chore: Bump github.com/siderolabs/talos from 1.12.0-beta.0 to 1.13.0-alpha.0 in /sfyra

[dependabot]

Bumps github.com/siderolabs/talos from 1.12.0-beta.0 to 1.13.0-alpha.0.

Release notes

Sourced from github.com/siderolabs/talos's releases.

v1.13.0-alpha.0

Talos 1.13.0-alpha.0 (2025-12-25)

Welcome to the v1.13.0-alpha.0 release of Talos!
This is a pre-release of Talos

Please try out the release binaries and report any issues at https://github.com/siderolabs/talos/issues.

External Volumes

Talos now supports virtiofs-based external volumes via the new ExternalVolumeConfig document.

These virtiofs external volumes are not supported when SELinux is running in enforcing mode.

Talos Imager Enhancements

Talos imager now supports running rootless. --privileged and -v /dev:/dev are no longer required.

Container Image Decompression

Talos now ships with igzip (amd64) and pigz (arm64) to speed up container image decompression.

/proc/PID/mem Access Hardening

A new kernel parameter proc_mem.force_override=never has been introduced by default to enhance system security by preventing unwanted writes to protected process memory via /proc/PID/mem. If the kernel parameter is removed, default behavior is restored, allowing access only if the process is traced.

Reproducible Disk Images

Talos disk images are now reproducible. Building the same version of Talos multiple times will yield identical disk images.

Note: VHD and VMDK (Azure and VMware) images are not currently reproducible due to limitations in the underlying image creation tools. Users verifying reproducible images should use raw images, verify checksums, and convert them to VHD/VMDK as needed.

Component Updates

Linux: 6.18.2

... (truncated)

Commits

• c76484e release(v1.13.0-alpha.0): prepare release
• f0d8a68 test: skip the source bundle on exact tag
• c57701d fix: remove interactive installer
• 43937c1 feat: update Linux and systemd
• 72a194d feat: add VM CPU hot-add rules
• f09ae1e fix: probe small images correctly
• 8f2b337 feat: imager support rootless builds
• c7525a9 feat: support creating filesystems from folder
• e2bffb5 chore: refactor imager code so it's more clear
• 0fb50db fix: invalid versions check in talos-bundle
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[netlify]

✅ Deploy Preview for wonderful-swartz-a1308c ready!

Name	Link
🔨 Latest commit	d3d9ec3
🔍 Latest deploy log	https://app.netlify.com/projects/wonderful-swartz-a1308c/deploys/6951d2f333c28400084b0804
😎 Deploy Preview	https://deploy-preview-1572--wonderful-swartz-a1308c.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.