Closed saschagrunert closed 1 year ago
Nothing other than https://github.com/kubernetes-sigs/security-profiles-operator/pull/1127
Given https://github.com/kubernetes-sigs/security-profiles-operator/pull/1112, I think we should rather release 0.5.0 than 0.4.3.
Do we want to graduate another API by the way @JAORMX @pjbgf @jhrozek?
Given #1112, I think we should rather release 0.5.0 than 0.4.3.
Do we want to graduate another API by the way @JAORMX @pjbgf @jhrozek?
Hmm, good point. What about graduating the SELinux APIs to beta? We haven't changed them in a while and they were also reviewed by @bachradsusi who is the selinux userspace upstream maintainer. So I think those should be safe.
Maybe also the secprofnodestatus API could be graduated, it's unlikely to change (even though we had a bug filed yesterday)
I'm going to be touching the profilerecording API soon, so not that one.
I'm unsure about the SPOD API. On the one hand, we should graduate it as all APIs, on the other hand, it seems to be changing quite often.
When are you aiming to get the this release out by? I have a few changes to improve AppArmor support but that is still WIP.
1063 is the only thing I can think of.
When are you aiming to get the this release out by? I have a few changes to improve AppArmor support but that is still WIP.
We're not on a rush, we can wait a bunch of weeks. How about before KubeCon (Oct 24)?
On Wed, Sep 07, 2022 at 04:18:19AM -0700, Sascha Grunert wrote:
1063 is the only thing I can think of.
When are you aiming to get the this release out by? I have a few changes to improve AppArmor support but that is still WIP.
We're not on a rush, we can wait a bunch of weeks. How about before KubeCon (Oct 24)?
I /might/ ask for a release (regardless of the version number) by the end of September for OCP inclusion.
(pending some RHCOS dependencies)
I should have AppArmor in a good place by end of Oct.
But agree with @jhrozek that we could have a release before then as well.
I'd like to get in the libbpf 1.0.0 release, but for that we have to get https://github.com/NixOS/nixpkgs/pull/187978 merged first.
I'd like to get in the libbpf 1.0.0 release, but for that we have to get NixOS/nixpkgs#187978 merged first.
This was done in https://github.com/kubernetes-sigs/security-profiles-operator/commit/0ca6f66d7beb610bcacd83a7270d3a43d6ea56a3 correct?
I'd like to get in the libbpf 1.0.0 release, but for that we have to get NixOS/nixpkgs#187978 merged first.
This was done in 0ca6f66 correct?
Yep, correct.
@JAORMX @jhrozek @pjbgf happy to target the release for Oct 17?
@JAORMX @jhrozek @pjbgf happy to target the release for Oct 17?
I am!
Go ahead with 0.5.0, the changes for AppArmor will come in for 0.6.0.
The release notes:
# Release notes
Welcome to our glorious v0.5.0 release of the **security-profiles-operator**! We hope you enjoy this release as much as we do! The general usage and setup can be found [in our documentation][0]. :partying_face: :dancers:
To install the operator, run:
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.5.0/deploy/operator.yaml
You can also verify the container image signature by using [cosign][1]:
$ COSIGN_EXPERIMENTAL=1 cosign verify k8s.gcr.io/security-profiles-operator/security-profiles-operator:v0.5.0
Feel free to provide us any kind of feedback in the official [Kubernetes Slack #security-profiles-operator channel][2].
[0]: https://github.com/kubernetes-sigs/security-profiles-operator/blob/v0.5.0/installation-usage.md
[1]: https://github.com/sigstore/cosign
[2]: https://app.slack.com/client/T09NY5SBT/C013FQNB0A2
## Changes by Kind
### Deprecation
- In order to increase stability and scalability of the profile recording webhooks, the internal state of the webhooks has been removed.
The user-visible effect is that container recordings no longer include a trailing number in their name (they used to be named e.g. `myrecording-nginx-1, myrecording-nginx-2`) but instead the hash that comes from the pod's generated name.
In addition, the support hook based recording has been deprecated. The only supported modes of profile recording going forward are logs and bpf. (#1112, @jhrozek)
### API Change
- Add support for Seccomp Profiles that make use of the Seccomp Notify feature with the wait_killable semantic (SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV). (#1201, @alban)
- The profileRecording CR contains a new optional field mergeStrategy, defaulting
to none. When this field is set to containers, the recorded profiles will be set
as partial, both using a label and the profile status. These profiles are not
reconciled until the profileRecording exists, at which point the partial profiles
are merged and a union of the partial profiles is created and finally reconciled.
This allows for easier recording of policies e.g. during longer e2e runs which
are recording the policies. (#1179, @jhrozek)
- The spod CR now has a new attribute objectSelector that allows to configure
which objects would SPO's webhooks match on. By default, the selector matches
all, but setting the selector to include e.g. only certain labels might be a way
to further ensure that possible bugs in the webhooks don't affect the rest of
the cluster. (#1232, @jhrozek)
### Feature
- Add an option to deploy statically all webhook resources in order to improve the operator security. (#1053, @ccojocar)
- Add imagePullSecrets to SPOD configuration. (#1227, @ccojocar)
- Add v1 to admission review versions and AARCH64 architecture to default profile. (#1238, @ccojocar)
- Added Affinity to SPOD configuration. (#1217, @ccojocar)
- Added a basic helm chart. The chart is generated by running "make deployments" (#1013, @stephen-fox)
- It is now possible to enable the log enricher at install time by setting the
ENABLE_LOG_ENRICHER environment value to true. (#1235, @jhrozek)
- Pod denials labeling feature was removed. (#1088, @JAORMX)
- SPO changed the way the webhooks are enabled from listening on all namespaces by default
to explicitly listening for activity on namespaces labeled with spo.x-k8s.io/enable-binding
and spo.x-k8s.io/enable-recording respectively. (#1207, @jhrozek)
- Updated BPF event processing to run in parallel. (#1110, @saschagrunert)
- Use security context to set up the default seccomp profile for spod pod and security-profiles-operator container. (#1239, @ccojocar)
### Documentation
- Added documentation about how to install the operator on OpenShift via OperatorHub. (#1145, @saschagrunert)
- If the log-based recorder is in use and the user attempts to either record a container which already had its SecurityContext set or attempts to record a privileged container (which ignores both seccomp profiles and selinux contexts), the profile recording webhook issues a warning event. (#1156, @jhrozek)
- Updated the bpf recorder to fail if running on Linux kernels < 5.8. We now also updated the documentation and shipped BTF about that behavior. (#1039, @saschagrunert)
### Bug or Regression
- Automatically add `openshift.io/cluster-monitoring=true` to the operator namespace to allow the service monitor to work as intended. (#1148, @saschagrunert)
- Filtering host processes by host mount namespace to prevent ebpf map from filling up during recording. (#1166, @neblen)
- Fix the finalizer string too long, shorten the length of the node name if the finalizer string combined length is over the size of 63 (#1178, @Vincent056)
### Other (Cleanup or Flake)
- Additional debug information about AppArmor state is now provided at start-up. (#1079, @pjbgf)
- Updated cert-manager to v1.9.1. (#1043, @saschagrunert)
- Updated kube-rbac-proxy to v0.13.0. (#1023, @saschagrunert)
- Updated libbpf to v1.0.1. (#1205, @saschagrunert)
- Updated required golang to version 1.19. (#1109, @saschagrunert)
## Dependencies
### Added
- 4d63.com/gochecknoglobals: v0.1.0
- bitbucket.org/creachadair/shell: v0.0.7
- cloud.google.com/go/compute: v1.7.0
- cloud.google.com/go/spanner: v1.7.0
- contrib.go.opencensus.io/exporter/stackdriver: v0.13.4
- cuelang.org/go: v0.4.3
- github.com/Antonboom/errname: [v0.1.5](https://github.com/Antonboom/errname/tree/v0.1.5)
- github.com/Antonboom/nilnil: [v0.1.0](https://github.com/Antonboom/nilnil/tree/v0.1.0)
- github.com/Azure/go-autorest/autorest/azure/auth: [v0.5.11](https://github.com/Azure/go-autorest/autorest/azure/auth/tree/v0.5.11)
- github.com/Azure/go-autorest/autorest/azure/cli: [v0.4.5](https://github.com/Azure/go-autorest/autorest/azure/cli/tree/v0.4.5)
- github.com/Azure/go-ntlmssp: [6637195](https://github.com/Azure/go-ntlmssp/tree/6637195)
- github.com/DATA-DOG/go-sqlmock: [v1.5.0](https://github.com/DATA-DOG/go-sqlmock/tree/v1.5.0)
- github.com/Djarvur/go-err113: [aea10b5](https://github.com/Djarvur/go-err113/tree/aea10b5)
- github.com/Masterminds/semver: [v1.5.0](https://github.com/Masterminds/semver/tree/v1.5.0)
- github.com/Masterminds/sprig: [v2.22.0+incompatible](https://github.com/Masterminds/sprig/tree/v2.22.0)
- github.com/Masterminds/vcs: [v1.13.3](https://github.com/Masterminds/vcs/tree/v1.13.3)
- github.com/OpenPeeDeeP/depguard: [v1.0.1](https://github.com/OpenPeeDeeP/depguard/tree/v1.0.1)
- github.com/StackExchange/wmi: [v1.2.1](https://github.com/StackExchange/wmi/tree/v1.2.1)
- github.com/ThalesIgnite/crypto11: [v1.2.5](https://github.com/ThalesIgnite/crypto11/tree/v1.2.5)
- github.com/agnivade/levenshtein: [v1.0.1](https://github.com/agnivade/levenshtein/tree/v1.0.1)
- github.com/alexkohler/prealloc: [v1.0.0](https://github.com/alexkohler/prealloc/tree/v1.0.0)
- github.com/aokoli/goutils: [v1.0.1](https://github.com/aokoli/goutils/tree/v1.0.1)
- github.com/ashanbrown/forbidigo: [v1.2.0](https://github.com/ashanbrown/forbidigo/tree/v1.2.0)
- github.com/ashanbrown/makezero: [b626158](https://github.com/ashanbrown/makezero/tree/b626158)
- github.com/aws/aws-sdk-go-v2/config: [v1.17.1](https://github.com/aws/aws-sdk-go-v2/config/tree/v1.17.1)
- github.com/aws/aws-sdk-go-v2/credentials: [v1.12.14](https://github.com/aws/aws-sdk-go-v2/credentials/tree/v1.12.14)
- github.com/aws/aws-sdk-go-v2/feature/ec2/imds: [v1.12.12](https://github.com/aws/aws-sdk-go-v2/feature/ec2/imds/tree/v1.12.12)
- github.com/aws/aws-sdk-go-v2/internal/configsources: [v1.1.18](https://github.com/aws/aws-sdk-go-v2/internal/configsources/tree/v1.1.18)
- github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: [v2.4.12](https://github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/tree/v2.4.12)
- github.com/aws/aws-sdk-go-v2/internal/ini: [v1.3.19](https://github.com/aws/aws-sdk-go-v2/internal/ini/tree/v1.3.19)
- github.com/aws/aws-sdk-go-v2/service/ecr: [v1.15.0](https://github.com/aws/aws-sdk-go-v2/service/ecr/tree/v1.15.0)
- github.com/aws/aws-sdk-go-v2/service/ecrpublic: [v1.12.0](https://github.com/aws/aws-sdk-go-v2/service/ecrpublic/tree/v1.12.0)
- github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: [v1.9.12](https://github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/tree/v1.9.12)
- github.com/aws/aws-sdk-go-v2/service/sso: [v1.11.17](https://github.com/aws/aws-sdk-go-v2/service/sso/tree/v1.11.17)
- github.com/aws/aws-sdk-go-v2/service/sts: [v1.16.13](https://github.com/aws/aws-sdk-go-v2/service/sts/tree/v1.16.13)
- github.com/aws/aws-sdk-go-v2: [v1.16.11](https://github.com/aws/aws-sdk-go-v2/tree/v1.16.11)
- github.com/aws/smithy-go: [v1.12.1](https://github.com/aws/smithy-go/tree/v1.12.1)
- github.com/awslabs/amazon-ecr-credential-helper/ecr-login: [396b203](https://github.com/awslabs/amazon-ecr-credential-helper/ecr-login/tree/396b203)
- github.com/bkielbasa/cyclop: [v1.2.0](https://github.com/bkielbasa/cyclop/tree/v1.2.0)
- github.com/blizzy78/varnamelen: [v0.3.0](https://github.com/blizzy78/varnamelen/tree/v0.3.0)
- github.com/bombsimon/wsl/v3: [v3.3.0](https://github.com/bombsimon/wsl/v3/tree/v3.3.0)
- github.com/breml/bidichk: [v0.1.1](https://github.com/breml/bidichk/tree/v0.1.1)
- github.com/butuzov/ireturn: [v0.1.1](https://github.com/butuzov/ireturn/tree/v0.1.1)
- github.com/charithe/durationcheck: [v0.0.9](https://github.com/charithe/durationcheck/tree/v0.0.9)
- github.com/chavacava/garif: [e8a0a40](https://github.com/chavacava/garif/tree/e8a0a40)
- github.com/chrismellard/docker-credential-acr-env: [fe33c00](https://github.com/chrismellard/docker-credential-acr-env/tree/fe33c00)
- github.com/cockroachdb/apd/v2: [v2.0.1](https://github.com/cockroachdb/apd/v2/tree/v2.0.1)
- github.com/coreos/go-etcd: [v2.0.0+incompatible](https://github.com/coreos/go-etcd/tree/v2.0.0)
- github.com/coreos/go-oidc/v3: [v3.2.0](https://github.com/coreos/go-oidc/v3/tree/v3.2.0)
- github.com/cpuguy83/go-md2man: [v1.0.10](https://github.com/cpuguy83/go-md2man/tree/v1.0.10)
- github.com/cyberphone/json-canonicalization: [dc406ce](https://github.com/cyberphone/json-canonicalization/tree/dc406ce)
- github.com/daixiang0/gci: [v0.2.9](https://github.com/daixiang0/gci/tree/v0.2.9)
- github.com/denis-tingajkin/go-header: [v0.4.2](https://github.com/denis-tingajkin/go-header/tree/v0.4.2)
- github.com/dimchansky/utfbom: [v1.1.1](https://github.com/dimchansky/utfbom/tree/v1.1.1)
- github.com/distribution/distribution/v3: [ffbd94c](https://github.com/distribution/distribution/v3/tree/ffbd94c)
- github.com/emicklei/go-restful/v3: [v3.8.0](https://github.com/emicklei/go-restful/v3/tree/v3.8.0)
- github.com/emicklei/proto: [v1.6.15](https://github.com/emicklei/proto/tree/v1.6.15)
- github.com/esimonov/ifshort: [v1.0.3](https://github.com/esimonov/ifshort/tree/v1.0.3)
- github.com/ettle/strcase: [v0.1.1](https://github.com/ettle/strcase/tree/v0.1.1)
- github.com/fatih/structtag: [v1.2.0](https://github.com/fatih/structtag/tree/v1.2.0)
- github.com/flowstack/go-jsonschema: [v0.1.1](https://github.com/flowstack/go-jsonschema/tree/v0.1.1)
- github.com/fullstorydev/grpcurl: [v1.8.6](https://github.com/fullstorydev/grpcurl/tree/v1.8.6)
- github.com/fzipp/gocyclo: [v0.3.1](https://github.com/fzipp/gocyclo/tree/v0.3.1)
- github.com/go-asn1-ber/asn1-ber: [v1.5.1](https://github.com/go-asn1-ber/asn1-ber/tree/v1.5.1)
- github.com/go-chi/chi: [v4.1.2+incompatible](https://github.com/go-chi/chi/tree/v4.1.2)
- github.com/go-critic/go-critic: [v0.6.1](https://github.com/go-critic/go-critic/tree/v0.6.1)
- github.com/go-gorp/gorp/v3: [v3.0.2](https://github.com/go-gorp/gorp/v3/tree/v3.0.2)
- github.com/go-ldap/ldap/v3: [v3.4.2](https://github.com/go-ldap/ldap/v3/tree/v3.4.2)
- github.com/go-ole/go-ole: [v1.2.6](https://github.com/go-ole/go-ole/tree/v1.2.6)
- github.com/go-openapi/analysis: [v0.21.4](https://github.com/go-openapi/analysis/tree/v0.21.4)
- github.com/go-openapi/errors: [v0.20.3](https://github.com/go-openapi/errors/tree/v0.20.3)
- github.com/go-openapi/loads: [v0.21.2](https://github.com/go-openapi/loads/tree/v0.21.2)
- github.com/go-openapi/runtime: [v0.24.1](https://github.com/go-openapi/runtime/tree/v0.24.1)
- github.com/go-openapi/strfmt: [v0.21.3](https://github.com/go-openapi/strfmt/tree/v0.21.3)
- github.com/go-openapi/validate: [v0.22.0](https://github.com/go-openapi/validate/tree/v0.22.0)
- github.com/go-piv/piv-go: [v1.10.0](https://github.com/go-piv/piv-go/tree/v1.10.0)
- github.com/go-playground/locales: [v0.14.0](https://github.com/go-playground/locales/tree/v0.14.0)
- github.com/go-playground/universal-translator: [v0.18.0](https://github.com/go-playground/universal-translator/tree/v0.18.0)
- github.com/go-playground/validator/v10: [v10.11.0](https://github.com/go-playground/validator/v10/tree/v10.11.0)
- github.com/go-redis/redis: [v6.15.8+incompatible](https://github.com/go-redis/redis/tree/v6.15.8)
- github.com/go-sql-driver/mysql: [v1.5.0](https://github.com/go-sql-driver/mysql/tree/v1.5.0)
- github.com/go-toolsmith/astcast: [v1.0.0](https://github.com/go-toolsmith/astcast/tree/v1.0.0)
- github.com/go-toolsmith/astcopy: [v1.0.0](https://github.com/go-toolsmith/astcopy/tree/v1.0.0)
- github.com/go-toolsmith/astequal: [v1.0.1](https://github.com/go-toolsmith/astequal/tree/v1.0.1)
- github.com/go-toolsmith/astfmt: [v1.0.0](https://github.com/go-toolsmith/astfmt/tree/v1.0.0)
- github.com/go-toolsmith/astinfo: [9809ff7](https://github.com/go-toolsmith/astinfo/tree/9809ff7)
- github.com/go-toolsmith/astp: [v1.0.0](https://github.com/go-toolsmith/astp/tree/v1.0.0)
- github.com/go-toolsmith/pkgload: [v1.0.0](https://github.com/go-toolsmith/pkgload/tree/v1.0.0)
- github.com/go-toolsmith/strparse: [v1.0.0](https://github.com/go-toolsmith/strparse/tree/v1.0.0)
- github.com/go-toolsmith/typep: [v1.0.2](https://github.com/go-toolsmith/typep/tree/v1.0.2)
- github.com/go-xmlfmt/xmlfmt: [d5b6f63](https://github.com/go-xmlfmt/xmlfmt/tree/d5b6f63)
- github.com/gofrs/flock: [v0.8.1](https://github.com/gofrs/flock/tree/v0.8.1)
- github.com/golang-jwt/jwt: [v3.2.2+incompatible](https://github.com/golang-jwt/jwt/tree/v3.2.2)
- github.com/golangci/check: [cfe4005](https://github.com/golangci/check/tree/cfe4005)
- github.com/golangci/dupl: [3e9179a](https://github.com/golangci/dupl/tree/3e9179a)
- github.com/golangci/go-misc: [927a3d8](https://github.com/golangci/go-misc/tree/927a3d8)
- github.com/golangci/gofmt: [244bba7](https://github.com/golangci/gofmt/tree/244bba7)
- github.com/golangci/golangci-lint: [v1.43.0](https://github.com/golangci/golangci-lint/tree/v1.43.0)
- github.com/golangci/lint-1: [297bf36](https://github.com/golangci/lint-1/tree/297bf36)
- github.com/golangci/maligned: [b1d8939](https://github.com/golangci/maligned/tree/b1d8939)
- github.com/golangci/misspell: [v0.3.5](https://github.com/golangci/misspell/tree/v0.3.5)
- github.com/golangci/revgrep: [c22e500](https://github.com/golangci/revgrep/tree/c22e500)
- github.com/golangci/unconvert: [28b1c44](https://github.com/golangci/unconvert/tree/28b1c44)
- github.com/gomodule/redigo: [v1.8.2](https://github.com/gomodule/redigo/tree/v1.8.2)
- github.com/google/certificate-transparency-go: [v1.1.3](https://github.com/google/certificate-transparency-go/tree/v1.1.3)
- github.com/google/go-github/v45: [v45.2.0](https://github.com/google/go-github/v45/tree/v45.2.0)
- github.com/google/trillian: [v1.4.1](https://github.com/google/trillian/tree/v1.4.1)
- github.com/googleapis/enterprise-certificate-proxy: [v0.1.0](https://github.com/googleapis/enterprise-certificate-proxy/tree/v0.1.0)
- github.com/gookit/color: [v1.4.2](https://github.com/gookit/color/tree/v1.4.2)
- github.com/gordonklaus/ineffassign: [2e10b26](https://github.com/gordonklaus/ineffassign/tree/2e10b26)
- github.com/gorhill/cronexpr: [88b0669](https://github.com/gorhill/cronexpr/tree/88b0669)
- github.com/gostaticanalysis/analysisutil: [v0.7.1](https://github.com/gostaticanalysis/analysisutil/tree/v0.7.1)
- github.com/gostaticanalysis/comment: [v1.4.2](https://github.com/gostaticanalysis/comment/tree/v1.4.2)
- github.com/gostaticanalysis/forcetypeassert: [01d4955](https://github.com/gostaticanalysis/forcetypeassert/tree/01d4955)
- github.com/gostaticanalysis/nilerr: [v0.1.1](https://github.com/gostaticanalysis/nilerr/tree/v0.1.1)
- github.com/gostaticanalysis/testutil: [v0.4.0](https://github.com/gostaticanalysis/testutil/tree/v0.4.0)
- github.com/grpc-ecosystem/grpc-gateway/v2: [v2.11.2](https://github.com/grpc-ecosystem/grpc-gateway/v2/tree/v2.11.2)
- github.com/in-toto/in-toto-golang: [fa494aa](https://github.com/in-toto/in-toto-golang/tree/fa494aa)
- github.com/jedisct1/go-minisign: [1c139d1](https://github.com/jedisct1/go-minisign/tree/1c139d1)
- github.com/jellydator/ttlcache/v3: [v3.0.0](https://github.com/jellydator/ttlcache/v3/tree/v3.0.0)
- github.com/jgautheron/goconst: [v1.5.1](https://github.com/jgautheron/goconst/tree/v1.5.1)
- github.com/jhump/protoreflect: [v1.12.0](https://github.com/jhump/protoreflect/tree/v1.12.0)
- github.com/jingyugao/rowserrcheck: [v1.1.1](https://github.com/jingyugao/rowserrcheck/tree/v1.1.1)
- github.com/jirfag/go-printf-func-name: [7558a9e](https://github.com/jirfag/go-printf-func-name/tree/7558a9e)
- github.com/josharian/txtarfs: [0702f00](https://github.com/josharian/txtarfs/tree/0702f00)
- github.com/juju/ratelimit: [v1.0.1](https://github.com/juju/ratelimit/tree/v1.0.1)
- github.com/julz/importas: [841f0c0](https://github.com/julz/importas/tree/841f0c0)
- github.com/k0kubun/colorstring: [9440f19](https://github.com/k0kubun/colorstring/tree/9440f19)
- github.com/kulti/thelper: [v0.4.0](https://github.com/kulti/thelper/tree/v0.4.0)
- github.com/kunwardeep/paralleltest: [v1.0.3](https://github.com/kunwardeep/paralleltest/tree/v1.0.3)
- github.com/kylelemons/godebug: [v1.1.0](https://github.com/kylelemons/godebug/tree/v1.1.0)
- github.com/kyoh86/exportloopref: [v0.1.8](https://github.com/kyoh86/exportloopref/tree/v0.1.8)
- github.com/ldez/gomoddirectives: [v0.2.2](https://github.com/ldez/gomoddirectives/tree/v0.2.2)
- github.com/ldez/tagliatelle: [v0.2.0](https://github.com/ldez/tagliatelle/tree/v0.2.0)
- github.com/leodido/go-urn: [v1.2.1](https://github.com/leodido/go-urn/tree/v1.2.1)
- github.com/letsencrypt/boulder: [27de4be](https://github.com/letsencrypt/boulder/tree/27de4be)
- github.com/letsencrypt/pkcs11key/v4: [v4.0.0](https://github.com/letsencrypt/pkcs11key/v4/tree/v4.0.0)
- github.com/logrusorgru/aurora: [a7b3b31](https://github.com/logrusorgru/aurora/tree/a7b3b31)
- github.com/lufia/plan9stats: [39d0f17](https://github.com/lufia/plan9stats/tree/39d0f17)
- github.com/maratori/testpackage: [v1.0.1](https://github.com/maratori/testpackage/tree/v1.0.1)
- github.com/matoous/godox: [6504466](https://github.com/matoous/godox/tree/6504466)
- github.com/mattn/go-sqlite3: [v1.9.0](https://github.com/mattn/go-sqlite3/tree/v1.9.0)
- github.com/mattn/goveralls: [v0.0.2](https://github.com/mattn/goveralls/tree/v0.0.2)
- github.com/mbilski/exhaustivestruct: [v1.2.0](https://github.com/mbilski/exhaustivestruct/tree/v1.2.0)
- github.com/mgechev/dots: [e955255](https://github.com/mgechev/dots/tree/e955255)
- github.com/mgechev/revive: [v1.1.2](https://github.com/mgechev/revive/tree/v1.1.2)
- github.com/mitchellh/go-ps: [v1.0.0](https://github.com/mitchellh/go-ps/tree/v1.0.0)
- github.com/mohae/deepcopy: [c48cc78](https://github.com/mohae/deepcopy/tree/c48cc78)
- github.com/moricho/tparallel: [v0.2.1](https://github.com/moricho/tparallel/tree/v0.2.1)
- github.com/mozilla/scribe: [fb71baf](https://github.com/mozilla/scribe/tree/fb71baf)
- github.com/mozilla/tls-observatory: [7bc4285](https://github.com/mozilla/tls-observatory/tree/7bc4285)
- github.com/mpvl/unique: [cbe035f](https://github.com/mpvl/unique/tree/cbe035f)
- github.com/mwitkow/go-proto-validators: [v0.2.0](https://github.com/mwitkow/go-proto-validators/tree/v0.2.0)
- github.com/nakabonne/nestif: [v0.3.1](https://github.com/nakabonne/nestif/tree/v0.3.1)
- github.com/nbutton23/zxcvbn-go: [fa2cb28](https://github.com/nbutton23/zxcvbn-go/tree/fa2cb28)
- github.com/nishanths/exhaustive: [v0.2.3](https://github.com/nishanths/exhaustive/tree/v0.2.3)
- github.com/nishanths/predeclared: [v0.2.1](https://github.com/nishanths/predeclared/tree/v0.2.1)
- github.com/open-policy-agent/opa: [v0.43.0](https://github.com/open-policy-agent/opa/tree/v0.43.0)
- github.com/otiai10/copy: [v1.2.0](https://github.com/otiai10/copy/tree/v1.2.0)
- github.com/otiai10/curr: [v1.0.0](https://github.com/otiai10/curr/tree/v1.0.0)
- github.com/otiai10/mint: [v1.3.1](https://github.com/otiai10/mint/tree/v1.3.1)
- github.com/pborman/uuid: [v1.2.0](https://github.com/pborman/uuid/tree/v1.2.0)
- github.com/pelletier/go-toml/v2: [v2.0.1](https://github.com/pelletier/go-toml/v2/tree/v2.0.1)
- github.com/phayes/checkstyle: [bfd46e6](https://github.com/phayes/checkstyle/tree/bfd46e6)
- github.com/phayes/freeport: [74d24b5](https://github.com/phayes/freeport/tree/74d24b5)
- github.com/polyfloyd/go-errorlint: [910bb79](https://github.com/polyfloyd/go-errorlint/tree/910bb79)
- github.com/protocolbuffers/txtpbfmt: [f6a6b3f](https://github.com/protocolbuffers/txtpbfmt/tree/f6a6b3f)
- github.com/pseudomuto/protoc-gen-doc: [v1.3.2](https://github.com/pseudomuto/protoc-gen-doc/tree/v1.3.2)
- github.com/pseudomuto/protokit: [v0.2.0](https://github.com/pseudomuto/protokit/tree/v0.2.0)
- github.com/quasilyte/go-consistent: [c6f3937](https://github.com/quasilyte/go-consistent/tree/c6f3937)
- github.com/quasilyte/go-ruleguard/dsl: [v0.3.10](https://github.com/quasilyte/go-ruleguard/dsl/tree/v0.3.10)
- github.com/quasilyte/go-ruleguard/rules: [545e0d2](https://github.com/quasilyte/go-ruleguard/rules/tree/545e0d2)
- github.com/quasilyte/go-ruleguard: [v0.3.13](https://github.com/quasilyte/go-ruleguard/tree/v0.3.13)
- github.com/quasilyte/regex/syntax: [30656e2](https://github.com/quasilyte/regex/syntax/tree/30656e2)
- github.com/rcrowley/go-metrics: [cf1acfc](https://github.com/rcrowley/go-metrics/tree/cf1acfc)
- github.com/rs/cors: [v1.7.0](https://github.com/rs/cors/tree/v1.7.0)
- github.com/ryancurrah/gomodguard: [v1.2.3](https://github.com/ryancurrah/gomodguard/tree/v1.2.3)
- github.com/ryanrolds/sqlclosecheck: [v0.3.0](https://github.com/ryanrolds/sqlclosecheck/tree/v0.3.0)
- github.com/sagikazarmark/crypt: [v0.1.0](https://github.com/sagikazarmark/crypt/tree/v0.1.0)
- github.com/sanposhiho/wastedassign/v2: [v2.0.6](https://github.com/sanposhiho/wastedassign/v2/tree/v2.0.6)
- github.com/sassoftware/relic: [dfb082b](https://github.com/sassoftware/relic/tree/dfb082b)
- github.com/secure-systems-lab/go-securesystemslib: [v0.4.0](https://github.com/secure-systems-lab/go-securesystemslib/tree/v0.4.0)
- github.com/securego/gosec/v2: [v2.9.1](https://github.com/securego/gosec/v2/tree/v2.9.1)
- github.com/segmentio/ksuid: [v1.0.4](https://github.com/segmentio/ksuid/tree/v1.0.4)
- github.com/shazow/go-diff: [b6b7b67](https://github.com/shazow/go-diff/tree/b6b7b67)
- github.com/shibumi/go-pathspec: [v1.3.0](https://github.com/shibumi/go-pathspec/tree/v1.3.0)
- github.com/shirou/gopsutil/v3: [v3.21.10](https://github.com/shirou/gopsutil/v3/tree/v3.21.10)
- github.com/shurcooL/go-goon: [37c2f52](https://github.com/shurcooL/go-goon/tree/37c2f52)
- github.com/shurcooL/go: [9e1955d](https://github.com/shurcooL/go/tree/9e1955d)
- github.com/sigstore/cosign: [v1.11.1](https://github.com/sigstore/cosign/tree/v1.11.1)
- github.com/sigstore/fulcio: [v0.5.3](https://github.com/sigstore/fulcio/tree/v0.5.3)
- github.com/sigstore/rekor: [v0.11.0](https://github.com/sigstore/rekor/tree/v0.11.0)
- github.com/sigstore/sigstore: [v1.4.0](https://github.com/sigstore/sigstore/tree/v1.4.0)
- github.com/sivchari/tenv: [v1.4.7](https://github.com/sivchari/tenv/tree/v1.4.7)
- github.com/skratchdot/open-golang: [eef8423](https://github.com/skratchdot/open-golang/tree/eef8423)
- github.com/sonatard/noctx: [v0.0.1](https://github.com/sonatard/noctx/tree/v0.0.1)
- github.com/sourcegraph/go-diff: [v0.6.1](https://github.com/sourcegraph/go-diff/tree/v0.6.1)
- github.com/spiffe/go-spiffe/v2: [v2.1.1](https://github.com/spiffe/go-spiffe/v2/tree/v2.1.1)
- github.com/ssgreg/nlreturn/v2: [v2.2.1](https://github.com/ssgreg/nlreturn/v2/tree/v2.2.1)
- github.com/sylvia7788/contextcheck: [v1.0.4](https://github.com/sylvia7788/contextcheck/tree/v1.0.4)
- github.com/syndtr/goleveldb: [2ae1ddf](https://github.com/syndtr/goleveldb/tree/2ae1ddf)
- github.com/tdakkota/asciicheck: [e657995](https://github.com/tdakkota/asciicheck/tree/e657995)
- github.com/tenntenn/modver: [v1.0.1](https://github.com/tenntenn/modver/tree/v1.0.1)
- github.com/tenntenn/text/transform: [7eef512](https://github.com/tenntenn/text/transform/tree/7eef512)
- github.com/tent/canonical-json-go: [96e4ba3](https://github.com/tent/canonical-json-go/tree/96e4ba3)
- github.com/tetafro/godot: [v1.4.11](https://github.com/tetafro/godot/tree/v1.4.11)
- github.com/thales-e-security/pool: [v0.0.2](https://github.com/thales-e-security/pool/tree/v0.0.2)
- github.com/theupdateframework/go-tuf: [v0.3.1](https://github.com/theupdateframework/go-tuf/tree/v0.3.1)
- github.com/timakin/bodyclose: [cb62158](https://github.com/timakin/bodyclose/tree/cb62158)
- github.com/titanous/rocacheck: [afe7314](https://github.com/titanous/rocacheck/tree/afe7314)
- github.com/tklauser/go-sysconf: [v0.3.9](https://github.com/tklauser/go-sysconf/tree/v0.3.9)
- github.com/tklauser/numcpus: [v0.3.0](https://github.com/tklauser/numcpus/tree/v0.3.0)
- github.com/tomarrell/wrapcheck/v2: [v2.4.0](https://github.com/tomarrell/wrapcheck/v2/tree/v2.4.0)
- github.com/tomasen/realip: [f0c99a9](https://github.com/tomasen/realip/tree/f0c99a9)
- github.com/tommy-muehle/go-mnd/v2: [v2.4.0](https://github.com/tommy-muehle/go-mnd/v2/tree/v2.4.0)
- github.com/transparency-dev/merkle: [v0.0.1](https://github.com/transparency-dev/merkle/tree/v0.0.1)
- github.com/ugorji/go/codec: [d75b2dc](https://github.com/ugorji/go/codec/tree/d75b2dc)
- github.com/ultraware/funlen: [v0.0.3](https://github.com/ultraware/funlen/tree/v0.0.3)
- github.com/ultraware/whitespace: [v0.0.4](https://github.com/ultraware/whitespace/tree/v0.0.4)
- github.com/uudashr/gocognit: [v1.0.5](https://github.com/uudashr/gocognit/tree/v1.0.5)
- github.com/valyala/bytebufferpool: [v1.0.0](https://github.com/valyala/bytebufferpool/tree/v1.0.0)
- github.com/valyala/fasthttp: [v1.30.0](https://github.com/valyala/fasthttp/tree/v1.30.0)
- github.com/valyala/quicktemplate: [v1.7.0](https://github.com/valyala/quicktemplate/tree/v1.7.0)
- github.com/valyala/tcplisten: [v1.0.0](https://github.com/valyala/tcplisten/tree/v1.0.0)
- github.com/vektah/gqlparser/v2: [v2.4.6](https://github.com/vektah/gqlparser/v2/tree/v2.4.6)
- github.com/viki-org/dnscache: [c70c1f2](https://github.com/viki-org/dnscache/tree/c70c1f2)
- github.com/xo/terminfo: [ca9a967](https://github.com/xo/terminfo/tree/ca9a967)
- github.com/yashtewari/glob-intersection: [v0.1.0](https://github.com/yashtewari/glob-intersection/tree/v0.1.0)
- github.com/yeya24/promlinter: [v0.1.0](https://github.com/yeya24/promlinter/tree/v0.1.0)
- github.com/yudai/gojsondiff: [v1.0.0](https://github.com/yudai/gojsondiff/tree/v1.0.0)
- github.com/yudai/golcs: [ecda9a5](https://github.com/yudai/golcs/tree/ecda9a5)
- github.com/yudai/pp: [v2.0.1+incompatible](https://github.com/yudai/pp/tree/v2.0.1)
- github.com/zeebo/errs: [v1.2.2](https://github.com/zeebo/errs/tree/v1.2.2)
- go.etcd.io/etcd/etcdctl/v3: v3.6.0-alpha.0
- go.etcd.io/etcd/etcdutl/v3: v3.6.0-alpha.0
- go.etcd.io/etcd/tests/v3: v3.6.0-alpha.0
- go.etcd.io/etcd/v3: v3.6.0-alpha.0
- go.mongodb.org/mongo-driver: v1.10.0
- go.mozilla.org/mozlog: 4bb1313
- go.uber.org/tools: 2cfd321
- gopkg.in/gcfg.v1: v1.2.3
- mvdan.cc/gofumpt: v0.1.1
- mvdan.cc/interfacer: c200402
- mvdan.cc/lint: adc824a
- mvdan.cc/unparam: aac4ce9
- sigs.k8s.io/release-sdk: v0.9.3
### Changed
- cloud.google.com/go/firestore: v1.1.0 → v1.6.0
- cloud.google.com/go/pubsub: v1.3.1 → v1.5.0
- github.com/Azure/azure-sdk-for-go: [v56.3.0+incompatible → v66.0.0+incompatible](https://github.com/Azure/azure-sdk-for-go/compare/v56.3.0...v66.0.0)
- github.com/Azure/go-autorest/autorest/adal: [v0.9.15 → v0.9.20](https://github.com/Azure/go-autorest/autorest/adal/compare/v0.9.15...v0.9.20)
- github.com/Azure/go-autorest/autorest: [v0.11.20 → v0.11.28](https://github.com/Azure/go-autorest/autorest/compare/v0.11.20...v0.11.28)
- github.com/MakeNowJust/heredoc: [bb23615 → v1.0.0](https://github.com/MakeNowJust/heredoc/compare/bb23615...v1.0.0)
- github.com/Masterminds/squirrel: [v1.5.2 → v1.5.3](https://github.com/Masterminds/squirrel/compare/v1.5.2...v1.5.3)
- github.com/Microsoft/hcsshim: [v0.9.2 → v0.9.3](https://github.com/Microsoft/hcsshim/compare/v0.9.2...v0.9.3)
- github.com/OneOfOne/xxhash: [v1.2.2 → v1.2.8](https://github.com/OneOfOne/xxhash/compare/v1.2.2...v1.2.8)
- github.com/andybalholm/brotli: [v1.0.1 → v1.0.3](https://github.com/andybalholm/brotli/compare/v1.0.1...v1.0.3)
- github.com/antlr/antlr4/runtime/Go/antlr: [b48c857 → f25a4f6](https://github.com/antlr/antlr4/runtime/Go/antlr/compare/b48c857...f25a4f6)
- github.com/aquasecurity/libbpfgo: [0.7.0 → 1.0.1](https://github.com/aquasecurity/libbpfgo/compare/0.7.0...1.0.1)
- github.com/asaskevich/govalidator: [21a406d → f21760c](https://github.com/asaskevich/govalidator/compare/21a406d...f21760c)
- github.com/aws/aws-sdk-go: [v1.40.21 → v1.44.111](https://github.com/aws/aws-sdk-go/compare/v1.40.21...v1.44.111)
- github.com/bshuster-repo/logrus-logstash-hook: [v0.4.1 → v1.0.0](https://github.com/bshuster-repo/logrus-logstash-hook/compare/v0.4.1...v1.0.0)
- github.com/carolynvs/magex: [v0.8.1 → v0.9.0](https://github.com/carolynvs/magex/compare/v0.8.1...v0.9.0)
- github.com/cenkalti/backoff/v4: [v4.1.2 → v4.1.3](https://github.com/cenkalti/backoff/v4/compare/v4.1.2...v4.1.3)
- github.com/census-instrumentation/opencensus-proto: [v0.2.1 → v0.3.0](https://github.com/census-instrumentation/opencensus-proto/compare/v0.2.1...v0.3.0)
- github.com/cert-manager/cert-manager: [v1.8.0 → v1.9.1](https://github.com/cert-manager/cert-manager/compare/v1.8.0...v1.9.1)
- github.com/chai2010/gettext-go: [c6fed77 → v1.0.2](https://github.com/chai2010/gettext-go/compare/c6fed77...v1.0.2)
- github.com/cncf/xds/go: [cb28da3 → a8f9461](https://github.com/cncf/xds/go/compare/cb28da3...a8f9461)
- github.com/containerd/containerd: [v1.6.4 → v1.6.6](https://github.com/containerd/containerd/compare/v1.6.4...v1.6.6)
- github.com/containerd/go-cni: [v1.1.5 → v1.1.6](https://github.com/containerd/go-cni/compare/v1.1.5...v1.1.6)
- github.com/containerd/stargz-snapshotter/estargz: [v0.11.4 → v0.12.0](https://github.com/containerd/stargz-snapshotter/estargz/compare/v0.11.4...v0.12.0)
- github.com/containernetworking/cni: [v1.1.0 → v1.1.1](https://github.com/containernetworking/cni/compare/v1.1.0...v1.1.1)
- github.com/coreos/go-systemd: [95778df → e64a0ec](https://github.com/coreos/go-systemd/compare/95778df...e64a0ec)
- github.com/cpuguy83/go-md2man/v2: [v2.0.1 → v2.0.2](https://github.com/cpuguy83/go-md2man/v2/compare/v2.0.1...v2.0.2)
- github.com/crossplane/crossplane-runtime: [v0.16.0 → v0.18.0](https://github.com/crossplane/crossplane-runtime/compare/v0.16.0...v0.18.0)
- github.com/docker/cli: [v20.10.11+incompatible → v20.10.17+incompatible](https://github.com/docker/cli/compare/v20.10.11...v20.10.17)
- github.com/docker/docker: [v20.10.15+incompatible → v20.10.17+incompatible](https://github.com/docker/docker/compare/v20.10.15...v20.10.17)
- github.com/envoyproxy/protoc-gen-validate: [v0.1.0 → v0.6.2](https://github.com/envoyproxy/protoc-gen-validate/compare/v0.1.0...v0.6.2)
- github.com/evanphx/json-patch: [v4.12.0+incompatible → v5.6.0+incompatible](https://github.com/evanphx/json-patch/compare/v4.12.0...v5.6.0)
- github.com/fsnotify/fsnotify: [v1.5.1 → v1.5.4](https://github.com/fsnotify/fsnotify/compare/v1.5.1...v1.5.4)
- github.com/go-kit/log: [v0.1.0 → v0.2.0](https://github.com/go-kit/log/compare/v0.1.0...v0.2.0)
- github.com/go-logfmt/logfmt: [v0.5.0 → v0.5.1](https://github.com/go-logfmt/logfmt/compare/v0.5.0...v0.5.1)
- github.com/go-logr/zapr: [v1.2.0 → v1.2.3](https://github.com/go-logr/zapr/compare/v1.2.0...v1.2.3)
- github.com/go-openapi/jsonreference: [v0.19.5 → v0.20.0](https://github.com/go-openapi/jsonreference/compare/v0.19.5...v0.20.0)
- github.com/go-openapi/spec: [v0.19.5 → v0.20.7](https://github.com/go-openapi/spec/compare/v0.19.5...v0.20.7)
- github.com/go-openapi/swag: [v0.19.14 → v0.22.3](https://github.com/go-openapi/swag/compare/v0.19.14...v0.22.3)
- github.com/golang-jwt/jwt/v4: [v4.0.0 → v4.4.2](https://github.com/golang-jwt/jwt/v4/compare/v4.0.0...v4.4.2)
- github.com/google/cel-go: [v0.10.1 → v0.12.4](https://github.com/google/cel-go/compare/v0.10.1...v0.12.4)
- github.com/google/gnostic: [v0.5.7-v3refs → v0.6.9](https://github.com/google/gnostic/compare/v0.5.7-v3refs...v0.6.9)
- github.com/google/go-cmp: [v0.5.6 → v0.5.8](https://github.com/google/go-cmp/compare/v0.5.6...v0.5.8)
- github.com/google/go-containerregistry: [v0.5.1 → v0.11.0](https://github.com/google/go-containerregistry/compare/v0.5.1...v0.11.0)
- github.com/google/go-querystring: [v1.0.0 → v1.1.0](https://github.com/google/go-querystring/compare/v1.0.0...v1.1.0)
- github.com/google/martian/v3: [v3.1.0 → v3.2.1](https://github.com/google/martian/v3/compare/v3.1.0...v3.2.1)
- github.com/google/pprof: [94a9f03 → 4bb14d4](https://github.com/google/pprof/compare/94a9f03...4bb14d4)
- github.com/gorilla/handlers: [60c7bfd → v1.5.1](https://github.com/gorilla/handlers/compare/60c7bfd...v1.5.1)
- github.com/gregjones/httpcache: [9cad4c3 → 901d907](https://github.com/gregjones/httpcache/compare/9cad4c3...901d907)
- github.com/hashicorp/consul/api: [v1.1.0 → v1.10.1](https://github.com/hashicorp/consul/api/compare/v1.1.0...v1.10.1)
- github.com/hashicorp/consul/sdk: [v0.1.1 → v0.8.0](https://github.com/hashicorp/consul/sdk/compare/v0.1.1...v0.8.0)
- github.com/hashicorp/go-retryablehttp: [v0.6.6 → v0.7.1](https://github.com/hashicorp/go-retryablehttp/compare/v0.6.6...v0.7.1)
- github.com/hashicorp/go-version: [v1.2.0 → v1.2.1](https://github.com/hashicorp/go-version/compare/v1.2.0...v1.2.1)
- github.com/hashicorp/mdns: [v1.0.0 → v1.0.1](https://github.com/hashicorp/mdns/compare/v1.0.0...v1.0.1)
- github.com/hashicorp/memberlist: [v0.1.3 → v0.2.2](https://github.com/hashicorp/memberlist/compare/v0.1.3...v0.2.2)
- github.com/hashicorp/serf: [v0.8.2 → v0.9.5](https://github.com/hashicorp/serf/compare/v0.8.2...v0.9.5)
- github.com/jmoiron/sqlx: [v1.3.4 → v1.3.5](https://github.com/jmoiron/sqlx/compare/v1.3.4...v1.3.5)
- github.com/jonboulle/clockwork: [v0.2.2 → v0.3.0](https://github.com/jonboulle/clockwork/compare/v0.2.2...v0.3.0)
- github.com/kisielk/errcheck: [v1.5.0 → v1.6.0](https://github.com/kisielk/errcheck/compare/v1.5.0...v1.6.0)
- github.com/klauspost/compress: [v1.15.2 → v1.15.8](https://github.com/klauspost/compress/compare/v1.15.2...v1.15.8)
- github.com/lib/pq: [v1.10.4 → v1.10.6](https://github.com/lib/pq/compare/v1.10.4...v1.10.6)
- github.com/magiconair/properties: [v1.8.5 → v1.8.6](https://github.com/magiconair/properties/compare/v1.8.5...v1.8.6)
- github.com/mailru/easyjson: [v0.7.6 → v0.7.7](https://github.com/mailru/easyjson/compare/v0.7.6...v0.7.7)
- github.com/matryer/is: [v1.2.0 → v1.4.0](https://github.com/matryer/is/compare/v1.2.0...v1.4.0)
- github.com/mitchellh/cli: [v1.0.0 → v1.1.0](https://github.com/mitchellh/cli/compare/v1.0.0...v1.1.0)
- github.com/mitchellh/mapstructure: [v1.4.3 → v1.5.0](https://github.com/mitchellh/mapstructure/compare/v1.4.3...v1.5.0)
- github.com/olekukonko/tablewriter: [a0225b3 → v0.0.5](https://github.com/olekukonko/tablewriter/compare/a0225b3...v0.0.5)
- github.com/onsi/ginkgo/v2: [v2.1.4 → v2.1.6](https://github.com/onsi/ginkgo/v2/compare/v2.1.4...v2.1.6)
- github.com/onsi/gomega: [v1.19.0 → v1.20.1](https://github.com/onsi/gomega/compare/v1.19.0...v1.20.1)
- github.com/opencontainers/image-spec: [a5463b7 → 8b9d41f](https://github.com/opencontainers/image-spec/compare/a5463b7...8b9d41f)
- github.com/opencontainers/runc: [v1.1.1 → v1.1.2](https://github.com/opencontainers/runc/compare/v1.1.1...v1.1.2)
- github.com/opentracing/opentracing-go: [v1.1.0 → v1.2.0](https://github.com/opentracing/opentracing-go/compare/v1.1.0...v1.2.0)
- github.com/pelletier/go-toml: [v1.9.3 → v1.9.5](https://github.com/pelletier/go-toml/compare/v1.9.3...v1.9.5)
- github.com/pjbgf/go-apparmor: [v0.0.7 → v0.0.9](https://github.com/pjbgf/go-apparmor/compare/v0.0.7...v0.0.9)
- github.com/posener/complete: [v1.1.1 → v1.2.3](https://github.com/posener/complete/compare/v1.1.1...v1.2.3)
- github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring: [v0.57.0 → v0.60.1](https://github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/compare/v0.57.0...v0.60.1)
- github.com/prometheus/client_golang: [v1.12.2 → v1.13.0](https://github.com/prometheus/client_golang/compare/v1.12.2...v1.13.0)
- github.com/prometheus/common: [v0.32.1 → v0.37.0](https://github.com/prometheus/common/compare/v0.32.1...v0.37.0)
- github.com/prometheus/procfs: [v0.7.3 → v0.8.0](https://github.com/prometheus/procfs/compare/v0.7.3...v0.8.0)
- github.com/rogpeppe/go-internal: [v1.6.1 → v1.8.0](https://github.com/rogpeppe/go-internal/compare/v1.6.1...v1.8.0)
- github.com/rubenv/sql-migrate: [55d5740 → v1.1.2](https://github.com/rubenv/sql-migrate/compare/55d5740...v1.1.2)
- github.com/sirupsen/logrus: [v1.8.1 → v1.9.0](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)
- github.com/spf13/afero: [v1.8.0 → v1.8.2](https://github.com/spf13/afero/compare/v1.8.0...v1.8.2)
- github.com/spf13/cast: [v1.4.1 → v1.5.0](https://github.com/spf13/cast/compare/v1.4.1...v1.5.0)
- github.com/spf13/cobra: [v1.4.0 → v1.5.0](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0)
- github.com/spf13/viper: [v1.8.1 → v1.12.0](https://github.com/spf13/viper/compare/v1.8.1...v1.12.0)
- github.com/stretchr/objx: [v0.2.0 → v0.4.0](https://github.com/stretchr/objx/compare/v0.2.0...v0.4.0)
- github.com/stretchr/testify: [v1.7.2 → v1.8.0](https://github.com/stretchr/testify/compare/v1.7.2...v1.8.0)
- github.com/subosito/gotenv: [v1.2.0 → v1.3.0](https://github.com/subosito/gotenv/compare/v1.2.0...v1.3.0)
- github.com/urfave/cli/v2: [v2.8.1 → v2.19.2](https://github.com/urfave/cli/v2/compare/v2.8.1...v2.19.2)
- github.com/urfave/cli: [v1.22.4 → v1.22.7](https://github.com/urfave/cli/compare/v1.22.4...v1.22.7)
- github.com/xanzy/go-gitlab: [v0.43.0 → v0.73.1](https://github.com/xanzy/go-gitlab/compare/v0.43.0...v0.73.1)
- github.com/xlab/treeprint: [a009c39 → v1.1.0](https://github.com/xlab/treeprint/compare/a009c39...v1.1.0)
- github.com/yuin/goldmark: [v1.4.1 → v1.4.13](https://github.com/yuin/goldmark/compare/v1.4.1...v1.4.13)
- go.etcd.io/etcd/api/v3: v3.5.1 → v3.6.0-alpha.0
- go.etcd.io/etcd/client/pkg/v3: v3.5.1 → v3.6.0-alpha.0
- go.etcd.io/etcd/client/v2: v2.305.0 → v2.306.0-alpha.0
- go.etcd.io/etcd/client/v3: v3.5.1 → v3.6.0-alpha.0
- go.etcd.io/etcd/pkg/v3: v3.5.0 → v3.6.0-alpha.0
- go.etcd.io/etcd/raft/v3: v3.5.0 → v3.6.0-alpha.0
- go.etcd.io/etcd/server/v3: v3.5.0 → v3.6.0-alpha.0
- go.opentelemetry.io/otel/exporters/otlp/internal/retry: v1.3.0 → v1.7.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.3.0 → v1.7.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.3.0 → v1.7.0
- go.opentelemetry.io/otel/sdk: v1.3.0 → v1.7.0
- go.opentelemetry.io/otel/trace: v1.3.0 → v1.7.0
- go.opentelemetry.io/otel: v1.3.0 → v1.7.0
- go.opentelemetry.io/proto/otlp: v0.11.0 → v0.16.0
- go.uber.org/atomic: v1.9.0 → v1.10.0
- go.uber.org/multierr: v1.6.0 → v1.8.0
- go.uber.org/zap: v1.19.1 → v1.22.0
- golang.org/x/crypto: 8634188 → 630584e
- golang.org/x/exp: 6cc2880 → e8c3332
- golang.org/x/mod: 9b9b3d8 → 86c51ed
- golang.org/x/net: 27dd868 → bea034e
- golang.org/x/oauth2: d3ed0bb → 128564f
- golang.org/x/sync: 036812b → f12130a
- golang.org/x/sys: 9388b58 → fbc7d0a
- golang.org/x/term: 03fcf44 → 065cf7b
- golang.org/x/text: v0.3.7 → 5bd84dd
- golang.org/x/time: 90d013b → e5dcc9c
- golang.org/x/tools: v0.1.10 → v0.1.12
- google.golang.org/api: v0.62.0 → v0.93.0
- google.golang.org/genproto: 325a892 → 01dd621
- google.golang.org/grpc: v1.47.0 → v1.50.1
- google.golang.org/protobuf: v1.28.0 → v1.28.1
- gopkg.in/cheggaaa/pb.v1: v1.0.25 → v1.0.28
- gopkg.in/ini.v1: v1.66.2 → v1.67.0
- gopkg.in/square/go-jose.v2: v2.5.1 → v2.6.0
- gotest.tools/v3: v3.0.3 → v3.1.0
- helm.sh/helm/v3: v3.8.1 → v3.10.0
- honnef.co/go/tools: v0.0.1-2020.1.4 → v0.2.1
- k8s.io/api: v0.24.1 → v0.25.3
- k8s.io/apiextensions-apiserver: v0.24.0 → v0.25.0
- k8s.io/apimachinery: v0.24.1 → v0.25.3
- k8s.io/apiserver: v0.24.0 → v0.25.0
- k8s.io/cli-runtime: v0.23.4 → v0.25.0
- k8s.io/client-go: v0.24.1 → v0.25.3
- k8s.io/code-generator: v0.24.0 → v0.25.0
- k8s.io/component-base: v0.24.0 → v0.25.0
- k8s.io/klog/v2: v2.60.1 → v2.80.1
- k8s.io/kube-aggregator: v0.23.4 → v0.24.2
- k8s.io/kube-openapi: 3ee0da9 → a70c9af
- k8s.io/kubectl: v0.23.4 → v0.25.0
- k8s.io/utils: 3a6ce19 → e9cbc92
- oras.land/oras-go: v1.1.0 → v1.2.0
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.30 → v0.0.32
- sigs.k8s.io/controller-runtime: v0.12.1 → v0.12.3
- sigs.k8s.io/controller-tools: v0.9.0 → v0.10.0
- sigs.k8s.io/gateway-api: v0.4.1 → v0.4.3
- sigs.k8s.io/json: 9f7c6b3 → f223a00
- sigs.k8s.io/kustomize/api: v0.10.1 → v0.12.1
- sigs.k8s.io/kustomize/kyaml: v0.13.0 → v0.13.9
- sigs.k8s.io/release-utils: v0.7.0 → v0.7.3
- sigs.k8s.io/structured-merge-diff/v4: v4.2.1 → v4.2.3
- sigs.k8s.io/zeitgeist: v0.3.0 → v0.3.5
### Removed
- github.com/ReneKroon/ttlcache/v2: [v2.11.0](https://github.com/ReneKroon/ttlcache/v2/tree/v2.11.0)
- github.com/alcortesm/tgz: [9c5fe88](https://github.com/alcortesm/tgz/tree/9c5fe88)
- github.com/google/cel-spec: [v0.6.0](https://github.com/google/cel-spec/tree/v0.6.0)
- github.com/google/go-github/v33: [v33.0.0](https://github.com/google/go-github/v33/tree/v33.0.0)
- gopkg.in/gorp.v1: v1.7.2
Done
I think it's time for another patch release of the SPO since we have a bunch of enhancements merged until the previous one: https://github.com/kubernetes-sigs/security-profiles-operator/compare/v0.4.3...main
Do you have anything you'd like to see merged before cutting a new release?