Open
Conversation
b57315c to
ee66195
Compare
dc44a2a to
b30ccb5
Compare
b30ccb5 to
90b8eee
Compare
10bd318 to
6d730e3
Compare
6d730e3 to
7a81fb1
Compare
7a81fb1 to
4cb723f
Compare
59f577f to
f072eb9
Compare
f072eb9 to
5c392e7
Compare
5c392e7 to
d635612
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v4.15.1→v5.1.0v3.20.2→v4.1.4Release Notes
labstack/echo (github.com/labstack/echo/v4)
v5.1.0Compare Source
Security
This change does not break the API contract, but it does introduce breaking changes in logic/behavior.
If your application is using
c.RealIP()beware and read https://echo.labstack.com/docs/ip-addressv4behavior can be restored with:Enhancements
v5.0.4Compare Source
Enhancements
http.Server.Servereturns we need to wait for graceful shutdown goroutine to finish by @aldas in #2898echo.StatusCodeby @suwakei in #2892echo.ResolveResponseStatusfunction to help middleware/handlers determine HTTP status code and echo.Response by @aldas in #2900v5.0.3Compare Source
Security
This applies to cases when:
middleware.StaticConfig.Filesystemisnil(default)echo.Filesystemis has not been set explicitly (default)Exposure is restricted to the active process working directory and its subfolders.
v5.0.2Compare Source
Security
config.Browse=truelists all files/subfolders fromconfig.Filesystemroot and not starting fromconfig.Rootin #2887v5.0.1Compare Source
v5.0.0Compare Source
Echo
v5is maintenance release with major breaking changesContextis now struct instead of interface and we can add method to it in the future in minor versions.Routerinterface for possible new routing implementations.log/sloginstead.Upgrade notes and
v4support:v4is supported with security* updates and bug fixes until 2026-12-31v5API changes will be addressed, even if this violates semantic versioning.See API_CHANGES_V5.md for public API changes between
v4andv5, notes on upgrading.Upgrading TLDR:
If you are using Linux you can migrate easier parts like that:
macOS
or in your favorite IDE
Replace all:
echo.Context->*echo.Contextecho/v4->echo/v5This should solve most of the issues. Probably the hardest part is updating all the tests.
helm/helm (helm.sh/helm/v3)
v4.1.4: Helm v4.1.4Compare Source
Helm v4.1.4 is a security fix patch release. Users are encouraged to upgrade for the best experience.
The community keeps growing, and we'd love to see you there!
Security fixes
Chart.yamlname dot-segment.provis missing, allowing unsigned plugin installA big thank you to the reporters of these issues (@maru1009, @1seal).
Installation and Upgrading
Download Helm v4.1.4. The common platform binaries are here:
The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with
bash.What's Next
Changelog
05fa379(George Jenkins)4e7994d(George Jenkins)2581943(George Jenkins)36c8539(George Jenkins)c61e086(Terry Howe)v4.1.3: Helm v4.1.3Compare Source
Helm v4.1.3 is a patch release. Users are encouraged to upgrade for the best experience.
Note there was no 4.1.2 release due to a release automation issue.
The community keeps growing, and we'd love to see you there!
Notable Changes
FailedStatusis treated as a terminal state, causing upgrades to fail prematurely when cluster autoscalers needed time to provision nodes, or when pods were being deleted during rolling updates #31897--atomicflag on install command #31901Installation and Upgrading
Download Helm v4.1.3. The common platform binaries are here:
BlobNotFoundThe specified blob does not exist.RequestId:a97d6fdb-301e-0045-72a5-b120d7000000
Time:2026-03-11T22:20:16.6057319Z)
This release was signed with
208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155and can be found at @scottrigby keybase account. Please use the attached signatures for verifying this release usinggpg.The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with
bash.What's Next
Changelog
c94d381(Matheus Pimenta)b36d660(Austin Abro)04a91af(Austin Abro)c3c57db(Evans Mungai)d47cb2b(Evans Mungai)790bf92(Evans Mungai)f7cec12(Evans Mungai)d94a5c9(Evans Mungai)8c5fe4e(Evans Mungai)217db28(dependabot[bot])7cb43e0(Travis Leeden)5b26d4f(Terry Howe)360c131(Terry Howe)69a0a92(dependabot[bot])b868e6a(Matheus Pimenta)dbfbea9(rohansood10)099192c(dependabot[bot])4967ead(Pedro Tôrres)2fe6b10(Pedro Tôrres)e3e2d01(Evans Mungai)c15e711(Manuel Alonso)df82e68(Manuel Alonso)4b896ca(Manuel Alonso)3fc7939(Manuel Alonso Gonzalez)6017d2b(Manuel Alonso)f451967(Manuel Alonso)fdadff5(Manuel Alonso)10d6067(Manuel Alonso)0fec40f(Mujib Ahasan)2637498(Mujib Ahasan)961d7d7(Mujib Ahasan)29e4506(Mujib Ahasan)d55b0b9(Mujib Ahasan)c1c090e(Mujib Ahasan)5e09313(Mujib Ahasan)f289d16(Mujib Ahasan)bfac739(Orgad Shaneh)v4.1.2Compare Source
v4.1.1: Helm v4.1.1Compare Source
Helm v4.1.1 is a patch release. Users are encouraged to upgrade for the best experience.
The community keeps growing, and we'd love to see you there!
Notable Changes
Installation and Upgrading
Download Helm v4.1.1. The common platform binaries are here:
The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with
bash.This release was signed by @gjenkins8 with key
BF88 8333 D96A 1C18 E268 2AAE D79D 67C9 EC01 6739, which can be found at https://keys.openpgp.org/vks/v1/by-fingerprint/BF888333D96A1C18E2682AAED79D67C9EC016739. Please use the attached signatures for verifying this release usinggpg.The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with
bash.What's Next
Changelog
5caf004(Matheus Pimenta)2519a88(Matheus Pimenta)b2c487c(Matheus Pimenta)261387a(Philipp Born)v4.1.0: Helm v4.1.0Compare Source
Helm v4.1.0 is a feature release. Users are encouraged to upgrade for the best experience.
The community keeps growing, and we'd love to see you there!
Notable Changes
helm templatehelp text to document --api-versions #31683Installation and Upgrading
Download Helm v4.1.0. The common platform binaries are here:
BlobNotFoundThe specified blob does not exist.RequestId:4a82a5e5-801e-006f-411a-8bffc7000000
Time:2026-01-21T21:10:33.0504029Z)
This release was signed with
208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155and can be found at @scottrigby keybase account. Please use the attached signatures for verifying this release usinggpg.The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with
bash.What's Next
Changelog
f46f1ce(Evans Mungai)59ece92(Matheus Pimenta)de0becd(dependabot[bot])46e5264(dependabot[bot])e751a70(Evans Mungai)9125b84(Sarfraj Khan)0e0c02e(dependabot[bot])d4a2787(sarfraj89)fd090cc(Evans Mungai)2d6d9c0(Mads Jensen)138f730(Gergely Brautigam)c7cc77b(majiayu000)fe1c749(Matt Farina)5e82698(dependabot[bot])NewSimpleClientseta15db7f(George Jenkins)04198dc(jylenhof)9a898af(Brenden Ehlers)1c119bc(Brenden Ehlers)debug.BuildInfoc6d9a5b(Branch Vincent)97cde79(dependabot[bot])9123143(dependabot[bot])55a4aed(Deepak Chethan)d6b35ce(Mohsen Mottaghi)a1543d5(Mohsen Mottaghi)dd44f4e(Mohsen Mottaghi)3dd54ed(Mohsen Mottaghi)f92ae18(Deepak)9772037(tison)3c6557d(tison)5196b84(tison)364a7aa(dependabot[bot])TestConcurrencyDownloadIndextypo592815e(George Jenkins)a490bb3(Mads Jensen)09ae0d4(dependabot[bot])1f8e84d(dependabot[bot])e9a0510(dependabot[bot])858cf31(wangjingcun)7fb1728(dependabot[bot])e900a25(Terry Howe)8f636b5(Matt Farina)ea52f87(dependabot[bot])2dc581d(Evans Mungai)a9bbffb(dependabot[bot])d195cfa(dependabot[bot])24a8258(Matt Farina)bc9462f(Matt Farina)b825a18(Matt Farina)a18e59e(Mads Jensen)8534663(Zadkiel AHARONIAN)119341d(Zadkiel AHARONIAN)a109ac2(Stephanie Hohenberg)581ab1a(dependabot[bot])e62bf7f(dependabot[bot])2f598ff(Stephanie Hohenberg)bb9356e(Stephanie Hohenberg)8cf4ad7(Stephanie Hohenberg)31131cf(Stephanie Hohenberg)e6b2068(dependabot[bot])faa8912(Benoit Tigeot)45c5f3a(Benoit Tigeot)b33d4ae(Calvin Bui)70fc5f9(Benoit Tigeot)9f1c8a2(Benoit Tigeot)6bb5bcc(Michelle Fernandez Bieber)d930144(Michelle Fernandez Bieber)7a61ebf(Michelle Fernandez Bieber)1071477(Michelle Fernandez Bieber)7a55758(Michelle Fernandez Bieber)e71a29c(megha1906)go.modversion)b859163(George Jenkins)6cceead(Mads Jensen)380abe2(Mads Jensen)936cd32(Matt Farina)cb35947(dependabot[bot])4fddc64(dependabot[bot])b87f2da(dependabot[bot])81d244c(Benoit Tigeot)40e22de(Benoit Tigeot)c2405ce(dependabot[bot])28baa97(dependabot[bot])63e060f(Matt Farina)2dc5864(shuv0id)ce273ee(Benoit Tigeot)f6ceae9(dependabot[bot])f8a49f1(George Jenkins)a9cdc78(George Jenkins)b1a9760(George Jenkins)5f3c617(Terry Howe)71591ee(Benoit Tigeot)b296cbe(Benoit Tigeot)9b242dd(Benoit Tigeot)c81a09b(Benoit Tigeot)8c87024(yxxhero)18616e6(George Jenkins)855ebb6(George Jenkins)2d49f0c(yxxhero)b6a8c65(Benoit Tigeot)acf331a(Benoit Tigeot)9e1e3d2(Benoit Tigeot)cf077ce(Benoit Tigeot)f4b139a(Benoit Tigeot)c04e18e(Benoit Tigeot)faa0adc(Fish-pro)c81e267(dependabot[bot])40856bf(Michael Crenshaw)fb82e0e(dependabot[bot])72a84fb(dependabot[bot])Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.