Sync from SUSE:SLFO:1.1 helm revision 913f823def21a75383602985614500af

_service

@@ -5,7 +5,7 @@
     <param name="exclude">.git</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
-    <param name="revision">v3.16.3</param>
+    <param name="revision">v3.19.1</param>
     <param name="changesgenerate">enable</param>
   </service>
   <service name="set_version" mode="manual">

_servicedata

@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/helm/helm.git</param>
-              <param name="changesrevision">cfd07493f46efc9debd9cc1b02a0961186df7fdf</param></service></servicedata>
+              <param name="changesrevision">4f953c223ba21103268e0b664c64240bc69fced7</param></service></servicedata>

helm.changes

@@ -1,3 +1,354 @@
+-------------------------------------------------------------------
+Tue Nov 11 10:17:19 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.19.1 (bsc#1251649, CVE-2025-58190,
+  bsc#1251442, CVE-2025-47911):
+  * chore(deps): bump github.com/containerd/containerd from 1.7.28
+    to 1.7.29
+  * jsonschema: warn and ignore unresolved URN $ref to match
+    v3.18.4
+  * Avoid "panic: interface conversion: interface {} is nil"
+  * Fix `helm pull` untar dir check with repo urls
+  * Fix deprecation warning
+  * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
+  * Add timeout flag to repo add and update flags
+  * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
+
+-------------------------------------------------------------------
+Sat Sep 13 16:02:47 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- Update to version 3.19.0:
+  * bump version to v3.19.0
+  * fix: use username and password if provided
+  * chore(deps): bump the k8s-io group with 7 updates
+  * chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1
+  * chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1
+  * chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0
+  * fix(helm-lint): fmt
+  * fix(helm-lint): Add TLSClientConfig
+  * fix(helm-lint): Add HTTP/HTTPS URL support for json schema references
+  * chore(deps): bump the k8s-io group with 7 updates
+  * fix: go mod tidy for v3
+  * chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0
+  * chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0
+  * fix Chart.yaml handling
+  * Handle messy index files
+  * chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28
+  * json schema fix
+  * fix: k8s version parsing to match original
+  * chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0
+  * Do not explicitly set SNI in HTTPGetter
+  * chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7
+  * chore(deps): bump the k8s-io group with 7 updates
+  * chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0
+  * chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0
+  * chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0
+  * Disabling linter due to unknown issue
+  * Updating link handling
+  * Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1
+  * build(deps): bump the k8s-io group with 7 updates
+  * build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0
+  * fix: user username password for login
+  * Update pkg/registry/transport.go
+  * Update pkg/registry/transport.go
+  * fix: add debug logging to oci transport
+  * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
+  * build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0
+  * fix: legacy docker support broken for login
+  * fix: plugin installer test with no Internet
+  * Handle an empty registry config file.
+  * Prevent fetching newReference again as we have in calling method
+  * Prevent failure when resolving version tags in oras memory store
+  * fix(client): skipnode utilization for PreCopy
+  * test: Skip instead of returning early. looks more intentional
+  * test: tests repo stripping functionality
+  * test: include tests for Login based on different protocol prefixes
+  * fix(client): layers now returns manifest - remove duplicate from descriptors
+  * fix(client): return nil on non-allowed media types
+  * Fix 3.18.0 regression: registry login with scheme
+  * Update pkg/plugin/plugin.go
+  * Update pkg/plugin/plugin.go
+  * Wait for Helm v4 before raising when platformCommand and Command are set
+  * Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
+  * build(deps): bump the k8s-io group with 7 updates
+  * chore: update generalization warning message
+  * build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0
+  * build(deps): bump the k8s-io group with 7 updates
+  * build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0
+  * fix: move warning to top of block
+  * fix: govulncheck workflow
+  * fix: replace fmt warning with slog
+  * fix: add warning when ignore repo flag
+  * bump version to v3.18.0
+  * backport #30673 to dev-v3
+  * feat: add httproute from gateway-api to create chart template
+
+-------------------------------------------------------------------
+Wed Aug 20 11:12:50 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.6:
+  * fix(helm-lint): fmt
+  * fix(helm-lint): Add TLSClientConfig
+  * fix(helm-lint): Add HTTP/HTTPS URL support for json schema
+    references
+
+-------------------------------------------------------------------
+Tue Aug 19 05:19:28 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.5:
+  * fix Chart.yaml handling 7799b48 (Matt Farina)
+  * Handle messy index files dd8502f (Matt Farina)
+  * json schema fix cb8595b (Robert Sirchia)
+
+-------------------------------------------------------------------
+Mon Aug  4 15:20:55 UTC 2025 - Alexey Kolos <lioli7k@gmail.com>
+
+- Fix shell completion dependencies
+  * Add BuildRequires to prevent inclusion of folders owned by shells.
+  * Add Requires because installing completions without appropriate
+    shell is questionable.
+
+-------------------------------------------------------------------
+Tue Jul 29 20:02:25 UTC 2025 - Alexey Kolos <lioli7k@gmail.com>
+
+- Fix zsh completion location
+
+-------------------------------------------------------------------
+Wed Jul 09 04:44:40 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.4 (bsc#1246152, CVE-2025-53547):
+  * Disabling linter due to unknown issue f20a4ad (Matt Farina)
+  * build(deps): bump the k8s-io group with 7 updates 563b094
+    (dependabot[bot])
+  * Updating link handling 00de613 (Matt Farina)
+
+-------------------------------------------------------------------
+Tue Jun 17 04:30:30 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.3:
+  * build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0
+    6838ebc (dependabot[bot])
+  * fix: user username password for login 5b9e2f6 (Terry Howe)
+  * Update pkg/registry/transport.go 2782412 (Terry Howe)
+  * Update pkg/registry/transport.go e66cf6a (Terry Howe)
+  * fix: add debug logging to oci transport 191f05c (Terry Howe)
+
+-------------------------------------------------------------------
+Tue Jun 10 08:14:00 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- remove flaky test
+  * cmd/helm/dependency_build_test.go
+  * cmd/helm/dependency_update_test.go
+  * cmd/helm/pull_test.go
+  * cmd/helm/registry_login_test.go
+
+-------------------------------------------------------------------
+Mon Jun 02 15:44:48 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.2:
+  * fix: legacy docker support broken for login 04cad46 (Terry
+    Howe)
+  * Handle an empty registry config file. bc9f8a2 (Matt Farina)
+
+-------------------------------------------------------------------
+Sat May 31 05:20:36 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.1:
+  * Notes:
+    - This release fixes regressions around template generation and
+      OCI registry interaction in 3.18.0
+    - There are at least 2 known regressions unaddressed in this
+      release. They are being worked on.
+      - Empty registry configuration files. When the file exists
+        but it is empty.
+      - Login to Docker Hub on some domains fails.
+  * Changelog
+    - fix(client): skipnode utilization for PreCopy
+    - fix(client): layers now returns manifest - remove duplicate
+      from descriptors
+    - fix(client): return nil on non-allowed media types
+    - Prevent fetching newReference again as we have in calling
+      method
+    - Prevent failure when resolving version tags in oras memory
+      store
+    - Update pkg/plugin/plugin.go
+    - Update pkg/plugin/plugin.go
+    - Wait for Helm v4 before raising when platformCommand and
+      Command are set
+    - Fix 3.18.0 regression: registry login with scheme
+    - Revert "fix (helm) : toToml` renders int as float [ backport
+      to v3 ]"
+
+-------------------------------------------------------------------
+Thu May 22 18:13:21 UTC 2025 - Andreas Schwab <schwab@suse.de>
+
+- Don't disable CGO on riscv64
+
+-------------------------------------------------------------------
+Tue May 20 19:29:23 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- reduce parallelism even more on tests
+
+-------------------------------------------------------------------
+Tue May 20 04:35:56 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.18.0 (bsc#1241802, CVE-2025-22872):
+  * Notable Changes
+    - Add support for JSON Schema 2020
+    - Enabled cpu and memory profiling
+    - Add hook annotation to output hook logs to client on error
+  * Changelog
+    - build(deps): bump the k8s-io group with 7 updates
+    - fix: govulncheck workflow
+    - bump version to v3.18.0
+    - fix:add proxy support when mTLS configured
+    - docs: Note about http fallback for OCI registries
+    - Bump net package to avoid CVE on dev-v3
+    - Bump toml
+    - backport #30677to dev3
+    - build(deps): bump github.com/rubenv/sql-migrate from 1.7.2 to
+      1.8.0
+    - Add install test for TakeOwnership flag
+    - Fix --take-ownership
+    - build(deps): bump github.com/rubenv/sql-migrate from 1.7.1 to
+      1.7.2
+    - build(deps): bump golang.org/x/crypto from 0.36.0 to 0.37.0
+    - build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0
+    - Testing text bump
+    - Permit more Go version and not only 1.23.8
+    - Bumps github.com/distribution/distribution/v3 from 3.0.0-rc.3
+      to 3.0.0
+    - Unarchiving fix
+    - Fix typo
+    - Report as debug log, the time spent waiting for resources
+    - build(deps): bump github.com/containerd/containerd from
+      1.7.26 to 1.7.27
+    - Update pkg/registry/fallback.go
+    - automatic fallback to http
+    - chore(oci): upgrade to ORAS v2
+    - Updating to 0.37.0 for x/net
+    - build(deps): bump the k8s-io group with 7 updates
+    - build(deps): bump golang.org/x/crypto from 0.35.0 to 0.36.0
+    - build(deps): bump github.com/opencontainers/image-spec
+    - build(deps): bump github.com/containerd/containerd from
+      1.7.25 to 1.7.26
+    - build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0
+    - Fix cherry-pick helm.sh/helm/v4 -> helm.sh/helm/v3
+    - Refactor based on review comment
+    - Refactor based on review comment
+    - Add HookOutputFunc and generic yaml unmarshaller
+    - clarify fix error message
+    - fix err check
+    - remove comments about previous functionality
+    - add short circuit return
+    - Update based on review comments
+    - Update based on review comments
+    - Fix lint
+    - Tidy up imports
+    - Add hook annotations to output pod logs to client on success
+      and fail
+    - chore: use []error instead of []string
+    - Update cmd/helm/profiling.go
+    - chore: update profiling doc in CONTRIBUTING.md
+    - Update CONTRIBUTING guide
+    - Prefer environment variables to CLI flags
+    - Fix linter warning
+    - Move pprof paths to HELM_PPROF env variable
+    - Update CONTRIBUTING.md
+    - Update CONTRIBUTING.md
+    - Additional review fixes from PR
+    - feat: Add flags to enable CPU and memory profiling
+    - build(deps): bump github.com/distribution/distribution/v3
+    - build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
+    - Moving to SetOut and SetErr for Cobra
+    - build(deps): bump the k8s-io group with 7 updates
+    - build(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0
+    - build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0
+    - build(deps): bump golang.org/x/text from 0.21.0 to 0.22.0
+    - build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
+    - build(deps): bump github.com/cyphar/filepath-securejoin
+    - build(deps): bump github.com/evanphx/json-patch
+    - build(deps): bump the k8s-io group with 7 updates
+    - fix: check group for resource info match
+    - Bump github.com/cyphar/filepath-securejoin from 0.3.6 to
+      0.4.0
+    - add test for nullifying nested global value
+    - Ensuring the file paths are clean prior to passing to
+      securejoin
+    - Bump github.com/containerd/containerd from 1.7.24 to 1.7.25
+    - Bump golang.org/x/crypto from 0.31.0 to 0.32.0
+    - Bump golang.org/x/term from 0.27.0 to 0.28.0
+    - bump version to v3.17.0
+    - Bump github.com/moby/term from 0.5.0 to 0.5.2
+    - Add test case for removing an entire object
+    - Tests for bugfix: Override subcharts with null values #12879
+    - feat: Added multi-platform plugin hook support to v3
+    - This commit fixes the issue where the yaml.Unmarshaller
+      converts all int values into float64, this passes in option
+      to decoder, which enables conversion of int into .
+    - merge null child chart objects
+
+-------------------------------------------------------------------
+Thu Apr 10 04:56:46 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to version 3.17.3:
+  Helm v3.17.3 is a security (patch) release. Users are strongly
+  recommended to update to this release.
+  * Changelog
+    - Unarchiving fix e4da497 (Matt Farina)
+
+-------------------------------------------------------------------
+Thu Mar 13 18:16:55 UTC 2025 - opensuse_buildservice@ojkastl.de
+
+- Update to version 3.17.2 (bsc#1238688, CVE-2025-22870):
+  * Updating to 0.37.0 for x/net
+  * build(deps): bump the k8s-io group with 7 updates
+
+-------------------------------------------------------------------
+Mon Mar 10 16:41:05 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- skip 32bit builds on SLFO
+
+-------------------------------------------------------------------
+Fri Feb 14 11:52:56 UTC 2025 - Dirk Müller <dmueller@suse.com>
+
+- reduce test flakyness by limiting parallelism to what upstream
+  uses
+
+-------------------------------------------------------------------
+Thu Feb 13 06:16:05 UTC 2025 - opensuse_buildservice@ojkastl.de
+
+- Update to version 3.17.1:
+  * add test for nullifying nested global value
+  * Add test case for removing an entire object
+  * Tests for bugfix: Override subcharts with null values #12879
+  * merge null child chart objects
+  * build(deps): bump the k8s-io group with 7 updates
+  * fix: check group for resource info match
+
+-------------------------------------------------------------------
+Thu Jan 16 05:57:13 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- Update to 3.17.0 (bsc#1235318, CVE-2024-45338):
+  Full changelog:
+  https://github.com/helm/helm/releases/tag/v3.17.0
+  * Notable Changes
+    - Allow pulling and installation by OCI digest
+    - Annotations and dependencies are now in chart metadata output
+    - New --take-ownership flag for install and upgrade commands
+    - SDK: Authorizer and registry authorizer are now configurable
+    - Removed the Kubernetes configuration file permissions check
+    - Added username/password to helm push and dependency
+      build/update subcommands
+    - Added toYamlPretty template function
+
+-------------------------------------------------------------------
+Mon Dec 16 21:45:40 UTC 2024 - dmueller@suse.com
+
+- Update to version 3.16.4 (bsc#1234482, CVE-2024-45337):
+  * Bump golang.org/x/crypto from 0.30.0 to 0.31.0
+  * Bump the k8s-io group with 7 updates
+
 -------------------------------------------------------------------
 Thu Nov 14 13:05:38 UTC 2024 - dmueller@suse.com
 
@@ -85,7 +436,10 @@ Thu May 23 19:45:52 UTC 2024 - opensuse_buildservice@ojkastl.de
 -------------------------------------------------------------------
 Sat May 18 09:20:56 UTC 2024 - opensuse_buildservice@ojkastl.de
 
-- Update to version 3.15.0:
+- Update to version 3.15.0 (bsc#1220207, CVE-2024-26147,
+  bsc#1219969, CVE-2024-25620):
+  - obsoletes CVE-2024-26147.patch in older distributions
+  - obsoletes CVE-2024-25620.patch in odler distributions
   Helm v3.15.0 is a feature release. Users are encouraged to
   upgrade for the best experience.
   * Updating to k8s 1.30 c4e37b3 (Matt Farina)

helm.obsinfo

@@ -1,4 +1,4 @@
 name: helm
-version: 3.16.3
-mtime: 1731352441
-commit: cfd07493f46efc9debd9cc1b02a0961186df7fdf
+version: 3.19.1
+mtime: 1762826932
+commit: 4f953c223ba21103268e0b664c64240bc69fced7

helm.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package helm
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
 %define goipath helm.sh/helm/v3
 %define git_dirty clean
 Name:           helm
-Version:        3.16.3
+Version:        3.19.1
 Release:        0
 Summary:        The Kubernetes Package Manager
 License:        Apache-2.0
@@ -27,17 +27,25 @@ Group:          Development/Languages/Other
 URL:            https://github.com/helm/helm
 Source0:        %{name}-%{version}.tar.gz
 Source1:        vendor.tar.gz
+BuildRequires:  fish
 BuildRequires:  golang-packaging
-BuildRequires:  golang(API) = 1.22
+BuildRequires:  zsh
+%if 0%{?suse_version} == 1600
+# go is not available on Framework one for x86
+ExcludeArch:    %ix86
+%endif
+BuildRequires:  golang(API) = 1.24
 %{go_provides}
 
 %description
-Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources.
+Helm is a tool for managing Kubernetes charts. Charts are packages of
+pre-configured Kubernetes resources.
 
 %package bash-completion
 Summary:        Bash Completion for %{name}
 Group:          System/Shells
 Requires:       %{name} = %{version}
+Requires:       bash-completion
 Supplements:    (%{name} and bash-completion)
 BuildArch:      noarch
 
@@ -48,6 +56,7 @@ Bash command line completion support for %{name}.
 Summary:        Zsh Completion for %{name}
 Group:          System/Shells
 Requires:       %{name} = %{version}
+Requires:       zsh
 Supplements:    (%{name} and zsh)
 BuildArch:      noarch
 
@@ -58,6 +67,7 @@ Zsh command line completion support for %{name}.
 Summary:        Fish Completion for %{name}
 Group:          System/Shells
 Requires:       %{name} = %{version}
+Requires:       fish
 Supplements:    (%{name} and fish)
 BuildArch:      noarch
 
@@ -71,7 +81,7 @@ Fish command line completion support for %{name}.
 %goprep %{goipath}
 export K8S_MINOR=$(grep k8s.io/client-go go.mod | cut -d. -f3)
 export GO111MODULE=on
-%ifnarch s390x
+%ifnarch %ix86 s390x riscv64
 export CGO_ENABLED=0
 %endif
 %gobuild -trimpath -tags '' -mod vendor -buildmode pie -ldflags \
@@ -89,8 +99,8 @@ export CGO_ENABLED=0
 %goinstall
 mkdir -p %{buildroot}%{_datarootdir}/bash-completion/completions
 %{buildroot}/%{_bindir}/helm completion bash > %{buildroot}%{_datarootdir}/bash-completion/completions/%{name}
-mkdir -p %{buildroot}%{_datarootdir}/zsh_completion.d
-%{buildroot}/%{_bindir}/helm completion zsh > %{buildroot}%{_datarootdir}/zsh_completion.d/_%{name}
+mkdir -p %{buildroot}%{_datarootdir}/zsh/site-functions
+%{buildroot}/%{_bindir}/helm completion zsh > %{buildroot}%{_datarootdir}/zsh/site-functions/_%{name}
 mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d
 %{buildroot}/%{_bindir}/helm completion fish > %{buildroot}%{_datarootdir}/fish/vendor_completions.d/%{name}.fish
 
@@ -98,7 +108,12 @@ mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d
 # requires network
 rm -v pkg/plugin/installer/*installer_test.go
 rm -v pkg/engine/engine_test.go
-GO111MODULE=on go test ./...
+# skip flaky tests
+rm -v cmd/helm/dependency_build_test.go
+rm -v cmd/helm/dependency_update_test.go
+rm -v cmd/helm/pull_test.go
+rm -v cmd/helm/registry_login_test.go
+GO111MODULE=on go test -p 2 ./...
 
 %files
 %doc README.md
@@ -106,16 +121,12 @@ GO111MODULE=on go test ./...
 %{_bindir}/helm
 
 %files bash-completion
-%dir %{_datarootdir}/bash-completion/completions/
 %{_datarootdir}/bash-completion/completions/%{name}
 
 %files zsh-completion
-%dir %{_datarootdir}/zsh_completion.d/
-%{_datarootdir}/zsh_completion.d/_%{name}
+%{_datarootdir}/zsh/site-functions/_%{name}
 
 %files fish-completion
-%dir %{_datarootdir}/fish
-%dir %{_datarootdir}/fish/vendor_completions.d
 %{_datarootdir}/fish/vendor_completions.d/%{name}.fish
 
 %changelog