Update devbox (major)

[renovate]

This PR contains the following updates:

Package	Update	Change
docker	major	latest → 29.1.5
kustomize	major	latest → 5.8.0
mockgen	major	latest → 1.6.0
yq-go	major	latest → 4.50.1

---

Release Notes

kubernetes-sigs/kustomize (kustomize)

v5.8.0

IMPORTANT NOTICE: REGRESSION

Due to the new features introduced in this release, a regression has occurred in the functionality that propagates namespaces to child kustomizations.
We are currently preparing a patch release, so please refrain from making changes to this version.

#​6031 (comment)

Highlights

implements to replacements value in the structured data

Now, We can edit yaml/json in yaml manifests with replacements transformer.
See #​5679

For example

## source
apiVersion: v1
kind: ConfigMap
metadata:
  name: source-configmap
data:
  HOSTNAME: www.example.com
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: target-configmap
data:
  config.json: |-
    {"config": {
      "id": "42",
      "hostname": "REPLACE_TARGET_HOSTNAME"
    }}

## replacement
replacements:
- source:
    kind: ConfigMap
    name: source-configmap
    fieldPath: data.HOSTNAME
  targets:
  - select:
      kind: ConfigMap
      name: target-configmap
    fieldPaths:
    - data.config\.json.config.hostname

fix: Propagate Namespace correctly to Helm

The long-standing bug where kustomize's namespace transformer did not pass namespaces to helmCharts has been fixed.
See #​5940

For example

## define namespace
namespace: any-namespace

helmCharts:
- name: minecraft
  repo: https://kubernetes-charts.storage.googleapis.com
  version: v1.2.0
  # namespace: any-namespace   ## propagates without additional namespace specific
  valuesFile: values.yaml

Feature

#​5679: implements to replacements value in the structured data
#​5863: Add regex support for Replacement selectors
#​5930: feat: add PatchArgs API type to populate patch options

fix

#​5940: fix: Propagate Namespace correctly to Helm
#​5971: fix: performance recession when propagating namespace to helm
#​5942: fix fnplugin storagemounts validation
#​5958: fix: make AbsorbAll conflict error more verbose
#​5961: refactor: nested format string
#​5967: Fix infinite loop in HTTP client by validating URLs before requests
#​5985: fix(kyaml/yaml): minor nil safety fix for RNode.Content etc
#​5991: Fix duplicate key error when adding multiple labels with --without-selector

Dependencies

#​5962: chore: update dependencies from security alert
#​5959: update go 1.24.6

chore

#​6007: Update kyaml to v0.21.0
#​6008: Update cmd/config to v0.21.0
#​6009: Update api to v0.21.0

v5.7.1

This release introduces code to replace the shlex library used for parsing arguments in the exec plugin.
If any existing manifests become corrupted, please file an issue. discussion: kubernetes/kubernetes#132593 (comment)

Dependencies

#​5943: drop shlex dependency

Chore

#​5948: Update kyaml to v0.20.1
#​5949: Update cmd/config to v0.20.1
#​5950: Update api to v0.20.1

v5.7.0

Feature

#​5630: Add static value source for replacement
#​5921: feat: Add images suport for Image Volumes
#​5771: fix: Allow patches with empty files with multiple newlines or comments
#​5865: feat(helm): allow the use of devel alias for helmcharts

fix

#​5846: fix: Get version from the BuildInfo.Main.Version if not found in deps and build flag
#​5859: fix: Don't panic on multiple $patch: delete strategic merge patches in a single patch file
#​5877: fix: make private one field in replacements transformer struct that had a missing JSON tag

Dependencies

#​5847: replace deplecated package github.com/google/shlex with github.com/carapace-sh/carapace-shlex
#​5873: Bump to github.com/spf13/viper v1.20.0
#​5931: Drop usage of forked copies of goyaml.v2 and goyaml.v3

chore

#​5882: Set Git messages to English for TestRemoteLoad_LocalProtocol
#​5934: Update kyaml to v0.20.0
#​5935: Update cmd/config to v0.20.0
#​5936: Update api to v0.20.0

v5.6.0

Announce

This release introduces a unified internal package version (v0.19.0) across the entire kustomize repository.
ref. #​5800

Chore

#​5809: fix: "edit add labels" make labels handle -f flag same as commonLabels

Dependencies

#​5825: Update to latest kube-opeapi to drop govalidator dependency
#​5830: downgrade go-difflib and go-spew to tagged releases
#​5837: Update kyaml to v0.19.0
#​5839: Update cmd/config to v0.19.0
#​5840: Update api to v0.19.0

v5.5.0

Breaking change

A starlark support for krm functions was removed to cleanup dependencies. #​5768
This feature was deprecated 3 years ago and removed because there was no desire to continue using it.
#​5768 (comment)

Feature

#​5751: Add --helm-debug Flag to Kustomize for Enhanced Helm Debugging

Fix Bugs

#​5458: Sort built-in Namespace kind before CRDs with the same name
#​5745: Add Annotation to Control Inline List Conversion in Kustomize Resources"

Dependencies

#​5763: Update go 1.22.7
#​5781: Update kyaml to v0.18.1
#​5782: Update cmd/config to v0.15.0
#​5783: Update api to v0.18.0

v5.4.3

Caution

The kustomize localize subcommand(this subcommand is now in the beta stage) now verifies the success of kustomize build when executed.
If you are using the missing manifests, maybe you failed to download them with the localize subcommand. Please use the --no-verify flag to skip validation steps.
#​5544: Run kustomize build with kustomize localize and add a no-verify flag.

Fix Bugs

#​5682: fix: include label in templates when adding by cli
#​5689: Fix sortOptions removal when running edit command

chore

#​5506: fix some comments
#​5718: fix lint error in kustomizationfile_test.go

Dependencies

#​5734: Update kyaml to v0.17.2
#​5735: Update cmd/config to v0.14.2
#​5736: Update api to v0.17.3

v5.4.2

Feature

#​5294: feat: localize absolute paths
#​5556: feat: support labels key in transformer configuration

chore

#​5671: refactor: string in slice is now part of stdlib
#​5681: chore: remove unused function
#​5688: refactor: function in stdlib now

Dependencies

#​5672: chore(deps): bump dependencies of kustomize + sync go workspace
#​5680: chore: restore version for github.com/asaskevich/govalidator
#​5702: Update kyaml to v0.17.1
#​5703: Update cmd/config to v0.14.1
#​5704: Update api to v0.17.2

v5.4.1

This is a patch of kustomize v5.4.0 and should fix the kustomize version subcommand issues in its assets.

kustomize v5.4.1

#​5644: fix version subcommand is not working after release build

kustomize v5.4.0

Breaking changes

#​5519: Fix null YAML values being replaced by "null"

kustomize requires Go 1.21 or higher at build

#​5567: fix 'golang.org/x/exp/slices' dependencies

Features

#​5411: Add --load-restrictor completion
#​5467: feat: edit set secret

More better error handling

• #​5539: Include exec plugin stderr with wrapped error
• #​5542: fix: improve accumulation failure message
• #​5550: use Strict unmarshal when read TransformerConfig

Bug fixes/performance improvements

#​5234: fix edit set image to parse both tag and digest
#​5621: Use require for Error and NoError

Dependencies

#​5479: Revert "Switch to json-patch v5"
#​5541: Use canonical json-patch v4 import
#​5615: update dependencies google.golang.org/protobuf@​v1.33.0

update internal Dependencies

#​5639: Update kyaml to v0.17.0
#​5640: Update cmd/config to v0.14.0
#​5641: Update api to v0.17.0

cleanup Dependencies

#​5044: Remove non-essential dependency imdario/mergo
#​5567: fix 'golang.org/x/exp/slices' dependencies
#​5627: Remove klog/v1 dependencies

chore

#​5495: chore: move removetest.go to the internal package
#​5518: Update owners file
#​5622: Pin tool versions with hack/go.mod

v5.3.0

#​5211: Fix nil pointer dereferencing when converting vars to replacements
#​5270: helm: add support for kube-version and add cli args for both kube-version and api-versions
#​5391: feat: edit set configmap
#​5402: release cleanup, unpin the modules
#​5409: refactor: move reusable bits in preparation for new 'edit set' commands
#​5412: Use upstream go-yaml fork and remove our internal one
#​5421: Replace gopkg.in/yaml.v2 with sigs.k8s.io/yaml/goyaml.v2
#​5424: Run go work sync
#​5430: fix: handle empty namespace as default
#​5454: fix: support namespace flag on edit remove secret/configmap
#​5455: fix: flaky ConfigMap/Secret args tests
#​5456: chore: rename files to match package pattern
#​5475: Update kyaml to v0.16.0
#​5476: Update cmd/config to v0.13.0
#​5477: Update api to v0.16.0

v5.2.1

This is a patch of kustomize v5.2.0 and should fix the directory formatting issues in its assets.

Release notes from v5.2.0 (Delta from v5.1.1)

Currently, Kustomize has already resolved that block on releasing for Windows and Darwin ARM(#​5220). Now, We can release those architecture binaries.

New Features for kustomize build

• patches accept a patch file with multiple patches(#​5194)
• Add support for OCI based helm repos(#​5167)

New Features for kustomize edit subcommands

#​4486: add: "edit add labels" command adds an option for labels without selector
#​5327: feat: add remove configmap command
#​5333: Add --no-verify flag to edit add resource command
#​5344: feat: add remove secret command
#​5367: fix: add namespace option to 'edit add configmap' command

Bug fixes

#​5342: Update imdario/mergo to v0.3.13
#​5196: fix: patch additions honor source key style

chore

#​5345: docs: update remove configmap comment
#​5193: [refactor]: Internalize loader api
#​5315: refactor: change "add configmap/secret" commands to reuse code and improve tests

Dependency updates

#​5254: release cleanup
#​5197: Switch to json-patch v5
#​5393: Update kyaml to v0.15.0
#​5394: Update cmd/config to v0.12.0
#​5395: Update api to v0.15.0

v5.1.1

Built with go 1.20.6 to address CVEs in previous go versions.

#​5245: Fix typo in help for the create subcommand

v5.1.0

Kustomize is blocked on releasing for windows and darwin ARM until #​5220 is resolved. If you are interested in fixing it, please leave ideas on that issue for how we can resolve it.

Highlights

Components are now applied after generators: #​5170

We made this change cautiously as we want to avoid user friction when updating kustomize; however we felt that it is a bug that resources from resources and resources from generators are treated differently. Given that components is currently an alpha feature, we felt that now was the time to adjust if ever.

We are currently working on on #​4402, which will make the ordering of resources, components, and other generators customizable in the kustomization file. Please use that issue for tracking if you are blocked from upgrading kustomize for this reason, and we hope to have it available soon.

See #​5141 for more detailed discussion.

Bug fixes:

#​5030: kustomize edit will return an error if there is no matching path
#​5170: components are now applied after generators
#​4949: error if kustomization file is empty

Dependency updates

#​5186: Update gnostic dependency with gnostic-models
#​5187: Bump to go 1.20
#​5212: pin to kyaml v0.14.3
#​5213: pin to cmd/config v0.11.3
#​5214: pin to api 0.14.0

v5.0.3

This release reverts the regression with the helm plugin that was introduced in v5.0.2.

Built with go 1.19.9 to remove CVE vulnerabilities.

Changelog

#​5164: Revert "Fix using same helm chart with different versions"

v5.0.2

Built with go 1.19.9 to resolve CVE vulnerabilities.

Known issues:

#​5163: kustomize 5.0.2 breaks helmCharts w/ chartHome. We are in the process of reverting the breaking change and rereleasing kustomize. Users of the helmCharts plugin with local charts are advised to skip this release.

Changelog

#​5159: pin to kyaml v0.14.2
#​5160: pin to cmd/config v0.11.2
#​5161: pin to api 0.13.3

uber-go/mock (mockgen)

v0.6.0

Added

• #​258: Archive mode: a new mockgen mode that generates mocks out of archive files.
• #​262: Support for specifying mock names when using the _gomock_archive bazel rule.

Fixed

• #​276: Fixed mockgen errors with go1.25 due to outdated golang.org/x/tools dependency.

v0.5.2

Fixed

• #​248: Fixed an issue with type aliases not being included in generated code correctly.

v0.5.1

Fixed

• #​220: Package mode will now generate code that uses aliases of types
  when they are used in the source.
• #​219: Fixed a collision between function argument names and package names
  in generated code.
• #​165: Fixed an issue where aliases specified by -imports were not being
  respected in generated code.

Thanks to @​mtoader and @​bstncartwright for their contributions to this release.

v0.5.0

Added

• #​153: Add --write_command_comment flag to specify whether to include
  Generated by this command comment.
• #​191: Add --build_constraint flag to add //go:build directives
  to generated mocks
• #​214: Add gob mode to support custom package loading techniques in place
  of --exec_only

Changed

• #​181: Made mockgen faster by changing flags passed to go list.
• #​183: Made Cond matcher generic.
• #​204: Removed ISGOMOCK() from generated mocks.
• #​207: Deprecated reflect mode and replaced it with the new package mode.

Fixed

• #​144: Fix a deadlock that can happen when mocking an interface that
  matches fmt.Stringer.
• #​168: Fix an issue where the "generated by" comment was being included
  in the package comment of generated mocks.

Thanks to @​tulzke @​JacobOaks @​ARR4N @​sashamelentyev @​sywhang @​fasmat
@​eyasy1217 @​ghouscht @​tie @​Neo2308 @​carson-brill @​alexandear @​sodul
@​nbgraham for their contributions this release.

---

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.39%. Comparing base (39b5474) to head (b2617b5).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #482   +/-   ##
=======================================
  Coverage   73.39%   73.39%           
=======================================
  Files          19       19           
  Lines        2902     2902           
=======================================
  Hits         2130     2130           
  Misses        523      523           
  Partials      249      249           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.