deps: update dependency argoproj/argo-cd to v2.14.13 #3915
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3915 +/- ##
=======================================
Coverage 77.37% 77.37%
=======================================
Files 220 220
Lines 11708 11708
=======================================
Hits 9059 9059
Misses 2281 2281
Partials 368 368
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.x
branch
from
a437e33 to
1d58b58
Compare
renovate
bot
changed the title
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate
bot
force-pushed
the
renovate/argoproj-argo-cd-2.x
branch
from
1d58b58 to
1602020
Compare
renovate
bot
changed the title
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.13.7->v2.14.13v2.14.14Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
argoproj/argo-cd (argoproj/argo-cd)
v2.14.13Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
This release fixes a critical security issue: GHSA-2hj5-g64g-fp6p
Other work
24d5722: Merge commit from fork (@crenshaw-dev)d213c30: chore: bump gitops-engine ssd fix (#23072) (@pjiang-dev)Full Changelog: argoproj/argo-cd@v2.14.12...v2.14.13
v2.14.12Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
f7ad2ad: fix(ApplicationSet): Check strategy type to verify it's a progressive sync (cherry-pick #22563) (#22833) (@gcp-cherry-pick-bot[bot])ced6a78: fix(health): handle nil lastTransitionTime (#22897) (cherry-pick #22900) (#22909) (@gcp-cherry-pick-bot[bot])25235fb: fix(test): broken e2e test (cherry-pick #22975) (#23052) (@gcp-cherry-pick-bot[bot])78e61ba: fix: Only port-forward to ready pods (#10610) (cherry-pick #22794) (#22826) (@mikebryant)fe93963: fix: do not normalize resource tracking on live crds (#22722) - cherrypick 2.14 (#22746) (@blakepettersson)5bc6f47: fix: infinite reconciliation loop when app is in error (#23047) (@agaudreault)b163de0: fix: remove project from cache key for project scoped credentials (#22816) (@pjiang-dev)Dependency updates
efe5d29: chore(deps): resolve CVE GO-2025-3540, GO-2025-3503, GO-2025-3487 within 2.14.10 (#22709) (@nathanlaceyraft)Other work
3a9ab77: fix(commit-server): apply image override (cherry-pick #22916) (#22918) (@gcp-cherry-pick-bot[bot])Full Changelog: argoproj/argo-cd@v2.14.11...v2.14.12
v2.14.11Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Features
91f5445: feat(hydrator): handle sourceHydrator fields from webhook (#19397) (cherry-pick #22485) (#22754) (@gcp-cherry-pick-bot[bot])Bug fixes
0451723: fix(appset): generated app errors should use the default requeue (#21887) (cherry-pick #21936) (#22672) (@gcp-cherry-pick-bot[bot])f6f7d29: fix(ui): avoid spurious error on hydration (#22506) (cherry-pick #22711) (#22714) (@gcp-cherry-pick-bot[bot])Full Changelog: argoproj/argo-cd@v2.14.10...v2.14.11
v2.14.10Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
b31d700: fix(cli): wrong variable to store --no-proxy value (cherry-pick #21226) (#22590) (@gcp-cherry-pick-bot[bot])6b15a04: fix: [cherry-pick] selfhealattemptscount needs to be reset at times (#22095, #20978) (#22583) (@Aaron-9900)be81419: fix: login return_url doesn't work with custom server paths (cherry-pick #21588) (#22594) (@gcp-cherry-pick-bot[bot])3b308d6: fix: respect delete confirmation for argocd app deletion (cherry-pick #22657) (#22664) (@gcp-cherry-pick-bot[bot])Dependency updates
4826fb0: chore(deps): Update github.com/expr-lang/expr to v1.17.0 fixing CVE-2025-29786 (#22651) (@heshamelsherif97)Full Changelog: argoproj/argo-cd@v2.14.9...v2.14.10
v2.14.9Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
31a5545: fix: Check for semver constraint matching in application webhook handler (cherry-pick #21648) (#22508) (@gcp-cherry-pick-bot[bot])Other work
c868711: chore(dep): bump gitops-engine 2.14 (#22520) (@pjiang-dev)Full Changelog: argoproj/argo-cd@v2.14.8...v2.14.9
v2.14.8Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
9a9e62d: fix(server): fully populate app destination before project checks (#22408) (#22426) (@crenshaw-dev)7acdaa9: fix: CVE-2025-26791 upgrading redoc dep to 2.4.0 to avoid DOMPurify b… (#21997) (@nmirasch)872319e: fix: handle annotated git tags correctly in repo server cache (#21771) (#22424) (@aali309)Dependency updates
9f832cd: chore(deps): bump github.com/golang-jwt/jwt to 4.5.2/5.2.2 (#22465) (@crenshaw-dev)Other work
ec45e33: fix(ui, rbac): project-roles (#21829) (2.14 backport) (#22461) (@blakepettersson)Full Changelog: argoproj/argo-cd@v2.14.7...v2.14.8
v2.14.7Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Dependency updates
3940782: chore(deps): bump gitops engine (#22405) (@crenshaw-dev)Full Changelog: argoproj/argo-cd@v2.14.6...v2.14.7
v2.14.6Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Features
38c0376: feat(server): make deep copies of objects returned by informers (#22173) (#22179) (#22340) (@rumstead)Dependency updates
defd4be: chore(deps): Update go-git from 5.12.0 to 5.13.2 to include several CVE fixes (#22313) (@anandf)Full Changelog: argoproj/argo-cd@v2.14.5...v2.14.6
v2.14.5Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Dependency updates
ed242b9: chore(deps): bump github.com/redis/go-redis/v9 from 9.7.0 to 9.7.1 (#21957) (#22255) (@anandf)Full Changelog: argoproj/argo-cd@v2.14.4...v2.14.5
v2.14.4Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
52231db: fix(actions): don't run empty Lua scripts (#22084) (cherry-pick #22161) (#22172) (@gcp-cherry-pick-bot[bot])962d7a9: fix(ci): use pinned Helm version for init-release (#22164) (cherry-pick #22165) (#22171) (@gcp-cherry-pick-bot[bot])54170a4: fix: make codegen permissions (cherry-pick #21667) (#22145) (@gcp-cherry-pick-bot[bot])Dependency updates
2eab10a: chore(deps): revert accidental upgrade of go.mod packages (#22162) (@crenshaw-dev)2b1e829: chore(deps): switch gitops-engine back to release-2.14 branch (#22163) (@crenshaw-dev)Full Changelog: argoproj/argo-cd@v2.14.3...v2.14.4
v2.14.3Compare Source
Known Issues
securityContextfields in Redis manifests.All these issues are fixed in 2.14.4.
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
aaed35c: fix(applicationset): ApplicationSets with rolling sync stuck in Pending (cherry-pick #20230) (#21948) (@gcp-cherry-pick-bot[bot])d79185a: fix(hydrator): don't get cluster or API versions for hydrator (#21985) (#22038) (@crenshaw-dev)2dd70de: fix(hydrator): don't use manifest-generate-paths (#22039) (cherry-pick #22015) (#22061) (@gcp-cherry-pick-bot[bot])3adb83c: fix(hydrator): refresh by annotation instead of work queue (#22016) (#22067) (@crenshaw-dev)71fd4e5: fix: Check placement exists before length check (#22060) (cherry-pick #22057) (#22089) (@gcp-cherry-pick-bot[bot])896a461: fix: New kube applier for server side diff dry run with refactoring (#21488) (#21819) (@andrii-korotkov-verkada)63edc3e: fix: accidental v3 imports (#22068) (@crenshaw-dev)cb1df5d: fix: correct lookup for the kustomization file when applying patches (cherry-pick #22024) (#22086) (@nitishfy)92a3c3d: fix: correctly set compareWith when requesting app refresh with delay (fixes #18998) (cherry-pick #21298) (#21952) (@gcp-cherry-pick-bot[bot])8f925c6: fix: fetch syncedRevision in UpdateRevisionForPaths (#21014) (cherry-pick #21015) (#22011) (@gcp-cherry-pick-bot[bot])Documentation
b5be1df: docs: document source hydrator maturity (cherry-pick #21969) (#21970) (@gcp-cherry-pick-bot[bot])Other work
2b422d2: chore: add cherry pick for v2.14 (#21901) (@nitishfy)Full Changelog: argoproj/argo-cd@v2.14.2...v2.14.3
v2.14.2Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Bug fixes
efd9c32: fix: Add proxy registry key by dest server + name (cherry-pick #21791) (#21794) (@gcp-cherry-pick-bot[bot])Full Changelog: argoproj/argo-cd@v2.14.1...v2.14.2
v2.14.1Compare Source
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Full Changelog: argoproj/argo-cd@v2.14.0...v2.14.1
v2.14.0Compare Source
Important!
The 2.14.0 release manifests incorrectly use the 2.14.0-rc7 image. The 2.14.1 release will correct this error.
Quick Start
Non-HA:
HA:
Release Signatures and Provenance
All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.
Upgrading
If upgrading from a different minor version, be sure to read the upgrading documentation.
Changelog
Features
7d28c89: feat(health): resource customization for RabbitMQCluster (#15286) (@aaguilartablada)29c59ab: Revert "feat: exclude Endpoints and EndpointSlices Kubernetes resource by default" (#20334) (@agaudreault)83953fe: feat(app): Add optional 'name' to Source object (#20470) (@CefBoud)4a14051: feat(app): add ignore-healthcheck annotation (#20462) (@CefBoud)5543900: feat(applicationset): Add FlatList option to cluster generator - Fixes #20212 (#20231) (@OpenGuidou)92e0b55: feat(appset): Add a cache layer for Argo Projects to speed-up application validation (#18703) (@dacofr)27eebaa: feat(appset): add 'project' to the Cluster Generator params (#20338) (@CefBoud)9e9c9a9: feat(appset): parameterize requeue time #20063 (#20064) (@rumstead)dfbfdba: feat(appset): reduce cluster secret logging (#21109) (@rumstead)4c29c33: feat(cli): Add app diff option to specify exit code when diff (#20144) (@eugene70)3988861: feat(cmp): parameter to enable git creds to be shared from repo server to the plugin (#15107) (@jmcshane)19613a2: feat(controller): support Istio ServiceEntry network node #20270 (#20273) (@zapkub)19d85aa: feat(health): Adding more health checks for Keycloak, Postgres, Grafana, SolrCloud (#20294) (@rezellme)2a199bc: feat(health): add healthchecks for Gloo resources (#11379) (@zelig81)e4599e1: feat(rbac): add disable fine-grained inheritance flag (#20600) (#21553) (@agaudreault)d8dd2fc: feat(ui): Added a warning popup before closing the application create panel (#20807) (@surajyadav1108)1120a08: feat(ui): Added timing info to container state UI (#20920) (@surajyadav1108)a94a07e: feat(ui): Added title label for filters (#21149) (@surajyadav1108)36d189c: feat(ui): Support filter forconfiguredandunchangedon SYNC STATUS view (#20850) (@aali309)e09ff60: feat(ui): add token diff support in diff view (#19983) (@linghaoSu)f4c519a: feat(ui): display sha's revision in every history release (#19963) (@Tchoupinax)5796a7c: feat(ui): make name property for repos (#20077) (@surajyadav1108)fb825f7: feat(ui): move graphs by dragging mouse in app resource tree view (#18025) (#20009) (@linghaoSu)3088906: feat(ui): support auto theme (#20080) (@linghaoSu)24e67df: feat(ui): support enable word wrap in live and desired manifest panel (#20299) (@linghaoSu)eb10b70: feat: Add ability to hide certain annotations on secret resources (#18216) (@svghadi)ab8fdb8: feat: Add nodeSelector for Linux nodes (#20148) (@leehosu)b5d8edd: feat: Add reusable interactive prompts andconfigurecommand (issue #19528) (#19637) (@david-wu-octopus)9b481b1: feat: Adding skipSchemaValidation flag (#20771) (#20831) (@dmosesson)fd4cc93: feat: Change the file name convention when downloading pod logs (#19938) (@itaynvn-runai)99efafb: feat: Confluent Connector Resource Health Checker - #17695 (#17697) (@Clint-Chester)8ebf4a8: feat: Enable ignoreResourceUpdate by default #19992 (#20303) (@jaehanbyun)9741c06: feat: Sync timeouts for applications (#6055) (#20816) (@andrii-korotkov-verkada)8f0d3d0: feat: Timestamp for Health Status (#16972) (#18660) (@mkieweg)c8dcd83: feat: add ARGOCD_APP_REVISION_SHORT_8 variable in build environment (#19931) (@Falanty)4722a7f: feat: add Actions for PipelineRollout to allow/disallow data loss (#20298) (@juliev0)b05cafd: feat: add custom actions for Numaflow CRDs (#20332) (@dpadhiar)fdf539d: feat: add health check for ClusterResourceSet (#20746) (@nueavv)5138dd5: feat: add orphaned resource count metric (#20521) (@jaehanbyun)621330c: feat: add prompting to confirm account token deletion (#20654) (@pasha-codefresh)36ef563: feat: add prompting to confirm application commands (#20658) (@pasha-codefresh)d44d7ec: feat: add prompting to confirm application resource deletion (#20611) (@pasha-codefresh)29d5229: feat: add prompting to confirm delete certificate (#20547) (@pasha-codefresh)16e7517: feat: add prompting to confirm deletion of gpg public key (#20539) (@pasha-codefresh)83b1b6c: feat: add prompting to confirm project deletion (#20612) (@pasha-codefresh)8a4e7e0: feat: add prompting to confirm project role deletion (#20613) (@pasha-codefresh)2620593: feat: add prompting to confirm project window deletion (#20656) (@pasha-codefresh)9b6d3a9: feat: add prompting to confirm prune during backup import (#20546) (@pasha-codefresh)eb6d2e6: feat: add prompting to confirm remove of repository credentials (#20541) (@pasha-codefresh)0aa6c49: feat: add support for helm skipTests flag (#20118) (@jaehanbyun)b9d5387: feat: adopt delete app confirmation to new prompt util (#20664) (@pasha-codefresh)4e13b7f: feat: allow auth token to be passed in via env (#19898) (@ctrlaltf24)212efa4: feat: allow individual extension configs (#20491) (@leoluz)7c9bd2d: feat: application resource deletion protection (#20497) (@alexmt)a25378f: feat: appset scm generators and PR generators should be able to access only secrets related to appset (#20309) (@pasha-codefresh)2d8659b: feat: basic e2e tests in order to verify notification service health (#20182) (@pasha-codefresh)a288b4d: feat: exclude Endpoints and EndpointSlices Kubernetes resource by default (#20251) (@jaehanbyun)82484ce: feat: introduce health checks for Numaflow CRDs (#20297) (@dpadhiar)5d89339: feat: introduce pause/unpause actions for Numaplane CRDs (#20128) (@dpadhiar)d16df52: feat: manage clusters via proxy (#20374) (@pasha-codefresh)4a38442: feat: move appset delete confirmation to new prompt logic (#20677) (@pasha-codefresh)eba559a: feat: option to disable writing k8s events(#18205) (#18441) (@Jack-R-lantern)433b317: feat: source hydrator (#20345) (@crenshaw-dev)59ea2a8](https://redirect.github.com/argoproj/arConfiguration
📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) in timezone Europe/Vienna, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.