chore(deps): bump the go group with 8 updates

[dependabot]

Bumps the go group with 8 updates:

Package	From	To
github.com/cert-manager/cert-manager	1.13.1	1.14.4
github.com/fluxcd/kustomize-controller/api	1.0.0-rc.3	1.2.2
github.com/fluxcd/pkg/apis/meta	1.1.2	1.3.0
github.com/fluxcd/pkg/runtime	0.35.0	0.44.1
github.com/fluxcd/pkg/ssa	0.27.0	0.36.0
github.com/fluxcd/source-controller/api	1.1.0	1.2.4
github.com/open-component-model/git-controller	0.9.0	0.11.1
github.com/stretchr/testify	1.8.4	1.9.0

Updates github.com/cert-manager/cert-manager from 1.13.1 to 1.14.4

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.14.4

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.

⚠️ Known Issues

• ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations

ℹ️ Documentation

Release notes Upgrade notes Installation instructions

🔧 Breaking changes

See Breaking changes in v1.14.0 release notes

📜 Changes since v1.14.3

Bug or Regression

• Allow cert-manager.io/allow-direct-injection in annotations (#6809, @​jetstack-bot)
• BUGFIX: JKS and PKCS12 stores now contain the full set of CAs specified by an issuer (#6812, @​jetstack-bot)
• BUGFIX: cainjector leaderelection flag/ config option defaults are missing (#6819, @​jetstack-bot)

Other (Cleanup or Flake)

• Bump base images. (#6842, @​inteon)
• Upgrade Helm: fix CVE-2024-26147 alert (#6834, @​inteon)
• Upgrade go to 1.21.8: fixes CVE-2024-24783 (#6825, @​jetstack-bot)
• Upgrade google.golang.org/protobuf: fixing GO-2024-2611 (#6829, @​inteon)

v1.14.3

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.

⚠️ Known Issues

• ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations
• cainjector leaderelection is incorrectly disabled by default because the flag/ config option defaults are missing (cert-manager/cert-manager#6819)

ℹ️ Documentation

Release notes Upgrade notes Installation instructions

🔧 Breaking changes

See Breaking changes in v1.14.0 release notes

📜 Changes since v1.14.2

... (truncated)

Commits

• f5ddc41 Merge pull request #6842 from inteon/release-1.14_base
• e5d4a42 bump debian12 base images
• 716ff1c Merge pull request #6834 from inteon/release-1.14_cve
• a362957 upgrade Helm to fix CVE-2024-26147
• f89a561 Merge pull request #6829 from inteon/release-1.14_cve
• 56e0adf upgrade google.golang.org/protobuf fixing GO-2024-2611
• 234ba0b Merge pull request #6825 from jetstack-bot/cherry-pick-6823-to-release-1.14
• 4401df0 bump go to 1.21.8
• 756f8bb Merge pull request #6819 from jetstack-bot/cherry-pick-6816-to-release-1.14
• 945b69a prevent fuzzer from generating impossible configurations
• Additional commits viewable in compare view

Updates github.com/fluxcd/kustomize-controller/api from 1.0.0-rc.3 to 1.2.2

Release notes

Sourced from github.com/fluxcd/kustomize-controller/api's releases.

v1.2.2

Changelog

v1.2.2 changelog

Container images

• docker.io/fluxcd/kustomize-controller:v1.2.2
• ghcr.io/fluxcd/kustomize-controller:v1.2.2

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.1

Changelog

v1.2.1 changelog

Container images

• docker.io/fluxcd/kustomize-controller:v1.2.1
• ghcr.io/fluxcd/kustomize-controller:v1.2.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.0

Changelog

v1.2.0 changelog

Container images

• docker.io/fluxcd/kustomize-controller:v1.2.0
• ghcr.io/fluxcd/kustomize-controller:v1.2.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.1.1

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/kustomize-controller/api's changelog.

1.2.2

Release date: 2024-02-01

This patch release comes with various bug fixes and improvements.

Reconciling empty directories and directories without Kubernetes manifests no longer results in an error. This regressing bug was introduced with the controller upgrade to Kustomize v5.3 and has been fixed in this patch release.

The regression due to which the namespaced objects without a namespace specified resulted in not found error instead of namespace not specified has also been fixed. And the regression due to which Roles and ClusterRoles were reconciled over and over due to the normalization of Roles and ClusterRoles has also been fixed.

In addition, the Kubernetes dependencies have been updated to v1.28.6. Various other dependencies have also been updated to their latest version to patch upstream CVEs.

Lastly, the controller is now built with Go 1.21.

Improvements:

• Update Go to 1.21 #1053
• Various dependency updates #1076 #1074 #1070 #1068 #1065 #1060 #1059 #1051 #1049 #1046 #1044 #1040 #1038

1.2.1

Release date: 2023-12-14

This patch release comes with improvements in logging to provide faster feedback on any HTTP errors encountered while fetching source artifacts.

In addition, the status condition messages are now trimmed to respect the size limit defined by the API.

... (truncated)

Commits

• 7a5ae11 Merge pull request #1077 from fluxcd/release-v1.2.2
• afb9e73 Release v1.2.2
• e5072d5 Add changelog entry for v1.2.2
• 115614b Merge pull request #1076 from fluxcd/backport-1075-to-release/v1.2.x
• 00821eb Update source-controller dependency
• 151e55b Merge pull request #1074 from fluxcd/backport-1072-to-release/v1.2.x
• c575ac2 build(deps): bump the go-deps group with 1 update
• e75aa5f Merge pull request #1070 from fluxcd/backport-1069-to-release/v1.2.x
• ddeda85 build(deps): bump the ci group with 1 update
• 04b1e54 Merge pull request #1068 from fluxcd/backport-1066-to-release/v1.2.x
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.3.0

Commits

• 31388ce Merge pull request #727 from fluxcd/distribution-up
• 328eb42 Update OCI distribution to v3.0.0-alpha.1
• 7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
• a330445 fix options
• 255f8fc test for static archive
• f155227 refactor test
• 8687514 implement pull static artifact
• 4624208 Merge pull request #726 from fluxcd/deps-kube-v0.28.6
• 30da897 Update dependencies
• 63e3e9c Merge pull request #725 from fluxcd/dependabot/github_actions/ci-f38fbd1956
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.35.0 to 0.44.1

Commits

• 2e7e8fe Merge pull request #730 from fluxcd/conditions-HasAnyReasons
• 1ae7daf runtime: Add HasAnyReason to conditions getter
• db52a67 Merge pull request #729 from fluxcd/dependabot/github_actions/ci-727f6c18fd
• ea2c064 build(deps): bump the ci group with 2 updates
• See full diff in compare view

Updates github.com/fluxcd/pkg/ssa from 0.27.0 to 0.36.0

Commits

• e5ca530 Merge pull request #728 from fluxcd/internal-deps
• ac45fb6 Update internal dependencies
• 31388ce Merge pull request #727 from fluxcd/distribution-up
• 328eb42 Update OCI distribution to v3.0.0-alpha.1
• 7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
• a330445 fix options
• 255f8fc test for static archive
• f155227 refactor test
• 8687514 implement pull static artifact
• 4624208 Merge pull request #726 from fluxcd/deps-kube-v0.28.6
• Additional commits viewable in compare view

Updates github.com/fluxcd/source-controller/api from 1.1.0 to 1.2.4

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.2.4

Changelog

v1.2.4 changelog

Container images

• docker.io/fluxcd/source-controller:v1.2.4
• ghcr.io/fluxcd/source-controller:v1.2.4

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.3

Changelog

v1.2.3 changelog

Container images

• docker.io/fluxcd/source-controller:v1.2.3
• ghcr.io/fluxcd/source-controller:v1.2.3

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.2

Changelog

v1.2.2 changelog

Container images

• docker.io/fluxcd/source-controller:v1.2.2
• ghcr.io/fluxcd/source-controller:v1.2.2

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.1

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.2.4

Release date: 2024-02-01

This patch release updates the Kubernetes dependencies to v1.28.6 and various other dependencies to their latest version to patch upstream CVEs.

Improvements:

• Various dependency updates #1362 #1357 #1353 #1347 #1343 #1340 #1338 #1336 #1334

1.2.3

Release date: 2023-12-14

This patch release updates the controller's Helm dependency to v3.13.3.

Improvements:

• Update Helm to v3.13.3 #1325
• helmrepo: Remove migration log/event #1324

1.2.2

Release date: 2023-12-11

This patch release addresses an issue with AWS ECR authentication introduced in v1.2.0.

In addition, a variety of dependencies have been updated. Including an update of the container base image to Alpine v3.19.

Fixes:

• Address issue with authenticating towards AWS ECR #1318 #1321

Improvements:

• Update dependencies #1314

... (truncated)

Commits

• 3f131a1 Merge pull request #1363 from fluxcd/release-v1.2.4
• 8fcdff7 Release v1.2.4
• 2a57324 Add changelog entry for v1.2.4
• a724e00 Merge pull request #1362 from fluxcd/backport-1361-to-release/v1.2.x
• 6cf8879 build(deps): bump the go-deps group with 2 updates
• fefee33 Merge pull request #1357 from fluxcd/backport-1355-to-release/v1.2.x
• e3834d3 build(deps): bump the ci group with 3 updates
• d6d8699 Merge pull request #1353 from fluxcd/backport-1352-to-release/v1.2.x
• 0efba9a Update API to Kubernetes v1.28.4
• 1a892fc build(deps): bump the go-deps group with 12 updates
• Additional commits viewable in compare view

Updates github.com/open-component-model/git-controller from 0.9.0 to 0.11.1

Release notes

Sourced from github.com/open-component-model/git-controller's releases.

v0.11.1

Release 0.11.1

• Fix Path Bug (#101)
• sec: zip-slip fix (#100)

v0.11.0

Release 0.11.0

• dep: update ocm-controller to v0.18.1 (#96)
• chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (#87)
• Skip Report generation on scheduled run + non PR runs (#92)
• chore(deps): bump the ci group with 3 updates (#88)
• Create dependabot.yml (#82)
• feat: applying lint and fixing the lint issues (#86)
• Add Reports to Mend Scans (#84)
• docs: update the README and add relevant information (#85)

v0.10.1

Release 0.10.1

• fix: removing reconciliation status (#83)

v0.10.0

Release 0.10.0

• feat: apply kstatus feature from ocm-controller (#80)
• chore(deps): bump golang.org/x/net from 0.13.0 to 0.17.0 (#69)
• chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.3 (#76)
• add mend scans (#75)
• update action versions (#74)

Commits

• a47c8a8 docs: add release docs for v0.11.1 (#102)
• 5fa4940 Merge pull request #101 from open-component-model/phoban01/path-bug-fix
• 581f5df fix double path
• 37be459 Merge pull request #100 from open-component-model/phoban01/zip-slip-fix
• e1d13f3 sec: zip-slip fix
• 4ab0cf1 docs: add release docs for v0.11.0 (#97)
• ffca44f dep: update ocm-controller to v0.18.1 (#96)
• 6467496 chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (#87)
• d37294e Update mend_scan.yaml (#92)
• 1304105 chore(deps): bump the ci group with 3 updates (#88)
• Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

• Fix Go modules version by @​SuperQ in stretchr/testify#1394
• Document that require is not safe to call in created goroutines by @​programmer04 in stretchr/testify#1392
• Remove myself from MAINTAINERS.md by @​mvdkleijn in stretchr/testify#1367
• Correct spelling/grammar by @​echarrod in stretchr/testify#1389
• docs: Update URLs in README by @​davidjb in stretchr/testify#1349
• Update mockery link to Github Pages in README by @​LandonTClipp in stretchr/testify#1346
• docs: Fix typos in tests and comments by @​alexandear in stretchr/testify#1410
• CI: tests from go1.17 by @​SuperQ in stretchr/testify#1409
• Fix adding ? when no values passed by @​lesichkovm in stretchr/testify#1320
• codegen: use standard header for generated files by @​dolmen in stretchr/testify#1406
• mock: AssertExpectations log reason only on failure by @​hikyaru-suzuki in stretchr/testify#1360
• assert: fix flaky TestNeverTrue by @​dolmen in stretchr/testify#1417
• README: fix typos "set up" vs "setup" by @​ossan-dev in stretchr/testify#1428
• mock: move regexp compilation outside of Called by @​aud10slave in stretchr/testify#631
• assert: refactor internal func getLen() by @​dolmen in stretchr/testify#1445
• mock: deprecate type AnythingOfTypeArgument (#1434) by @​dolmen in stretchr/testify#1441
• Remove no longer needed assert.canConvert by @​alexandear in stretchr/testify#1470
• assert: ObjectsAreEqual: use time.Equal for time.Time types by @​tscales in stretchr/testify#1464
• Bump actions/checkout from 3 to 4 by @​dependabot in stretchr/testify#1466
• Bump actions/setup-go from 3.2.0 to 4.1.0 by @​dependabot in stretchr/testify#1451
• fix: make EventuallyWithT concurrency safe by @​czeslavo in stretchr/testify#1395
• assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by @​hidu in stretchr/testify#1484
• assert.EqualExportedValues: fix handling of arrays by @​zrbecker in stretchr/testify#1473
• .github: use latest Go versions by @​kevinburkesegment in stretchr/testify#1489
• assert: Deprecate EqualExportedValues by @​HaraldNordgren in stretchr/testify#1488
• suite: refactor test assertions by @​alexandear in stretchr/testify#1474
• suite: fix SetupSubTest and TearDownSubTest execution order by @​linusbarth in stretchr/testify#1471
• docs: Fix deprecation comments for http package by @​alexandear in stretchr/testify#1335
• Add map support doc comments to Subset and NotSubset by @​jedevc in stretchr/testify#1306
• TestErrorIs/TestNotErrorIs: check error message contents by @​craig65535 in stretchr/testify#1435
• suite: fix subtest names (fix #1501) by @​dolmen in stretchr/testify#1504
• assert: improve unsafe.Pointer tests by @​dolmen in stretchr/testify#1505
• assert: simplify isNil implementation by @​dolmen in stretchr/testify#1506
• assert.InEpsilonSlice: fix expected/actual order and other improvements by @​dolmen in stretchr/testify#1483
• Fix dependency cycle with objx #1292 by @​dolmen in stretchr/testify#1453
• mock: refactor TestIsArgsEqual by @​dolmen in stretchr/testify#1444
• mock: optimize argument matching checks by @​dolmen in stretchr/testify#1416
• assert: fix TestEventuallyTimeout by @​dolmen in stretchr/testify#1412
• CI: add go 1.21 in GitHub Actions by @​dolmen in stretchr/testify#1450
• suite: fix recoverAndFailOnPanic to report test failure at the right location by @​dolmen in stretchr/testify#1502
• Update maintainers by @​brackendawson in stretchr/testify#1533
• assert: Fix EqualValues to handle overflow/underflow by @​arjunmahishi in stretchr/testify#1531
• assert: better formatting for Len() error by @​kevinburkesegment in stretchr/testify#1485
• Ensure AssertExpectations does not fail in skipped tests by @​ianrose14 in stretchr/testify#1331
• suite: fix deadlock in suite.Require()/Assert() by @​arjunmahishi in stretchr/testify#1535
• Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by @​brackendawson in stretchr/testify#1537
• [chore] Add issue templates by @​arjunmahishi in stretchr/testify#1538
• Update the build status badge by @​brackendawson in stretchr/testify#1540

... (truncated)

Commits

• bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
• 814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
• e045612 Merge pull request #1339 from bogdandrutu/uintptr
• 5b6926d Merge pull request #1385 from hslatman/not-implements
• 9f97d67 Merge pull request #1550 from stretchr/release-notes
• bcb0d3f Include the auto-release notes in releases
• fb770f8 Merge pull request #1247 from ccoVeille/typos
• 85d8bb6 fix typos in comments, tests and github templates
• e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
• 6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.