Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(plugins): address potential security issue #2830

Merged
merged 2 commits into from
Oct 2, 2023

Conversation

tlinford
Copy link
Contributor

@tlinford tlinford commented Oct 2, 2023

  • the upgrade from wasmer 2.3 to 3.1 brought in a version of cranelift-codegen with a security vulnerability: GHSA-ff4p-7xrq-q5r8
  • for the removal of doubt: we caught this issue before releasing a version, so there is no version with this vulnerability
  • we intend to move away from wasmer, and so decided on this temporary mitigation which does not affect our performance rather than another lengthy breaking upgrade

@tlinford tlinford temporarily deployed to cachix October 2, 2023 08:22 — with GitHub Actions Inactive
Copy link
Member

@imsnif imsnif left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the excellent work on this!

@tlinford tlinford requested review from imsnif and removed request for imsnif October 2, 2023 08:30
@tlinford tlinford marked this pull request as ready for review October 2, 2023 08:41
@tlinford tlinford merged commit 9f130a3 into zellij-org:main Oct 2, 2023
7 checks passed
@tlinford tlinford deleted the wasmer-memory-fix branch October 2, 2023 08:42
@syrusakbary
Copy link

we intend to move away from wasmer

Oh no! Let me know if there's some feature that you guys are missing. I'd be happy to give high priority to this :)

scottames pushed a commit to scottames/dots that referenced this pull request Nov 10, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[GoogleContainerTools/skaffold](https://togithub.com/GoogleContainerTools/skaffold)
| minor | `v2.8.0` -> `v2.9.0` |
| [aquaproj/aqua-registry](https://togithub.com/aquaproj/aqua-registry)
| minor | `v4.79.0` -> `v4.82.0` |
| [casey/just](https://togithub.com/casey/just) | minor | `1.15.0` ->
`1.16.0` |
| [derailed/k9s](https://togithub.com/derailed/k9s) | minor | `v0.27.4`
-> `v0.28.0` |
| [helm/helm](https://togithub.com/helm/helm) | patch | `v3.13.1` ->
`v3.13.2` |
| [kubernetes/minikube](https://togithub.com/kubernetes/minikube) |
minor | `v1.31.2` -> `v1.32.0` |
| [sigstore/cosign](https://togithub.com/sigstore/cosign) | patch |
`v2.2.0` -> `v2.2.1` |
| [simulot/immich-go](https://togithub.com/simulot/immich-go) | patch |
`0.8.0` -> `0.8.1` |
| [zellij-org/zellij](https://togithub.com/zellij-org/zellij) | minor |
`v0.38.2` -> `v0.39.0` |

---

### Release Notes

<details>
<summary>GoogleContainerTools/skaffold
(GoogleContainerTools/skaffold)</summary>

###
[`v2.9.0`](https://togithub.com/GoogleContainerTools/skaffold/blob/HEAD/CHANGELOG.md#v290-Release---11072023)

[Compare
Source](https://togithub.com/GoogleContainerTools/skaffold/compare/v2.8.0...v2.9.0)

**Linux amd64**
`curl -Lo skaffold
https://storage.googleapis.com/skaffold/releases/v2.9.0/skaffold-linux-amd64
&& chmod +x skaffold && sudo mv skaffold /usr/local/bin`

**Linux arm64**
`curl -Lo skaffold
https://storage.googleapis.com/skaffold/releases/v2.9.0/skaffold-linux-arm64
&& chmod +x skaffold && sudo mv skaffold /usr/local/bin`

**macOS amd64**
`curl -Lo skaffold
https://storage.googleapis.com/skaffold/releases/v2.9.0/skaffold-darwin-amd64
&& chmod +x skaffold && sudo mv skaffold /usr/local/bin`

**macOS arm64**
`curl -Lo skaffold
https://storage.googleapis.com/skaffold/releases/v2.9.0/skaffold-darwin-arm64
&& chmod +x skaffold && sudo mv skaffold /usr/local/bin`

**Windows**

https://storage.googleapis.com/skaffold/releases/v2.9.0/skaffold-windows-amd64.exe

**Docker image**
`gcr.io/k8s-skaffold/skaffold:v2.9.0`

Note: This release comes with a new config version, `v4beta8`. To
upgrade your skaffold.yaml, use `skaffold fix`. If you choose not to
upgrade, skaffold will auto-upgrade as best as it can.

New Features and Additions:

- chore: add new skip-unreachable-dirs to not error on init command when
a dir can not be read
[#&#8203;9163](https://togithub.com/GoogleContainerTools/skaffold/pull/9163)
- chore: add new config to control the pull behaviour for verify
[#&#8203;9150](https://togithub.com/GoogleContainerTools/skaffold/pull/9150)
- chore: change custom actions pull logic, to check if an image exists
locally first before triggering a pull
[#&#8203;9147](https://togithub.com/GoogleContainerTools/skaffold/pull/9147)

Fixes:

- fix: kpt force named "false" in schema
[#&#8203;9074](https://togithub.com/GoogleContainerTools/skaffold/pull/9074)

Updates and Refactors:

- chore: bump golang.org/x/net from 0.7.0 to 0.17.0 in /hack/tools
[#&#8203;9129](https://togithub.com/GoogleContainerTools/skaffold/pull/9129)
- chore: bump golang.org/x/net from 0.7.0 to 0.17.0 in
/examples/grpc-e2e-tests/service
[#&#8203;9130](https://togithub.com/GoogleContainerTools/skaffold/pull/9130)
- chore: bump golang.org/x/net from 0.7.0 to 0.17.0 in
/integration/examples/grpc-e2e-tests/cloud-spanner-bootstrap
[#&#8203;9131](https://togithub.com/GoogleContainerTools/skaffold/pull/9131)
- chore: bump golang.org/x/net from 0.7.0 to 0.17.0 in
/integration/examples/grpc-e2e-tests/service
[#&#8203;9128](https://togithub.com/GoogleContainerTools/skaffold/pull/9128)
- chore: bump google.golang.org/grpc from 1.55.0 to 1.56.3
[#&#8203;9156](https://togithub.com/GoogleContainerTools/skaffold/pull/9156)
- chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3 in
/integration/examples/grpc-e2e-tests/service
[#&#8203;9154](https://togithub.com/GoogleContainerTools/skaffold/pull/9154)
- chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3 in
/examples/grpc-e2e-tests/service
[#&#8203;9153](https://togithub.com/GoogleContainerTools/skaffold/pull/9153)
- chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3 in
/examples/grpc-e2e-tests/cloud-spanner-bootstrap
[#&#8203;9152](https://togithub.com/GoogleContainerTools/skaffold/pull/9152)
- chore: bump google.golang.org/grpc from 1.53.0 to 1.56.3 in
/integration/examples/grpc-e2e-tests/cloud-spanner-bootstrap
[#&#8203;9155](https://togithub.com/GoogleContainerTools/skaffold/pull/9155)
- chore: bump github/codeql-action from 2.22.4 to 2.22.5
[#&#8203;9157](https://togithub.com/GoogleContainerTools/skaffold/pull/9157)
- chore: bump ossf/scorecard-action from 2.3.0 to 2.3.1
[#&#8203;9149](https://togithub.com/GoogleContainerTools/skaffold/pull/9149)
- chore: bump schema version to v4beta8
[#&#8203;9143](https://togithub.com/GoogleContainerTools/skaffold/pull/9143)
- chore: bump peter-evans/create-or-update-comment from 3.0.2 to 3.1.0
[#&#8203;9142](https://togithub.com/GoogleContainerTools/skaffold/pull/9142)
- chore: bump github/codeql-action from 2.22.3 to 2.22.4
[#&#8203;9146](https://togithub.com/GoogleContainerTools/skaffold/pull/9146)
- chore: bump github/codeql-action from 2.22.2 to 2.22.3
[#&#8203;9137](https://togithub.com/GoogleContainerTools/skaffold/pull/9137)
- chore: bump golang.org/x/net from 0.7.0 to 0.17.0 in
/examples/grpc-e2e-tests/cloud-spanner-bootstrap
[#&#8203;9132](https://togithub.com/GoogleContainerTools/skaffold/pull/9132)
- chore: bump github/codeql-action from 2.22.1 to 2.22.2
[#&#8203;9133](https://togithub.com/GoogleContainerTools/skaffold/pull/9133)
- chore: bump ossf/scorecard-action from 2.2.0 to 2.3.0
[#&#8203;9122](https://togithub.com/GoogleContainerTools/skaffold/pull/9122)
- chore: bump github/codeql-action from 2.22.0 to 2.22.1
[#&#8203;9123](https://togithub.com/GoogleContainerTools/skaffold/pull/9123)
- chore: bump github/codeql-action from 2.21.9 to 2.22.0
[#&#8203;9115](https://togithub.com/GoogleContainerTools/skaffold/pull/9115)
- chore: bump flask from 2.3.3 to 3.0.0 in /integration/examples
[#&#8203;9107](https://togithub.com/GoogleContainerTools/skaffold/pull/9107)
- chore: bump flask from 2.3.3 to 3.0.0 in /examples
[#&#8203;9106](https://togithub.com/GoogleContainerTools/skaffold/pull/9106)

Docs, Test, and Release Updates:

- docs: fix releaseNoteLink for v2.8.0
[#&#8203;9125](https://togithub.com/GoogleContainerTools/skaffold/pull/9125)

Huge thanks goes out to all of our contributors for this release:

-   Julian Tölle
-   Renzo Rojas
-   Zev Isert
-   dependabot\[bot]

</details>

<details>
<summary>aquaproj/aqua-registry (aquaproj/aqua-registry)</summary>

###
[`v4.82.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.82.0)

[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.81.0...v4.82.0)


[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.82.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.82.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.81.0...v4.82.0

#### 🎉 New Packages


[#&#8203;17196](https://togithub.com/aquaproj/aqua-registry/issues/17196)
[hrmsk66/terraformify](https://togithub.com/hrmsk66/terraformify): An
experimental CLI that generates Terraform files for managing existing
Fastly services [@&#8203;ponkio-o](https://togithub.com/ponkio-o)

[#&#8203;17166](https://togithub.com/aquaproj/aqua-registry/issues/17166)
[srevinsaju/togomak](https://togithub.com/srevinsaju/togomak): A
declarative pipeline orchestrator with the magic of HCL as a
configuration language, inspired from Terraform's architecture

#### Fixes


[#&#8203;17188](https://togithub.com/aquaproj/aqua-registry/issues/17188)
openclarity/vmclarity: Follow up changes of vmclarity v0.6.0

###
[`v4.81.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.81.0)

[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.80.2...v4.81.0)


[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.81.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.81.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.80.2...v4.81.0

#### 🎉 New Packages


[#&#8203;17151](https://togithub.com/aquaproj/aqua-registry/issues/17151)
[#&#8203;17152](https://togithub.com/aquaproj/aqua-registry/issues/17152)
[devops-kung-fu/bomber](https://togithub.com/devops-kung-fu/bomber):
Scans Software Bill of Materials (SBOMs) for security vulnerabilities

[#&#8203;13989](https://togithub.com/aquaproj/aqua-registry/issues/13989)
[#&#8203;17141](https://togithub.com/aquaproj/aqua-registry/issues/17141)
[#&#8203;17153](https://togithub.com/aquaproj/aqua-registry/issues/17153)
[trunk-io/launcher](https://docs.trunk.io/reference/components#trunk-launcher):
trunk launcher is a bash script that enables users to easily switch
between multiple versions of trunk

#### Fixes


[#&#8203;17107](https://togithub.com/aquaproj/aqua-registry/issues/17107)
chmln/sd: Follow up changes of sd v1.0.0

[#&#8203;17121](https://togithub.com/aquaproj/aqua-registry/issues/17121)
google/gke-policy-automation: Follow up changes of gke-policy v1.3.3

###
[`v4.80.2`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.80.2)

[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.80.1...v4.80.2)


[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.80.2)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.80.2)
| https://github.com/aquaproj/aqua-registry/compare/v4.80.1...v4.80.2

#### Fixes


[#&#8203;17091](https://togithub.com/aquaproj/aqua-registry/issues/17091)
[#&#8203;17066](https://togithub.com/aquaproj/aqua-registry/issues/17066)
derailed/k9s: Follow up changes of k9s v0.28.0

-   https://github.com/derailed/k9s/releases/tag/v0.28.0
-
[https://github.com/derailed/k9s/pull/2153](https://togithub.com/derailed/k9s/pull/2153)

###
[`v4.80.1`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.80.1)

[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.80.0...v4.80.1)


[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.80.1)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.80.1)
| https://github.com/aquaproj/aqua-registry/compare/v4.80.0...v4.80.1

#### Fixes


[#&#8203;17054](https://togithub.com/aquaproj/aqua-registry/issues/17054)
liweiyi88/gosnakego: Follow up changes of gosnakego v1.0.0

###
[`v4.80.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.80.0)

[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.79.0...v4.80.0)


[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.80.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.80.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.79.0...v4.80.0

#### 🎉 New Packages


[#&#8203;17010](https://togithub.com/aquaproj/aqua-registry/issues/17010)
[suzuki-shunsuke/tfprovidercheck](https://togithub.com/suzuki-shunsuke/tfprovidercheck):
Censor Terraform Providers

</details>

<details>
<summary>casey/just (casey/just)</summary>

###
[`v1.16.0`](https://togithub.com/casey/just/blob/HEAD/CHANGELOG.md#1160---2023-11-08)

[Compare
Source](https://togithub.com/casey/just/compare/1.15.0...1.16.0)

##### Added

- Add ARMv6 release target
([#&#8203;1715](https://togithub.com/casey/just/pull/1715) by
[ragazenta](https://togithub.com/ragazenta))
- Add `semver_matches` function
([#&#8203;1713](https://togithub.com/casey/just/pull/1713) by
[t3hmrman](https://togithub.com/t3hmrman))
- Add `dotenv-filename` and `dotenv-path` settings
([#&#8203;1692](https://togithub.com/casey/just/pull/1692) by
[ltfourrier](https://togithub.com/ltfourrier))
- Allow setting echoed recipe line color
([#&#8203;1670](https://togithub.com/casey/just/pull/1670) by
[avi-cenna](https://togithub.com/avi-cenna))

##### Fixed

- Fix Fish completion script
([#&#8203;1710](https://togithub.com/casey/just/pull/1710) by
[l4zygreed](https://togithub.com/l4zygreed))

##### Misc

- Fix readme typo
([#&#8203;1717](https://togithub.com/casey/just/pull/1717) by
[barraponto](https://togithub.com/barraponto))
- Clean up error display
([#&#8203;1699](https://togithub.com/casey/just/pull/1699) by
[nyurik](https://togithub.com/nyurik))
- Misc fixes ([#&#8203;1700](https://togithub.com/casey/just/pull/1700)
by [nyurik](https://togithub.com/nyurik))
- Fix readme build badge
([#&#8203;1697](https://togithub.com/casey/just/pull/1697))
- Fix set tempdir grammar
([#&#8203;1695](https://togithub.com/casey/just/pull/1695))
- Add version to attributes
([#&#8203;1694](https://togithub.com/casey/just/pull/1694) by
[JoeyTeng](https://togithub.com/JoeyTeng))
- Update README.md
([#&#8203;1691](https://togithub.com/casey/just/pull/1691) by
[laniakea64](https://togithub.com/laniakea64))

</details>

<details>
<summary>derailed/k9s (derailed/k9s)</summary>

### [`v0.28.0`](https://togithub.com/derailed/k9s/releases/tag/v0.28.0)

[Compare
Source](https://togithub.com/derailed/k9s/compare/v0.27.4...v0.28.0)

<img
src="https://raw.githubusercontent.com/derailed/k9s/master/assets/k9s.png"
align="center" width="800" height="auto"/>

### Release v0.28.0
#### Notes

Thank you to all that contributed with flushing out issues and
enhancements for K9s! I'll try to mark some of these issues as fixed.
But if you don't mind grab the latest rev and see if we're happier with
some of the fixes! If you've filed an issue please help me verify and
close. Your support, kindness and awesome suggestions to make K9s better
are, as ever, very much noted and appreciated! Also big thanks to all
that have allocated their own time to help others on both slack and on
this repo!!

As you may know, K9s is not pimped out by corps with deep pockets, thus
if you feel K9s is helping your Kubernetes journey, please consider
joining our [sponsorship
program](https://togithub.com/sponsors/derailed) and/or make some noise
on social! [@&#8203;kitesurfer](https://twitter.com/kitesurfer)

On Slack? Please join us
[K9slackers](https://join.slack.com/t/k9sers/shared_invite/enQtOTA5MDEyNzI5MTU0LWQ1ZGI3MzliYzZhZWEyNzYxYzA3NjE0YTk1YmFmNzViZjIyNzhkZGI0MmJjYzhlNjdlMGJhYzE2ZGU1NjkyNTM)

***

#### ♫ Sounds Behind The Release ♭

- [Moonlight Invasions -
TribalNeed](https://www.youtube.com/watch?v=mJBnMSNIJL4\&list=RDmJBnMSNIJL4\&start_radio=1)
- [Teardrops - Neil
Frances](https://www.youtube.com/watch?v=823\_KoZr4mo)
- [Memory - Øystein Sevåg](https://www.youtube.com/watch?v=GKEM6lgkogY)
- [Tell me straight - Rolling Stones (Generated by KeithGPT
🐭)](https://www.youtube.com/watch?v=YxcxLi-Ld3E)

***

#### A Word From Our Sponsors...

To all the good folks below that opted to `pay it forward` and join our
sponsorship program, I salute you!!

-   [Hyeon Woo Jo](https://togithub.com/dokdo2013)
-   [Artsiom Kaval](https://togithub.com/lezeroq)
-   [Grant Linville](https://togithub.com/g-linville)
-   [Andrew Brown](https://togithub.com/andrew-werdna)
-   [Patrik Votoček](https://togithub.com/Vrtak-CZ)
-   [Erik Hebisch](https://togithub.com/flegelleicht)
-   [Juliet Boyd](https://togithub.com/julietrb1)
-   [Chris Vertonghen](https://togithub.com/chrisv)
-   [Acsone](https://togithub.com/acsone)
-   [Alex Viscreanu](https://togithub.com/aexvir)
-   [Joey Guerra](https://togithub.com/joeyguerra)
-   [Kijana Woodard](https://togithub.com/kijanawoodard)
-   [Tom Saleeba](https://togithub.com/tomsaleeba)

> Sponsorship cancellations since the last release: `11` ;(

***

#### Feature Release

##### File Transfers in Da House!

Added ability to exchange files from your local machine to a pod or from
a pod to your local machine. The pod view now surfaces a new command `t`
to initiate the download/upload file transfers.

***

#### Resolved Issues

- [Issue #&#8203;2249](https://togithub.com/derailed/k9s/issues/2249)
Sort on the capacity column should consider Gi and Mb also

- [Issue #&#8203;2225](https://togithub.com/derailed/k9s/issues/2225)
View logs of all pods of a given deployment

- [Issue #&#8203;2195](https://togithub.com/derailed/k9s/issues/2195)
Some pod logs are not displayed. But I can display it when I use the
command

- [Issue #&#8203;2194](https://togithub.com/derailed/k9s/issues/2194)
0.27.4 broke custom sort orders via views.yml

- [Issue #&#8203;2185](https://togithub.com/derailed/k9s/issues/2185) No
binaries for Linux_x86\_64

- [Issue #&#8203;2169](https://togithub.com/derailed/k9s/issues/2169)
Add namespace name in ServiceAccount view with RoleBinding

- [Issue #&#8203;2152](https://togithub.com/derailed/k9s/issues/2152)
Latest opened namespace not being saved between k9s sessions

- [Issue #&#8203;2131](https://togithub.com/derailed/k9s/issues/2131)
deployments are not showing up, whereas kubectl gives a list

- [Issue #&#8203;2130](https://togithub.com/derailed/k9s/issues/2130)
Pending pods show 0/0 Ready instead of 0/x Ready

- [Issue #&#8203;2128](https://togithub.com/derailed/k9s/issues/2128)
k9s command not found after snap install

- [Issue #&#8203;2121](https://togithub.com/derailed/k9s/issues/2121)
colors for crds

- [Issue #&#8203;2120](https://togithub.com/derailed/k9s/issues/2120)
kustomize deletion not working as expected

- [Issue #&#8203;2106](https://togithub.com/derailed/k9s/issues/2106)
k9s delete behaves differently with kubectl

- [Issue #&#8203;2085](https://togithub.com/derailed/k9s/issues/2085)
When specifying the context command via the -c flag, selecting a cluster
always returns to the context view

- [Issue #&#8203;658](https://togithub.com/derailed/k9s/issues/658)
Feature request: Easy way to copy/download files from a pod/pv to your
local PC

***

#### Contributed PRs

Please give `Big Thanks!` and `ATTA Girls/Boys!` to all the fine
contributors for making K9s better for all of us!!

- [PR #&#8203;2258](https://togithub.com/derailed/k9s/pull/2258) fix
fsnotify watcher not fully working
- [PR #&#8203;2253](https://togithub.com/derailed/k9s/pull/2253) fix
manual sorting not working when sortColumn is configured
- [PR #&#8203;2252](https://togithub.com/derailed/k9s/pull/2252)
consider units when sorting capacity of pv and pvc
- [PR #&#8203;2243](https://togithub.com/derailed/k9s/pull/2243)
fix(typo): pdb header typo
- [PR #&#8203;2239](https://togithub.com/derailed/k9s/pull/2239) fix:
honor defaults from drain dialog in request
- [PR #&#8203;2235](https://togithub.com/derailed/k9s/pull/2235) docs:
add plugin.yml JSON schema
- [PR #&#8203;2229](https://togithub.com/derailed/k9s/pull/2229)
fix(log): clear bold log format after timestamp
- [PR #&#8203;2188](https://togithub.com/derailed/k9s/pull/2188) Alias
qa to quit
- [PR #&#8203;2180](https://togithub.com/derailed/k9s/pull/2180) feat:
Added support for arm in dockerfile
- [PR #&#8203;2179](https://togithub.com/derailed/k9s/pull/2179) Focus
command bar if active on startup
- [PR #&#8203;2170](https://togithub.com/derailed/k9s/pull/2170) Add
namespace for rolebinding on a clusterrole
- [PR #&#8203;2161](https://togithub.com/derailed/k9s/pull/2161) Only
apply keyConv to mnemonic in menus
- [PR #&#8203;2158](https://togithub.com/derailed/k9s/pull/2158) Show
the default container as the first entry
- [PR #&#8203;2153](https://togithub.com/derailed/k9s/pull/2153) Changed
checksums extension to checksums.sha256
- [PR #&#8203;2158](https://togithub.com/derailed/k9s/pull/2158) Show
the default container as the first entry
- [PR #&#8203;2151](https://togithub.com/derailed/k9s/pull/2151) chore:
pkg imported more than once
- [PR #&#8203;2147](https://togithub.com/derailed/k9s/pull/2147) feat:
plugin for adding an ephemeral debug container
- [PR #&#8203;2141](https://togithub.com/derailed/k9s/pull/2141) Update
plugin flux.yml with shortcuts for helm repo and oci repos
- [PR #&#8203;2137](https://togithub.com/derailed/k9s/pull/2137)
Correctly display the numbers in the Ready column of the pods view
- [PR #&#8203;2136](https://togithub.com/derailed/k9s/pull/2136) Prompt
window uses border styles
- [PR #&#8203;2134](https://togithub.com/derailed/k9s/pull/2134) Remove
unsupported key binding on users view
- [PR #&#8203;2124](https://togithub.com/derailed/k9s/pull/2124) fix:
add correct flags when deleting resources from Dir
- [PR #&#8203;2119](https://togithub.com/derailed/k9s/pull/2119) feat:
add indicator to title if toast is toggled
- [PR #&#8203;2117](https://togithub.com/derailed/k9s/pull/2117) Add
instruction how to install k9s through winget
- [PR #&#8203;2112](https://togithub.com/derailed/k9s/pull/2112) Fix for
styles
- [PR #&#8203;2105](https://togithub.com/derailed/k9s/pull/2105) Fix the
wrong/redundant icon in the prompt bar
- [PR #&#8203;2103](https://togithub.com/derailed/k9s/pull/2103) Update
carvel.yml to include contexts
- [PR #&#8203;2096](https://togithub.com/derailed/k9s/pull/2096) fix:
(config) only respect the --command flag once
- [PR #&#8203;2091](https://togithub.com/derailed/k9s/pull/2091) Add
get-all plugin specific for namespace view
- [PR #&#8203;2089](https://togithub.com/derailed/k9s/pull/2089)
Resources are rendered using skin.yaml colors
- [PR #&#8203;2082](https://togithub.com/derailed/k9s/pull/2082) Fix
typo introduced in
[#&#8203;2045](https://togithub.com/derailed/k9s/issues/2045)

***

<img
src="https://raw.githubusercontent.com/derailed/k9s/master/assets/imhotep_logo.png"
width="32" height="auto"/> © 2023 Imhotep Software LLC. All materials
licensed under [Apache v2.0](http:https://www.apache.org/licenses/LICENSE-2.0)

</details>

<details>
<summary>helm/helm (helm/helm)</summary>

### [`v3.13.2`](https://togithub.com/helm/helm/releases/tag/v3.13.2):
Helm v3.13.2

[Compare
Source](https://togithub.com/helm/helm/compare/v3.13.1...v3.13.2)

Helm v3.13.2 is a patch release. Users are encouraged to upgrade for the
best experience. Users are encouraged to upgrade for the best
experience.

The community keeps growing, and we'd love to see you there!

- Join the discussion in [Kubernetes
Slack](https://kubernetes.slack.com):
    -   for questions and just to hang out
    -   for discussing PRs, code, and bugs
- Hang out at the Public Developer Call: Thursday, 9:30 Pacific via
[Zoom](https://zoom.us/j/696660622)
- Test, debug, and contribute charts:
[ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0)

#### Installation and Upgrading

Download Helm v3.13.2. The common platform binaries are here:

- [MacOS amd64](https://get.helm.sh/helm-v3.13.2-darwin-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-darwin-amd64.tar.gz.sha256sum)
/ 977c2faa49993aa8baa2c727f8f35a357576d6278d4d8618a5a010a56ad2dbee)
- [MacOS arm64](https://get.helm.sh/helm-v3.13.2-darwin-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-darwin-arm64.tar.gz.sha256sum)
/ 00f00c66165ba0dcd9efdbef66a5508fb4fe4425991c0e599e0710f8ff7aa02e)
- [Linux amd64](https://get.helm.sh/helm-v3.13.2-linux-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-amd64.tar.gz.sha256sum)
/ 55a8e6dce87a1e52c61e0ce7a89bf85b38725ba3e8deb51d4a08ade8a2c70b2d)
- [Linux arm](https://get.helm.sh/helm-v3.13.2-linux-arm.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-arm.tar.gz.sha256sum)
/ 06e8436bde78d53ddb5095ba146fe6c7001297c7dceb9ef6b68992c3ecfde770)
- [Linux arm64](https://get.helm.sh/helm-v3.13.2-linux-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-arm64.tar.gz.sha256sum)
/ f5654aaed63a0da72852776e1d3f851b2ea9529cb5696337202703c2e1ed2321)
- [Linux i386](https://get.helm.sh/helm-v3.13.2-linux-386.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-386.tar.gz.sha256sum)
/ 7d1307e708d4eb043686c8635df567773221397d5d0151d37000b7c472170b3a)
- [Linux ppc64le](https://get.helm.sh/helm-v3.13.2-linux-ppc64le.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-ppc64le.tar.gz.sha256sum)
/ 11d96134cc4ec106c23cd8c163072e9aed6cd73e36a3da120e5876d426203f37)
- [Linux s390x](https://get.helm.sh/helm-v3.13.2-linux-s390x.tar.gz)
([checksum](https://get.helm.sh/helm-v3.13.2-linux-s390x.tar.gz.sha256sum)
/ 3ffc5b4a041e5306dc00905ebe5dfea449e34ada268a713d34c69709afd6a9a2)
- [Windows amd64](https://get.helm.sh/helm-v3.13.2-windows-amd64.zip)
([checksum](https://get.helm.sh/helm-v3.13.2-windows-amd64.zip.sha256sum)
/ 1ef931cb40bfa049fa5ee337ec16181345d7d0c8ab863fe9b04abe320fa2ae6e)

This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2
5E36 B98E ` and can be found at
[@&#8203;mattfarina](https://togithub.com/mattfarina) [keybase
account](https://keybase.io/mattfarina). Please use the attached
signatures for verifying this release using `gpg`.

The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get
you going from there. For **upgrade instructions** or detailed
installation notes, check the [install
guide](https://helm.sh/docs/intro/install/). You can also use a [script
to
install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3)
on any system with `bash`.

#### What's Next

-   3.13.3 is a patch release and will be on December 13, 2023.
-   3.14.0 is the next feature release and be on January 17, 2024.

#### Changelog

- chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.56.3
[`2a2fb3b`](https://togithub.com/helm/helm/commit/2a2fb3b98829f1e0be6fb18af2f6599e0f4e8243)
(dependabot\[bot])
- Update get-helm-3
[`8f554be`](https://togithub.com/helm/helm/commit/8f554be39fcd4cbcff47bc4def8bb45ae0ed9d8c)
(Marcel Humburg)
- chore(deps): bump github.com/docker/docker
[`00a334c`](https://togithub.com/helm/helm/commit/00a334c1d913d7582e430ad9c64d0ca14cf465ff)
(dependabot\[bot])
- Fixing release labelling in rollback
[`12826e8`](https://togithub.com/helm/helm/commit/12826e839c3696aa901f0aee99587113ed4de694)
(Marcin Chojnacki)
- Drop filterSystemLabels usage from Query method
[`666b199`](https://togithub.com/helm/helm/commit/666b199dbea63c5cad9235abb74eed66ce9d6cd8)
(Dmitry Chepurovskiy)
- Apply review suggestions
[`7e0084a`](https://togithub.com/helm/helm/commit/7e0084a394fdd2f379d7b21a5477c04f8dd96c84)
(Dmitry Chepurovskiy)
- Allow using label selectors for system labels for sql backend.
[`10018ff`](https://togithub.com/helm/helm/commit/10018ff34bc13cb4cac9e95b03a1c4720717445e)
(Dmitry Chepurovskiy)
- Allow using label selectors for system labels for secrets and
configmap backends.
[`3b4cacf`](https://togithub.com/helm/helm/commit/3b4cacf717ab8708b582397b131182ab833687a2)
(Dmitry Chepurovskiy)
- Revert "fix(main): fix basic auth for helm pull or push"
[`e785e6c`](https://togithub.com/helm/helm/commit/e785e6c50c622ed5019fd4020a13509c87a3022d)
(Matt Farina)
- Revert "fix(registry): address anonymous pull issue"
[`268dced`](https://togithub.com/helm/helm/commit/268dcedba6a231b623c8252a3dafa0052d161c6e)
(Matt Farina)
- chore(deps): bump golang.org/x/net from 0.13.0 to 0.17.0
[`99ce118`](https://togithub.com/helm/helm/commit/99ce118b0ab10bc52d883412381ed9da0f35b14e)
(dependabot\[bot])
- Update get-helm-3 to get version through get.helm.sh
[`28f208c`](https://togithub.com/helm/helm/commit/28f208c3da7cdf4099255e332d2acee957d5abb0)
(Ian Zink)

</details>

<details>
<summary>kubernetes/minikube (kubernetes/minikube)</summary>

###
[`v1.32.0`](https://togithub.com/kubernetes/minikube/releases/tag/v1.32.0)

[Compare
Source](https://togithub.com/kubernetes/minikube/compare/v1.31.2...v1.32.0-beta.0)

📣😀 **Please fill out our [fast 5-question
survey](https://forms.gle/Gg3hG5ZySw8c1C24A)** so that we can learn how
& why you use minikube, and what improvements we should make. Thank you!
💃🎉

#### Release Notes

#### Version 1.32.0 - 2023-11-08

Features:

- NVIDIA GPU support with new `--gpus=nvidia` flag for docker driver
[#&#8203;15927](https://togithub.com/kubernetes/minikube/pull/15927)
[#&#8203;17314](https://togithub.com/kubernetes/minikube/pull/17314)
[#&#8203;17488](https://togithub.com/kubernetes/minikube/pull/17488)
- rootless: support `--container-runtime=docker`
[#&#8203;17520](https://togithub.com/kubernetes/minikube/pull/17520)
- New `kubeflow` addon
[#&#8203;17114](https://togithub.com/kubernetes/minikube/pull/17114)
- New `local-path-provisioner` addon
[#&#8203;15062](https://togithub.com/kubernetes/minikube/pull/15062)
- Kicbase: Add `no-limit` option to `--cpus` & `--memory` flags
[#&#8203;17491](https://togithub.com/kubernetes/minikube/pull/17491)

Minor Improvements:

- Hyper-V: Add memory validation for odd numbers
[#&#8203;17325](https://togithub.com/kubernetes/minikube/pull/17325)
- QEMU: Improve cpu type and IP detection
[#&#8203;17217](https://togithub.com/kubernetes/minikube/pull/17217)
- Mask http(s)\_proxy password from startup output
[#&#8203;17116](https://togithub.com/kubernetes/minikube/pull/17116)
- `--delete-on-faliure` also recreates cluster for kubeadm failures
[#&#8203;16890](https://togithub.com/kubernetes/minikube/pull/16890)
- Addon auto-pause: Configure intervals using `--auto-pause-interval`
[#&#8203;17070](https://togithub.com/kubernetes/minikube/pull/17070)
- `--kubernetes-version` checks GitHub for version validation and
improved error output for invalid versions
[#&#8203;16865](https://togithub.com/kubernetes/minikube/pull/16865)
- Install NVIDIA container toolkit during image build (offline support)
[#&#8203;17516](https://togithub.com/kubernetes/minikube/pull/17516)

Bugs:

- QEMU: Fix addons failing to enable
[#&#8203;17402](https://togithub.com/kubernetes/minikube/pull/17402)
- Fix downloading the wrong kubeadm images for k8s versions after
minikube release
[#&#8203;17373](https://togithub.com/kubernetes/minikube/pull/17373)
- Fix enabling & disabling addons with non-existing cluster
[#&#8203;17324](https://togithub.com/kubernetes/minikube/pull/17324)
- Fix delete if container-runtime doesn't exist
[#&#8203;17347](https://togithub.com/kubernetes/minikube/pull/17347)
- Fix network not found not being detected on new Docker versions
[#&#8203;17323](https://togithub.com/kubernetes/minikube/pull/17323)
- Fix addon registry doesn't follow Minikube DNS domain name
configuration (--dns-domain)
[#&#8203;15585](https://togithub.com/kubernetes/minikube/pull/15585)
- Fix no-limit option for config validation
[#&#8203;17530](https://togithub.com/kubernetes/minikube/pull/17530)

Version Upgrades:

- Bump Kubernetes version default: v1.28.3 and latest: v1.28.3
[#&#8203;17463](https://togithub.com/kubernetes/minikube/pull/17463)
- Addon cloud-spanner: Update cloud-spanner-emulator/emulator image from
1.5.9 to 1.5.11
[#&#8203;17225](https://togithub.com/kubernetes/minikube/pull/17225)
[#&#8203;17259](https://togithub.com/kubernetes/minikube/pull/17259)
- Addon headlamp: Update headlamp-k8s/headlamp image from v0.19.0 to
v0.20.1
[#&#8203;17135](https://togithub.com/kubernetes/minikube/pull/17135)
[#&#8203;17365](https://togithub.com/kubernetes/minikube/pull/17365)
- Addon ingress: Update ingress-nginx/controller image from v1.8.1 to
v1.9.4
[#&#8203;17223](https://togithub.com/kubernetes/minikube/pull/17223)
[#&#8203;17297](https://togithub.com/kubernetes/minikube/pull/17297)
[#&#8203;17348](https://togithub.com/kubernetes/minikube/pull/17348)
[#&#8203;17421](https://togithub.com/kubernetes/minikube/pull/17421)
[#&#8203;17525](https://togithub.com/kubernetes/minikube/pull/17525)
- Addon inspektor-gadget: Update inspektor-gadget image from v0.19.0 to
v0.22.0
[#&#8203;17176](https://togithub.com/kubernetes/minikube/pull/17176)
[#&#8203;17340](https://togithub.com/kubernetes/minikube/pull/17340)
[#&#8203;17550](https://togithub.com/kubernetes/minikube/pull/17550)
- Addon istio-provisioner: Update istio/operator image from 1.12.2 to
1.19.3
[#&#8203;17383](https://togithub.com/kubernetes/minikube/pull/17383)
[#&#8203;17436](https://togithub.com/kubernetes/minikube/pull/17436)
- Addon kong: Update kong image from 3.2 to 3.4.2
[#&#8203;17485](https://togithub.com/kubernetes/minikube/pull/17485)
- Addon kong: Update kong/kubernetes-ingress-controller image from 2.9.3
to 2.12.0
[#&#8203;17526](https://togithub.com/kubernetes/minikube/pull/17526)
- Addon registry: Update registry image from 2.8.1 to 2.8.3
[#&#8203;17382](https://togithub.com/kubernetes/minikube/pull/17382)
[#&#8203;17467](https://togithub.com/kubernetes/minikube/pull/17467)
- Addon nvidia-device-plugin: Update nvidia/k8s-device-plugin image from
v0.14.1 to v0.14.2
[#&#8203;17523](https://togithub.com/kubernetes/minikube/pull/17523)
- CNI: Update calico from v3.26.1 to v3.26.3
[#&#8203;17363](https://togithub.com/kubernetes/minikube/pull/17363)
[#&#8203;17375](https://togithub.com/kubernetes/minikube/pull/17375)
- CNI: Update flannel from v0.22.1 to v0.22.3
[#&#8203;17102](https://togithub.com/kubernetes/minikube/pull/17102)
[#&#8203;17263](https://togithub.com/kubernetes/minikube/pull/17263)
- CNI: Update kindnetd from v20230511-dc714da8 to v20230809-80a64d96
[#&#8203;17233](https://togithub.com/kubernetes/minikube/pull/17233)
- Kicbase/ISO: Update buildkit from v0.11.6 to v0.12.3
[#&#8203;17194](https://togithub.com/kubernetes/minikube/pull/17194)
[#&#8203;17486](https://togithub.com/kubernetes/minikube/pull/17486)
- Kicbase/ISO: Update containerd from v1.7.3 to v1.7.8
[#&#8203;17243](https://togithub.com/kubernetes/minikube/pull/17243)
[#&#8203;17466](https://togithub.com/kubernetes/minikube/pull/17466)
[#&#8203;17527](https://togithub.com/kubernetes/minikube/pull/17527)
- Kicbase/ISO: Update crictl from v1.21.0 to v1.28.0
[#&#8203;17240](https://togithub.com/kubernetes/minikube/pull/17240)
- Kicbase/ISO: Update docker from 24.0.4 to 24.0.7
[#&#8203;17120](https://togithub.com/kubernetes/minikube/pull/17120)
[#&#8203;17207](https://togithub.com/kubernetes/minikube/pull/17207)
[#&#8203;17545](https://togithub.com/kubernetes/minikube/pull/17545)
- Kicbase/ISO: Update nerdctl from 1.0.0 to 1.6.2
[#&#8203;17145](https://togithub.com/kubernetes/minikube/pull/17145)
[#&#8203;17339](https://togithub.com/kubernetes/minikube/pull/17339)
[#&#8203;17434](https://togithub.com/kubernetes/minikube/pull/17434)
- Kicbase/ISO: Update runc from v1.1.7 to v1.1.9
[#&#8203;17250](https://togithub.com/kubernetes/minikube/pull/17250)
- Kicbase: Bump ubuntu:jammy from
[`2023062`](https://togithub.com/kubernetes/minikube/commit/20230624) to
[`2023100`](https://togithub.com/kubernetes/minikube/commit/20231004)
[#&#8203;17086](https://togithub.com/kubernetes/minikube/pull/17086)
[#&#8203;17174](https://togithub.com/kubernetes/minikube/pull/17174)
[#&#8203;17345](https://togithub.com/kubernetes/minikube/pull/17345)
[#&#8203;17423](https://togithub.com/kubernetes/minikube/pull/17423)

For a more detailed changelog, including changes occurring in
pre-release versions, see
[CHANGELOG.md](https://togithub.com/kubernetes/minikube/blob/master/CHANGELOG.md).

Thank you to our contributors for this release!

-   Akihiro Suda
-   Christian Bergschneider
-   Jeff MAURY
-   Medya Ghazizadeh
-   Raiden Shogun
-   Steven Powell

Thank you to our PR reviewers for this release!

-   medyagh (1 comments)
-   r0b2g1t (1 comments)

Thank you to our triage members for this release!

-   willsu (2 comments)
-   afbjorklund (1 comments)
-   ankur0904 (1 comments)
-   ceelian (1 comments)
-   idoly (1 comments)

#### Installation

See [Getting Started](https://minikube.sigs.k8s.io/docs/start/)

#### Binary Checksums

darwin-amd64:
`8ca4b2cce6208f102b851d0ea8292c1324e8358b7ac208dd1079e41af558def8`
darwin-arm64:
`f5bf38603b01cc3eb88f21d5550068fd592486c08c0f3272aee544e0bc2e4e64`
linux-amd64:
`1acbb6e0358264a3acd5e1dc081de8d31c697d5b4309be21cba5587cd59eabb3`
linux-arm:
`fc181cb6f1bcda786001e7f7f46f810e8b430abc7d16bbe257c0526f23f90f00`
linux-arm64:
`77ca98722819e2e9d94925f662f348c3d41c1831c3cd3a77732093d7f509f172`
linux-ppc64le:
`3072cce0952628187511748b4b8fc2080e80327384b30e8c6df465f02c8f35ce`
linux-s390x:
`0eb342fe581afb106b6013401b33429607ab40f57f5e48a15f2b2e04726edc57`
windows-amd64.exe:
`d4060da824524df744ba85fa91394cabfab15f110c03b1d8b7f1d309116fed15`

#### ISO Checksums

amd64:
`c99de86777a5c3e86a67b2354633b1942ea28633696556911bdf72730fe25b68`\
arm64:
`290076b82917071a30437472ba610012ddb8cd33e9932b92e593ce1072e7572d`

</details>

<details>
<summary>sigstore/cosign (sigstore/cosign)</summary>

###
[`v2.2.1`](https://togithub.com/sigstore/cosign/blob/HEAD/CHANGELOG.md#v221)

[Compare
Source](https://togithub.com/sigstore/cosign/compare/v2.2.0...v2.2.1)

**Note: This release comes with a fix for CVE-2023-46737 described in
this [Github Security
Advisory](https://togithub.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9).
Please upgrade to this release ASAP**

#### Enhancements

- feat: Support basic auth and bearer auth login to registry
([#&#8203;3310](https://togithub.com/sigstore/cosign/issues/3310))
- add support for ignoring certificates with pkcs11
([#&#8203;3334](https://togithub.com/sigstore/cosign/issues/3334))
- Support ReplaceOp in Signatures
([#&#8203;3315](https://togithub.com/sigstore/cosign/issues/3315))
- feat: added ability to get image digest back via triangulate
([#&#8203;3255](https://togithub.com/sigstore/cosign/issues/3255))
- feat: add `--only` flag in `cosign copy` to copy sign, att & sbom
([#&#8203;3247](https://togithub.com/sigstore/cosign/issues/3247))
- feat: add support attaching a Rekor bundle to a container
([#&#8203;3246](https://togithub.com/sigstore/cosign/issues/3246))
- feat: add support outputting rekor response on signing
([#&#8203;3248](https://togithub.com/sigstore/cosign/issues/3248))
- feat: improve dockerfile verify subcommand
([#&#8203;3264](https://togithub.com/sigstore/cosign/issues/3264))
- Add guard flag for experimental OCI 1.1 verify.
([#&#8203;3272](https://togithub.com/sigstore/cosign/issues/3272))
- Deprecate SBOM attachments
([#&#8203;3256](https://togithub.com/sigstore/cosign/issues/3256))
- feat: dedent line in cosign copy doc
([#&#8203;3244](https://togithub.com/sigstore/cosign/issues/3244))
- feat: add platform flag to cosign copy command
([#&#8203;3234](https://togithub.com/sigstore/cosign/issues/3234))
- Add SLSA 1.0 attestation support to cosign. Closes
[#&#8203;2860](https://togithub.com/sigstore/cosign/issues/2860)
([#&#8203;3219](https://togithub.com/sigstore/cosign/issues/3219))
- attest: pass OCI remote opts to att resolver.
([#&#8203;3225](https://togithub.com/sigstore/cosign/issues/3225))

#### Bug Fixes

-   Merge pull request from GHSA-vfp6-jrw2-99g9
- fix: allow cosign download sbom when image is absent
([#&#8203;3245](https://togithub.com/sigstore/cosign/issues/3245))
- ci: add a OCI registry test for referrers support
([#&#8203;3253](https://togithub.com/sigstore/cosign/issues/3253))
- Fix ReplaceSignatures
([#&#8203;3292](https://togithub.com/sigstore/cosign/issues/3292))
- Stop using deprecated in_toto.ProvenanceStatement
([#&#8203;3243](https://togithub.com/sigstore/cosign/issues/3243))
- Fixes
[#&#8203;3236](https://togithub.com/sigstore/cosign/issues/3236),
disable SCT checking for a cosign verification when usin…
([#&#8203;3237](https://togithub.com/sigstore/cosign/issues/3237))
- fix: update error in `SignedEntity` to be more descriptive
([#&#8203;3233](https://togithub.com/sigstore/cosign/issues/3233))
- Fail timestamp verification if no root is provided
([#&#8203;3224](https://togithub.com/sigstore/cosign/issues/3224))

#### Documentation

- Add some docs about verifying in an air-gapped environment
([#&#8203;3321](https://togithub.com/sigstore/cosign/issues/3321))
- Update CONTRIBUTING.md
([#&#8203;3268](https://togithub.com/sigstore/cosign/issues/3268))
- docs: improves the Contribution guidelines
([#&#8203;3257](https://togithub.com/sigstore/cosign/issues/3257))
- Remove security policy
([#&#8203;3230](https://togithub.com/sigstore/cosign/issues/3230))

#### Others

- Set go to min 1.21 and update dependencies
([#&#8203;3327](https://togithub.com/sigstore/cosign/issues/3327))
- Update contact for code of conduct
([#&#8203;3266](https://togithub.com/sigstore/cosign/issues/3266))
- Update .ko.yaml
([#&#8203;3240](https://togithub.com/sigstore/cosign/issues/3240))

#### Contributors

-   AdamKorcz
-   Andres Galante
-   Appu
-   Billy Lynch
-   Bob Callaway
-   Caleb Woodbine
-   Carlos Tadeu Panato Junior
-   Dylan Richardson
-   Gareth Healy
-   Hayden B
-   John Kjell
-   Jon Johnson
-   jonvnadelberg
-   Luiz Carvalho
-   Priya Wadhwa
-   Ramkumar Chinchani
-   Tosone
-   Ville Aikas
-   Vishal Choudhary
-   ziel

</details>

<details>
<summary>simulot/immich-go (simulot/immich-go)</summary>

###
[`v0.8.1`](https://togithub.com/simulot/immich-go/releases/tag/0.8.1)

[Compare
Source](https://togithub.com/simulot/immich-go/compare/0.8.0...0.8.1)

#### Changelog

- [`e258497`](https://togithub.com/simulot/immich-go/commit/e258497)
workaround for
[#&#8203;62](https://togithub.com/simulot/immich-go/issues/62)

</details>

<details>
<summary>zellij-org/zellij (zellij-org/zellij)</summary>

###
[`v0.39.0`](https://togithub.com/zellij-org/zellij/releases/tag/v0.39.0)

[Compare
Source](https://togithub.com/zellij-org/zellij/compare/v0.38.2...v0.39.0)

This is a significant release with lots of major and long requested
features. Here's a run down:

##### Session Resurrection

This version adds a built-in capability to resurrect sessions. Attaching
to "exited" sessions will re-create them, placing any running commands
behind a `Press <ENTER> to run` banner so as to prevent awkward
situations with things like `rm -rf`. Sessions can also be resurrected
through the `session-manager`.

[Read more](http:https://zellij.dev/documentation/session-resurrection.html)

*Special thanks to
[@&#8203;AlixBernard](https://togithub.com/AlixBernard) for implementing
the serialization algorithm, as well as to
[@&#8203;alekspickle](https://togithub.com/alekspickle) for helping
integrate the algorithm with our code base. Without them this feature
would not have come to be.*

##### UI Components for Plugins

This version introduces UI Components for plugins. Allowing plugins to
render beautiful and consistent UI elements (eg. `table`, `ribbon`,
`nexted-list`) no matter which programming language they were developped
in. These components are serialized on the plugin-side and interpreted
by our ANSI interpreter using a private `DCS`.

[Read more](http:https://zellij.dev/documentation/plugin-ui-rendering.html)

##### Load Plugins from the Web

This release introduces the `http(s)` prefix for plugin URLs. Meaning we
would be able to load them from the web just like we load them from the
HD.

A new top-level CLI command was also added to make loading plugins
easier:

```bash
zellij plugin -- https://example.com/plugin.wasm # Will also work with file: and zellij: urls
```

*Thanks [@&#8203;jaeheonji](https://togithub.com/jaeheonji) for
designing and implementing this feature.*

##### Renaming Sessions

It's now possible to rename the current session. This can either be done
through the CLI with the new `rename-session` action, or through the
`session-manager` with `Ctrl r`.

##### Start panes in-place

Sometimes, when opening new panes it can be convenient to have them open
"in-place", meaning that they would replace the currently active pane
and then drop back to it once they exit. This release adds this ability
to `zellij run` and similar commands using the `--in-place` flag.

##### Wasmer 3.x upgrade

While not user facing, this is an important upgrade of our WebAssembly
runtime that makes packaging easier as well as facilitating
compatibility to some platforms.

*Thanks [@&#8203;tlinford](https://togithub.com/tlinford) for his
tremendous efforts in getting this done*

##### New Plugin APIs

##### RunCommand - execute command in the background and get a response

This API allows plugins to run a command on the host machine. The
command will run in the background and the plugin will be notified with
an `Event` when the command has completed, receiving its exit code,
STDIN and STDOUT.

##### WebRequest - execute an http(s) request in the background and get
a response

This API allows plugins to make a web request and receive its output.
The request will run in the background and the plugin will receive an
`Event` with the response once the request is complete.

##### Add `<ESC> - Drop to shell` to command panes

For a while now, Zellij has had the concept of "command panes" - panes
that run a specific command as part of the UI. Now, in addition to being
able to re-run the command with `ENTER` and close the pane with `Ctrl
c`, it's also possible to drop to a shell with `<ESC>`. This can be
especially useful when combined with the session resurrection feature
(eg. if one does not want to run the resurrected command but does not
want to close the pane either).

##### Support Styled Underlines

Zellij now supports the "styled underlines" ANSI extension.

*Thanks [@&#8203;eatgrass](https://togithub.com/eatgrass) and
[@&#8203;mike-lloyd03](https://togithub.com/mike-lloyd03) for the
implementation*

##### Open new Plugins to current CWD

Starting this release, plugins are opened to the working folder of the
currently focused terminal pane (if available), rather than the folder
in which the Zellij session was started.

#### All changes

- fix(utils): validate session name by
[@&#8203;deepsghimire](https://togithub.com/deepsghimire) in
[https://github.com/zellij-org/zellij/pull/2607](https://togithub.com/zellij-org/zellij/pull/2607)
- feat(panes): in place run by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2795](https://togithub.com/zellij-org/zellij/pull/2795)
- Fix: fg color for gruvbox light theme by
[@&#8203;papey](https://togithub.com/papey) in
[https://github.com/zellij-org/zellij/pull/2791](https://togithub.com/zellij-org/zellij/pull/2791)
- fix: display parsing error for kdl files located under the 'themes'
directory by [@&#8203;shinhs0506](https://togithub.com/shinhs0506) in
[https://github.com/zellij-org/zellij/pull/2762](https://togithub.com/zellij-org/zellij/pull/2762)
- feat(plugins): upgrade wasmer to 3.1.1 by
[@&#8203;tlinford](https://togithub.com/tlinford) in
[https://github.com/zellij-org/zellij/pull/2706](https://togithub.com/zellij-org/zellij/pull/2706)
- remove leftover Cargo.lock file from session-manager plugin by
[@&#8203;silwol](https://togithub.com/silwol) in
[https://github.com/zellij-org/zellij/pull/2819](https://togithub.com/zellij-org/zellij/pull/2819)
- chore: migrate to directories from directories-next by
[@&#8203;silwol](https://togithub.com/silwol) in
[https://github.com/zellij-org/zellij/pull/2820](https://togithub.com/zellij-org/zellij/pull/2820)
- chore: update uuid dependency to 1.4.1 by
[@&#8203;silwol](https://togithub.com/silwol) in
[https://github.com/zellij-org/zellij/pull/2821](https://togithub.com/zellij-org/zellij/pull/2821)
- fix(plugins): address potential security issue by
[@&#8203;tlinford](https://togithub.com/tlinford) in
[https://github.com/zellij-org/zellij/pull/2830](https://togithub.com/zellij-org/zellij/pull/2830)
- fix(plugins): add zellij version to cached artifact path by
[@&#8203;tlinford](https://togithub.com/tlinford) in
[https://github.com/zellij-org/zellij/pull/2836](https://togithub.com/zellij-org/zellij/pull/2836)
- Session resurrection by [@&#8203;imsnif](https://togithub.com/imsnif)
in
[https://github.com/zellij-org/zellij/pull/2801](https://togithub.com/zellij-org/zellij/pull/2801)
- feat(client): terminal synchronized output by
[@&#8203;gmorer](https://togithub.com/gmorer) in
[https://github.com/zellij-org/zellij/pull/2798](https://togithub.com/zellij-org/zellij/pull/2798)
- fix(resurrection): log failure instead of crashing in some edge cases
by [@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2851](https://togithub.com/zellij-org/zellij/pull/2851)
- fix(plugins): make auxiliary functions (get_focused_tab and
get_focused_pane) public by
[@&#8203;Nacho114](https://togithub.com/Nacho114) in
[https://github.com/zellij-org/zellij/pull/2765](https://togithub.com/zellij-org/zellij/pull/2765)
- feat(plugins): plugin run_command api by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2862](https://togithub.com/zellij-org/zellij/pull/2862)
- style: cyberpunk inspired theme options added by
[@&#8203;Sr-vZ](https://togithub.com/Sr-vZ) in
[https://github.com/zellij-org/zellij/pull/2868](https://togithub.com/zellij-org/zellij/pull/2868)
- feat(panes): Add an option to press <ESC> and drop to shell in command
panes by [@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2872](https://togithub.com/zellij-org/zellij/pull/2872)
- feat(plugins): web requests api by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2879](https://togithub.com/zellij-org/zellij/pull/2879)
- fix(cli): session names only for attach in fish completion by
[@&#8203;dj95](https://togithub.com/dj95) in
[https://github.com/zellij-org/zellij/pull/2857](https://togithub.com/zellij-org/zellij/pull/2857)
- feat(plugins): UI components by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2898](https://togithub.com/zellij-org/zellij/pull/2898)
- feat: support load plugins from the web by
[@&#8203;jaeheonji](https://togithub.com/jaeheonji) in
[https://github.com/zellij-org/zellij/pull/2863](https://togithub.com/zellij-org/zellij/pull/2863)
- feat(sessions): resurrect sessions through the session-manager (and
plugin API) by [@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2902](https://togithub.com/zellij-org/zellij/pull/2902)
- Styled underlines by [@&#8203;eatgrass](https://togithub.com/eatgrass)
in
[https://github.com/zellij-org/zellij/pull/2730](https://togithub.com/zellij-org/zellij/pull/2730)
- feat(ux): allow renaming sessions by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2903](https://togithub.com/zellij-org/zellij/pull/2903)
- fix(plugins): start plugin pane in cwd of focused pane if possible by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2905](https://togithub.com/zellij-org/zellij/pull/2905)
- fix(resurrection): properly serialize certain edge cases by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2907](https://togithub.com/zellij-org/zellij/pull/2907)
- docs(api): docs for shim.rs by
[@&#8203;imsnif](https://togithub.com/imsnif) in
[https://github.com/zellij-org/zellij/pull/2909](https://togithub.com/zellij-org/zellij/pull/2909)

#### New Contributors

- [@&#8203;deepsghimire](https://togithub.com/deepsghimire) made their
first contribution in
[https://github.com/zellij-org/zellij/pull/2607](https://togithub.com/zellij-org/zellij/pull/2607)
- [@&#8203;papey](https://togithub.com/papey) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2791](https://togithub.com/zellij-org/zellij/pull/2791)
- [@&#8203;shinhs0506](https://togithub.com/shinhs0506) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2762](https://togithub.com/zellij-org/zellij/pull/2762)
- [@&#8203;silwol](https://togithub.com/silwol) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2819](https://togithub.com/zellij-org/zellij/pull/2819)
- [@&#8203;gmorer](https://togithub.com/gmorer) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2798](https://togithub.com/zellij-org/zellij/pull/2798)
- [@&#8203;Sr-vZ](https://togithub.com/Sr-vZ) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2868](https://togithub.com/zellij-org/zellij/pull/2868)
- [@&#8203;dj95](https://togithub.com/dj95) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2857](https://togithub.com/zellij-org/zellij/pull/2857)
- [@&#8203;eatgrass](https://togithub.com/eatgrass) made their first
contribution in
[https://github.com/zellij-org/zellij/pull/2730](https://togithub.com/zellij-org/zellij/pull/2730)

**Full Changelog**:
https://github.com/zellij-org/zellij/compare/v0.38.2...v0.39.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 4pm on thursday" in timezone
America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/scottames/dots).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@imsnif
Copy link
Member

imsnif commented Mar 4, 2024

Hey @syrusakbary - my apologies for taking so long to get to this and give constructive feedback.

Basically, the short of it is that we do not want to adopt wasix and as far as we can tell, there's no way around this when upgrading beyond our current version.

The reason we do not want to adopt it is that we don't need anything it offers (we really just need the filesystem interaction, everything else we gate behind our own APIs and permission system). When we briefly tried to upgrade, we got a hard crash when the laptop we were testing this on went to sleep. While I know bugs happen and these things can be fixed, this tells me that the surface area of wasix is far greater and unexpected than I am comfortable with. And since we don't need its benefits, I do not feel comfortable adopting it and exposing our users to its potential dangers (even if they can be quickly mitigated and fixed).

That being said - we really appreciate your work and this great runtime that has helped us build an amazing plugin system over the years.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants