chore(deps): update dependency rancher/local-path-provisioner to v0.0.36 #42

Merged

renovatebot merged 1 commit from renovate/rancher-local-path-provisioner-0.x into main

2026-06-12 13:24:41 -04:00

renovatebot commented

2026-06-12 09:28:41 -04:00

Collaborator

This PR contains the following updates:

Package	Update	Change
rancher/local-path-provisioner	patch	`v0.0.35` -> `v0.0.36`

Release Notes

rancher/local-path-provisioner (rancher/local-path-provisioner)

`v0.0.36`: Local Path Provisioner v0.0.36

Compare Source

Security Fixes

Fixed HelperPod Template Injection, a high-severity HelperPod template injection vulnerability. A user with permission to edit the local-path-config ConfigMap could manipulate helperPod.yaml and cause the provisioner to create unsafe HelperPods during PVC provisioning or cleanup operations. This release adds HelperPod template validation to reject unsafe security-sensitive fields such as privileged containers, hostPath volumes, and dangerous pod security settings.

What's Changed

chore(ci): bump aquasecurity/trivy-action to v0.35.0 by @macedogm in https://github.com/rancher/local-path-provisioner/pull/563
chore: remove trivy-scan.yaml by @derekbit in https://github.com/rancher/local-path-provisioner/pull/565
chore: pin GH actions to commit sha by @c3y1huang in https://github.com/rancher/local-path-provisioner/pull/564
chore: use registry.suse.com/bci/golang by @derekbit in https://github.com/rancher/local-path-provisioner/pull/566
chore: remove dapper by @derekbit in https://github.com/rancher/local-path-provisioner/pull/567
chore: revert to golang:1.26.1-alpine image by @derekbit in https://github.com/rancher/local-path-provisioner/pull/568
chore: update to golang 1.26.2 by @derekbit in https://github.com/rancher/local-path-provisioner/pull/570
fix: update dockerfile by @derekbit in https://github.com/rancher/local-path-provisioner/pull/574
chore: pin kind, kubectl and kustomize versins by @derekbit in https://github.com/rancher/local-path-provisioner/pull/575
fix: qualify image references to avoid short-name resolution and Docker Hub rate limits by @bejaratommy in https://github.com/rancher/local-path-provisioner/pull/573
helm: make debug logging configurable via values by @bejaratommy in https://github.com/rancher/local-path-provisioner/pull/572
fix: add helper pod template validation by @derekbit in https://github.com/rancher/local-path-provisioner/pull/576
fix: relax helper pod template validation by @derekbit in https://github.com/rancher/local-path-provisioner/pull/577

New Contributors

@c3y1huang made their first contribution in https://github.com/rancher/local-path-provisioner/pull/564
@bejaratommy made their first contribution in https://github.com/rancher/local-path-provisioner/pull/573

Full Changelog: https://github.com/rancher/local-path-provisioner/compare/v0.0.35...v0.0.36

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [rancher/local-path-provisioner](https://github.com/rancher/local-path-provisioner) | patch | `v0.0.35` -> `v0.0.36` | --- ### Release Notes <details> <summary>rancher/local-path-provisioner (rancher/local-path-provisioner)</summary> ### [`v0.0.36`](https://github.com/rancher/local-path-provisioner/releases/tag/v0.0.36): Local Path Provisioner v0.0.36 [Compare Source](https://github.com/rancher/local-path-provisioner/compare/v0.0.35...v0.0.36) #### Security Fixes - Fixed [HelperPod Template Injection](https://github.com/rancher/local-path-provisioner/security/advisories/GHSA-7fxv-8wr2-mfc4), a high-severity HelperPod template injection vulnerability. A user with permission to edit the `local-path-config` ConfigMap could manipulate `helperPod.yaml` and cause the provisioner to create unsafe HelperPods during PVC provisioning or cleanup operations. This release adds HelperPod template validation to reject unsafe security-sensitive fields such as privileged containers, `hostPath` volumes, and dangerous pod security settings. #### What's Changed - chore(ci): bump aquasecurity/trivy-action to v0.35.0 by [@macedogm](https://github.com/macedogm) in https://github.com/rancher/local-path-provisioner/pull/563 - chore: remove trivy-scan.yaml by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/565 - chore: pin GH actions to commit sha by [@c3y1huang](https://github.com/c3y1huang) in https://github.com/rancher/local-path-provisioner/pull/564 - chore: use registry.suse.com/bci/golang by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/566 - chore: remove dapper by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/567 - chore: revert to golang:1.26.1-alpine image by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/568 - chore: update to golang 1.26.2 by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/570 - fix: update dockerfile by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/574 - chore: pin kind, kubectl and kustomize versins by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/575 - fix: qualify image references to avoid short-name resolution and Docker Hub rate limits by [@bejaratommy](https://github.com/bejaratommy) in https://github.com/rancher/local-path-provisioner/pull/573 - helm: make debug logging configurable via values by [@bejaratommy](https://github.com/bejaratommy) in https://github.com/rancher/local-path-provisioner/pull/572 - fix: add helper pod template validation by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/576 - fix: relax helper pod template validation by [@derekbit](https://github.com/derekbit) in https://github.com/rancher/local-path-provisioner/pull/577 #### New Contributors - [@c3y1huang](https://github.com/c3y1huang) made their first contribution in https://github.com/rancher/local-path-provisioner/pull/564 - [@bejaratommy](https://github.com/bejaratommy) made their first contribution in https://github.com/rancher/local-path-provisioner/pull/573 **Full Changelog**: https://github.com/rancher/local-path-provisioner/compare/v0.0.35...v0.0.36 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovatebot added 1 commit

2026-06-12 09:28:41 -04:00

chore(deps): update dependency rancher/local-path-provisioner to v0.0.36

Notify Mattermost on Renovate PR Merge / notify (pull_request) Successful in 2s

Details

7a512d0529

renovatebot scheduled this pull request to auto merge when all checks succeed

2026-06-12 09:28:42 -04:00

renovatebot merged commit 3e8adac043 into main

2026-06-12 13:24:41 -04:00

renovatebot deleted branch renovate/rancher-local-path-provisioner-0.x

2026-06-12 13:24:41 -04:00