Conversation
oracle-contributor-agreement
bot
added
the
OCA Verified
prasad-shirodkar
dismissed stale reviews from thtanaka and mgianatagh
via
0f50bfb
| - https://github.com/kubernetes-sigs/headlamp/tree/main/charts/headlamp | ||
| - https://github.com/kubernetes-sigs/headlamp | ||
| type: application | ||
| version: 2.4.0 |
There was a problem hiding this comment.
Why are we bumping this to 2.4?
There was a problem hiding this comment.
I assumed since previous version was 2.3.0. The new version would be 2.4.0. Please let me know what should be the new version then.
There was a problem hiding this comment.
I'll be honest, I'm not entirely sure what the versioning scheme is this application. We used 2.3.0 to coincide with the 2.3 CLI release. The idea then was to give access to the new charts. If we're just building and releasing a new Headlamp tag, and don't need a new chart, I'm not convinced that we need to update the catalog at all.
There was a problem hiding this comment.
We are updating the catalog due to the below CVE as mentioned in https://github.com/kubernetes-sigs/headlamp/releases/tag/v0.39.0
- CVE-2025-14269: Credential caching in Headlamp with non-default enableHelm option is true in in-cluster version of Headlamp and not Headlamp Desktop.
Apart from the image, the new upstream release also brings changes to charts as well.
4 participants
Headlamp v2.4.0 (v0.39.0) charts