9500 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
Terry Howe	354c85d6a4	Merge pull request #32050 from helm/dependabot/github_actions/main/github/codeql-action-4.35.2 ... chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2	2026-04-15 18:15:54 -06:00
dependabot[bot]	934ace35df	chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2 ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](c10b8064de...95e58e9a2c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-15 21:33:33 +00:00
Matheus Pimenta	265c5eb530	fix(templating): SplitManifests must preserve line endings for downstream YAML parsers (#31952) ... * fix(templating): SplitManifests must preserve line endings for downstream YAML parsers Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com> * Address copilot comment about skipping empty docs Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com> * Port fix to release v2 Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com> * Address copilot comments Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com> --------- Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2026-04-15 14:33:27 +01:00
Terry Howe	c51456c45d	Merge pull request #31979 from Y0-L0/jlohmer/coalesce-nil ... Jlohmer/coalesce nil	2026-04-14 08:48:43 -06:00
Terry Howe	1c007051ae	Merge pull request #32045 from helm/dependabot/go_modules/main/github.com/mattn/go-shellwords-1.0.13 ... chore(deps): bump github.com/mattn/go-shellwords from 1.0.12 to 1.0.13	2026-04-13 18:56:42 -06:00
dependabot[bot]	48e2b7ddd4	chore(deps): bump github.com/mattn/go-shellwords from 1.0.12 to 1.0.13 ... Bumps [github.com/mattn/go-shellwords](https://github.com/mattn/go-shellwords) from 1.0.12 to 1.0.13. - [Commits](https://github.com/mattn/go-shellwords/compare/v1.0.12...v1.0.13) --- updated-dependencies: - dependency-name: github.com/mattn/go-shellwords dependency-version: 1.0.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-13 22:12:06 +00:00
Evans Mungai	a8e249714f	Update pkg/chart/common/util/coalesce.go ... Signed-off-by: Evans Mungai <mbuevans@gmail.com>	2026-04-13 20:09:47 +02:00
Johannes Lohmer	52fc971da3	test(values): Add test for nil cleanup in partially overridden subchart maps ... Signed-off-by: Johannes Lohmer <jojo.dev@lohmer.com>	2026-04-13 20:09:47 +02:00
Johannes Lohmer	00638773d1	fix(values): do not copy chart-default nils into coalesced values ... Only user-supplied nils should survive coalescing. Chart-default nils defaults, not just user overrides. This caused: - %!s(<nil>) in templates using Bitnami common.secrets.key (#31919) - pluck fallbacks returning nil instead of falling through to globals (#31971) Fixes #31919 Fixes #31971 Signed-off-by: Johannes Lohmer <jojo.dev@lohmer.com>	2026-04-13 20:09:47 +02:00
Johannes Lohmer	6eb4ebf0e1	test(values): add test for subchart nil producing %!s(<nil>) ... Regression test for the Bitnami common.secrets.key issue. Signed-off-by: Johannes Lohmer <jojo.dev@lohmer.com>	2026-04-13 20:09:47 +02:00
Johannes Lohmer	5cb4e7d992	test(values): add tests for subchart nil value regressions ... Three test cases that cover the regression scenarios introduced by the #31644 nil preservation fix: - subchart default nils should be cleaned up when parent doesn't set those keys (#31919) - user-supplied null should erase subchart defaults (#31919) - subchart default nil should not shadow global values via pluck (#31971) Tests are expected to fail until the regression is fixed. Signed-off-by: Johannes Lohmer <jojo.dev@lohmer.com>	2026-04-13 20:09:47 +02:00
Terry Howe	1164a5fbda	Merge pull request #32037 from helm/dependabot/github_actions/main/actions/upload-artifact-7.0.1 ... chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1	2026-04-12 18:04:21 -06:00
George Jenkins	bd061e0cd7	Merge pull request #32016 from TerryHowe/fix/flaky-waitfordelete-timeout ... test(kube): fix flaky WaitForDelete timing in status wait tests	2026-04-10 21:32:53 -07:00
dependabot[bot]	b5c7c80de3	chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 ... Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 7.0.0 to 7.0.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](bbbca2ddaa...043fb46d1a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-10 21:33:04 +00:00
Matheus Pimenta	a27f1add79	fix(templating): fix wrong YAML separator parsing for post-renderers (#31941) ... Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2026-04-10 18:44:27 +01:00
Terry Howe	cf69a6ef70	Merge pull request #32030 from helm/dependabot/go_modules/main/golang.org/x/crypto-0.50.0 ... chore(deps): bump golang.org/x/crypto from 0.49.0 to 0.50.0	2026-04-10 06:42:35 -06:00
Robert Sirchia	38213a9548	Merge pull request #32000 from helm/dependabot/go_modules/main/github.com/lib/pq-1.12.3 ... chore(deps): bump github.com/lib/pq from 1.12.2 to 1.12.3	2026-04-10 08:15:54 -04:00
Terry Howe	ed7c3e47a9	Merge pull request #32028 from gjenkins8/gjenkins/release_notes_v4 ... chore: Update release notes script for Helm v4	2026-04-09 16:10:07 -06:00
dependabot[bot]	953f5f031b	chore(deps): bump golang.org/x/crypto from 0.49.0 to 0.50.0 ... Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.49.0 to 0.50.0. - [Commits](https://github.com/golang/crypto/compare/v0.49.0...v0.50.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.50.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-09 21:59:53 +00:00
Terry Howe	79493bc6a8	Merge pull request #32031 from helm/dependabot/go_modules/main/golang.org/x/term-0.42.0 ... chore(deps): bump golang.org/x/term from 0.41.0 to 0.42.0	2026-04-09 15:58:47 -06:00
dependabot[bot]	10fc5f335b	chore(deps): bump golang.org/x/term from 0.41.0 to 0.42.0 ... Bumps [golang.org/x/term](https://github.com/golang/term) from 0.41.0 to 0.42.0. - [Commits](https://github.com/golang/term/compare/v0.41.0...v0.42.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-09 21:43:41 +00:00
Terry Howe	36030c947b	Merge pull request #32029 from helm/dependabot/go_modules/main/golang.org/x/text-0.36.0 ... chore(deps): bump golang.org/x/text from 0.35.0 to 0.36.0	2026-04-09 15:42:31 -06:00
dependabot[bot]	d89e7c6076	chore(deps): bump golang.org/x/text from 0.35.0 to 0.36.0 ... Bumps [golang.org/x/text](https://github.com/golang/text) from 0.35.0 to 0.36.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-09 21:34:08 +00:00
George Jenkins	8a95461925	chore: Update release notes script for Helm v4 ... Signed-off-by: George Jenkins <gvjenkins@gmail.com>	2026-04-09 13:54:24 -07:00
Terry Howe	be5aaf7e34	Merge pull request #32024 from helm/dependabot/go_modules/main/github.com/fluxcd/cli-utils-1.0.0 ... chore(deps): bump github.com/fluxcd/cli-utils from 0.37.2-flux.1 to 1.0.0	2026-04-09 10:36:32 -06:00
dependabot[bot]	bd5027a9cf	chore(deps): bump github.com/lib/pq from 1.12.2 to 1.12.3 ... Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.12.2 to 1.12.3. - [Release notes](https://github.com/lib/pq/releases) - [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md) - [Commits](https://github.com/lib/pq/compare/v1.12.2...v1.12.3) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-version: 1.12.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-09 16:22:52 +00:00
Terry Howe	fa194a0609	Merge pull request #32025 from gjenkins8/gjenkins/fix_lint ... fix: unnecessary-format lint issues from merge	2026-04-09 03:14:05 -06:00
George Jenkins	087736b66e	fix: unnecessary-format lint issues from merge ... Signed-off-by: George Jenkins <gvjenkins@gmail.com>	2026-04-08 22:00:58 -07:00
George Jenkins	bc215d8c19	Merge commit from fork ... fix: Plugin missing provenance bypass	2026-04-08 21:35:44 -07:00
George Jenkins	586eb57338	fix: Plugin missing provenance bypass ... Signed-off-by: George Jenkins <gvjenkins@gmail.com>	2026-04-08 21:31:08 -07:00
George Jenkins	f7c4d75574	Merge commit from fork ... fix: Chart dot-name path bug	2026-04-08 21:23:52 -07:00
George Jenkins	f8afb35f4e	Merge commit from fork ... fix: Plugin version path traversal	2026-04-08 21:22:47 -07:00
dependabot[bot]	c8c5dfad63	chore(deps): bump github.com/fluxcd/cli-utils ... Bumps [github.com/fluxcd/cli-utils](https://github.com/fluxcd/cli-utils) from 0.37.2-flux.1 to 1.0.0. - [Release notes](https://github.com/fluxcd/cli-utils/releases) - [Commits](https://github.com/fluxcd/cli-utils/compare/v0.37.2-flux.1...v1.0.0) --- updated-dependencies: - dependency-name: github.com/fluxcd/cli-utils dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-08 21:34:33 +00:00
Matt Farina	8985aed4e3	Merge pull request #32022 from helm/dependabot/go_modules/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp-1.43.0 ... chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.42.0 to 1.43.0	2026-04-08 16:37:47 -04:00
dependabot[bot]	998466cfcf	chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp ... Bumps [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://github.com/open-telemetry/opentelemetry-go) from 1.42.0 to 1.43.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp dependency-version: 1.43.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-08 20:04:20 +00:00
Matt Farina	e8988d3ead	Merge pull request #32021 from helm/dependabot/go_modules/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp-1.43.0 ... chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.42.0 to 1.43.0	2026-04-08 16:00:56 -04:00
dependabot[bot]	b0cec589f5	chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp ... Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.42.0 to 1.43.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-version: 1.43.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-08 19:54:08 +00:00
Matt Farina	7a76d370e4	Merge pull request #32020 from helm/dependabot/go_modules/go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp-0.19.0 ... chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp from 0.18.0 to 0.19.0	2026-04-08 15:52:52 -04:00
dependabot[bot]	6ebfb29dbf	chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp ... Bumps [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp](https://github.com/open-telemetry/opentelemetry-go) from 0.18.0 to 0.19.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp dependency-version: 0.19.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-08 19:31:43 +00:00
Robert Sirchia	995f667e55	Merge pull request #31983 from helm/dependabot/github_actions/main/actions/setup-go-6.4.0 ... chore(deps): bump actions/setup-go from 6.2.0 to 6.4.0	2026-04-08 15:13:54 -04:00
Robert Sirchia	2e36897f7c	Merge pull request #32015 from helm/dependabot/go_modules/main/github.com/distribution/distribution/v3-3.1.0 ... chore(deps): bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0	2026-04-08 15:10:23 -04:00
Robert Sirchia	a4e61a1c77	Merge pull request #32012 from helm/dependabot/go_modules/github.com/distribution/distribution/v3-3.1.0 ... chore(deps): bump github.com/distribution/distribution/v3 from 3.0.0 to 3.1.0	2026-04-08 15:09:44 -04:00
Terry Howe	a7f84439aa	test(kube): fix flaky WaitForDelete test by avoiding informer sync race ... The previous fix (increasing timeout / reducing deletion delay) did not work because the flakiness is not a timing problem at all. Root cause: fluxcd/cli-utils HasSynced() returns true after the initial list item is *popped* from DeltaFIFO, which is before AddFunc delivers the ResourceUpdateEvent to the collector. This creates a race where the SyncEvent can arrive at the statusObserver *before* the pod's Current status is recorded. When that happens: - statusObserver sees pod as Unknown - Unknown is skipped for WaitForDelete (by design, to handle resources that were already deleted before watching started) - AggregateStatus([], NotFoundStatus) == NotFoundStatus → cancel() - The watch context is cancelled before DeleteFunc can fire - Final check: pod still Current → error The test intent is to verify that waitForDeleteCtx (not the cancelled generalCtx) is selected. A non-existent resource satisfies this: - With waitForDeleteCtx=Background(): informer syncs with empty list → Unknown → cancel → success ✓ - With generalCtx (cancelled, wrong): context immediately done → ctx.Err() appended → error returned ✓ Remove the goroutine-based deletion and the pod creation to eliminate the race while preserving the context-selection assertion. Signed-off-by: Terry Howe <terrylhowe@gmail.com>	2026-04-07 08:23:39 -06:00
Terry Howe	c004f4ddfe	Merge pull request #32014 from AnmolVirdi/doc-import-minor ... Minor fix (docs.go): fix import instructions to comply with canonical import paths	2026-04-07 05:06:00 -06:00
Terry Howe	4c0d21f53f	test(kube): fix flaky WaitForDelete timing in status wait tests ... TestMethodContextOverridesGeneralContext/WaitForDelete used a 1s timeout with a 500ms deletion delay, leaving only ~500ms for the fake watcher to propagate the delete event. On loaded CI runners this window is too tight and causes intermittent failures. Increase the timeout to 5s and reduce the deletion delay to 100ms so there is ample headroom. Apply the same deletion-delay reduction to TestStatusWaitForDelete which shares the same pattern. Signed-off-by: Terry Howe <terrylhowe@gmail.com>	2026-04-07 04:26:12 -06:00
dependabot[bot]	08dea9c140	chore(deps): bump github.com/distribution/distribution/v3 ... Bumps [github.com/distribution/distribution/v3](https://github.com/distribution/distribution) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/distribution/distribution/releases) - [Commits](https://github.com/distribution/distribution/compare/v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: github.com/distribution/distribution/v3 dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-06 21:40:22 +00:00
Anmol Virdi	de58531ca7	Minor nit: fix import instructions to comply with canonical import paths ... Signed-off-by: Anmol Virdi <anmolvirdi2000@gmail.com>	2026-04-07 01:23:50 +05:30
dependabot[bot]	9b1ad4cf02	chore(deps): bump github.com/distribution/distribution/v3 ... Bumps [github.com/distribution/distribution/v3](https://github.com/distribution/distribution) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/distribution/distribution/releases) - [Commits](https://github.com/distribution/distribution/compare/v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: github.com/distribution/distribution/v3 dependency-version: 3.1.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-06 17:53:50 +00:00
Terry Howe	1be395e7aa	Merge pull request #31996 from helm/dependabot/go_modules/main/github.com/lib/pq-1.12.2 ... chore(deps): bump github.com/lib/pq from 1.12.1 to 1.12.2	2026-04-03 08:37:02 -06:00
dependabot[bot]	cd7cf76a17	chore(deps): bump github.com/lib/pq from 1.12.1 to 1.12.2 ... Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.12.1 to 1.12.2. - [Release notes](https://github.com/lib/pq/releases) - [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md) - [Commits](https://github.com/lib/pq/compare/v1.12.1...v1.12.2) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-version: 1.12.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-04-02 21:33:54 +00:00