Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) #10736

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 9, 2024

This PR contains the following updates:

Package Update Change
redis (source) major ~19.6.0 -> ~20.6.0

Release Notes

bitnami/charts (redis)

v20.6.0

  • [bitname/redis] Add support for master and replicas resources to be annotated (#​31034)

v20.5.0

  • [bitnami/redis] Detect non-standard images (#​30942)

v20.4.1

v20.4.0

v20.3.0

v20.2.2

v20.2.1

v20.2.0

  • [bitnami/redis] add extraPodSpec (#​29725)

v20.1.7

v20.1.6

v20.1.5

v20.1.4

v20.1.3

v20.1.2

v20.1.1

v20.1.0

v20.0.5

v20.0.4

v20.0.3

v20.0.2

v20.0.1

v20.0.0


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 9, 2024
Copy link

dryrunsecurity bot commented Aug 9, 2024

DryRun Security Summary

The pull request updates the Redis and PostgreSQL Helm chart dependencies in the DefectDojo application from older to newer versions, which can provide security patches and improvements, while maintaining a cautious approach to dependency management.

Expand for full summary

Summary:

The changes in this pull request are focused on updating the versions of the Redis and PostgreSQL Helm chart dependencies used by the DefectDojo application. Specifically, the Redis chart version has been updated from ~19.6.0 to ~20.6.0, and the PostgreSQL chart version has been updated from 16.3.0 to 16.3.2.

From an application security perspective, these changes are generally positive, as updating dependencies to newer versions can provide security patches, bug fixes, and feature improvements. However, it's important to thoroughly test the changes to ensure that there are no regressions or compatibility issues introduced by the updates.

The version constraints used in the changes (e.g., ~20.6.0 for Redis) are a common way to manage dependency updates, as they allow for security and bug fix updates while avoiding potentially breaking changes. Overall, these changes appear to be routine updates to Helm chart dependencies and do not raise any immediate application security concerns, provided that the necessary testing and review have been completed.

Files Changed:

  1. helm/defectdojo/Chart.yaml: This file has been updated to change the version of the Redis Helm chart dependency from ~19.6.0 to ~20.6.0.
  2. helm/defectdojo/Chart.lock: This file has been updated to reflect the changes in the Helm chart dependencies, with the PostgreSQL chart version being updated from 16.3.0 to 16.3.2 and the Redis chart version being updated from 19.6.4 to 20.6.0.

Code Analysis

We ran 9 analyzers against 2 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@github-actions github-actions bot added the helm label Aug 9, 2024
mtesauro
mtesauro previously approved these changes Aug 9, 2024
Copy link
Contributor

@cneill cneill left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like this version of the chart is using Redis 7.4.0, which we've held off on elsewhere:

❯ helm search repo bitnami/redis -l
NAME                    CHART VERSION   APP VERSION     DESCRIPTION
bitnami/redis           20.0.1          7.4.0           Redis(R) is an open source, advanced key-value ...
bitnami/redis           20.0.0          7.4.0           Redis(R) is an open source, advanced key-value ...

@mtesauro
Copy link
Contributor

@cneill Good catch - that licensing change would likely not be expected by those using the helm chart in this repo beyond it not matching the upstream version

Let's sit on this for now 👍

@mtesauro mtesauro dismissed their stale review August 12, 2024 20:08

Problematic bump of Redis version

@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 13, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 14, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 14, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 19, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 29, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 30, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 30, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 1, 2024
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 4a66881 to 957b1fb Compare September 9, 2024 11:04
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 16, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 17, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 17, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 19, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 19, 2024
@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 9393dca to 1a1fb89 Compare October 9, 2024 12:06
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 1a1fb89 to 6a64d6e Compare October 31, 2024 00:27
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 12, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 12, 2024
@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 82d3143 to 0f7f428 Compare November 14, 2024 22:45
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 18, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 22, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 22, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 22, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 25, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 26, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 27, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 27, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 27, 2024
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 27, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 29, 2024
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 0f7f428 to 78d9aa5 Compare December 2, 2024 12:58
@renovate renovate bot changed the title chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Dec 4, 2024
@renovate renovate bot changed the title Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Dec 4, 2024
@renovate renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from f433e28 to 6ecf8de Compare December 15, 2024 03:20
@renovate renovate bot force-pushed the renovate/redis-20.x branch from 6ecf8de to 8cdfb9b Compare December 16, 2024 23:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file helm
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants