Use `os.Open` + `io.LimitReader` instead of `os.ReadFile` in
`ReadFileWithBudget` so a file that grows between stat and read
cannot allocate unbounded memory.
Also fix `MaxDecompressedFileSize` doc comment to reflect it is
unused/deprecated, add nil guard on remaining, and check
`os.Stat` errors in tests.
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
Directory-based chart loading (`LoadDir`) used unbounded `os.ReadFile`
calls with no total size check. Archive loading already enforces
`MaxDecompressedChartSize` via a remaining-byte budget but directory
loading did not, leaving local charts and `file://` dependencies as
an unbounded memory path.
Add `ReadFileWithBudget` in the archive package and use it in both
v2 and v3 directory loaders so they track the same aggregate budget.
Ref: https://github.com/helm/helm/pull/31748#issuecomment-4138927643
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
Remove MaxDecompressedFileSize as it's no longer necessary after
migrating to a maintained JSON schema library (santhosh-tekuri/jsonschema/v6).
The original limit was added to protect against vulnerabilities in an
unmaintained library.
The total decompressed chart size limit (MaxDecompressedChartSize) remains
to protect against other attack vectors.
Partially resolves#30738
Related:
- https://github.com/helm/helm/pull/30743
Signed-off-by: Benoit Tigeot <benoit.tigeot@lifen.fr>
The toTOML doc comment said "returns empty string on marshal error"
but the implementation actually returns err.Error(). Fix the comment
to match the real behavior. Also mention mustToToml as the strict
alternative.
Signed-off-by: Ilya Kiselev <kis-ilya-a@yandex.ru>
Add `mustToToml` that panics on marshal error, consistent with
`mustToYaml` and `mustToJson`. This makes it possible for chart authors
to get a hard failure when TOML serialization fails, rather than having
to inspect the output manually.
`toToml` behavior is unchanged in this commit.
Closes#31430
Signed-off-by: Ilya Kiselev <kis-ilya-a@yandex.ru>
Remove pre-Go modules import path comments from pkg/kube test files
(ready_test.go, resource_test.go, statuswait_test.go) for consistency
with the rest of the package.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
Import path comments (e.g. `// import "helm.sh/helm/v4/pkg/kube"`) are
a pre-Go modules convention no longer needed in module-aware builds.
Some files in pkg/kube had these comments while others did not, causing
inconsistency that triggered downstream Kythe indexing errors.
Remove the import comments from all affected files to make the package
declaration consistent across the directory.
Fixes#31846
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Signed-off-by: abhay1999 <abhaychaurasiya19@gmail.com>
The import comment in pkg/kube/statuswait.go still referenced
helm.sh/helm/v3/pkg/kube while all other files in the package
correctly reference helm.sh/helm/v4/pkg/kube. This mismatch
causes downstream processing errors (e.g. kythe) when vendoring
Helm.
Fixes#31846
Signed-off-by: rohansood10 <rohansood10@users.noreply.github.com>
Introduce release/v2 that mirrors pkg/release/v1 but uses *v3.Chart
from internal/chart/v3. The code is structurally identical to v1 with
only import paths changed to reference internal/chart/v3 instead of
pkg/chart/v2.
- Add internal/release/v2 with Release, Info, Hook types
- Add internal/release/v2/util with filter, sorter, manifest utilities
- Update pkg/release/common.go with v2Accessor and v2HookAccessor
- Copy all test files from pkg/release/v1 and add a v2 test in common_test.go
Signed-off-by: Evans Mungai <mbuevans@gmail.com>
Benoit Tigeot
Terry Howe
Ilya Kiselev
Matthieu MOREL
George Jenkins
abhay1999
tsinglua
Matheus Pimenta
Travis Leeden
Mads Jensen
rohansood10
Evans Mungai
Matt Farina
Joe Julian