From 716d5caccb85df4f3376e3e8caf304beccf712a9 Mon Sep 17 00:00:00 2001
From: Krunal Hingu <krunal.hingu222@gmail.com>
Date: Mon, 3 Nov 2025 19:14:29 +0530
Subject: [PATCH 1/2] bump appVersion and version to v8.5.0-rc.1 and update
 security-scan dependency to v0.6.5-rc.1

---
 chart/Chart.yaml  | 4 ++--
 chart/values.yaml | 4 ++--
 go.mod            | 6 ++----
 go.sum            | 4 ++--
 4 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 892ad267..a3b8c7fa 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -12,11 +12,11 @@ annotations:
   catalog.cattle.io/type: cluster-tool
   catalog.cattle.io/ui-component: rancher-cis-benchmark
 apiVersion: v1
-appVersion: v8.4.0
+appVersion: v8.5.0-rc.1
 description: The cis-operator enables running CIS benchmark security scans on a kubernetes
   cluster
 icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
 keywords:
 - security
 name: rancher-cis-benchmark
-version: 8.4.0
+version: 8.5.0-rc.1
diff --git a/chart/values.yaml b/chart/values.yaml
index 113c855f..fdb5e480 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -5,10 +5,10 @@
 image:
   cisoperator:
     repository: rancher/cis-operator
-    tag: v1.4.4
+    tag: v1.4.5-rc.1
   securityScan:
     repository: rancher/security-scan
-    tag: v0.6.4
+    tag: v0.6.5-rc.1
   sonobuoy:
     repository: rancher/mirrored-sonobuoy-sonobuoy
     tag: v0.57.3
diff --git a/go.mod b/go.mod
index 79606a95..6d31214e 100644
--- a/go.mod
+++ b/go.mod
@@ -1,8 +1,6 @@
 module github.com/rancher/cis-operator
 
-go 1.24.4
-
-toolchain go1.24.6
+go 1.24.9
 
 require (
 	github.com/blang/semver v3.5.1+incompatible
@@ -11,7 +9,7 @@ require (
 	github.com/prometheus/client_golang v1.21.1
 	github.com/rancher/kubernetes-provider-detector v0.1.5
 	github.com/rancher/lasso v0.2.1
-	github.com/rancher/security-scan v0.6.4
+	github.com/rancher/security-scan v0.6.5-rc.1
 	github.com/rancher/wrangler/v3 v3.2.0
 	github.com/robfig/cron v1.2.0
 	github.com/sirupsen/logrus v1.9.3
diff --git a/go.sum b/go.sum
index f9b06759..822def3a 100644
--- a/go.sum
+++ b/go.sum
@@ -218,8 +218,8 @@ github.com/rancher/kubernetes-provider-detector v0.1.5 h1:hWRAsWuJOemzGjz/XrbTlM
 github.com/rancher/kubernetes-provider-detector v0.1.5/go.mod h1:ypuJS7kP7rUiAn330xG46mj+Nhvym05GM8NqMVekpH0=
 github.com/rancher/lasso v0.2.1 h1:SZTqMVQn8cAOqvwGBd1/EYOIJ/MGN+UfJrOWvHd4jHU=
 github.com/rancher/lasso v0.2.1/go.mod h1:KSV3jBXfdXqdCuMm2uC8kKB9q/wuDYb3h0eHZoRjShM=
-github.com/rancher/security-scan v0.6.4 h1:/mP8j+MNEsDm3IFQzWw4U709gHJVC/BbptjlwpPbR9o=
-github.com/rancher/security-scan v0.6.4/go.mod h1:9Oa1W70mcP5aWC6RyMZjepbWbUKWE8OtopwUlrdbun0=
+github.com/rancher/security-scan v0.6.5-rc.1 h1:VsekS5AOZs3MsuBN8QAg4rt7x+l3+2XYy0+IhcY1IBI=
+github.com/rancher/security-scan v0.6.5-rc.1/go.mod h1:0O3Fx4Hp7KHXdxJBKrQfOtYgRUzuRmoXhylHmbS5aqU=
 github.com/rancher/wrangler/v3 v3.2.0 h1:fZmhSOczW+pxAhyOaGG+9xbEwETPGA5gbS0x0Im2zWs=
 github.com/rancher/wrangler/v3 v3.2.0/go.mod h1:0C5QyvSrQOff8gQQzpB/L/FF03EQycjR3unSJcKCHno=
 github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ=

From e7fe545502f6410c2895acf8ce7f46d6cf4c3611 Mon Sep 17 00:00:00 2001
From: Krunal Hingu <krunal.hingu222@gmail.com>
Date: Tue, 4 Nov 2025 13:09:55 +0530
Subject: [PATCH 2/2] bump kubectl version to v1.31.13

---
 chart/values.yaml | 2 +-
 hack/make/deps.mk | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/chart/values.yaml b/chart/values.yaml
index fdb5e480..8d4c9d22 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -45,7 +45,7 @@ global:
     clusterName: ""
   kubectl:
     repository: rancher/kubectl
-    tag: v1.31.7
+    tag: v1.31.13
 
 alerts:
   enabled: false
diff --git a/hack/make/deps.mk b/hack/make/deps.mk
index 6479a356..3a0a3085 100644
--- a/hack/make/deps.mk
+++ b/hack/make/deps.mk
@@ -3,6 +3,6 @@ GOLANGCI_VERSION = v1.64.8
 # renovate: datasource=github-release-attachments depName=k3d-io/k3d
 K3D_VERSION = v5.8.3
 
-KUBECTL_VERSION = 1.31.7
+KUBECTL_VERSION = 1.31.13
 # renovate: datasource=github-release-attachments depName=helm/helm
 HELM_VERSION = v3.17.2