This release fixes CVE-2023-44487 and CVE-2023-39325.
What's Changed
- cherry-pick(release-v1.4.x): add cherry pick action for v1.4.x release branch by @service-binding-operator-bot in #1484
- cherry-pick(release-v1.4.x): Bump vulture from 2.8 to 2.9 in /hack/check-python by @service-binding-operator-bot in #1485
- cherry-pick(release-v1.4.x): Bump securego/gosec from 2.16.0 to 2.17.0 by @service-binding-operator-bot in #1486
- cherry-pick(release-v1.4.x): ci: run security checks on push to branch by @service-binding-operator-bot in #1487
- cherry-pick(release-v1.4.x): test: retry app creation on failure by @service-binding-operator-bot in #1489
- cherry-pick(release-v1.4.x): ci: cleanup security checks by @service-binding-operator-bot in #1497
- cherry-pick(release-v1.4.x): Bump vulture from 2.9 to 2.9.1 in /hack/check-python by @service-binding-operator-bot in #1502
- V1.4.1 rollup by @sadlerap in #1515
- cherry-pick(release-v1.4.x): Bump securego/gosec from 2.18.1 to 2.18.2 by @service-binding-operator-bot in #1522
- cherry-pick(release-v1.4.x): Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by @service-binding-operator-bot in #1524
- cherry-pick(release-v1.4.x): Bump github.com/operator-framework/api from 0.17.7 to 0.18.0 by @service-binding-operator-bot in #1523
- cherry-pick(release-v1.4.x): Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 by @service-binding-operator-bot in #1525
- cherry-pick(release-v1.4.x): bump version to v1.4.1 by @service-binding-operator-bot in #1521
Full Changelog: v1.4.0...v1.4.1