f8b5203160
Merge pull request #31185 from kyokuping/fix/31183
...
chore: Improve error reporting for `helm template --debug` with `--show-only`
2 days ago
9c1d5a3b24
chore: rename savedErr to clear its specific purpose
...
Signed-off-by: Jeaeun Kim <me@kyoku.dev>
4 days ago
99baa2edd4
chore: fix lint
...
Signed-off-by: Jeaeun Kim <me@kyoku.dev>
4 days ago
ea847fef95
chore: store err separately for clarity
...
Signed-off-by: Jeaeun Kim <me@kyoku.dev>
4 days ago
2014946e55
chore: Improve error reporting for `helm template --debug` with `--show-only`
...
Signed-off-by: Jeaeun Kim <me@kyoku.dev>
4 days ago
b3fbf8d0f7
Merge pull request #30808 from mmorel-35/errorlint
...
chore: enable errorlint
4 days ago
81d6f04c82
Merge pull request #30867 from mmorel-35/gocritic
...
chore: fix deprecatedComment issues from gocritic
4 days ago
ac4f8a6c22
Merge pull request #31584 from banjoh/em/check-ownership-before-delete
...
feat: add ownership verification before deleting resources during uni…
4 days ago
a5552edf9f
fix: protect FailingKubeClient.RecordedWaitOptions from data race ( #31925 )
...
* fix: protect FailingKubeClient.RecordedWaitOptions from concurrent access
Add a sync.Mutex to guard the append to RecordedWaitOptions in
GetWaiterWithOptions, fixing a data race detected by -race when
concurrent goroutines (e.g. upgrade + rollback) both call
GetWaiterWithOptions on the same FailingKubeClient instance.
Fixes race failures in TestUpgradeRelease_Interrupted_RollbackOnFailure
and TestInstallRelease_RollbackOnFailure_Interrupted.
Signed-off-by: Terry Howe <thowe@nvidia.com>
* fix: extract appendRecordedWaitOptionsLocked helper with defer unlock
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
---------
Signed-off-by: Terry Howe <thowe@nvidia.com>
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
5 days ago
c2f1b238a1
fix: route registry client output to stdout instead of stderr ( #32056 )
...
Commands like 'helm registry login', 'helm push', and 'helm pull' were
writing success messages ("Login Succeeded", "Pushed:", "Pulled:",
"Digest:") to stderr instead of stdout. The root cause was that
newDefaultRegistryClient and newRegistryClientWithTLS hard-coded
os.Stderr as the registry client writer, ignoring the out io.Writer
that main() passes as os.Stdout.
Thread out io.Writer through newRegistryClient, newDefaultRegistryClient,
and newRegistryClientWithTLS, and update all call sites in pkg/cmd.
Fixes #13464
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
5 days ago
7058f841af
fix(engine): add debug logging when lookup returns empty ( #32205 )
...
When lookup cannot find the requested resource (apierrors.IsNotFound),
add slog.Debug() calls with structured fields (apiVersion, kind,
namespace, name) so that users running helm template --debug can see
why lookup returned an empty map instead of silently swallowing the
not-found result.
Fixes: https://github.com/helm/helm/issues/32101
Signed-off-by: Ogulcan Aydogan <ogulcanaydogan@hotmail.com>
5 days ago
5c3cb20e76
Merge pull request #32194 from helm/dependabot/go_modules/main/golang.org/x/crypto-0.53.0
...
chore(deps): bump golang.org/x/crypto from 0.52.0 to 0.53.0
6 days ago
f4fa06e2d9
Merge pull request #32201 from helm/dependabot/go_modules/main/oras.land/oras-go/v2-2.6.1
...
chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1
1 week ago
74c1702157
chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1
...
Bumps [oras.land/oras-go/v2](https://github.com/oras-project/oras-go ) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v2.6.0...v2.6.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go/v2
dependency-version: 2.6.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
33b4071886
chore(deps): bump golang.org/x/crypto from 0.52.0 to 0.53.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.52.0 to 0.53.0.
- [Commits](https://github.com/golang/crypto/compare/v0.52.0...v0.53.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.53.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
22905ca019
Merge pull request #32190 from helm/dependabot/go_modules/main/golang.org/x/term-0.44.0
...
chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.0
1 week ago
1019146bb3
chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.0
...
Bumps [golang.org/x/term](https://github.com/golang/term ) from 0.43.0 to 0.44.0.
- [Commits](https://github.com/golang/term/compare/v0.43.0...v0.44.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/term
dependency-version: 0.44.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
1df252176d
Merge pull request #32192 from helm/dependabot/go_modules/main/golang.org/x/text-0.38.0
...
chore(deps): bump golang.org/x/text from 0.37.0 to 0.38.0
1 week ago
e5efe067ed
Merge pull request #31758 from benoittgt/fix-31757
...
fix: prevent warning when using version range constraints
1 week ago
7f855dfe8a
chore(deps): bump golang.org/x/text from 0.37.0 to 0.38.0
...
Bumps [golang.org/x/text](https://github.com/golang/text ) from 0.37.0 to 0.38.0.
- [Release notes](https://github.com/golang/text/releases )
- [Commits](https://github.com/golang/text/compare/v0.37.0...v0.38.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/text
dependency-version: 0.38.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 week ago
d77bc716ba
Merge pull request #32181 from helm/dependabot/github_actions/main/github/codeql-action-4.36.2
...
chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2
2 weeks ago
c603c50aa6
chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.36.1 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](87557b9c84...8aad20d150
2 weeks ago
a6179d0dd1
Merge branch 'main' into em/check-ownership-before-delete
...
Signed-off-by: Evans Mungai <mbuevans@gmail.com>
2 weeks ago
827a960ec1
Merge pull request #32177 from helm/dependabot/github_actions/main/github/codeql-action-4.36.1
...
chore(deps): bump github/codeql-action from 4.36.0 to 4.36.1
2 weeks ago
f8abbfd7d4
chore(deps): bump github/codeql-action from 4.36.0 to 4.36.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.36.0 to 4.36.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7211b7c807...87557b9c84
2 weeks ago
59b57c5c31
Merge pull request #31885 from mmorel-35/whitespace
...
chore: fix whitespace linter
2 weeks ago
fc2e27e448
Merge pull request #32081 from TerryHowe/fix/statuswait-delete-race
...
fix(kube): prevent spurious early exit in WaitForDelete during informer sync
3 weeks ago
52cf204095
Merge pull request #32174 from helm/dependabot/go_modules/main/github.com/tetratelabs/wazero-1.12.0
...
chore(deps): bump github.com/tetratelabs/wazero from 1.11.0 to 1.12.0
3 weeks ago
3aa1b742b9
chore(deps): bump github.com/tetratelabs/wazero from 1.11.0 to 1.12.0
...
Bumps [github.com/tetratelabs/wazero](https://github.com/tetratelabs/wazero ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/tetratelabs/wazero/releases )
- [Commits](https://github.com/tetratelabs/wazero/compare/v1.11.0...v1.12.0 )
---
updated-dependencies:
- dependency-name: github.com/tetratelabs/wazero
dependency-version: 1.12.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 weeks ago
d374e823b2
Merge pull request #32086 from mmorel-35/error-is-as
...
testifylint: enable error-is-as and error-nil rules
3 weeks ago
d8b71d9533
Merge pull request #32158 from arnavnagzirkar/fix-32137
...
ci: enable bidichk linter to prevent invisible Unicode characters
3 weeks ago
e46a816540
Merge pull request #31944 from AustinAbro321/resync-period
...
lower resync period from one hour to 3 minutes
3 weeks ago
6dc1c1ccf8
lower resync period
...
Signed-off-by: Austin Abro <austinabro321@gmail.com>
3 weeks ago
4dec37abd2
Merge pull request #32148 from helm/dependabot/go_modules/main/golang.org/x/crypto-0.52.0
...
chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0
3 weeks ago
7510b83214
chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.51.0 to 0.52.0.
- [Commits](https://github.com/golang/crypto/compare/v0.51.0...v0.52.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.52.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 weeks ago
63a5d1baa9
Merge pull request #32153 from TerryHowe/fix/bump-x-net-go-2026-5026-main
...
fix(deps): bump golang.org/x/net to v0.55.0 to address GO-2026-5026
3 weeks ago
e679ec9f04
ci: enable bidichk linter to prevent invisible Unicode characters
...
Adds the bidichk linter to .golangci.yml to detect dangerous invisible
Unicode characters (ZWSP, bidi controls) in source files during CI.
Fixes #32137
Signed-off-by: Arnav Nagzirkar <arnav.nagzirkar@mail.utoronto.ca>
3 weeks ago
54ae27fd84
fix(deps): bump golang.org/x/net to v0.55.0 to address GO-2026-5026
...
Upgrades golang.org/x/net from v0.53.0 to v0.55.0 to fix CVE-2026-39821
(GO-2026-5026), where idna.ToASCII/ToUnicode incorrectly accept Punycode-
encoded labels that decode to ASCII-only labels, enabling privilege escalation
via hostname check bypass.
Coordinated x/ upgrade pulled in by the module graph:
- golang.org/x/sys v0.44.0 => v0.45.0
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
4 weeks ago
609e1ca72c
Merge pull request #32145 from helm/dependabot/github_actions/main/github/codeql-action-4.36.0
...
chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0
4 weeks ago
8807308231
Merge pull request #32146 from helm/dependabot/github_actions/main/golangci/golangci-lint-action-9.2.1
...
chore(deps): bump golangci/golangci-lint-action from 9.2.0 to 9.2.1
4 weeks ago
dbb3e35337
chore(deps): bump golangci/golangci-lint-action from 9.2.0 to 9.2.1
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 9.2.0 to 9.2.1.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](1e7e51e771...82606bf257
4 weeks ago
60665e9035
chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.5 to 4.36.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e0d7b8d25...7211b7c807
4 weeks ago
ff2b139502
Merge pull request #32141 from benoittgt/update-v4-readme
...
docs: update version status for v4 stable release
4 weeks ago
442e1460b9
docs: update version status for v4 stable release
...
Helm v4 shipped on 2025-11-17. Mark it as the current stable release
and v3 as support-mode with its end-of-support dates.
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
4 weeks ago
e65b8666aa
Merge pull request #32138 from helm/dependabot/github_actions/main/actions/stale-10.3.0
...
chore(deps): bump actions/stale from 10.2.0 to 10.3.0
4 weeks ago
ace245b827
chore(deps): bump actions/stale from 10.2.0 to 10.3.0
...
Bumps [actions/stale](https://github.com/actions/stale ) from 10.2.0 to 10.3.0.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](b5d41d4e1d...eb5cf3af3a
4 weeks ago
16a39b73fd
Merge pull request #32134 from lexfrei/fix/zero-width-spaces-plugin-comment
...
internal/plugin: remove zero-width spaces from plugin name comment
4 weeks ago
979e68fbbd
internal/plugin: remove zero-width spaces from plugin name comment
...
The comment describing allowed plugin name characters contained three
U+200B (zero-width space) characters around the '_' and '-' literals.
The rendered comment is identical without them; the ZWSP were likely
copy-pasted from a rich-text source.
Downstream impact: every project that vendors helm.sh/helm/v4 and runs
Renovate gets a repo-wide warning on its Dependency Dashboard about
hidden Unicode characters. Renovate scans the whole tree (including
vendor/) for ZWSP/bidi-override codepoints and cannot be told to skip
a path for this specific check. Removing the characters here clears
the warning everywhere downstream.
Signed-off-by: Aleksei Sviridkin <f@lex.la>
4 weeks ago
fcdf3854b0
Merge pull request #32113 from isumitsolanki/issue_32100
...
fix(downloader): order DiskCache.Get checks for overlayfs empty dirs
4 weeks ago
6c3f397d2c
Merge pull request #32122 from quyentonndbs/chore/lint-deprecations-comment-typo
...
docs: fix typo in deprecated API godoc
4 weeks ago
Terry Howe
Jeaeun Kim
George Jenkins
Evans Mungai
Ogulcan Aydogan
Robert Sirchia
dependabot[bot]
Austin Abro
Arnav Nagzirkar
Benoit Tigeot
Aleksei Sviridkin