{"affected":[{"ecosystem_specific":{"binaries":[{"helmfile":"0.169.0-bp160.1.13","helmfile-bash-completion":"0.169.0-bp160.1.13","helmfile-fish-completion":"0.169.0-bp160.1.13","helmfile-zsh-completion":"0.169.0-bp160.1.13"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"helmfile","purl":"pkg:rpm/opensuse/helmfile&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.169.0-bp160.1.13"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for helmfile fixes the following issues:\n\nChanges in helmfile:\n\nUpdate to version 1.1.9:\n\n  * feat: update strategy for reinstall by @simbou2000 in #2019\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3\n    from 1.88.7 to 1.89.0 by @dependabot[bot] in #2239\n  * Fix: Handle empty helmBinary in base files with environment\n    values by @Copilot in #2237\n\nUpdate to version 1.1.8:\n\n  * build(deps): bump github.com/hashicorp/go-getter from 1.8.0 to\n    1.8.1 by @dependabot[bot] in #2194\n  * fix typos in both comment and error message by @d-fal in #2199\n  * cleanup disk in release ci by @yxxhero in #2203\n  * Migrate AWS SDK from v1 to v2 to resolve deprecation warnings\n    by @Copilot in #2202\n  * build(deps): bump github.com/helmfile/vals from 0.42.1 to 0.42.2\n    by @dependabot[bot] in #2200\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n    1.88.2 to 1.88.3 by @dependabot[bot] in #2206\n  * Bump Alpine to 3.22 in Dockerfile by @orishamir in #2205\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n    1.31.10 to 1.31.12 by @dependabot[bot] in #2207\n  * Add yq to Dockerfile by @orishamir in #2208\n  * fix: skip chartify for build command jsonPatches by @sstarcher\n    in #2212\n  * build(deps): bump github.com/hashicorp/go-getter from 1.8.1 to\n    1.8.2 by @dependabot[bot] in #2210\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n    1.88.3 to 1.88.4 by @dependabot[bot] in #2213\n  * build(deps): bump golang.org/x/term from 0.35.0 to 0.36.0 by\n    @dependabot[bot] in #2214\n  * Avoid fetching same chart/version multiple times by @Copilot\n    in #2197\n  * build(deps): bump github.com/helmfile/vals from 0.42.2 to\n    0.42.4 by @dependabot[bot] in #2217\n  * docs: add zread badge to README by @yxxhero in #2219\n  * Bump helm-diff to v3.13.1 by @Copilot in #2223\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n    1.88.4 to 1.88.5 by @dependabot[bot] in #2226\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n    1.31.12 to 1.31.13 by @dependabot[bot] in #2225\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n    1.88.5 to 1.88.6 by @dependabot[bot] in #2230\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from\n    1.88.6 to 1.88.7 by @dependabot[bot] in #2232\n  * build(deps): bump github.com/aws/aws-sdk-go-v2/config from\n    1.31.13 to 1.31.15 by @dependabot[bot] in #2233\n  * Fix helmBinary and kustomizeBinary being ignored when using\n    bases by @Copilot in #2228\n\nUpdate to version 1.1.7:\n\n  What's Changed\n\n  * fix pflag error by @zhaque44 in #2164\n  * build(deps): bump actions/setup-go from 5 to 6 by\n    @dependabot[bot] in #2166\n  * build(deps): bump github.com/hashicorp/go-getter from 1.7.9 to\n    1.7.10 by @dependabot[bot] in #2165\n  * build(deps): bump github.com/spf13/pflag from 1.0.9 to 1.0.10\n    by @dependabot[bot] in #2163\n  * Add helm diff installation to README by @nwneisen in #2170\n  * build(deps): bump github.com/hashicorp/go-getter from 1.7.10\n    to 1.8.0 by @dependabot[bot] in #2175\n  * build(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 by\n    @dependabot[bot] in #2174\n  * build(deps): bump github.com/zclconf/go-cty from 1.16.4 to\n    1.17.0 by @dependabot[bot] in #2173\n  * Fix panic when helm isn't installed by @nwneisen in #2169\n  * build(deps): bump golang.org/x/sync from 0.16.0 to 0.17.0 by\n    @dependabot[bot] in #2172\n  * ci: update minikube and kubernetes versions by @yxxhero in #2181\n  * build(deps): bump k8s.io/apimachinery from 0.34.0 to 0.34.1 by\n    @dependabot[bot] in #2180\n  * Remove deprecated --wait-retries flag support to fix Helm\n    compatibility error by @Copilot in #2179\n  * build(deps): bump go.yaml.in/yaml/v2 from 2.4.2 to 2.4.3 by\n    @dependabot[bot] in #2183\n  * build: update Helm to v3.19.0 across all components by @yxxhero\n    in #2187\n  * build: update helm-diff plugin to v3.13.0 by @yxxhero in #2189\n  * feat: Implement caching for pulling OCI charts by @mustdiechik\n    in #2171\n  * build(deps): bump github.com/helmfile/chartify from 0.24.7 to\n    0.25.0 by @dependabot[bot] in #2190\n\n- Update to version 1.1.6:\n  What's Changed\n  * build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to\n    1.7.9 by @dependabot[bot] in #2139\n  * build(deps): bump github.com/zclconf/go-cty from 1.16.3 to\n    1.16.4 by @dependabot[bot] in #2145\n  * build: update helm to v3.18.6 by @yxxhero in #2144\n  * build(deps): bump github.com/stretchr/testify from 1.10.0 to\n    1.11.0 by @dependabot[bot] in #2150\n  * Add missing --timeout flag to helmfile sync command with\n    documentation by @Copilot in #2148\n  * Fix enableDNS flag missing in diff command and refactor\n    duplicate logic by @Copilot in #2147\n  * build(deps): bump github.com/stretchr/testify from 1.11.0 to\n    1.11.1 by @dependabot[bot] in #2151\n  * build(deps): bump github.com/ulikunitz/xz from 0.5.10 to 0.5.14\n    by @dependabot[bot] in #2154\n  * Bump github.com/ulikunitz/xz from v0.5.14 to v0.5.15 by @Copilot\n    in #2159\n  * build(deps): bump github.com/helmfile/vals from 0.42.0 to\n    0.42.1 by @dependabot[bot] in #2161\n  * build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.9\n    by @dependabot[bot] in #2160\n  * build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1\n    by @dependabot[bot] in #2162\n  * Fix error propagation in helmfile diff when Kubernetes is\n    unreachable by @Copilot in #2149\n\n- Update to version 1.1.5:\n  What's Changed\n  * build(deps): bump actions/checkout from 4 to 5 by\n    @dependabot[bot] in #2128\n  * Update recommended Helm versions in init.go and run.sh by\n    @yxxhero in #2129\n  * Add comprehensive .github/copilot-instructions.md for coding\n    agents by @Copilot in #2131\n  * refactor(state): extract getMissingFileHandler method for\n    clarity by @yxxhero in #2133\n  * Fix parseHelmVersion to handle helm versions without 'v'\n    prefix by @Copilot in #2132\n  * build(deps): bump k8s.io/apimachinery from 0.33.3 to 0.33.4\n    by @dependabot[bot] in #2136\n  * build(deps): bump github.com/helmfile/chartify from 0.24.6 to\n    0.24.7 by @dependabot[bot] in #2135\n\n- Update to version 1.1.4:\n  What's Changed\n  * build(deps): bump github.com/helmfile/vals from 0.41.2 to\n    0.41.3 by @dependabot[bot] in #2100\n  * build(deps): bump k8s.io/apimachinery from 0.33.2 to 0.33.3\n    by @dependabot[bot] in #2101\n  * fix: update Helm version to v3.17.4 in CI and init.go by\n    @yxxhero in #2102\n  * build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7\n    by @dependabot[bot] in #2104\n  * feat(state): add missingFileHandlerConfig and related logic\n    by @yxxhero in #2105\n  * refactor(filesystem): add CopyDir method and optimize Fetch\n    function by @yxxhero in #2111\n  * Allow caching of remote files to be disabled by @jess-sol in\n    #2112\n  * refactor(yaml): switch yaml library import paths from gopkg.in\n    to go.yaml.in by @yxxhero in #2114\n  * build(deps): bump actions/download-artifact from 4 to 5 by\n    @dependabot[bot] in #2121\n  * build(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 by\n    @dependabot[bot] in #2123\n\n- Update to version 1.1.3:\n  What's Changed\n  * build: update Helm to v3.18.3 and related dependencies by\n    @yxxhero in #2082\n  * Expose release version as .Release.ChartVersion for templating\n    by @Simske in #2080\n  * build(deps): bump github.com/helmfile/chartify from 0.24.3 to\n    0.24.4 by @dependabot[bot] in #2083\n  * build(deps): bump k8s.io/apimachinery from 0.33.1 to 0.33.2\n    by @dependabot[bot] in #2086\n  * build(deps): bump github.com/helmfile/chartify from 0.24.4 to\n    0.24.5 by @dependabot[bot] in #2087\n  * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.1\n    to 3.4.0 by @dependabot[bot] in #2089\n  * build(deps): bump github.com/hashicorp/hcl/v2 from 2.23.0 to\n    2.24.0 by @dependabot[bot] in #2092\n  * build: update Helm and plugin versions to v3.18.4 and v3.12.3\n    by @yxxhero in #2093\n  * docs: update status section with May 2025 release information\n    by @yxxhero in #2096\n  * build(deps): bump golang.org/x/sync from 0.15.0 to 0.16.0 by\n    @dependabot[bot] in #2099\n  * build(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 by\n    @dependabot[bot] in #2098\n\n- Update to version 1.1.2:\n  What's Changed\n  * build(deps): bump github.com/helmfile/chartify from 0.24.2 to\n    0.24.3 by @dependabot in #2065\n  * build: update Helm to v3.18.2 and adjust related configurations\n    by @yxxhero in #2064\n  * build(deps): bump github.com/helmfile/vals from 0.41.1 to\n    0.41.2 by @dependabot in #2067\n  * build(deps): bump golang.org/x/sync from 0.14.0 to 0.15.0\n    by @dependabot in #2068\n  * fix-insecure-flag by @anontrex in #2072\n  * build(deps): bump github.com/cloudflare/circl from 1.4.0 to\n    1.6.1 by @dependabot in #2074\n  * fix: update helm-diff to version 3.12.2 in CI and Dockerfiles\n    by @yxxhero in #2073\n  * fix: TestToYaml not working with 32-bit architectures by\n    @ProbstDJakob in #2075\n\n- Update to version 1.1.1:\n  What's Changed\n  * Update README.md by @mumoshu in #2046\n  * build(deps): bump github.com/helmfile/vals from 0.41.0 to\n    0.41.1 by @dependabot in #2048\n  * build(helm) update to v3.18.0 by @yxxhero in #2044\n  * build(deps): bump github.com/helmfile/chartify from 0.23.0 to\n    0.24.1 by @dependabot in #2049\n  * build: update Helm and plugin versions in CI and Dockerfiles\n    by @yxxhero in #2059\n\n- Update to version 1.1.0:\n  What's Changed\n  * chore: fix typo in create_test.go by @sadikkuzu in #2025\n  * build(deps): bump golangci/golangci-lint-action from 7 to 8 by\n    @dependabot in #2029\n  * build(deps): bump golang.org/x/sync from 0.13.0 to 0.14.0 by\n    @dependabot in #2028\n  * build(deps): bump github.com/helmfile/chartify from 0.22.0 to\n    0.23.0 by @dependabot in #2027\n  * chore: remove test data files by @yxxhero in #2026\n  * build(deps): bump golang.org/x/term from 0.31.0 to 0.32.0 by\n    @dependabot in #2033\n  * build(deps): bump github.com/helmfile/vals from 0.40.1 to\n    0.41.0 by @dependabot in #2032\n  * build(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 by\n    @dependabot in #2035\n  * feat(tmpl): enhance ToYaml test with multiple scenarios by\n    @yxxhero in #2031\n  * [sops, age] update to have SSH key support with sops by\n    @itscaro in #2036\n  * feat(yaml): add JSON style encoding option to NewEncoder by\n    @yxxhero in #2038\n  * refactor(yaml): upgrade from gopkg.in/yaml.v2 to v3 by @yxxhero\n    in #2039\n  * Update readme & documentation with 2025 status of helmfile\n    project by @zhaque44 in #2040\n  * build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 by\n    @dependabot in #2041\n  * build(deps): bump github.com/zclconf/go-cty from 1.16.2 to\n    1.16.3 by @dependabot in #2043\n\n- Update to version 1.0.0:\n  PLEASE READ\n  https://github.com/helmfile/helmfile/blob/main/docs/proposals/towards-1.0.md\n\n  What's Changed:\n  * build(deps): bump github.com/helmfile/vals from 0.39.0 to 0.39.1\n    by @dependabot in #1926\n  * Bump kubectl to current version (1.32.1) by @DerDaku in #1924\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.21 to 1.15.22\n    by @dependabot in #1925\n  * build: update Helm to v3.17.1 and related dependencies by\n    @yxxhero in #1928\n  * build(deps): bump k8s.io/apimachinery from 0.32.1 to 0.32.2 by\n    @dependabot in #1931\n  * feat: inject cli state values (--state-values-set) into environment\n    templating context by @Vince-Chenal in #1917\n  * docs: add skipSchemaValidation to index.md and update related\n    structs by @yxxhero in #1935\n  * refactor(state): optimize HelmState flags handling by @yxxhero\n    in #1937\n  * Update vals package to v0.39.2 by @aditmeno in #1938\n  * build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by\n    @dependabot in #1940\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.22 to 1.15.23\n    by @dependabot in #1941\n  * build(deps): bump github.com/helmfile/chartify from 0.20.8 to\n    0.20.9 by @dependabot in #1942\n  * feat: colorized DELETED by @yurrriq in #1944\n  * feat(docs): add proposal to remove charts and delete subcommands\n    by @yxxhero in #1936\n  * build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0\n    by @dependabot in #1945\n  * build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to\n    4.0.5 by @dependabot in #1946\n  * build: update golang version to 1.24 and golangci-lint to\n    v1.64.5 by @yxxhero in #1949\n  * build(deps): bump github.com/helmfile/vals from 0.39.2 to 0.39.3\n    by @dependabot in #1951\n  * build(deps): bump github.com/helmfile/chartify from 0.20.9 to\n    0.21.0 by @dependabot in #1950\n  * build(deps): bump golang.org/x/sync from 0.11.0 to 0.12.0 by\n    @dependabot in #1955\n  * build(deps): bump jinja2 from 3.1.5 to 3.1.6 in /docs by\n    @dependabot in #1956\n  * Don't warn if this and the needed release set installed: false\n    by @jayme-github in #1958\n  * build(deps): bump golang.org/x/term from 0.29.0 to 0.30.0 by\n    @dependabot in #1959\n  * Remove all v0.x references by @yxxhero in #1919\n  * build(deps): bump k8s.io/apimachinery from 0.32.2 to 0.32.3\n    by @dependabot in #1960\n  * build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 by\n    @dependabot in #1961\n  * build(deps): bump github.com/helmfile/vals from 0.39.3 to 0.39.4\n    by @dependabot in #1962\n  * build: update Helm to v3.17.2 and related dependencies by\n    @yxxhero in #1965\n  * build: update yaml.v3 dependency and remove colega/go-yaml-yaml\n    by @yxxhero in #1929\n  * build(deps): bump github.com/containerd/containerd from 1.7.24\n    to 1.7.27 by @dependabot in #1966\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.23 to\n    1.16.0 by @dependabot in #1967\n  * build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to\n    5.2.2 by @dependabot in #1969\n  * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to\n    4.5.2 by @dependabot in #1970\n  * build(deps): bump golangci/golangci-lint-action from 6 to 7\n    by @dependabot in #1975\n  * build(deps): bump github.com/helmfile/vals from 0.39.4 to\n    0.40.0 by @dependabot in #1978\n  * build(deps): bump github.com/helmfile/chartify from 0.21.0 to\n    0.21.1 by @dependabot in #1979\n  * docs(fix): correct typo in 'tier=fronted' to 'tier=frontend'\n    by @yxxhero in #1980\n  * feat: add labels for helm release by @yxxhero in #1046\n  * build(deps): bump github.com/helmfile/vals from 0.40.0 to\n    0.40.1 by @dependabot in #1981\n  * build(deps): bump github.com/goccy/go-yaml from 1.16.0 to 1.17.1\n    by @dependabot in #1982\n  * fix: Check needs with context and namespace by @aarnq in #1986\n  * build(deps): bump golang.org/x/sync from 0.12.0 to 0.13.0 by\n    @dependabot in #1991\n  * build(deps): bump golang.org/x/term from 0.30.0 to 0.31.0 by\n    @dependabot in #1990\n  * fix(state): enhance error message for missing .gotmpl extension\n    in helmfile v1 by @yxxhero in #1989\n  * build(deps): bump github.com/helmfile/chartify from 0.21.1 to\n    0.22.0 by @dependabot in #1996\n  * build: update Helm plugin versions in CI and Dockerfiles by\n    @yxxhero in #1995\n  * build: update Helm to v3.17.3 and update related Dockerfiles\n    by @yxxhero in #1993\n  * build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by\n    @dependabot in #2010\n  * feat: add helmfile archive configuration in goreleaser by\n    @yxxhero in #2000\n  * docs: add more complex examples section in README by @yxxhero\n    in #2013\n  * Feat: setting reuseValues flag in release by @blaskoa in #2004\n  * build(deps): bump k8s.io/apimachinery from 0.32.3 to 0.32.4 by\n    @dependabot in #2016\n  * build(deps): bump github.com/aws/aws-sdk-go from 1.55.6 to\n    1.55.7 by @dependabot in #2015\n  * chore: support parsing any type with fromYaml by @ProbstDJakob\n    in #2017\n  * build(deps): bump k8s.io/apimachinery from 0.32.4 to 0.33.0 by\n    @dependabot in #2018\n  * feat: add --take-ownership flag to helm diff and related config\n    by @yxxhero in #1992\n\n- Update to version 0.171.0:\n  * feat: execute templates against postRendererHooks by @allanger\n    in #1839\n  * build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6\n    by @dependabot in #1897\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.15 to\n    1.15.16 by @dependabot in #1901\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.16 to\n    1.15.17 by @dependabot in #1905\n  * Use a regex to match --state-values-set-string arguments\n    by @gllb in #1902\n  * build(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0\n    by @dependabot in #1911\n  * Chartify v0.20.8 update by @scodeman in #1908\n  * cleanup: remove all about v0.x by @yxxhero in #1903\n  * build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0\n    by @dependabot in #1913\n  * chore: update babel to resolve CVEs by @zhaque44 in #1916\n  * remove deprecated charts.yaml by @yxxhero in #1437\n  * Revert \"cleanup: remove all about v0.x\" by @yxxhero in #1918\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.17 to\n    1.15.19 by @dependabot in #1920\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.19 to\n    1.15.20 by @dependabot in #1921\n  * feat: Add support for --wait-retries flag. by @connyay in #1922\n  * build: update go-yaml to v1.15.21 by @yxxhero in #1923\n\n- Update to version 0.170.1:\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.14 to\n    1.15.15 by @dependabot in #1882\n  * build(deps): bump github.com/hashicorp/go-slug from 0.15.0 to\n    0.16.3 by @dependabot in #1886 (CVE-2025-0377)\n  * Ensure 'helm repo add' is also not pollute on helmfile template\n    by @baurmatt in #1887\n  * build(deps): bump github.com/zclconf/go-cty from 1.16.1 to\n    1.16.2 by @dependabot in #1888\n  * fix: using correct option for takeOwnership flag by @blaskoa\n    in #1892\n  * fix typo in docs by @adamab48 in #1889\n\n- Update to version 0.170.0:\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.6 to 1.15.7\n    by @dependabot in #1818\n  * build(deps): bump golang.org/x/term from 0.26.0 to 0.27.0 by\n    @dependabot in #1817\n  * chore(doc): fix the indent of the selector usage sample yaml by\n    @Ladicle in #1819\n  * feat(state): add support for setString in ReleaseSpec and\n    HelmState by @yxxhero in #1821\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.7 to 1.15.8\n    by @dependabot in #1822\n  * test(state): add TestHelmState_setStringFlags for setStringFlags\n    method by @yxxhero in #1823\n  * build(deps): bump k8s.io/apimachinery from 0.31.3 to 0.31.4 by\n    @dependabot in #1826\n  * build(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 by\n    @dependabot in #1828\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.8 to\n    1.15.9 by @dependabot in #1831\n  * build(deps): bump k8s.io/apimachinery from 0.31.4 to 0.32.0 by\n    @dependabot in #1830\n  * feat: updating sops version to 3.9.2 by @zhaque44 in #1834\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.9 to\n    1.15.10 by @dependabot in #1835\n  * build(deps): bump helm.sh/helm/v3 from 3.16.3 to 3.16.4 by\n    @dependabot in #1836\n  * build: update Helm version to v3.16.4 in CI and Dockerfiles by\n    @yxxhero in #1837\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.10 to\n    1.15.11 by @dependabot in #1838\n  * build(deps): bump filippo.io/age from 1.2.0 to 1.2.1 by\n    @dependabot in #1840\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.11 to\n    1.15.12 by @dependabot in #1843\n  * build: update helm-diff to v3.9.13 in Dockerfiles and init.go\n    by @yxxhero in #1841\n  * build(deps): bump github.com/helmfile/chartify from 0.20.4 to\n    0.20.5 by @dependabot in #1845\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.12 to\n    1.15.13 by @dependabot in #1844\n  * build(deps): bump jinja2 from 3.1.4 to 3.1.5 in /docs by\n    @dependabot in #1846\n  * CVE-2024-45338: updating golang.org/x/net: to version: v0.33.0\n    by @zhaque44 in #1849\n  * build(deps): bump github.com/zclconf/go-cty from 1.15.1 to\n    1.16.0 by @dependabot in #1851\n  * build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0\n    by @dependabot in #1852\n  * update sops versions to 3.9.3 by @zhaque44 in #1861\n  * build(deps): bump github.com/hashicorp/go-getter from 1.7.6\n    to 1.7.7 by @dependabot in #1862\n  * feat: add --take-ownership flag to apply and sync commands by\n    @yxxhero in #1863\n  * fix: ensure plain http is supported across all helmfile\n    commands by @purpleclay in #1858\n  * fix: ensure development versions of charts can be used across\n    helmfile commands by @purpleclay in #1865\n  * build(deps): bump github.com/helmfile/chartify from 0.20.5 to\n    0.20.6 by @dependabot in #1866\n  * update kubectl version (1.30) to stay up to date with new\n    releases by @zhaque44 in #1867\n  * build(deps): bump github.com/zclconf/go-cty from 1.16.0 to\n    1.16.1 by @dependabot in #1870\n  * build(deps): bump github.com/hashicorp/go-getter from 1.7.7 to\n    1.7.8 by @dependabot in #1869\n  * feat: Add \"--no-hooks\" to helmfile template by @jwlai in #1813\n  * update helm and k8s versions in ci, dockerfiles, and go.mod by\n    @yxxhero in #1872\n  * build(deps): bump github.com/helmfile/vals from 0.38.0 to 0.39.0\n    by @dependabot in #1876\n  * build(deps): bump k8s.io/apimachinery from 0.32.0 to 0.32.1 by\n    @dependabot in #1873\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.13 to\n    1.15.14 by @dependabot in #1874\n  * build: update helm-diff to v3.9.14 in Dockerfiles and init.go\n    by @yxxhero in #1877\n\n- Update to version 0.169.2:\n  * build(deps): bump github.com/helmfile/vals from 0.37.6 to 0.37.7\n    by @dependabot in #1747\n  * build(deps): bump k8s.io/apimachinery from 0.31.1 to 0.31.2 by\n    @dependabot in #1754\n  * Reset extra args before running 'dependency build' by @baurmatt\n    in #1751\n  * Introducing Helmfile Guru on Gurubase.io by @kursataktas in #1748\n  * feat: add skip json schema validation during the install /upgrade\n    of a Chart by @zhaque44 in #1737\n  * fix(maputil): prevent nil value overwrite by @ban11111 in #1755\n  * build(deps): bump github.com/goccy/go-yaml from 1.12.0 to\n    1.13.0 by @dependabot in #1759\n  * fix: this url doesn't work anymore by @zekena2 in #1760\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.0 to\n    1.13.1 by @dependabot in #1762\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.1 to\n    1.13.2 by @dependabot in #1763\n  * build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to\n    4.5.1 by @dependabot in #1767\n  * build(deps): bump github.com/helmfile/vals from 0.37.7 to\n    0.37.8 by @dependabot in #1764\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.2 to\n    1.13.4 by @dependabot in #1765\n  * fix(integration-tests): read correct minikube status (#1768)\n    by @ceriath in #1769\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.4 to\n    1.13.5 by @dependabot in #1770\n  * Add integration tests for #1749 by @baurmatt in #1766\n  * fix: update acme chart URL in input.yaml by @yxxhero in #1773\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.5 to\n    1.13.6 by @dependabot in #1771\n  * build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 by\n    @dependabot in #1775\n  * build(deps): bump golang.org/x/term from 0.25.0 to 0.26.0\n    by @dependabot in #1774\n  * Revive dead badge links by @eggplants in #1776\n  * feat: refactor label creation in state.go by @yxxhero in #1758\n  * docs: Add Gurubase badge to README-zh_CN by @yxxhero in #1777\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.6 to\n    1.13.9 by @dependabot in #1781\n  * build(deps): bump github.com/goccy/go-yaml from 1.13.9 to\n    1.14.0 by @dependabot in #1782\n  * build(deps): bump github.com/goccy/go-yaml from 1.14.0 to\n    1.14.3 by @dependabot in #1788\n  * build(deps): bump helm.sh/helm/v3 from 3.16.2 to 3.16.3 by\n    @dependabot in #1786\n  * fix: update helm-diff to version 3.9.12 in CI and Dockerfiles\n    by @yxxhero in #1792\n  * build: update Helm version to v3.16.3 in CI and Dockerfiles\n    by @yxxhero in #1791\n  * feat: add HELMFILE_INTERACTIVE env var to enable interactive\n    mode by @thevops in #1787\n  * build(deps): bump github.com/hashicorp/hcl/v2 from 2.22.0 to\n    2.23.0 by @dependabot in #1793\n  * build(deps): bump github.com/Masterminds/semver/v3 from 3.3.0\n    to 3.3.1 by @dependabot in #1795\n  * chore: update with testify/assert assertion and table driven\n    tests for fs.go by @zhaque44 in #1794\n  * build(deps): bump k8s.io/apimachinery from 0.31.2 to 0.31.3\n    by @dependabot in #1798\n  * build(deps): bump github.com/stretchr/testify from 1.9.0 to\n    1.10.0 by @dependabot in #1800\n  * build(deps): bump github.com/goccy/go-yaml from 1.14.3 to\n    1.15.0 by @dependabot in #1804\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.0 to\n    1.15.1 by @dependabot in #1807\n  * build(deps): bump github.com/zclconf/go-cty from 1.15.0 to\n    1.15.1 by @dependabot in #1806\n  * update example chart URL in remote-secrets doc by @daveneeley\n    in #1809\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.1 to\n    1.15.3 by @dependabot in #1811\n  * build(deps): bump github.com/goccy/go-yaml from 1.15.3 to\n    1.15.6 by @dependabot in #1812\n  * fix: inject global values in Chartify by @xabufr in #1805\n  * build(deps): bump github.com/helmfile/vals from 0.37.8 to\n    0.38.0 by @dependabot in #1814\n  * build(deps): bump github.com/helmfile/chartify from 0.20.3 to\n    0.20.4 by @dependabot in #1815\n  * build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0 by\n    @dependabot in #1816\n\n- Update to version 0.169.1:\n  * feat: update sops version to 3.9.1 by @zhaque44 in #1742\n  * chore: improve test assertions and descriptions for file\n    download test by @zhaque44 in #1745\n  * feat: add 'hide-notes' flag to helm in sync and apply commands\n    by @yxxhero in #1746\n","id":"openSUSE-SU-2025-20097-1","modified":"2025-11-26T14:11:10Z","published":"2025-11-26T14:11:10Z","references":[{"type":"ADVISORY","url":null},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45338"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0377"}],"related":["CVE-2024-45338","CVE-2025-0377"],"summary":"Security update for helmfile","upstream":["CVE-2024-45338","CVE-2025-0377"]}