Hello everyone, here is Kured 1.17.1, which is a patch release that primarily features updates to resolve possible CVEs in our dependencies.
What's Changed
- build(deps): bump github.com/prometheus/common from 0.61.0 to 0.62.0 by @dependabot in #1060
- build(deps): bump step-security/harden-runner from 2.10.3 to 2.10.4 by @dependabot in #1061
- build(deps): bump actions/stale from 9.0.0 to 9.1.0 by @dependabot in #1062
- build(deps): bump github/codeql-action from 3.28.1 to 3.28.2 by @dependabot in #1063
- build(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by @dependabot in #1064
- build(deps): bump github/codeql-action from 3.28.2 to 3.28.4 by @dependabot in #1067
- build(deps): bump github/codeql-action from 3.28.4 to 3.28.5 by @dependabot in #1069
- build(deps): bump docker/build-push-action from 6.12.0 to 6.13.0 by @dependabot in #1068
- build(deps): bump github/codeql-action from 3.28.5 to 3.28.6 by @dependabot in #1070
- build(deps): bump github/codeql-action from 3.28.6 to 3.28.7 by @dependabot in #1071
- build(deps): bump github/codeql-action from 3.28.7 to 3.28.8 by @dependabot in #1073
- build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @dependabot in #1072
- build(deps): bump lycheeverse/lychee-action from 2.2.0 to 2.3.0 by @dependabot in #1074
- build(deps): bump docker/setup-qemu-action from 3.3.0 to 3.4.0 by @dependabot in #1075
- build(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0 by @dependabot in #1076
- build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by @dependabot in #1077
- build(deps): bump alpine from 3.21.2 to 3.21.3 by @dependabot in #1078
- build(deps): bump step-security/harden-runner from 2.10.4 to 2.11.0 by @dependabot in #1079
- build(deps): bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 by @dependabot in #1081
- build(deps): bump docker/build-push-action from 6.13.0 to 6.14.0 by @dependabot in #1080
- build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @dependabot in #1084
- build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @dependabot in #1083
- Update go version k8s deps and images by @dholbach in #1082
- build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot in #1086
- build(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0 by @dependabot in #1092
- build(deps): bump docker/build-push-action from 6.14.0 to 6.15.0 by @dependabot in #1091
- build(deps): bump docker/setup-qemu-action from 3.4.0 to 3.5.0 by @dependabot in #1090
- build(deps): bump docker/metadata-action from 5.6.1 to 5.7.0 by @dependabot in #1089
- build(deps): bump docker/setup-qemu-action from 3.5.0 to 3.6.0 by @dependabot in #1093
- prepare 1.17.1 release by @dholbach in #1085
Full Changelog: 1.17.0...1.17.1
Kubernetes Version Compatibility
The daemon image contains a 1.30.x k8s.io/{client-go,kubectl} for the purposes of maintaining the lock and draining worker nodes. Kubernetes aims to provide forwards & backwards compatibility of one minor version between client and server, so this should work on 1.29.x, 1.30.x and 1.31.x
Thanks a lot to everyone who contributed to kured since 1.17.0!