Skip to content

Update ci-helm-dockerfile-dependencies to v4 (major) #762

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
renovate wants to merge 1 commit into from
Closed

Update ci-helm-dockerfile-dependencies to v4 (major) #762

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 15, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
helm major v3.18.2 -> v4.0.0
helm-vm major v3.18.2 -> v4.0.0

Release Notes

helm/helm (helm)

v4.0.0

Compare Source

v3.19.2

Compare Source

v3.19.1: Helm v3.19.1

Compare Source

Helm v3.19.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.19.1. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 4.0.0 is the next major release and will be on November 12, 2025
  • 3.19.2 and 4.0.01 are the next patch releases and will be on December 10, 2025
  • 3.20.0 and 4.1.0 is the next minor releases and will be on January 21, 2026

Changelog

  • chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 4f953c2 (dependabot[bot])
  • jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 6801f4d (Benoit Tigeot)
  • Avoid "panic: interface conversion: interface {} is nil" 2f619be (Benoit Tigeot)
  • Fix helm pull untar dir check with repo urls 8112d47 (Luna Stadler)
  • Fix deprecation warning 5dff7ce (Benoit Tigeot)
  • chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 2dad4d2 (dependabot[bot])
  • Add timeout flag to repo add and update flags a833710 (Reinhard Nägele)
  • chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0 2e12c81 (Dirk Müller)

v3.19.0: Helm v3.19.0

Compare Source

Helm v3.19.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • Fixed a helm pull regression from 3.18 - error pulling OCI charts with --password #​31230
  • Fixed a helm lint regression from Helm 3.18 - rejected JSON Schema $ref URLs that worked in 3.17.x #​31166
  • Fixed go mod tidy #​31154
  • Fixed k8s version parsing not matching original #​31091
  • Fixed charts failing when using a redirect registry #​31087
  • Fixed missing debug logging for OCI transport
  • Fixed broken legacy docker support for login #​30941
  • Fixed bugs from the move to ORAS v2
  • Fixed processing all hook deletions on failure #​30673
  • Feature for helm create added httproute from gateway-api to create chart template #​30658

Installation and Upgrading

Download Helm v3.19.0. The common platform binaries are here:

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.19.1 will contain only bug fixes.
  • 3.20.0 is the next feature release.

Changelog

  • bump version to v3.19.0 3d8990f (Scott Rigby)
  • fix: use username and password if provided 9a54bf1 (Evans Mungai)
  • chore(deps): bump the k8s-io group with 7 updates 5af0f68 (dependabot[bot])
  • chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 e485606 (dependabot[bot])
  • chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 6355c3d (dependabot[bot])
  • chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 ec61f66 (dependabot[bot])
  • fix(helm-lint): fmt b278020 (Isaiah Lewis)
  • fix(helm-lint): Add TLSClientConfig d33ac5e (Isaiah Lewis)
  • fix(helm-lint): Add HTTP/HTTPS URL support for json schema references 8543709 (Isaiah Lewis)
  • chore(deps): bump the k8s-io group with 7 updates 89a3f90 (dependabot[bot])
  • fix: go mod tidy for v3 da4c583 (Terry Howe)
  • chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0 e40b1b3 (dependabot[bot])
  • chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 a27e9db (dependabot[bot])
  • fix Chart.yaml handling f13afaa (Matt Farina)
  • Handle messy index files 039b0b1 (Matt Farina)
  • chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28 bec98a9 (dependabot[bot])
  • json schema fix 6d9509a (Robert Sirchia)
  • fix: k8s version parsing to match original 807225e (Borys Hulii)
  • chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 cbbd569 (dependabot[bot])
  • Do not explicitly set SNI in HTTPGetter 5e8ff72 (Terry Howe)
  • chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 5b5fb5b (dependabot[bot])
  • chore(deps): bump the k8s-io group with 7 updates d12538a (dependabot[bot])
  • chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 303f803 (dependabot[bot])
  • chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 abcc2ed (dependabot[bot])
  • chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 521c67b (dependabot[bot])
  • Disabling linter due to unknown issue 227c9cb (Matt Farina)
  • Updating link handling 4389fa6 (Matt Farina)
  • Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 372e403 (dependabot[bot])
  • build(deps): bump the k8s-io group with 7 updates 4fa5a64 (dependabot[bot])
  • build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 6284ed8 (dependabot[bot])
  • fix: user username password for login 2c55a4e (Terry Howe)
  • Update pkg/registry/transport.go a16e986 (Terry Howe)
  • Update pkg/registry/transport.go cea26d8 (Terry Howe)
  • fix: add debug logging to oci transport b52bb41 (Terry Howe)
  • build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 45075cf (dependabot[bot])
  • build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0 73a7826 (dependabot[bot])
  • fix: legacy docker support broken for login 733f94c (Terry Howe)
  • fix: plugin installer test with no Internet fc36041 (Terry Howe)
  • Handle an empty registry config file. cfe8cef (Matt Farina)
  • Prevent fetching newReference again as we have in calling method c33215d (Benoit Tigeot)
  • Prevent failure when resolving version tags in oras memory store f552b67 (Benoit Tigeot)
  • fix(client): skipnode utilization for PreCopy a18a52e (Brandt Keller)
  • test: Skip instead of returning early. looks more intentional fedf502 (Jesse Simpson)
  • test: tests repo stripping functionality fe512ba (Jesse Simpson)
  • test: include tests for Login based on different protocol prefixes 099a9e1 (Jesse Simpson)
  • fix(client): layers now returns manifest - remove duplicate from descriptors b07ab77 (Brandt Keller)
  • fix(client): return nil on non-allowed media types c225c12 (Brandt Keller)
  • Fix 3.18.0 regression: registry login with scheme c0f3ace (Scott Rigby)
  • Update pkg/plugin/plugin.go dce60ad (Benoit Tigeot)
  • Update pkg/plugin/plugin.go cda0865 (Benoit Tigeot)
  • Wait for Helm v4 before raising when platformCommand and Command are set 5d9d9a0 (Benoit Tigeot)
  • Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" c5249c1 (Matt Farina)
  • build(deps): bump the k8s-io group with 7 updates 5b0520d (dependabot[bot])
  • chore: update generalization warning message afefca8 (Feng Cao)
  • build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0 8d6d27c (dependabot[bot])
  • build(deps): bump the k8s-io group with 7 updates 502c0d5 (dependabot[bot])
  • build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0 92be9ac (dependabot[bot])
  • fix: move warning to top of block eb5b6d5 (Feng Cao)
  • fix: govulncheck workflow 6b15f26 (Matthieu MOREL)
  • fix: replace fmt warning with slog 6b5c944 (Feng Cao)
  • fix: add warning when ignore repo flag 247bf7c (Feng Cao)
  • bump version to v3.18.0 9404459 (Robert Sirchia)
  • backport #​30673 to dev-v3 0a800e8 (Gerard Nguyen)
  • feat: add httproute from gateway-api to create chart template bd1b67b (Henrik Gerdes)

Full Changelog: helm/helm@v3.18.6...v3.19.0

v3.18.6: Helm v3.18.6

Compare Source

Helm v3.18.6 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.18.6. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.19.0 is the next minor release and will be on September 11, 2025

Changelog

  • fix(helm-lint): fmt b76a950 (Isaiah Lewis)
  • fix(helm-lint): Add TLSClientConfig b79a421 (Isaiah Lewis)
  • fix(helm-lint): Add HTTP/HTTPS URL support for json schema references b9180e6 (Isaiah Lewis)

v3.18.5: Helm v3.18.5

Compare Source

Helm v3.18.5 is a security release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages
Security Advisories
Installation and Upgrading

Download Helm v3.18.5. The common platform binaries are here:

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next
  • 3.19.0 is the next minor release and will be on September 11, 2025
Changelog
  • fix Chart.yaml handling 7799b48 (Matt Farina)
  • Handle messy index files dd8502f (Matt Farina)
  • json schema fix cb8595b (Robert Sirchia)

v3.18.4: Helm v3.18.4

Compare Source

Helm v3.18.4 is a security release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages
Security Advisories
Installation and Upgrading

Download Helm v3.18.4. The common platform binaries are here:

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next
  • 3.18.5 is the next patch release and will be on August 13, 2025
  • 3.19.0 is the next minor release and will be on September 11, 2025
Changelog
  • Disabling linter due to unknown issue f20a4ad (Matt Farina)
  • build(deps): bump the k8s-io group with 7 updates 563b094 (dependabot[bot])
  • Updating link handling 00de613 (Matt Farina)

v3.18.3: Helm 3.18.3

Compare Source

Helm v3.18.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages
Installation and Upgrading

Download Helm v3.18.3. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next
  • 3.18.4 is the next patch release and will be on July 09, 2025
  • 3.19.0 is the next minor release and will be on September 11, 2025
Changelog
  • build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 6838ebc (dependabot[bot])
  • fix: user username password for login 5b9e2f6 (Terry Howe)
  • Update pkg/registry/transport.go 2782412 (Terry Howe)
  • Update pkg/registry/transport.go e66cf6a (Terry Howe)
  • fix: add debug logging to oci transport 191f05c (Terry Howe)

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge (squash) November 15, 2025 04:11
@hashicorp-vault-sonar-prod
Copy link
Contributor

hashicorp-vault-sonar-prod bot commented Nov 15, 2025
edited by atlassian bot
Loading

Renovate Jira issue ID: SONAR-26272

@sonarqube-next
Copy link

sonarqube-next bot commented Nov 15, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0 Dependency risks
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

auto-merge was automatically disabled November 24, 2025 08:48

Pull request was closed

@renovate
Copy link
Contributor Author

renovate bot commented Nov 24, 2025

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 4.x releases. But if you manually upgrade to 4.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@renovate renovate bot deleted the renovate/major-ci-helm-dockerfile-dependencies branch November 24, 2025 08:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@carminevassallo carminevassallo

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@carminevassallo