deps: bump the argo group across 1 directory with 5 updates

[dependabot]

Bumps the argo group with 5 updates in the / directory:

Package	From	To
github.com/argoproj/argo-cd/v3	3.2.1	3.3.0
github.com/argoproj/argo-events	1.9.9	1.9.10
github.com/argoproj/argo-rollouts	1.8.3	1.8.4
github.com/argoproj/argo-workflows/v3	3.7.6	3.7.9
github.com/argoproj/gitops-engine	0.7.1-0.20251108235403-13d5172d3ee2	0.7.3

Updates github.com/argoproj/argo-cd/v3 from 3.2.1 to 3.3.0

Release notes

Sourced from github.com/argoproj/argo-cd/v3's releases.

v3.3.0

[!IMPORTANT] Before upgrading all types of Argo CD installations to this release, please read the upgrade guide first: https://argo-cd.readthedocs.io/en/stable/operator-manual/upgrading/3.2-3.3/#breaking-changes

Upgrading Argo CD which is managing itself

Users who have an Argo CD Application that manages their Argo CD installation, must enable ServerSideApply=true sync option on this Application in order for the upgrade to succeed.

In some cases, like when the self-managing of Argo CD is performed with Kustomize, there may be a sync error like Failed to perform client-side apply migration: failed to perform client-side apply migration on manager kubectl-client-side-apply.

We are currently working on a long-term fix to this issue, the progress can be tracked here: argoproj/argo-cd#26279

A temporary remediation is to additionally set the ClientSideApplyMigration=false sync option on this Application. This solution is temporary and not recommended for the long run because it may result in conflicts between Argo CD K8s field manager and other field managers at a later point in time, and if you use it, you will need to remove it after the above issue is fixed.

More details here: https://argo-cd.readthedocs.io/en/stable/user-guide/sync-options/#client-side-apply-migration

Quick Start

Non-HA:

kubectl create namespace argocd
kubectl apply -n argocd --server-side --force-conflicts -f https://raw.githubusercontent.com/argoproj/argo-cd/v3.3.0/manifests/install.yaml

HA:

kubectl create namespace argocd
kubectl apply -n argocd --server-side --force-conflicts -f https://raw.githubusercontent.com/argoproj/argo-cd/v3.3.0/manifests/ha/install.yaml

Release Signatures and Provenance

All Argo CD container images are signed by cosign. A Provenance is generated for container images and CLI binaries which meet the SLSA Level 3 specifications. See the documentation on how to verify.

Release Notes Blog Post

For a detailed breakdown of the key changes and improvements in this release, check out the official blog post.

Upgrading

If upgrading from a different minor version, be sure to read the upgrading documentation.

Changelog

Features

• ce2fb703a6a7b5e0b5e8ee3e1f1b34747dcec844: Revert "feat: Ability to create custom labels for namespaces created … (#455) (@​pasha-codefresh)
• e50dd008fd009121bd8429dc348ebba84e41ff64: feat(actions): Add cloudnativepg reload, restart, promote, suspend and resume actions (#24192) (@​rouke-broersma)

... (truncated)

Commits

• fd6b7d5 Bump version to 3.3.0 on release-3.3 branch (#26206)
• f4e479e fix: consider Replace/Force sync option on live resource annotations (#26110)...
• 436da4e Bump version to 3.3.0-rc4 on release-3.3 branch (#26119)
• cd6a9aa fix: cherry pick #25516 to release-3.3 (#26114)
• ac071b5 chore(deps): update notifications-engine to fix GitHub PR comments nil panic ...
• 3d64c21 fix: invalid error message on health check failure (#26040) (cherry-pick #260...
• 0fa47b1 fix(hydrator): pass destination.namespace to manifest rendering (#25478) (che...
• 48a9dcc fix(hydrator): empty links for failed operation (#25025) (cherry-pick #26014 ...
• b52a075 fix(hydrator): .gitattributes include deeply nested files (#25870) (cherry-pi...
• 8fbb44c fix: close response body on error paths to prevent connection leak (cherry-pi...
• Additional commits viewable in compare view

Updates github.com/argoproj/argo-events from 1.9.9 to 1.9.10

Release notes

Sourced from github.com/argoproj/argo-events's releases.

v1.9.10

Major Changes

• feat: Add EmojiEvents support for GitLab group webhooks (#3871)
• fix: retry generic event streams forever (#3877)
• fix: amqp integer queue args (#3884)
• chore: update argo-workflows version (#3852)

Pull Requests

argoproj/argo-events@v1.9.9...v1.9.10

Installation

kubectl create namespace argo-events
kubectl apply -n argo-events -f https://github.com/argoproj/argo-events/releases/download/v1.9.10/install.yaml
Install validating webhook (optional)
kubectl apply -n argo-events -f https://github.com/argoproj/argo-events/releases/download/v1.9.10/install-validating-webhook.yaml

Full Changelog: argoproj/argo-events@v1.9.9...v1.9.10

Changelog

Sourced from github.com/argoproj/argo-events's changelog.

v1.9.10 (2026-01-21)

• 3de38ac2 Update manifests to v1.9.10
• 56f77c8e feat: Add EmojiEvents support for GitLab group webhooks (#3871)
• 1b67245c Fix: amqp integer queue args (#3884)
• 822240f4 chore(deps): bump github.com/minio/minio-go/v7 from 7.0.97 to 7.0.98 (#3882)
• 251133f5 chore(deps): bump golang.org/x/tools from 0.40.0 to 0.41.0 (#3879)
• 576b21d0 fix: retry generic event streams forever (#3877)
• 8752c54b Add ReadyOn AI to USERS.md (#3878)
• bb0a0dd3 chore(deps): bump github.com/hamba/avro/v2 from 2.30.0 to 2.31.0 (#3875)
• a3492f10 chore(deps): bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 (#3872)
• c248392a chore(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.3 to 2.27.4 (#3869)
• f1591183 chore(deps): bump google.golang.org/grpc from 1.77.0 to 1.78.0 (#3870)
• c8628cbf chore(deps): bump github.com/nats-io/nats.go from 1.47.0 to 1.48.0 (#3866)
• 82b9bb48 chore(deps): bump github.com/go-resty/resty/v2 from 2.17.0 to 2.17.1 (#3863)
• f3ff80e5 chore(deps): bump golang.org/x/tools from 0.39.0 to 0.40.0 (#3859)
• 6abd2b46 chore(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (#3858)
• a2438955 chore(deps): bump peter-evans/create-pull-request from 6 to 8 (#3855)
• 25506a9d chore(deps): bump actions/cache from 4 to 5 (#3853)
• 18421387 chore(deps): bump actions/download-artifact from 5 to 7 (#3854)
• 44abc6bc chore(deps): bump google.golang.org/api from 0.256.0 to 0.257.0 (#3848)
• d870db73 chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 (#3847)
• 5a661d9b chore(deps): bump github.com/go-openapi/inflect from 0.21.3 to 0.21.5 (#3845)
• dae38954 fix: upgrade NATS JetStream from 2.10.10 to 2.10.29 to address CVEs (#3844)

Contributors

• Alan Clucas
• Derek Wang
• Roshan Daneshvaran
• Yugan
• dependabot[bot]

Commits

• 3de38ac Update manifests to v1.9.10
• 56f77c8 feat: Add EmojiEvents support for GitLab group webhooks (#3871)
• 781bc0a chore: upgrade gitlab client (#3888)
• 1b67245 Fix: amqp integer queue args (#3884)
• 822240f chore(deps): bump github.com/minio/minio-go/v7 from 7.0.97 to 7.0.98 (#3882)
• 251133f chore(deps): bump golang.org/x/tools from 0.40.0 to 0.41.0 (#3879)
• 576b21d fix: retry generic event streams forever (#3877)
• 4d0b367 chore: update argo-workflows version (#3852)
• 8752c54 Add ReadyOn AI to USERS.md (#3878)
• bb0a0dd chore(deps): bump github.com/hamba/avro/v2 from 2.30.0 to 2.31.0 (#3875)
• Additional commits viewable in compare view

Updates github.com/argoproj/argo-rollouts from 1.8.3 to 1.8.4

Release notes

Sourced from github.com/argoproj/argo-rollouts's releases.

v1.8.4

What's Changed

• fix: bluegreen analysis prematurely succeeds if new ReplicaSet becomes unsaturated by @​jessesuen in argoproj/argo-rollouts#4604
• chore(deps): bump github.com/hashicorp/go-plugin from 1.6.2 to 1.6.3 by @​aali309 in argoproj/argo-rollouts#4592

Full Changelog: argoproj/argo-rollouts@v1.8.3...v1.8.4

Changelog

Sourced from github.com/argoproj/argo-rollouts's changelog.

v1.9.0-rc1 (2025-11-07)

Build

• tmate.io is no longer active (#4417)

Chore

• Change enhancement proposal issue wording (#4414)
• security fix https://nvd.nist.gov/vuln/detail/CVE-2023-46402 (#4083)
• Make sure rollouts abort always has some more detailed message (#3957) (#4175)
• bump k8s libraries and go to current supported versions (#4497)
• use internal errors util instead of pkg's (#4171)
• Add Verkada to the list of users (#4176)
• Add Doubble to official USERS.md (#4214)
• Fix Traefik name (#4217)
• enrich controller startup log with namespace, ports, and insta… (#4218)
• Improve logging (#4266)
• add canaryStepString route msg (#4490)
• fix deprecation (pointer -> ptr) (#4286)
• Adding Red Hat to the list (#4361)
• make api-proto to support go module style (#4402)
• Add UiPath to the list of users (#4476)
• deps: bump codecov/codecov-action from 5.3.1 to 5.4.0 (#4157)
• deps: bump github.com/aws/smithy-go from 1.22.2 to 1.22.3 (#4136)
• deps: bump amannn/action-semantic-pull-request from 5 to 6 (#4454)
• deps: bump sigstore/cosign-installer from 3.8.2 to 3.10.0 (#4448)
• deps: bump docker/login-action from 3.4.0 to 3.6.0 (#4473)
• deps: bump actions/download-artifact from 4.3.0 to 6.0.0 (#4512)
• deps: bump github.com/aws/smithy-go from 1.22.4 to 1.23.1 (#4494)
• deps: bump github.com/aws/aws-sdk-go-v2/service/cloudwatch from 1.45.1 to 1.45.4 (#4366)
• deps: bump golang.org/x/sync from 0.11.0 to 0.16.0 (#4353)
• deps: bump docker/setup-buildx-action from 3.10.0 to 3.11.1 (#4328)
• deps: bump github.com/aws/aws-sdk-go-v2/service/cloudwatch from 1.44.1 to 1.45.1 (#4313)
• deps: bump codecov/codecov-action from 5.4.2 to 5.4.3 (#4283)
• deps: bump docker/build-push-action from 6.16.0 to 6.18.0 (#4298)
• deps: bump actions/stale from 9 to 10 (#4493)
• deps: bump codecov/codecov-action from 5.4.3 to 5.5.1 (#4492)
• deps: bump softprops/action-gh-release from 2.2.1 to 2.2.2 (#4243)
• deps: bump actions/download-artifact from 4.2.1 to 4.3.0 (#4254)
• deps: bump docker/build-push-action from 6.15.0 to 6.16.0 (#4255)
• deps: bump github.com/aws/aws-sdk-go-v2/config from 1.29.8 to 1.29.14 (#4230)
• deps: bump codecov/codecov-action from 5.4.0 to 5.4.2 (#4237)
• deps: bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#4247)
• deps: bump github.com/golang-jwt/jwt to 4.5.2 (#4235) (#4236)
• deps: bump google.golang.org/grpc from 1.70.0 to 1.71.1 (#4227)
• deps: bump golangci-lang from v1.61.0 to v1.64.8 (#4213)
• deps: bump softprops/action-gh-release from 2.1.0 to 2.2.0 (#3999)

... (truncated)

Commits

• 55e89dd fix: bluegreen analysis prematurely succeeds if new ReplicaSet becomes unsatu...
• 25cd304 chore(deps): bump github.com/hashicorp/go-plugin from 1.6.2 to 1.6.3 (#4592)
• See full diff in compare view

Updates github.com/argoproj/argo-workflows/v3 from 3.7.6 to 3.7.9

Release notes

Sourced from github.com/argoproj/argo-workflows/v3's releases.

v3.7.9

Quick Start

What's New?

Find out on our blog and changelog.

Breaking Changes and Known Issues

Check the upgrading guide and search for existing issues on GitHub.

Installation

CLI

Mac / Linux

Available via curl

# Detect OS
ARGO_OS="darwin"
if [[ "$(uname -s)" != "Darwin" ]]; then
  ARGO_OS="linux"
fi
Download the binary
curl -sLO "https://github.com/argoproj/argo-workflows/releases/download/v3.7.9/argo-$ARGO_OS-amd64.gz"
Unzip
gunzip "argo-$ARGO_OS-amd64.gz"
Make binary executable
chmod +x "argo-$ARGO_OS-amd64"
Move binary to path
mv "./argo-$ARGO_OS-amd64" /usr/local/bin/argo
Test installation
argo version

Controller and Server

kubectl create namespace argo
kubectl apply -n argo -f https://github.com/argoproj/argo-workflows/releases/download/v3.7.9/install.yaml

v3.7.8

... (truncated)

Changelog

Sourced from github.com/argoproj/argo-workflows/v3's changelog.

v3.7.9 (2026-01-28)

Full Changelog: v3.7.8...v3.7.9

Selected Changes

• 156b4f817 fix(security): update qs to 6.14.1 (cherry-pick #15427 for 3.7) (#15428)
• 74943cbe1 chore(deps): update sigs.k8s.io/json digest to 2d32026 (release-3.7) (#15396)
• 5541dfabb chore(deps): update google.golang.org/genproto/googleapis/api digest to 8636f87 (release-3.7) (#15392)
• 04b8eb5f4 chore(deps): update github.com/knetic/govaluate digest to 7625b7f (release-3.7) (#15390)
• eac80a5d9 chore(deps): update golang.org/x/exp digest to 716be56 (release-3.7) (#15391)
• 96974bb4a chore(deps): update k8s.io/utils digest to 914a6e7 (release-3.7) (#15395)
• d4a952792 chore(deps): update k8s.io/gengo digest to 5ee0d03 (release-3.7) (#15393)
• eb73f9290 chore(deps): update dependency @​types/react-datepicker to v4.19.6 (release-3.7) (#15404)
• c56e671bb chore(deps): update dependency @​testing-library/dom to v10.4.1 (release-3.7) (#15397)
• 5a16fc476 chore(deps): update dependency @​testing-library/react to v16.3.2 (release-3.7) (#15398)
• d6f32cbe3 chore(deps): update dependency @​types/classnames to v2.3.4 (release-3.7) (#15399)
• 28fd7a1b2 chore(deps): update dependency @​types/prop-types to v15.7.15 (release-3.7) (#15401)
• 07968ddb2 chore(deps): update dependency @​types/dagre to v0.7.53 (release-3.7) (#15400)
• e7c865e54 chore(deps): update dependency @​types/react-dom to v18.3.7 (release-3.7) (#15405)
• a519a5e4f chore(deps): update dependency @​types/react-form to v2.16.15 (release-3.7) (#15406)
• 558d7c89c chore(deps): update dependency @​types/uuid to v9.0.8 (release-3.7) (#15408)
• eeb9e40d5 chore(deps): update dependency copy-webpack-plugin to v12.0.2 (release-3.7) (#15409)
• 1e5a5b482 chore(deps): update dependency html-webpack-plugin to v5.6.6 (release-3.7) (#15411)
• fdb16558f chore(deps): update dependency eslint-config-prettier to v9.1.2 (release-3.7) (#15410)
• f97b7446e chore(deps): update dependency monaco-editor-webpack-plugin to v7.1.1 (release-3.7) (#15412)
• 9757b5b83 Revert "chore(deps): update dependency webpack-dev-server to v5 [security] (release-3.7) (#15284)"
• 0d46bd18f chore(deps): update dependency webpack-dev-server to v5 [security] (release-3.7) (#15284)
• 79a46c95e fix: prevent int64 overflow in retry backoff calculation (cherry-pick #15277 for 3.7) (#15291)
• 15fa2f96b chore(deps): bump golang to 1.25 (#15235)

• Alan Clucas
• Andre Kurait
• isubasinghe
• William Van Hevelingen

v3.7.8 (2026-01-21)

Full Changelog: v3.7.7...v3.7.8

Selected Changes

• add2c5456 fix: workflow controller to detect stale workflows (cherry-pick #15090 for 3.7) (#15262)
• 190f5d7c1 fix(security): stored XSS in artifact directory listings (cherry-pick #15255 for 3.7) (#15259)
• 739280d36 fix: Optimize DAG sort for retry (cherry-pick #15241 for 3.7) (#15249)

... (truncated)

Commits

• 156b4f8 fix(security): update qs to 6.14.1 (cherry-pick #15427 for 3.7) (#15428)
• 74943cb chore(deps): update sigs.k8s.io/json digest to 2d32026 (release-3.7) (#15396)
• 5541dfa chore(deps): update google.golang.org/genproto/googleapis/api digest to 8636f...
• 04b8eb5 chore(deps): update github.com/knetic/govaluate digest to 7625b7f (release-3....
• eac80a5 chore(deps): update golang.org/x/exp digest to 716be56 (release-3.7) (#15391)
• 96974bb chore(deps): update k8s.io/utils digest to 914a6e7 (release-3.7) (#15395)
• d4a9527 chore(deps): update k8s.io/gengo digest to 5ee0d03 (release-3.7) (#15393)
• eb73f92 chore(deps): update dependency @​types/react-datepicker to v4.19.6 (release-3....
• c56e671 chore(deps): update dependency @​testing-library/dom to v10.4.1 (release-3.7) ...
• 5a16fc4 chore(deps): update dependency @​testing-library/react to v16.3.2 (release-3.7...
• Additional commits viewable in compare view

Updates github.com/argoproj/gitops-engine from 0.7.1-0.20251108235403-13d5172d3ee2 to 0.7.3

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions