Skip to content

build(deps): bump helm.sh/helm/v4 from 4.2.0 to 4.2.2#296

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/helm.sh/helm/v4-4.2.1
Closed

build(deps): bump helm.sh/helm/v4 from 4.2.0 to 4.2.2#296
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/helm.sh/helm/v4-4.2.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 12, 2026

Copy link
Copy Markdown
Contributor

Bumps helm.sh/helm/v4 from 4.2.0 to 4.2.2.

Release notes

Sourced from helm.sh/helm/v4's releases.

Helm v4.2.2 is a patch release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • Revert: Fixed a race condition in WaitForDelete where the status observer canceled the watch too early, causing intermittent failures when running a full test suite #32214

Installation and Upgrading

Download Helm v4.2.2. The common platform binaries are here:

This release was signed by @​gjenkins8 with key BF88 8333 D96A 1C18 E268 2AAE D79D 67C9 EC01 6739, which can be found at https://keys.openpgp.org/vks/v1/by-fingerprint/BF888333D96A1C18E2682AAED79D67C9EC016739. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 4.2.3 and 3.21.2 are the next patch releases scheduled for July 8, 2026
  • 4.3.0 and 3.22.0 are the next minor releases scheduled for September 9, 2026

Changelog

  • Revert "fix(kube): prevent spurious early exit in WaitForDelete during informer sync" b05881cf967a5a09e19866799d0edfd40675803a (George Jenkins)

Full Changelog: helm/helm@v4.2.1...v4.2.2

Helm v4.2.1 is a patch release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

... (truncated)

Commits
  • b05881c Revert "fix(kube): prevent spurious early exit in WaitForDelete during inform...
  • d591a19 fix: protect FailingKubeClient.RecordedWaitOptions from data race (#31925)
  • 2a9fcae fix: route registry client output to stdout instead of stderr (#32056)
  • ffa5bd6 chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1
  • 9f9dbaf chore(deps): bump golang.org/x/crypto from 0.52.0 to 0.53.0
  • 64a2891 chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.0
  • e54a4a2 chore(deps): bump golang.org/x/text from 0.37.0 to 0.38.0
  • acb762b chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2
  • 768586d chore(deps): bump github/codeql-action from 4.36.0 to 4.36.1
  • eabfae5 fix(version): avoid false range detection on prerelease x/X
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 12, 2026
@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown

⚠️MegaLinter analysis: Success with warnings

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ COPYPASTE jscpd yes no no 8.73s
⚠️ REPOSITORY checkov yes 40 no 42.94s
⚠️ REPOSITORY devskim yes 1 no 3.42s
✅ REPOSITORY dustilock yes no no 0.03s
✅ REPOSITORY gitleaks yes no no 10.88s
✅ REPOSITORY git_diff yes no no 0.05s
✅ REPOSITORY grype yes no no 68.78s
✅ REPOSITORY kingfisher yes no no 7.26s
✅ REPOSITORY osv-scanner yes no no 1.35s
✅ REPOSITORY secretlint yes no no 5.33s
✅ REPOSITORY syft yes no no 3.3s
✅ REPOSITORY trivy yes no no 22.63s
✅ REPOSITORY trivy-sbom yes no no 20.33s
✅ REPOSITORY trufflehog yes no no 5.65s

Detailed Issues

⚠️ REPOSITORY / checkov - 40 errors
ct build without evidence of cosign sbom attestation in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/publish-chart.yml:18-68
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart)
	File: /.github/workflows/publish-chart.yml:19-68
Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	PASSED for resource: on(Publish main helm chart)
	File: /.github/workflows/publish-chart.yml:4-10
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(extract-metadata)
	File: /.github/workflows/branch-build.yml:21-36
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build)
	File: /.github/workflows/branch-build.yml:36-221
Check: CKV_GHA_5: "Found artifact build without evidence of cosign sign execution in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/branch-build.yml:20-221
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(extract-metadata)
	File: /.github/workflows/branch-build.yml:21-36
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build)
	File: /.github/workflows/branch-build.yml:36-221
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(extract-metadata)
	File: /.github/workflows/branch-build.yml:21-36
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build)
	File: /.github/workflows/branch-build.yml:36-221
Check: CKV_GHA_6: "Found artifact build without evidence of cosign sbom attestation in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/branch-build.yml:20-221
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(extract-metadata)
	File: /.github/workflows/branch-build.yml:21-36
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build)
	File: /.github/workflows/branch-build.yml:36-221
Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	PASSED for resource: on(Branch build)
	File: /.github/workflows/branch-build.yml:4-11
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(extract-metadata).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:26-31
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(extract-metadata).steps[2](Extract version)
	File: /.github/workflows/branch-build.yml:30-36
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:50-53
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[2](Setup Go)
	File: /.github/workflows/branch-build.yml:52-58
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[3](Set up QEMU)
	File: /.github/workflows/branch-build.yml:57-60
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[4](Docker Login)
	File: /.github/workflows/branch-build.yml:59-66
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[5](Install GoReleaser)
	File: /.github/workflows/branch-build.yml:65-71
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(build).steps[6](Run GoReleaser)
	File: /.github/workflows/branch-build.yml:70-221
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(extract-metadata).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:26-31
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(extract-metadata).steps[2](Extract version)
	File: /.github/workflows/branch-build.yml:30-36
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:50-53
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[2](Setup Go)
	File: /.github/workflows/branch-build.yml:52-58
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[3](Set up QEMU)
	File: /.github/workflows/branch-build.yml:57-60
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[4](Docker Login)
	File: /.github/workflows/branch-build.yml:59-66
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[5](Install GoReleaser)
	File: /.github/workflows/branch-build.yml:65-71
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(build).steps[6](Run GoReleaser)
	File: /.github/workflows/branch-build.yml:70-221
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(extract-metadata).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:26-31
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(extract-metadata).steps[2](Extract version)
	File: /.github/workflows/branch-build.yml:30-36
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:50-53
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[2](Setup Go)
	File: /.github/workflows/branch-build.yml:52-58
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[3](Set up QEMU)
	File: /.github/workflows/branch-build.yml:57-60
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[4](Docker Login)
	File: /.github/workflows/branch-build.yml:59-66
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[5](Install GoReleaser)
	File: /.github/workflows/branch-build.yml:65-71
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(build).steps[6](Run GoReleaser)
	File: /.github/workflows/branch-build.yml:70-221
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(extract-metadata).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:26-31
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(extract-metadata).steps[2](Extract version)
	File: /.github/workflows/branch-build.yml:30-36
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[1](Checkout)
	File: /.github/workflows/branch-build.yml:50-53
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[2](Setup Go)
	File: /.github/workflows/branch-build.yml:52-58
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[3](Set up QEMU)
	File: /.github/workflows/branch-build.yml:57-60
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[4](Docker Login)
	File: /.github/workflows/branch-build.yml:59-66
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[5](Install GoReleaser)
	File: /.github/workflows/branch-build.yml:65-71
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(build).steps[6](Run GoReleaser)
	File: /.github/workflows/branch-build.yml:70-221
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(next-rc)
	File: /.github/workflows/next-rc.yml:17-70
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart)
	File: /.github/workflows/next-rc.yml:70-79
Check: CKV_GHA_5: "Found artifact build without evidence of cosign sign execution in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/next-rc.yml:16-79
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(next-rc)
	File: /.github/workflows/next-rc.yml:17-70
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart)
	File: /.github/workflows/next-rc.yml:70-79
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(next-rc)
	File: /.github/workflows/next-rc.yml:17-70
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart)
	File: /.github/workflows/next-rc.yml:70-79
Check: CKV_GHA_6: "Found artifact build without evidence of cosign sbom attestation in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/next-rc.yml:16-79
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(next-rc)
	File: /.github/workflows/next-rc.yml:17-70
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart)
	File: /.github/workflows/next-rc.yml:70-79
Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	PASSED for resource: on(Prepare next release candidate)
	File: /.github/workflows/next-rc.yml:4-8
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(next-rc).steps[1]
	File: /.github/workflows/next-rc.yml:25-31
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(next-rc).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/next-rc.yml:30-36
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(next-rc).steps[3](Prepare the next release candidate)
	File: /.github/workflows/next-rc.yml:35-70
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(next-rc).steps[1]
	File: /.github/workflows/next-rc.yml:25-31
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(next-rc).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/next-rc.yml:30-36
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(next-rc).steps[3](Prepare the next release candidate)
	File: /.github/workflows/next-rc.yml:35-70
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(next-rc).steps[1]
	File: /.github/workflows/next-rc.yml:25-31
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(next-rc).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/next-rc.yml:30-36
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(next-rc).steps[3](Prepare the next release candidate)
	File: /.github/workflows/next-rc.yml:35-70
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(next-rc).steps[1]
	File: /.github/workflows/next-rc.yml:25-31
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(next-rc).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/next-rc.yml:30-36
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(next-rc).steps[3](Prepare the next release candidate)
	File: /.github/workflows/next-rc.yml:35-70
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	PASSED for resource: on(Publish main helm chart)
	File: /.github/workflows/publish-chart.yml:14-18
Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	FAILED for resource: on(Cut a new release)
	File: /.github/workflows/cut-new-release.yml:6-12

		6  |       version:
		7  |         type: string
		8  |         description: Version of the next release (e.g. v0.15.0)
		9  |         required: true
		10 | 
		11 | env:
		12 |   git-user: github-actions[bot]

Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	FAILED for resource: on(Finalize release)
	File: /.github/workflows/finalize-release.yml:6-12

		6  |       version:
		7  |         type: string
		8  |         description: Version of the release to finalize (e.g. v0.15.0)
		9  |         required: true
		10 | 
		11 | env:
		12 |   git-user: github-actions[bot]

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Release)
	File: /.github/workflows/release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Finalize release)
	File: /.github/workflows/finalize-release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Cut a new release)
	File: /.github/workflows/cut-new-release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Process chart)
	File: /.github/workflows/process-chart.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Branch build)
	File: /.github/workflows/branch-build.yml:41-42
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Prepare next release candidate)
	File: /.github/workflows/next-rc.yml:0-1

(Truncated to last 20000 characters out of 143212)
⚠️ REPOSITORY / devskim - 1 error
}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/health/health_test.go"},"region":{"startLine":42,"startColumn":31,"endLine":42,"endColumn":35,"charOffset":953,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/health/health_test.go"},"region":{"startLine":18,"startColumn":31,"endLine":18,"endColumn":35,"charOffset":304,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/command/guard.go"},"region":{"startLine":176,"startColumn":6,"endLine":176,"endColumn":10,"charOffset":5324,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/bots_test.go"},"region":{"startLine":1580,"startColumn":22,"endLine":1580,"endColumn":31,"charOffset":62370,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/e2e/bots_test.go"},"region":{"startLine":287,"startColumn":4,"endLine":287,"endColumn":8,"charOffset":10160,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/source/kubernetes/source_test.go"},"region":{"startLine":11,"startColumn":3,"endLine":11,"endColumn":7,"charOffset":166,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/kubex/rest.go"},"region":{"startLine":63,"startColumn":5,"endLine":63,"endColumn":9,"charOffset":2112,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/config/testdata/TestGetProvider/third.yaml"},"region":{"startLine":5,"startColumn":18,"endLine":5,"endColumn":27,"charOffset":73,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/config/testdata/TestGetProvider/all.yaml"},"region":{"startLine":17,"startColumn":18,"endLine":17,"endColumn":27,"charOffset":383,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/config/testdata/TestGetProvider/from-cli-flag-second.yaml"},"region":{"startLine":5,"startColumn":18,"endLine":5,"endColumn":27,"charOffset":74,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/formatx/space_table.go"},"region":{"startLine":28,"startColumn":3,"endLine":28,"endColumn":7,"charOffset":517,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/notifier/bot.go"},"region":{"startLine":17,"startColumn":4,"endLine":17,"endColumn":8,"charOffset":487,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/source/kubernetes/recommendation/ingress_backend_service_valid.go"},"region":{"startLine":59,"startColumn":7,"endLine":59,"endColumn":11,"charOffset":2041,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":178,"startColumn":44,"endLine":178,"endColumn":48,"charOffset":5351,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":130,"startColumn":45,"endLine":130,"endColumn":49,"charOffset":4049,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":68,"startColumn":51,"endLine":68,"endColumn":55,"charOffset":2006,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/api/source/grpc_adapter.go"},"region":{"startLine":175,"startColumn":7,"endLine":175,"endColumn":11,"charOffset":5454,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":353,"startColumn":4,"endLine":353,"endColumn":8,"charOffset":10980,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":188,"startColumn":3,"endLine":188,"endColumn":7,"charOffset":6161,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":27,"startColumn":3,"endLine":27,"endColumn":7,"charOffset":588,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/redacted.go"},"region":{"startLine":12,"startColumn":4,"endLine":12,"endColumn":8,"charOffset":207,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config.go"},"region":{"startLine":262,"startColumn":59,"endLine":262,"endColumn":63,"charOffset":8611,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config.go"},"region":{"startLine":214,"startColumn":64,"endLine":214,"endColumn":68,"charOffset":7021,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/plugin.go"},"region":{"startLine":70,"startColumn":6,"endLine":70,"endColumn":10,"charOffset":2150,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/plugin.go"},"region":{"startLine":36,"startColumn":5,"endLine":36,"endColumn":9,"charOffset":1012,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/executor/kubectl/builder/kubectl_dropdowns.go"},"region":{"startLine":134,"startColumn":5,"endLine":134,"endColumn":9,"charOffset":3427,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS112852","level":"note","message":{"text":"Go - Hard-coded SSL/TLS Protocol"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/grpcx/credentials.go"},"region":{"startLine":47,"startColumn":39,"endLine":47,"endColumn":51,"charOffset":1393,"charLength":12,"snippet":{"text":"VersionTLS13","rendered":{"text":"VersionTLS13","markdown":"`VersionTLS13`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Cryptography.Protocol.TLS.Hard-Coded"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config_test.go"},"region":{"startLine":29,"startColumn":62,"endLine":29,"endColumn":71,"charOffset":1061,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_cloud.go"},"region":{"startLine":571,"startColumn":4,"endLine":571,"endColumn":8,"charOffset":18684,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_cloud.go"},"region":{"startLine":349,"startColumn":7,"endLine":349,"endColumn":11,"charOffset":11675,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_socket.go"},"region":{"startLine":250,"startColumn":9,"endLine":250,"endColumn":13,"charOffset":8620,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_socket.go"},"region":{"startLine":32,"startColumn":3,"endLine":32,"endColumn":7,"charOffset":769,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/testdata/TestLoadConfigSuccess/config.golden.yaml"},"region":{"startLine":153,"startColumn":18,"endLine":153,"endColumn":27,"charOffset":3376,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":358,"startColumn":4,"endLine":358,"endColumn":8,"charOffset":11218,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":47,"startColumn":3,"endLine":47,"endColumn":7,"charOffset":1269,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":28,"startColumn":3,"endLine":28,"endColumn":7,"charOffset":581,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/execute/executor.go"},"region":{"startLine":149,"startColumn":6,"endLine":149,"endColumn":10,"charOffset":4950,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_renderer_test.go"},"region":{"startLine":50,"startColumn":30,"endLine":50,"endColumn":39,"charOffset":1426,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"hack/target/serve-plugins/main.go"},"region":{"startLine":16,"startColumn":66,"endLine":16,"endColumn":75,"charOffset":334,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":".github/workflows/branch-build.yml"},"region":{"startLine":16,"startColumn":27,"endLine":16,"endColumn":31,"charOffset":318,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}}],"columnKind":"utf16CodeUnits"}]}

(Truncated to last 20000 characters out of 24930)

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@dependabot dependabot Bot changed the title build(deps): bump helm.sh/helm/v4 from 4.2.0 to 4.2.1 build(deps): bump helm.sh/helm/v4 from 4.2.0 to 4.2.2 Jun 18, 2026
Bumps [helm.sh/helm/v4](https://github.com/helm/helm) from 4.2.0 to 4.2.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v4.2.0...v4.2.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v4
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/helm.sh/helm/v4-4.2.1 branch from 265fd66 to 784600e Compare June 18, 2026 03:22
@dependabot @github

dependabot Bot commented on behalf of github Jun 18, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #301.

@dependabot dependabot Bot closed this Jun 18, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/helm.sh/helm/v4-4.2.1 branch June 18, 2026 12:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants