operator-sdk

operator-sdk copied to clipboard

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0. Commits 4e0068c go.mod: update golang.org/x dependencies e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs f91f7a7 ssh/agent: prevent panic on malformed...

dependabot[bot]

[Slack discussion](https://kubernetes.slack.com/archives/CAW0GV7A5/p1763458318223579?thread_ts=1763021938.129309&cid=CAW0GV7A5). **Description of the change:** **Motivation for the change:** **Checklist** If the pull request includes user-facing changes, extra documentation is required: - [ ] Add a new changelog fragment...

porridge

Upgrade guide cleanup

1

While walking through the upgrade guides, I found some paths to correct and other typo/grammar changes.

bdunne

Add support for ClusterRole AggregationRule during bundle generation

12

**Description of the change:** ClusterRoles that use an AggregationRule often do not have any rules defined directly. Instead, their rules are aggregated from other ClusterRoles that match the AggregationRule’s label...

zimnx

Meta Issue for k8s 1.34 bump In order to bump Operator SDK to support Kubernetes 1.34 there are a few dependencies we rely on making the bump first. This issue...

acornett21

Bump golang from 1.24 to 1.25 in /images/helm-operator

3

Bumps golang from 1.24 to 1.25. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...

dependabot[bot]

Bump golang from 1.24 to 1.25 in /images/custom-scorecard-tests

3

Bumps golang from 1.24 to 1.25. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...

dependabot[bot]

Bump golang from 1.24 to 1.25 in /images/scorecard-test

3

Bumps golang from 1.24 to 1.25. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...

dependabot[bot]

Bumps golang from 1.24 to 1.25. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...

dependabot[bot]

Rules of ClusterRoles with AggregationRule are not included in generated bundle permissions

2

ClusterRoles that utilize AggregationRule are often defined without any direct rules. Instead, their permissions are aggregated from other ClusterRoles that match the specified label selector. However, the current permission generator...

zimnx