Update dependency argoproj/argo-cd to v2.11.14 #1189
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
bc4f21f to
96b3c13
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
96b3c13 to
6454a8c
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
6454a8c to
c93bce3
Compare
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
c93bce3 to
defbdce
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
defbdce to
0ed274e
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
0ed274e to
ca290d4
Compare
renovate
bot
changed the title
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
ca290d4 to
fbd683f
Compare
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
fbd683f to
14fb324
Compare
renovate
bot
changed the title
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
14fb324 to
e03d569
Compare
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.11.x
branch
from
e03d569 to
726fe9f
Compare
renovate
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.11.4→v2.11.14Release Notes
argoproj/argo-cd (argoproj/argo-cd)
v2.11.14Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
968b05f: fix(security): repository.GetDetailedProject exposes repo secrets (#24387) (#24463) (@alexmt)Dependency updates
b2a4aee: chore(deps): bump slsa-framework/slsa-github-generator from 2.0.0 to 2.1.0 (#23166) (#24470) (@alexmt)Full Changelog: argoproj/argo-cd@v2.11.13...v2.11.14
v2.11.13Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
491f3df: fix(appset): events not honouring configured namespaces (#21219) (#21241) (#21522) (@eadred)0b8febb: fix: CVE-2024-21538 upgrading the indirect dep cross-spawn to greater than 7.0.5 (#21239) (@nmirasch)9d6a60b: fix: resolve the failing e2e appset tests for ksonnet applications (cherry-pick #21580) (#21607) (@gcp-cherry-pick-bot[bot])Dependency updates
8198b17: chore(deps): bump go-git version to go-git/v5 5.13.1 (#21544) (@aali309)b6879ed: chore(deps): bump http-proxy-middleware from 2.0.4 to 2.0.7 in /ui (#20518) (#20890) (@gcp-cherry-pick-bot[bot])Other work
fa988be: Merge commit from fork (@svghadi)Full Changelog: argoproj/argo-cd@v2.11.12...v2.11.13
v2.11.12Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Features
1251131: feat: support using exponential backoff between self heal attempts (#20275) (#20478) (@alexmt)Bug fixes
14aa95b: fix(diff): avoid cache miss in server-side diff (#20605) (#20608) (@gcp-cherry-pick-bot[bot])53af727: fix: support managing cluster with multiple argocd instances and annotation based tracking (#20222) (#20481) (@alexmt)Full Changelog: argoproj/argo-cd@v2.11.11...v2.11.12
v2.11.11Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
d758ac8: fix(diff): avoid cache miss in server-side diff (#20423) (#20424) (#20451) (@gcp-cherry-pick-bot[bot])a5761d0: fix: CVE-2024-43799 upgrading transitive dep express to 4.21.0 to avoid send@0.18.0 (#20404) (@nmirasch)Full Changelog: argoproj/argo-cd@v2.11.10...v2.11.11
v2.11.10Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
b9567a4: fix(cli): cherrypick Redis password fix #19599 into 2.11 (#20261) (@NetanelK)Full Changelog: argoproj/argo-cd@v2.11.9...v2.11.10
v2.11.9Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
bd78134: fix: CVE-2024-45296 Backtracking regular expressions cause ReDoS by upgrading path-to-regexp from 1.8.0 to 1.9.0 (#20087) (#20091) (@gcp-cherry-pick-bot[bot])Dependency updates
54ac05b: chore(deps): bump dompurify from 2.3.6 to 2.5.6 in /ui (#19955) (#20017) (@gcp-cherry-pick-bot[bot])93f7846: chore(deps): bump express from 4.19.2 to 4.20.0 in /ui (#19883) (#19989) (@chengfang)8b79185: chore(deps-dev): bump webpack from 5.84.1 to 5.94.0 in /ui (#20055) (@ishitasequeira)Full Changelog: argoproj/argo-cd@v2.11.8...v2.11.9
v2.11.8Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
7b9438e: fix: ArgoCD 2.11 - Loop of PATCH calls to Application objects (#19340) (#19347) (@alexmt)5638e70: fix: Parse hostname correctly from repoURL to fetch correct CA cert (#19488) (#19603) (@gcp-cherry-pick-bot[bot])1383a1b: fix: diffing should not fail if resource fail schema validation (#19735) (@alexmt)42cc36a: fix: docs version regex changed (#18756) (#19353) (@ft-jasong)Full Changelog: argoproj/argo-cd@v2.11.7...v2.11.8
v2.11.7Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Other work
05edb2a: feat: verify rbac on each message and not just during handshake (@pasha-codefresh)Full Changelog: argoproj/argo-cd@v2.11.6...v2.11.7
v2.11.6Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
b980386: fix: cherry-pick #18761 (v2.11) (#19108) (@blakepettersson)Other work
540e3a5: Merge commit from fork (@pasha-codefresh)Full Changelog: argoproj/argo-cd@v2.11.5...v2.11.6
v2.11.5Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
c0f780c: fix(cli): Get Redis password from secret inloadClusters()(#18951) (#18956) (@gcp-cherry-pick-bot[bot])Other work
d1c052d: chore: update gitops-engine (2.11) (#19036) (@agaudreault)Full Changelog: argoproj/argo-cd@v2.11.4...v2.11.5
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.