build(deps): bump helm.sh/helm/v4 from 4.1.4 to 4.2.0

[dependabot]

Bumps helm.sh/helm/v4 from 4.1.4 to 4.2.0.

Release notes

Sourced from helm.sh/helm/v4's releases.

Helm v4.2.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Switch to goreleaser for release builds
• Kubernetes client libraries to v1.36
• Add mustToToml template function
• deprecate unused --hide-notes and --render-subchart-notes flags
• --dry-run=server now respects generateName:

Installation and Upgrading

Download Helm v4.2.0. The common platform binaries are here:

• MacOS amd64 (checksum / 1376ea697140e4db316736e760d5a47d12afc1524dce704476ef06fd7fdeddc6)
• MacOS arm64 (checksum / f13f959015447b6bc309f9fd506509926543988a39035c088b52522ec95e2acb)
• Linux amd64 (checksum / 97dbeb971be4ac4b27e3839976d9564c0fb35c6f3b1da89dd1e292d236af4096)
• Linux arm (checksum / ae624870b2d50e655b6462daff117eb9d28c4bad45234ef24c1275113540fcb0)
• Linux arm64 (checksum / 1f8de130dfbd04de64978e7b852a7a547be1404956a366608276d2520b678670)
• Linux i386 (checksum / 9cf44acc59081aca98b4d9f09138348836b26761258e02ad2b99616f66eead5c)
• Linux loong64 (checksum / 5b04f0167b8b415a057c1f4f809ede86d5ead840e0aa560db097da5be19f86d0)
• Linux ppc64le (checksum / 48f0637b93247717b725e8d4a8d2cf8df0e2fdea91bdd0e36e2426c2d5c76e4e)
• Linux s390x (checksum / 328e9ed27904f9910026240c4311bb1b0bf91c6fde1634f212097694507a702f)
• Linux riscv64 (checksum / 5d292d57ab1f40e47e373a87187bafa66e8daac4ddc4a1333421c174e8184755)
• Windows amd64 (checksum / 614f68ddc567ac9bfb0c205f869b1f83ba4e0a9aacd26cbae47743ae6082a579)
• Windows arm64 (checksum / e740e4c19b6e2a0b428f7a52c38b7f0b092f0c43ac49870537d7e7fac9cedc07)

This release was signed by @​gjenkins8 with key BF88 8333 D96A 1C18 E268 2AAE D79D 67C9 EC01 6739, which can be found at https://keys.openpgp.org/vks/v1/by-fingerprint/BF888333D96A1C18E2682AAED79D67C9EC016739. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 4.2.1 will contain only bug fixes
• 4.3.0 is the next feature release

Changelog

• Bump to version v4.2 06468084e85c244c712834933d25ea232a4c2093 (George Jenkins)
• build: Clean up Goreleaser change (#32098) e23bf3af53c52185123278e83b7023c102707778 (Scott Rigby)
• fix: add -extldflags -static to dist target to match build-cross f60ab7c31c81a73b8e0aade5aff41bfc01c08820 (Terry Howe)
• build: use goreleaser build with manual archive creation 64aa46f2f1cf239cf6535c5e847e14dcb933a847 (Terry Howe)

... (truncated)

Commits

• 0646808 Bump to version v4.2
• e23bf3a build: Clean up Goreleaser change (#32098)
• ad18580 Merge pull request #31343 from TerryHowe/chore-replace-mitchellh-gox-with-gor...
• b3a458f Merge pull request #31970 from isumitsolanki/fix/31965-decouple-cli-from-kube
• f60ab7c fix: add -extldflags -static to dist target to match build-cross
• 64aa46f build: use goreleaser build with manual archive creation
• d199a1a chore: remove build-cross dependency from test-acceptance
• 8289940 ci: add fetch-depth 0 to canary checkout for goreleaser
• c075022 fix: address goreleaser build issues flagged in review
• 04885dd fix: pass VERSION as GORELEASER_CURRENT_TAG to preserve v-prefix in archive n...
• Additional commits viewable in compare view

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 075822e. Configure here.}

[cursor]

K8s replace directives pin v0.34.4 conflicting with v0.36.0 requirements

High Severity

The require section now lists k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, k8s.io/kubectl, etc. at v0.36.0 (pulled in by helm.sh/helm/v4 v4.2.0 and sigs.k8s.io/controller-runtime v0.24.0), but the replace directives pin all k8s staging packages to v0.34.4. This means helm v4.2.0 and controller-runtime v0.24.0 source code—designed for k8s v1.36 client libraries—will be compiled against v0.34.4, a two-minor-version gap that is very likely to cause compilation failures or runtime incompatibilities if any new APIs from v0.35/v0.36 are referenced.

Additional Locations (1)

• go.mod#L70-L94

 

^{Reviewed by Cursor Bugbot for commit 075822e. Configure here.}

[dependabot]

Superseded by #3766.