Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) #12393

renovate · 2025-05-06T19:20:36Z

This PR contains the following updates:

Package	Update	Change
redis (source)	major	`~19.6.0` -> `~21.2.0`

Release Notes

bitnami/charts (redis)

`v21.2.0`

[bitnami/redis] Service Monitor support tlsConfig (#34108)

`v21.1.11`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#34013) (a2c4487), closes #34013

`v21.1.10`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33970) (4b2bfc5), closes #33970

`v21.1.9`

[bitnami/redis] Fix newlines in sentinel.conf (#33704) (1bcd9af), closes #33704

`v21.1.8`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33914) (ee96950), closes #33914

`v21.1.7`

[bitnami/redis] bugfix: issue on ACL when no existing users secret is passed (#33876) (193fd9f), closes #33876

`v21.1.6`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33825) (9b34897), closes #33825

`v21.1.5`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33790) (2f87f3a), closes #33790

`v21.1.4`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33767) (79cda7f), closes #33767

`v21.1.3`

[bitnami/*] Update CNAB tip (#33741) (2bc74f3), closes #33741
[bitnami/redis] ⚡ ⬆️ Update dependency references (#33749) (efd3a00), closes #33749

`v21.1.2`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#33732) (51b8b03), closes #33732

`v21.1.1`

[bitnami/redis] ⚡ ⬆️ Update dependency references (#34214) (691094e), closes #34214

`v21.0.3`

[bitnami/kubeapps] Deprecation followup (#33579) (77e312c), closes #33579
[bitnami/redis] ⚡ ⬆️ Update dependency references (#33645) (9481812), closes #33645

`v21.0.2`

[bitnami/redis] chore: ♻️ ⬆️ Update common and remove k8s < 1.23 references (#33428) (98dff1d), closes #33428

`v21.0.0`

[bitnami/redis] Release 21.0.0 (#33455) (41b5013), closes #33455

`v20.13.4`

[bitnami/redis] Release 20.13.3 (#33217) (f2b8c65), closes #33217
[bitnami/redis] Switch shell from /bin/sh to /bin/bash to improve process handling (#33181) (cfe2165), closes #33181

`v20.13.2`

[bitnami/redis] Release 20.13.2 (#33157) (98a2ec9), closes #33157

`v20.13.1`

[bitnami/redis] Release 20.13.1 (#33089) (f23fc62), closes #33089

`v20.13.0`

[bitnami/redis] feat: ✨ Disable empty-dirs when readOnlyRootFS is disabled (#33108) (ed03d4d), closes #33108

`v20.12.2`

[bitnami/redis] fix 32573 - Always announce hostname independent of external service configuration ( (282ae5c), closes #33024

`v20.12.1`

[bitnami/redis] Fix sentinel masterService extraPorts not rendered (#32961) (cbc134f), closes #32961

`v20.12.0`

[bitnami/redis] Support retrieving Redis ACL user passwords from Kubernetes Secrets (#32434) (e4fd127), closes #32434

`v20.11.5`

[bitnami/redis] Handle SIGTERM in kubectl-shared container (#32085) (dad454d), closes #32085

`v20.11.4`

[bitnami/*] Add tanzuCategory annotation (#32409) (a8fba5c), closes #32409
[bitnami/redis] Release 20.11.4 (#32561) (f40ecff), closes #32561

`v20.11.3`

[bitnami/redis] fix 32214 - REDIS_PASSWORD_FILE uses wrong filename from volume (#32215) (5a31fa6), closes #32215

`v20.11.2`

[bitnami/redis] Fix usePasswordFile typo in metrics container (#32259) (a2cb202), closes #32259

`v20.11.1`

[bitnami/redis] Disable all usages of usePasswordFiles if auth.enabled is unset (#32253) (1642f81), closes #32253

`v20.11.0`

[bitnami/redis] feat: Add external access service for redis sentinel (#32190) (0582ac3), closes #32190

`v20.10.1`

[bitnami/redis]: only use auth.usePasswordFiles if auth.enabled is set (#32208) (1d96748), closes #32208

`v20.10.0`

[bitnami/redis] Set usePasswordFiles=true by default (#32117) (2f80b74), closes #32117

`v20.9.0`

[bitnami/redis] Add ACL Authentication for Sentinel Nodes (#31974) (61b2888), closes #31974

`v20.8.0`

[bitnami/redis] feat: add parameter to disable checksums (#31948) (990014f), closes #31948

`v20.7.1`

[bitnami/*] Use CDN url for the Bitnami Application Icons (#31881) (d9bb11a), closes #31881
[bitnami/redis] Release 20.7.1 (#31943) (e82cc74), closes #31943

`v20.7.0`

[bitnami/redis] Redis ACL support to the Bitnami Redis Helm Chart (#31707) (9c6e5d6), closes #31707
Update copyright year (#31682) (e9f02f5), closes #31682

`v20.6.3`

[bitnami/redis] fix: update JSON schema to allow string values for values passed to tpl (#30526) (2c78a06), closes #30526

`v20.6.2`

[bitnami/redis] Release 20.6.2 (#31238) (f24c74c), closes #31238

`v20.6.1`

[bitnami/redis] Release 20.6.1 (#31138) (2da450b), closes #31138

`v20.6.0`

[bitname/redis] Add support for master and replicas resources to be annotated (#31034) (5111fa5), closes #31034
[bitnami/*] Fix typo in README (#31052) (b41a51d), closes #31052
Redis Readme: fix typo in value key name (#31007) (4a8c60a), closes #31007

`v20.5.0`

[bitnami/*] Add Bitnami Premium to NOTES.txt (#30854) (3dfc003), closes #30854
[bitnami/redis] Detect non-standard images (#30942) (f06f8db), closes #30942

`v20.4.1`

[bitnami/redis] CA shouldn't be mandatory when TLS is enabled (#30520) (85219eb), closes #30520

`v20.4.0`

[bitnami/*] docs: 📝 Add "Prometheus metrics" (batch 5) (#30674) (ed2a546), closes #30674
[bitnami/redis] add extraPortsEnabled (#30607) (77a98fa), closes #30607

`v20.3.0`

[bitnami/redis] feat: ✨ Allow updating credentials via values.yaml (#30452) (d6a3118), closes #30452

`v20.2.2`

[bitnami/*] Remove wrong comment about imagePullPolicy (#30107) (a51f9e4), closes #30107
[bitnami/redis] Release 20.2.2 (#30407) (ae54e98), closes #30407
Update documentation links to techdocs.broadcom.com (#29931) (f0d9ad7), closes #29931

`v20.2.1`

[bitnami/redis] Fix preExecCmds parameter (#29898) (6db8a2e), closes #29898

`v20.2.0`

[bitnami/redis] add extraPodSpec (#29725) (0d2b826), closes #29725

`v20.1.7`

[bitnami/redis] Release 20.1.7 (#29756) (bc01e03), closes #29756

`v20.1.6`

[bitnami/redis] adds kind & apiVersion for pvc template in statefulset (#29678) (13212d2), closes #29678

`v20.1.5`

[bitnami/redis] - fix additionalEndpoints in servicemonitor (#29595) (6e674ff), closes #29595

`v20.1.4`

[bitnami/redis] Release 20.1.4 (#29530) (8053b1a), closes #29530

`v20.1.3`

[bitnami/redis] Release 20.1.3 (#29411) (b0b5c88), closes #29411

`v20.1.2`

[bitnami/redis] Use common password manager to handle password (#29376) (6ec3657), closes #29376

`v20.1.1`

[bitnami/redis] fix: move variable from annotation to label (#29209) (396fa01), closes #29209

`v20.1.0`

[bitnami/redis] Support extraEnvVars on volume-permissions for dynamic subfolders (#29195) (b33ff20), closes #29195

`v20.0.5`

[bitnami/redis] label slave pod using sentinel masterService (#29121) (6ae397f), closes #29121

`v20.0.4`

[bitnami/redis] update values.schema.json (#29106) (8a2fea3), closes #29106

`v20.0.3`

[bitnami/redis] Release 20.0.3 (#28941) (d2a1abb), closes #28941

`v20.0.2`

[bitnami/redis] Release 20.0.2 (#28881) (582b058), closes #28881
[bitnami/redis] Update README after major update (#28848) (a96205b), closes #28848

`v20.0.1`

[bitnami/redis] fix: Use rollout restart in ginkgo tests (#28813) (1d8cb54), closes #28813

`v20.0.0`

[bitnami/redis] Release 20.0.0 (#28810) (9e08d34), closes #28810

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

dryrunsecurity · 2025-05-06T19:21:12Z

This pull request contains a potential security risk related to the Redis Helm chart version constraint, which may delay critical security updates by limiting version upgrades to patch-level changes only.

⚠️ Dependency Version Constraint in helm/defectdojo/Chart.yaml

Vulnerability	Dependency Version Constraint
Description	The version constraint for the Redis Helm chart (~~21.2.0) does present a potential risk of delayed security updates. The tilde (~~) version specifier allows patch-level updates but could prevent quick adoption of critical security fixes in newer minor versions. While not an immediate vulnerability, this could delay security patch application if a critical issue is discovered in the Redis chart.

django-DefectDojo/helm/defectdojo/Chart.yaml

Lines 14 to 19 in 0892fef

    
             repository: "https://charts.bitnami.com/bitnami" 
        
             condition: postgresql.enabled 
        
           - name: redis 
        
             version: ~21.2.0 
        
             repository: "https://charts.bitnami.com/bitnami" 
        
             condition: redis.enabled

All finding details can be found in the DryRun Security Dashboard.

mtesauro

Need to look at license on this change.

See #10736 (review)

Maffooch

Need to look at license on this change.

Blocking

…aml)

renovate bot added the dependencies Pull requests that update a dependency file label May 6, 2025

renovate bot requested review from Maffooch and mtesauro as code owners May 6, 2025 19:20

github-actions bot added the helm label May 6, 2025

mtesauro requested changes May 6, 2025

View reviewed changes

renovate bot force-pushed the renovate/redis-21.x branch 2 times, most recently from c1398ff to 507ad15 Compare May 9, 2025 15:44

Maffooch requested changes May 9, 2025

View reviewed changes

renovate bot force-pushed the renovate/redis-21.x branch from 507ad15 to cee60a5 Compare May 15, 2025 15:55

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v21 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) Jun 2, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v21 (helm/defectdojo/chart.yaml) Jun 5, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v21 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) Jun 6, 2025

Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.y…

0892fef

…aml)

renovate bot force-pushed the renovate/redis-21.x branch from cee60a5 to 0892fef Compare June 7, 2025 05:03

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) #12393

Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) #12393

Uh oh!

renovate bot commented May 6, 2025 •

edited

Loading

Uh oh!

dryrunsecurity bot commented May 6, 2025 •

edited

Loading

Uh oh!

mtesauro left a comment

Uh oh!

Maffooch left a comment

Uh oh!

Uh oh!

Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) #12393

Are you sure you want to change the base?

Update Helm release redis from 19.6.4 to v21 (helm/defectdojo/Chart.yaml) #12393

Uh oh!

Conversation

renovate bot commented May 6, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Configuration

Uh oh!

dryrunsecurity bot commented May 6, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

mtesauro left a comment

Choose a reason for hiding this comment

Uh oh!

Maffooch left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

renovate bot commented May 6, 2025 •

edited

Loading

dryrunsecurity bot commented May 6, 2025 •

edited

Loading