chore(deps): update dependency crossplane/crossplane to v1.20.7

[renovate]

This PR contains the following updates:

Package	Update	Change
crossplane/crossplane	patch	v1.20.1 → v1.20.7

---

Release Notes

crossplane/crossplane (crossplane/crossplane)

v1.20.7

Compare Source

Release v1.20.7 contains just a security fix by bumping Go to 1.25.9 which fixes a bunch of CVEs.

What's Changed

• [release 1.20] Bump Go to 1.25.9 by @​lsviben in #​7340

Full Changelog: crossplane/crossplane@v1.20.6...v1.20.7

v1.20.6

Compare Source

v1.20.6 is a patch release scoped to fixing issues reported by users of Crossplane v1.20 and fixing security related issues in Crossplane's dependencies.

What's Changed

• build: mitigate potential script injection in promote workflow (release-1.20) by @​jbw976 in #​7171
• [Backport release-1.20] fix: adding required permissions to top level and jobs in the workflow by @​jbw976 in #​7187
• chore(deps): update module github.com/cloudflare/circl to v1.6.3 [security] (release-1.20) by @​crossplane-renovate[bot] in #​7179
• chore(deps): update module go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to v1.43.0 [security] (release-1.20) by @​crossplane-renovate[bot] in #​7287
• [Backport release-1.20] ci: drop Trivy vulnerability scanning by @​phisco in #​7300
• fix(deps): update module github.com/go-git/go-git/v5 to v5.17.1 [security] (release-1.20) by @​crossplane-renovate[bot] in #​7138
• chore(deps): update module github.com/moby/spdystream to v0.5.1 [security] (release-1.20) by @​crossplane-renovate[bot] in #​7314
• fix(deps): update module github.com/go-git/go-git/v5 to v5.18.0 [security] (release-1.20) by @​crossplane-renovate[bot] in #​7326
• Bump crossplane-runtime to v1.20.6 by @​lsviben in #​7331

Full Changelog: crossplane/crossplane@v1.20.5...v1.20.6

v1.20.5

Compare Source

This release backports #​7030 to the 1.20 branch to fix one of the issues reported in #​3423, where shared transitive dependencies could not be upgraded successfully. It also contains security updates to Crossplane's dependencies.

What's Changed

• Backport #​7030 to release-1.20 by @​adamwg in #​7052
• [release-1.20] Update sigstore dependencies to fix CVEs by @​negz in #​7066

Full Changelog: crossplane/crossplane@v1.20.4...v1.20.5

v1.20.4

Compare Source

What's Changed

• chore(deps): update module golang.org/x/crypto to v0.43.0 [security] (release-1.20) by @​crossplane-renovate[bot] in #​6922
• [Backport release-1.20] Fix XRD controller watch startup after transient failures by @​negz in #​6931
• [Backport release-1.20] Fix claim controller watch startup after transient failures by @​negz in #​6936
• chore(deps): update module golang.org/x/crypto to v0.45.0 [security] (release-1.20) by @​crossplane-renovate[bot] in #​6938
• [Backport release-1.20] fix: Add TLS as app protocol to function service by @​negz in #​6948

Full Changelog: crossplane/crossplane@v1.20.3...v1.20.4

v1.20.3

Compare Source

This is a patch release scoped to fixing issues reported by users of Crossplane v1.20 and fixing security related issues in Crossplane's dependencies.

What's Changed

• [Backport release-1.20] Support function cache XfnCacheMaxTTL CLI option by @​github-actions[bot] in #​6711
• fix: update CompositionRevision migrator for v1.20 to upgrade from v1beta1 to current (v1) by @​jbw976 in #​6868
• Fix: enforcedCompositonRef composite sync by @​ezgidemirel in #​6867
• chore(deps): update module github.com/go-viper/mapstructure/v2 to v2.4.0 [security] (release-1.20) by @​crossplane-renovate[bot] in #​6741
• fix(deps): update module github.com/docker/docker to v28 [security] (release-1.20) by @​crossplane-renovate[bot] in #​6729
• [Backport release-1.20] build: update releases/charts bucket names by @​github-actions[bot] in #​6904

Full Changelog: crossplane/crossplane@v1.20.1...v1.20.3

v1.20.2

Compare Source

Version v1.20.2 was skipped due to a build process issue. v1.20.3 is the next Crossplane published patch for the v1.20 minor release.

---

Configuration

📅 Schedule: (in timezone Europe/Paris)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.