Skip to content

renovate: disable helm v4 until third party license is checked#42817

Merged
aanm merged 1 commit intomainfrom
pr/add-helm-v4-blocked-updates
Nov 18, 2025
Merged

renovate: disable helm v4 until third party license is checked#42817
aanm merged 1 commit intomainfrom
pr/add-helm-v4-blocked-updates

Conversation

@aanm
Copy link
Copy Markdown
Member

@aanm aanm commented Nov 17, 2025
edited
Loading

CNCF is tracking the issue here cncf/foundation#1154

@aanm aanm requested review from a team as code owners November 17, 2025 11:14
@aanm aanm requested a review from Artyop November 17, 2025 11:14
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Nov 17, 2025
@aanm aanm enabled auto-merge November 17, 2025 11:14
@aanm aanm added the release-note/misc This PR makes changes that have no direct user impact. label Nov 17, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Nov 17, 2025
@HadrienPatte
Copy link
Copy Markdown
Member

HadrienPatte commented Nov 17, 2025

Assuming that the BSD-3-Clause CNCF allowlist is sufficient (see helm/helm#31525 (comment)), I think we could just add github.com/cyphar/filepath-securejoin to the cilium allowlisted exceptions here. I think the issue is that our licensecheck tool only picks up the MPL-2.0 license instead of detecting both MPL-2.0 and BSD-3-Clause.

@aanm
Copy link
Copy Markdown
Member Author

aanm commented Nov 17, 2025

/test

@aanm
Copy link
Copy Markdown
Member Author

aanm commented Nov 17, 2025

@Artyop CNCF is tracking the issue here cncf/foundation#1154

@aanm aanm added this pull request to the merge queue Nov 18, 2025
Merged via the queue into main with commit 1705bb6 Nov 18, 2025
82 checks passed
@aanm aanm deleted the pr/add-helm-v4-blocked-updates branch November 18, 2025 09:25
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 18, 2025
@HadrienPatte HadrienPatte mentioned this pull request Nov 18, 2025
Merged
1 task
@cilium-release-bot cilium-release-bot bot moved this to Released in cilium v1.19.0 Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Artyop Artyop Artyop approved these changes

Assignees

No one assigned

Labels

ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.

Projects

No open projects
cilium v1.19.0
Status: Released

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aanm @HadrienPatte @Artyop @msune