test`](https://togithub.com/opentofu/opentofu/pull/1254).
Other than that, continuing the work from the previous release, there are [further fixes to unit tests](https://togithub.com/opentofu/opentofu/pull/1214), to make them consistently work across architectures.
If you'd like to read about all the changes introduced, check out the detailed [changelog](https://togithub.com/opentofu/opentofu/blob/v1.6/CHANGELOG.md#162).
pre-commit/pre-commit (pre-commit)
### [`v3.6.2`](https://togithub.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#362---2024-02-18)
[Compare Source](https://togithub.com/pre-commit/pre-commit/compare/v3.6.1...v3.6.2)
\==================
##### Fixes
- Fix building golang hooks during `git commit --all`.
- [#3130](https://togithub.com/pre-commit/pre-commit/issues/3130) PR by [@asottile](https://togithub.com/asottile).
- [#2722](https://togithub.com/pre-commit/pre-commit/issues/2722) issue by [@pestanko](https://togithub.com/pestanko) and [@matthewhughes934](https://togithub.com/matthewhughes934).
Configuration
📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
0.74.6
->0.74.7
0.105.0
->0.105.1
2.15.21
->2.15.23
0.9.10
->0.9.11
0.9.0
->0.9.2
0.32.3
->0.32.4
3.14.1
->3.14.2
3.2.21
->3.2.26
4.41.1
->4.42.1
1.6.1
->1.6.2
1.6.1
->1.6.2
3.6.1
->3.6.2
4.41.1
->4.42.1
Release Notes
anchore/grype (anchore/grype)
### [`v0.74.7`](https://togithub.com/anchore/grype/releases/tag/v0.74.7) [Compare Source](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7) ##### Bug Fixes - return exit codes from install script \[[#1725](https://togithub.com/anchore/grype/pull/1725) [@hacst](https://togithub.com/hacst)] - GitHub code scanning alerts missing information \[[#1715](https://togithub.com/anchore/grype/issues/1715) [#1720](https://togithub.com/anchore/grype/pull/1720) [@kzantow](https://togithub.com/kzantow)] ##### Additional Changes - update Syft to v0.105.1 \[[#1728](https://togithub.com/anchore/grype/pull/1728)] **[(Full Changelog)](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7)**anchore/syft (anchore/syft)
### [`v0.105.1`](https://togithub.com/anchore/syft/releases/tag/v0.105.1) [Compare Source](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1) ##### Bug Fixes - return error codes from install script \[[#2664](https://togithub.com/anchore/syft/pull/2664) [@hacst](https://togithub.com/hacst)] - SPDX tag value version selector \[[#2665](https://togithub.com/anchore/syft/pull/2665) [@kzantow](https://togithub.com/kzantow)] ##### Additional Changes - Add syft version used to SBOM tool info by default \[[#2647](https://togithub.com/anchore/syft/pull/2647) [@wagoodman](https://togithub.com/wagoodman)] **[(Full Changelog)](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1)**aws/aws-cli (awscli)
### [`v2.15.23`](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23) [Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23) ### [`v2.15.22`](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22) [Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22)dagger/dagger (dagger/dagger)
### [`v0.9.11`](https://togithub.com/dagger/dagger/blob/HEAD/CHANGELOG.md#v0911---2024-02-20) [Compare Source](https://togithub.com/dagger/dagger/compare/sdk/typescript/v0.9.10...v0.9.11) ##### Fixed - Improve docker error logging by [@jedevc](https://togithub.com/jedevc) in [https://github.com/dagger/dagger/pull/6676](https://togithub.com/dagger/dagger/pull/6676) ##### What to do next? - Read the [documentation](https://docs.dagger.io) - Join our [Discord server](https://discord.gg/dagger-io) - Follow us on [Twitter](https://twitter.com/dagger_io)defenseunicorns/uds-cli (defenseunicorns/uds-cli)
### [`v0.9.2`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.2) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2) ##### What's Changed - fix(deps): update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/450](https://togithub.com/defenseunicorns/uds-cli/pull/450) - fix: relative paths for bundle create by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/453](https://togithub.com/defenseunicorns/uds-cli/pull/453) **Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2 ### [`v0.9.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.1) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1) ##### What's Changed - fix(deps): update module github.com/opencontainers/image-spec to v1.1.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/432](https://togithub.com/defenseunicorns/uds-cli/pull/432) - fix(deps): update module helm.sh/helm/v3 to v3.14.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/429](https://togithub.com/defenseunicorns/uds-cli/pull/429) - chore(deps): update github/codeql-action action to v3.24.3 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/421](https://togithub.com/defenseunicorns/uds-cli/pull/421) - fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/defenseunicorns/uds-cli/commit/ec58324) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/420](https://togithub.com/defenseunicorns/uds-cli/pull/420) - fix: add support for zarf dev lint by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/uds-cli/pull/436](https://togithub.com/defenseunicorns/uds-cli/pull/436) - fix: case sensitivity in override vars by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/433](https://togithub.com/defenseunicorns/uds-cli/pull/433) - feat: alias vendored zarf to z by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/424](https://togithub.com/defenseunicorns/uds-cli/pull/424) - fix: use tmpdir if provided by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/431](https://togithub.com/defenseunicorns/uds-cli/pull/431) - feat: import all vars exported from package by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/428](https://togithub.com/defenseunicorns/uds-cli/pull/428) - fix: gosec lint issues for the pkg by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) - chore: ensure PR workflows can't write to GHCR by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/446](https://togithub.com/defenseunicorns/uds-cli/pull/446) - chore: addresses github linter findings by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/447](https://togithub.com/defenseunicorns/uds-cli/pull/447) - feat: imported vars as override values by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/423](https://togithub.com/defenseunicorns/uds-cli/pull/423) - chore(deps): update github/codeql-action action to v3.24.4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/451](https://togithub.com/defenseunicorns/uds-cli/pull/451) ##### New Contributors - [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) **Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1defenseunicorns/zarf (defenseunicorns/zarf)
### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) #### What's Changed #### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for registry-override by [@waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) #### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) #### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) #### Development - Included Dependency Review action for PR reviews by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) #### New Contributors - [@docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4helm/helm (helm)
### [`v3.14.2`](https://togithub.com/helm/helm/releases/tag/v3.14.2): Helm v3.14.2 [Compare Source](https://togithub.com/helm/helm/compare/v3.14.1...v3.14.2) Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release. A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. Jakub Ciolek with AlphaSense discovered the vulnerability. #### Installation and Upgrading Download Helm v3.14.2. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz.sha256sum) / 64c633ae194bde77b7e7b7936a2814a7417817dc8b7bb7d270bd24a7a17b8d12) - [MacOS arm64](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz.sha256sum) / ff502fd39b06497fa3d5a51ec2ced02b9fcfdb0e9a948d315fb1b2f13ddc39fb) - [Linux amd64](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz.sha256sum) / 0885a501d586c1e949e9b113bf3fb3290b0bbf74db9444a1d8c2723a143006a5) - [Linux arm](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz.sha256sum) / b70fb6fa2cdf0a5c782320c9d7e7b155fcaec260169218c98316bb3cf0d431d9) - [Linux arm64](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz.sha256sum) / c65d6a9557bb359abc2c0d26670de850b52327dc3976ad6f9e14c298ea3e1b61) - [Linux i386](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz.sha256sum) / 0e08cd56cc952ab4646c57c5ec7cde2412c39373aec3df659a14597dd9874461) - [Linux ppc64le](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz.sha256sum) / f3bc8582ff151e619cd285d9cdf9fef1c5733ee5522d8bed2ef680ef07f87223) - [Linux s390x](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz.sha256sum) / 7bda34aa26638e5116b31385f3b781172572175bf4c1ae00c87d8b154458ed94) - [Linux riscv64](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz.sha256sum) / f6278facd3e2e6af52a5f6d038f2149428d115ba2b4523edbe5889d1170e9203) - [Windows amd64](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip.sha256sum) / aa094e435da74ad574f96924c37ecd0c75f0be707ac604ef97ed6021d6bc0784) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@mattfarina](https://togithub.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.14.3 will contain only bug fixes and be released on March 13, 2024. - 3.15.0 is the next feature release and will be on May 08, 2024.bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)
### [`v3.2.26`](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26) ### [`v3.2.25`](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25) ### [`v3.2.24`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.24) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.23...3.2.24) #### Feature - **cloudformation:** add CFN policies for MSK - [#6021](https://togithub.com/bridgecrewio/checkov/pull/6021) ### [`v3.2.23`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.23) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.22...3.2.23) #### Bug Fix - **terraform:** support vertex reference based on foreach key - [#6039](https://togithub.com/bridgecrewio/checkov/pull/6039) ### [`v3.2.22`](https://togithub.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#3222---2024-02-18) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.21...3.2.22) ##### Bug Fix - **terraform:** CKV_AWS\_308 - checked if caching was enabled and only then check for encryption of cache - [#6034](https://togithub.com/bridgecrewio/checkov/pull/6034)mikefarah/yq (mikefarah/yq)
### [`v4.42.1`](https://togithub.com/mikefarah/yq/releases/tag/v4.42.1) [Compare Source](https://togithub.com/mikefarah/yq/compare/v4.41.1...v4.42.1) - Can execute yq expression files directly with shebang [#1851](https://togithub.com/mikefarah/yq/issues/1851) - Added --csv-separator flag [#1950](https://togithub.com/mikefarah/yq/issues/1950) - Added --properties-separator option - thanks [@learnitall](https://togithub.com/learnitall) [#1864](https://togithub.com/mikefarah/yq/issues/1864) - Added --properties-array-brackets flag for properties encoder [#1933](https://togithub.com/mikefarah/yq/issues/1933) - Shell completion improvements - thanks [@scop](https://togithub.com/scop) [#1911](https://togithub.com/mikefarah/yq/issues/1911) - Bumped dependenciesopentofu/opentofu (opentofu)
### [`v1.6.2`](https://togithub.com/opentofu/opentofu/releases/tag/v1.6.2) [Compare Source](https://togithub.com/opentofu/opentofu/compare/v1.6.1...v1.6.2) OpenTofu 1.6.2 is now out! The main improvement is a [bug fix related to passing outputs from one test as inputs to another when using `tofu test`](https://togithub.com/opentofu/opentofu/pull/1254). Other than that, continuing the work from the previous release, there are [further fixes to unit tests](https://togithub.com/opentofu/opentofu/pull/1214), to make them consistently work across architectures. If you'd like to read about all the changes introduced, check out the detailed [changelog](https://togithub.com/opentofu/opentofu/blob/v1.6/CHANGELOG.md#162).pre-commit/pre-commit (pre-commit)
### [`v3.6.2`](https://togithub.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#362---2024-02-18) [Compare Source](https://togithub.com/pre-commit/pre-commit/compare/v3.6.1...v3.6.2) \================== ##### Fixes - Fix building golang hooks during `git commit --all`. - [#3130](https://togithub.com/pre-commit/pre-commit/issues/3130) PR by [@asottile](https://togithub.com/asottile). - [#2722](https://togithub.com/pre-commit/pre-commit/issues/2722) issue by [@pestanko](https://togithub.com/pestanko) and [@matthewhughes934](https://togithub.com/matthewhughes934).Configuration
📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.