fix(soft-serve): update image docker.io/charmcli/soft-serve v0.11.3 → v0.11.4 (#45821)
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/charmcli/soft-serve](https://redirect.github.com/charmbracelet/soft-serve) | patch | `c652482` → `85dc5c9` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes <details> <summary>charmbracelet/soft-serve (docker.io/charmcli/soft-serve)</summary> ### [`v0.11.4`](https://redirect.github.com/charmbracelet/soft-serve/releases/tag/v0.11.4) [Compare Source](https://redirect.github.com/charmbracelet/soft-serve/compare/v0.11.3...v0.11.4) This release includes a bug fix to our SSRF protection rules where it won't do DNS resolutions before checking SSRF. It also adds LFS SSRF security checks so make sure you upgrade your instance to get the latest security updates. #### Changelog ##### Fixed - [`19bc627`](https://redirect.github.com/charmbracelet/soft-serve/commit/19bc6279738fa88b2605c3948c835b649ac93c75): fix(ssh): add argument validation to webhook deliveries commands ([@​aymanbagabas](https://redirect.github.com/aymanbagabas)) - [`3ef6600`](https://redirect.github.com/charmbracelet/soft-serve/commit/3ef660098ab37a7950457da8ecc25b516e37ce4e): fix(ssrf): handle DNS resolution in SSRF protection ([@​aymanbagabas](https://redirect.github.com/aymanbagabas)) ##### Other stuff - [`e80b183`](https://redirect.github.com/charmbracelet/soft-serve/commit/e80b18370197c358e6792fab66c816ad27f408ce): Merge commit from fork ([@​vnykmshr](https://redirect.github.com/vnykmshr)) - [`85fecd7`](https://redirect.github.com/charmbracelet/soft-serve/commit/85fecd7a2fe6e17e2c83c6779061a86e4454cc13): ci: sync dependabot config ([#​774](https://redirect.github.com/charmbracelet/soft-serve/issues/774)) ([@​charmcli](https://redirect.github.com/charmcli)) *** <details> <summary>Verifying the artifacts</summary> First, download the [`checksums.txt` file](https://redirect.github.com/charmbracelet/soft-serve/releases/download/v0.11.4/checksums.txt) and the [`checksums.txt.sigstore.json` file](https://redirect.github.com/charmbracelet/soft-serve/releases/download/v0.11.4/checksums.txt.sigstore.json) files, for example, with `wget`: ```bash wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.11.4/checksums.txt' wget 'https://github.com/charmbracelet/soft-serve/releases/download/v0.11.4/checksums.txt.sigstore.json' ``` Then, verify it using [`cosign`](https://redirect.github.com/sigstore/cosign): ```bash cosign verify-blob \ --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ --bundle 'checksums.txt.sigstore.json' \ ./checksums.txt ``` If the output is `Verified OK`, you can safely use it to verify the checksums of other artifacts you downloaded from the release using `sha256sum`: ```bash sha256sum --ignore-missing -c checksums.txt ``` Done! You artifacts are now verified! </details> <a href="https://charm.land/"><img alt="The Charm logo" src="https://stuff.charm.sh/charm-banner-next.jpg" width="400"></a> Thoughts? Questions? We love hearing from you. Feel free to reach out on [X](https://x.com/charmcli), [Discord](https://charm.land/discord), [Slack](https://charm.land/slack), [The Fediverse](https://mastodon.social/@​charmcli), [Bluesky](https://bsky.app/profile/charm.land). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yOS4yIiwidXBkYXRlZEluVmVyIjoiNDMuMjkuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcHAvc29mdC1zZXJ2ZSIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
This commit is contained in:
@@ -14,7 +14,7 @@ annotations:
|
||||
trueforge.org/min_helm_version: "3.14"
|
||||
trueforge.org/train: stable
|
||||
apiVersion: v2
|
||||
appVersion: 0.11.3
|
||||
appVersion: 0.11.4
|
||||
dependencies:
|
||||
- name: common
|
||||
version: 28.33.0
|
||||
@@ -41,5 +41,5 @@ sources:
|
||||
- https://github.com/trueforge-org/truecharts/tree/master/charts/stable/soft-serve
|
||||
- https://hub.docker.com/r/charmcli/soft-serve
|
||||
type: application
|
||||
version: 9.19.0
|
||||
version: 9.19.1
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
image:
|
||||
repository: docker.io/charmcli/soft-serve
|
||||
pullPolicy: IfNotPresent
|
||||
tag: v0.11.3@sha256:c65248271a9546e2fba9478900dd6114154339aca132c72f495b853c6b1d71b2
|
||||
tag: v0.11.4@sha256:85dc5c9d22bb62f62c0b98983bef149f7c238eb52eba1ae3183db2608b97f7ec
|
||||
softserve:
|
||||
host: localhost
|
||||
key_path: /.ssh/soft_serve_server_ed25519
|
||||
|
||||
Reference in New Issue
Block a user