Releases: crossplane-contrib/function-auto-ready
Releases · crossplane-contrib/function-auto-ready
v0.6.3
Summary
This release includes security fixes for gRPC dependencies.
Highlights
- Security vulnerability remediation for Google gRPC
- Updated
google.golang.org/grpcto v1.79.3 to address GHSA-p77j-4mvh-x3m3
Security Fixes
- GHSA-p77j-4mvh-x3m3: Fixed by updating gRPC to v1.79.3
v0.6.2
Summary
This release includes security fixes and build infrastructure updates.
Highlights
- Security: Updated Go to version 1.25.8 to remediate CVE-2026-25679, CVE-2026-27142, and CVE-2026-27139
- Build tooling: Updated golangci-lint to v2.11.3 for compatibility with Go 1.25.x
- Code quality: Resolved linter issues including import formatting and staticcheck warnings
This is a maintenance release focused on security patches and ensuring compatibility with the latest Go toolchain.
v0.6.1
This release fixes CVE vulnerabilities identified by security scanning:
| CVE/GHSA | Severity | Package | Fixed Version |
|---|---|---|---|
| CVE-2025-68121 | Critical | stdlib | go1.24.13 |
| CVE-2025-61726 | High | stdlib | go1.24.13 |
| CVE-2025-61731 | High | stdlib | go1.24.13 |
| CVE-2025-61732 | High | stdlib | go1.24.13 |
| CVE-2025-61728 | Medium | stdlib | go1.24.13 |
| CVE-2025-61730 | Medium | stdlib | go1.24.13 |
What's Changed
- fix(security): remediate CVE vulnerabilities by @upbound-bot in #177
Full Changelog: v0.6.0...v0.6.1
Contributors
upbound-bot
Assets 2
v0.6.0
What's Changed
- Update module github.com/crossplane/crossplane-runtime to v1.20.0 by @renovate[bot] in #56
- Update module github.com/alecthomas/kong to v1.12.0 by @renovate[bot] in #45
- add spec.capabilities by @jastang in #127
- [main]: Update go.mod dependencies [SECURITY] by @upbound-bot in #155
- fix(owners): set correct mail-address by @haarchri in #157
- Add resource-specific health checks for standard Kubernetes resources by @kaessert in #160
- [main]: Update go.mod dependencies [SECURITY] by @upbound-bot in #162
New Contributors
- @jastang made their first contribution in #127
- @haarchri made their first contribution in #157
- @kaessert made their first contribution in #160
Full Changelog: v0.5.2...v0.6.0
Contributors
kaessert, renovate, and 3 other contributors
Assets 2
v0.5.2
This release updates go mod dependencies to fix the following CVEs:
- CVE-2025-61723
- CVE-2025-61725
- CVE-2025-58186
- CVE-2025-61724
- CVE-2025-47912
- CVE-2025-58188
- CVE-2025-58189
- CVE-2025-58185
- CVE-2025-58187
- CVE-2025-58183
What's Changed
- [release-0.5]: Update go.mod dependencies [SECURITY] by @upbound-bot in #159
Full Changelog: v0.5.1...v0.5.2
Contributors
upbound-bot
Assets 2
v0.5.1
This release updates go mod dependencies to fix the following CVEs:
What's Changed
- [release-0.5]: Update go.mod dependencies [SECURITY] by @upbound-bot in #154
Full Changelog: v0.5.0...v0.5.1
Contributors
upbound-bot
Assets 2
v0.5.0
What's Changed
- Update module golang.org/x/net to v0.33.0 main [SECURITY] by @turkenf in #52
- Update Go version and enable pushing to ghcr.io in CI by @turkenf in #60
- Feature/configure max recv message size by @vibe in #47
- fix legacy ci by @stevendborrelli in #96
- Update go mod dependencies [Security] by @turkenf in #110
New Contributors
- @vibe made their first contribution in #47
- @stevendborrelli made their first contribution in #96
Full Changelog: v0.4.2...v0.5.0
Contributors
stevendborrelli, vibe, and turkenf
Assets 2
v0.4.2
What's Changed
Full Changelog: v0.4.1...v0.4.2
Contributors
turkenf
Assets 2
v0.4.1
What's Changed
Full Changelog: v0.4.0...v0.4.1
Contributors
turkenf
Assets 2
v0.4.0
What's Changed
- Use distroless/static image instead of distroless/base since glibc is not used by @vilmosmartinek in #49
- Update module github.com/crossplane/function-sdk-go to v0.4.0 by @renovate in #50
New Contributors
- @vilmosmartinek made their first contribution in #49
Full Changelog: v0.3.0...v0.4.0
Contributors
renovate and vilmosmartinek