upstream/helm
1
0
Fork 0
mirror of https://github.com/helm/helm.git synced 2026-04-15 21:59:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
9456 commits 65 branches 249 tags 137 MiB
Commit graph

9456 commits

This branch
This branch
All branches
Author SHA1 Message Date
MrJack
42db90d9e8
Merge branch 'helm:main' into feature/rollback-revision-history 2026-04-03 09:54:56 +02:00
Terry Howe
4d4642b83f
Merge pull request #31994 from helm/dependabot/github_actions/main/github/codeql-action-4.35.1
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
chore(deps): bump github/codeql-action from 4.30.7 to 4.35.1
 2026-04-02 05:10:03 -06:00
dependabot[bot]
45ee55b83f
chore(deps): bump github/codeql-action from 4.30.7 to 4.35.1 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.30.7 to 4.35.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e296a93559...c10b8064de)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-02 02:02:41 +00:00
Terry Howe
67ef801c98
Merge pull request #31974 from TerryHowe/fix/pin-actions-to-sha
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
fix: pin codeql-action/upload-sarif to commit SHA
 2026-04-01 14:14:43 -06:00
Terry Howe
e2a2ed5009
Merge pull request #31984 from helm/dependabot/go_modules/main/github.com/lib/pq-1.12.1
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
govulncheck / govulncheck (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
chore(deps): bump github.com/lib/pq from 1.12.0 to 1.12.1
 2026-03-30 15:30:19 -07:00
dependabot[bot]
9a06741884
chore(deps): bump github.com/lib/pq from 1.12.0 to 1.12.1 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.12.0 to 1.12.1.
- [Release notes](https://github.com/lib/pq/releases)
- [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lib/pq/compare/v1.12.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/lib/pq
  dependency-version: 1.12.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 22:17:45 +00:00
Terry Howe
7e149c7229
Merge pull request #31973 from Debasish-87/fix-registry-comments
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
docs(registry): fix incorrect and improve clarity of comments in client.go
 2026-03-27 16:04:14 +01:00
Terry Howe
7025480397
fix: pin codeql-action/upload-sarif to commit SHA in scorecards workflow 
Pin the remaining unpinned GitHub Action reference to a full commit SHA,
matching the pinning convention already used across other workflows in
this repository. Aligns with the Kubernetes GitHub Actions security policy.

Signed-off-by: Terry Howe <thowe@nvidia.com>
 2026-03-27 07:45:43 +01:00
Debasish Mohanty
85bf56ea82
docs(registry): fix incorrect and improve clarity of comments in client.go 
- Fixed incorrect comment in ClientOptPlainHTTP
- Improved clarity of LoginOptPlainText comment
- Enhanced Login function documentation
- Improved wording for ClientOptHTTPClient

No functional changes.

Signed-off-by: Debasish Mohanty <139056705+Debasish-87@users.noreply.github.com>
 2026-03-27 11:54:38 +05:30
George Jenkins
b3927b3900
Merge pull request #31961 from helm/dependabot/go_modules/main/github.com/ProtonMail/go-crypto-1.4.1
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
govulncheck / govulncheck (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
chore(deps): bump github.com/ProtonMail/go-crypto from 1.3.0 to 1.4.1
 2026-03-24 10:06:50 -07:00
George Jenkins
23a25f67ff
Merge pull request #31960 from helm/dependabot/go_modules/main/github.com/lib/pq-1.12.0 
chore(deps): bump github.com/lib/pq from 1.11.2 to 1.12.0
 2026-03-24 10:04:00 -07:00
Terry Howe
8e44f8e3fe
Merge pull request #31957 from Mentigen/add-mustToToml
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
govulncheck / govulncheck (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
feat(engine): add mustToToml template function
 2026-03-24 06:16:46 +01:00
Terry Howe
7369ac0eaa
Merge pull request #31959 from helm/dependabot/go_modules/main/github.com/fatih/color-1.19.0 
chore(deps): bump github.com/fatih/color from 1.18.0 to 1.19.0
 2026-03-24 06:15:43 +01:00
dependabot[bot]
c7a75b16cb
chore(deps): bump github.com/ProtonMail/go-crypto from 1.3.0 to 1.4.1 
Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.3.0 to 1.4.1.
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](https://github.com/ProtonMail/go-crypto/compare/v1.3.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-23 21:35:31 +00:00
dependabot[bot]
3a7573a81e
chore(deps): bump github.com/lib/pq from 1.11.2 to 1.12.0 
Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.11.2 to 1.12.0.
- [Release notes](https://github.com/lib/pq/releases)
- [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lib/pq/compare/v1.11.2...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/lib/pq
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-23 21:35:27 +00:00
dependabot[bot]
0229da1803
chore(deps): bump github.com/fatih/color from 1.18.0 to 1.19.0 
Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.18.0...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-23 21:35:24 +00:00
George Jenkins
ce203dc568
Merge pull request #31938 from mmorel-35/perfsprint
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
govulncheck / govulncheck (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
chore: enable perfsprint linter
 2026-03-23 09:57:14 -07:00
George Jenkins
563d1cfa73
Merge pull request #31934 from helm/dependabot/go_modules/main/golang.org/x/crypto-0.49.0 
chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0
 2026-03-23 09:56:22 -07:00
George Jenkins
dde23c5e9c
Merge pull request #31945 from helm/dependabot/go_modules/google.golang.org/grpc-1.79.3 
chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3
 2026-03-23 09:55:51 -07:00
George Jenkins
aa5e205b3b
Merge pull request #31953 from mmorel-35/revive-unnecessary-format 
chore: fix unnecessary-format issues from revive
 2026-03-23 09:55:20 -07:00
Ilya Kiselev
c1a5a6e260 docs(engine): fix misleading toTOML doc comment 
The toTOML doc comment said "returns empty string on marshal error"
but the implementation actually returns err.Error(). Fix the comment
to match the real behavior. Also mention mustToToml as the strict
alternative.

Signed-off-by: Ilya Kiselev <kis-ilya-a@yandex.ru>
 2026-03-23 18:38:57 +03:00
Ilya Kiselev
b075f7a35d feat(engine): add mustToToml template function 
Add `mustToToml` that panics on marshal error, consistent with
`mustToYaml` and `mustToJson`. This makes it possible for chart authors
to get a hard failure when TOML serialization fails, rather than having
to inspect the output manually.

`toToml` behavior is unchanged in this commit.

Closes #31430

Signed-off-by: Ilya Kiselev <kis-ilya-a@yandex.ru>
 2026-03-23 18:20:54 +03:00
Matthieu MOREL
7edfff33eb chore: fix unnecessary-format issues from revive 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2026-03-23 07:07:27 +01:00
dependabot[bot]
37185d2ea6
chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.78.0...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-19 02:21:05 +00:00
Matthieu MOREL
62494896e9 chore: enable perfsprint linter 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2026-03-14 08:50:41 +01:00
George Jenkins
42f78ba60e
Merge pull request #31872 from mmorel-35/perfsprint-pkg-6-5f845e3
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
chore(pkg): fix perfsprint linter issues part 6
 2026-03-13 19:04:07 -07:00
George Jenkins
e3b4808450
Merge pull request #31874 from mmorel-35/perfsprint-pkg-4-fb6db58 
chore(pkg): fix perfsprint linter issues part 4
 2026-03-13 19:03:04 -07:00
George Jenkins
610547b570
Merge pull request #31873 from mmorel-35/perfsprint-pkg-5-3294250 
chore(pkg): fix perfsprint linter issues part 5
 2026-03-13 19:00:01 -07:00
MrJack
a753caca76
Merge branch 'helm:main' into feature/rollback-revision-history 2026-03-13 14:20:02 +01:00
dependabot[bot]
3d06fd1feb
chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.48.0 to 0.49.0.
- [Commits](https://github.com/golang/crypto/compare/v0.48.0...v0.49.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-12 21:34:16 +00:00
George Jenkins
d3df72e560
Merge pull request #31932 from TerryHowe/fix/remove-legacy-import-comments-test-files
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
pkg/kube: remove legacy import comments from test files
 2026-03-12 12:30:10 -07:00
George Jenkins
2cba43c8bf
Merge pull request #31931 from abhay1999/fix/remove-legacy-import-comments-pkg-kube 
pkg/kube: remove legacy import comments
 2026-03-12 12:29:53 -07:00
Terry Howe
e64d628a13
fix(kube): remove legacy import comments from test files 
Remove pre-Go modules import path comments from pkg/kube test files
(ready_test.go, resource_test.go, statuswait_test.go) for consistency
with the rest of the package.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
 2026-03-12 06:12:04 -06:00
abhay1999
d7cdc9e8fb pkg/kube: remove legacy import comments 
Import path comments (e.g. `// import "helm.sh/helm/v4/pkg/kube"`) are
a pre-Go modules convention no longer needed in module-aware builds.
Some files in pkg/kube had these comments while others did not, causing
inconsistency that triggered downstream Kythe indexing errors.

Remove the import comments from all affected files to make the package
declaration consistent across the directory.

Fixes #31846

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: abhay1999 <abhaychaurasiya19@gmail.com>
 2026-03-12 11:10:44 +05:30
George Jenkins
72657d0eb2
Merge pull request #31927 from helm/dependabot/go_modules/main/golang.org/x/term-0.41.0
Some checks failed
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details
govulncheck / govulncheck (push) Has been cancelled
Details 
chore(deps): bump golang.org/x/term from 0.40.0 to 0.41.0
 2026-03-11 16:42:11 -07:00
dependabot[bot]
c4be7af2a1
chore(deps): bump golang.org/x/term from 0.40.0 to 0.41.0 
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.40.0 to 0.41.0.
- [Commits](https://github.com/golang/term/compare/v0.40.0...v0.41.0)

---
updated-dependencies:
- dependency-name: golang.org/x/term
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-11 21:34:17 +00:00
Terry Howe
b4bd6b7688
Merge pull request #31921 from tsinglua/main
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
chore: fix some minor issues in the comments
 2026-03-11 06:13:23 -06:00
tsinglua
259f181808 chore: fix some minor issues in the comments 
Signed-off-by: tsinglua <tsinglua@outlook.com>
 2026-03-11 16:55:34 +08:00
Terry Howe
2f51ffe93c
Merge pull request #31909 from helm/dependabot/go_modules/main/sigs.k8s.io/controller-runtime-0.23.3
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
govulncheck / govulncheck (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
chore(deps): bump sigs.k8s.io/controller-runtime from 0.23.1 to 0.23.3
 2026-03-09 16:38:35 -06:00
dependabot[bot]
74e7cf877a
chore(deps): bump sigs.k8s.io/controller-runtime from 0.23.1 to 0.23.3
Some checks failed
golangci-lint / golangci-lint (push) Has been cancelled
Details
govulncheck / govulncheck (push) Has been cancelled
Details 
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.23.1 to 0.23.3.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.23.1...v0.23.3)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-09 20:50:04 +00:00
Terry Howe
3e7b38fd04
Merge pull request #31868 from matheuscscp/fix-31867
Some checks are pending
build-test / build (push) Waiting to run
Details
CodeQL / Analyze (push) Waiting to run
Details
golangci-lint / golangci-lint (push) Waiting to run
Details
govulncheck / govulncheck (push) Waiting to run
Details
release / release (push) Waiting to run
Details
release / canary-release (push) Waiting to run
Details
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Details 
fix: insert newline after doc separators glued to content by template trimming
 2026-03-09 12:30:56 -06:00
Terry Howe
790d5d9276
Merge pull request #31864 from helm/dependabot/go_modules/github.com/cloudflare/circl-1.6.3 
chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
 2026-03-09 11:59:52 -06:00
Matheus Pimenta
af94abf976
fix: insert newline after doc separators glued to content by template trimming 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
 2026-03-09 17:22:18 +00:00
dependabot[bot]
16073b1e3c
chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3)

---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
  dependency-version: 1.6.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-09 17:05:07 +00:00
Terry Howe
e5ef11c52a
Merge pull request #31898 from TerryHowe/fix/bump-otel-sdk-vuln 
fix: bump go.opentelemetry.io/otel/sdk to v1.40.0 for GO-2026-4394
 2026-03-09 11:03:21 -06:00
Terry Howe
0a3fe6aa52
Merge pull request #31897 from TerryHowe/fix/bump-cli-utils-transient-pod-failure 
fix: bump fluxcd/cli-utils to v0.37.2-flux.1
 2026-03-09 10:52:06 -06:00
MrJack
6927cde3f9 fix: address Copilot review feedback on rollback revision PR 
- Clarify --show-rollback flag help text to specify it only affects table output
- Add RollbackRevision JSON round-trip tests for pkg/release/v1 and internal/release/v2
- Add omitempty behavior verification for zero rollback_revision

Signed-off-by: MrJack <36191829+biagiopietro@users.noreply.github.com>
 2026-03-09 15:43:27 +01:00
MrJack
e889cff089 feat(history): add --show-rollback flag for opt-in rollback column 
Replace the always-visible ROLLBACK column with an opt-in --show-rollback
flag to avoid breaking the default table output (HIP-0004). JSON and YAML
formats continue to include rollback_revision when present via omitempty.

Signed-off-by: MrJack <36191829+biagiopietro@users.noreply.github.com>
 2026-03-09 09:45:04 +01:00
MrJack
9ea6b5ab99
Merge branch 'helm:main' into feature/rollback-revision-history 2026-03-09 09:34:26 +01:00
Matthieu MOREL
e31a078e6e
chore: enable modernize linter (#31860)
Some checks failed
build-test / build (push) Has been cancelled
Details
CodeQL / Analyze (push) Has been cancelled
Details
golangci-lint / golangci-lint (push) Has been cancelled
Details
release / release (push) Has been cancelled
Details
release / canary-release (push) Has been cancelled
Details
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Details 
Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>
 2026-03-06 14:54:33 +00:00