chore(deps): bump helm.sh/helm/v3 from 3.18.4 to 3.18.5 in the go_modules group (#172)

Bumps the go_modules group with 1 update:
[helm.sh/helm/v3](https://github.com/helm/helm).

Updates `helm.sh/helm/v3` from 3.18.4 to 3.18.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/helm/helm/releases">helm.sh/helm/v3's
releases</a>.</em></p>
<blockquote>
<p>Helm v3.18.5 is a security release. Users are encouraged to upgrade
for the best experience.</p>
<p>The community keeps growing, and we'd love to see you there!</p>
<ul>
<li>Join the discussion in <a
href="https://kubernetes.slack.com">Kubernetes Slack</a>:
<ul>
<li>for questions and just to hang out</li>
<li>for discussing PRs, code, and bugs</li>
</ul>
</li>
<li>Hang out at the Public Developer Call: Thursday, 9:30 Pacific via <a
href="https://zoom.us/j/696660622">Zoom</a></li>
<li>Test, debug, and contribute charts: <a
href="https://artifacthub.io/packages/search?kind=0">ArtifactHub/packages</a></li>
</ul>
<h2>Security Advisories</h2>
<ul>
<li><a
href="https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p">Helm
Charts with Specific JSON Schema Values Can Cause Memory
Exhaustion</a></li>
<li><a
href="https://github.com/helm/helm/security/advisories/GHSA-f9f8-9pmf-xv68">Incorrect
YAML Content Leads To Panic</a></li>
</ul>
<h2>Installation and Upgrading</h2>
<p>Download Helm v3.18.5. The common platform binaries are here:</p>
<ul>
<li><a href="https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz">MacOS
amd64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz.sha256sum">checksum</a>
/ 3200c32cf19bf69b446e97c0060af39f018d2e441e418ad174ba39052f63fb15)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz">MacOS
arm64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz.sha256sum">checksum</a>
/ 32ce3f4910d5a96c1170f3f8f230d4c8b8bc007e5d47b085b8416cfe559d7925)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz">Linux
amd64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz.sha256sum">checksum</a>
/ 9879bf9c471cdecbbee5ee17cf1de1849b0ffd12871ea01f17ede6861d7134f5)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz">Linux
arm</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz.sha256sum">checksum</a>
/ 4be47fa77476bfd6416a44853e28983e7c8594156259813ecf35d004044fb17d)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz">Linux
arm64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz.sha256sum">checksum</a>
/ d25d2c1b1c5a9844755ab5c66e6df4d6b31c25e6d92dd2ce66c137a63ddf9f2c)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz">Linux
i386</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz.sha256sum">checksum</a>
/ 1ee980e47bb37f388abdce3a7e8da64a9b372352c4cb645bda5ddd401973bee3)</li>
<li><a
href="https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz">Linux
ppc64le</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz.sha256sum">checksum</a>
/ 9d300e0efced9b244aedcc9d11c49647deb4c5afc8d2298c988498dc530bc932)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz">Linux
s390x</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz.sha256sum">checksum</a>
/ c779bb4dea8026294378a9ad6447095fb8f56671a8c49437344dd342de2a3156)</li>
<li><a
href="https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz">Linux
riscv64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz.sha256sum">checksum</a>
/ f79d06dc5e966c341fc8ad1a0d5e032f7d681e62c4a51a4d22badec4b9857144)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-windows-amd64.zip">Windows
amd64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-windows-amd64.zip.sha256sum">checksum</a>
/ 464bfd7792d6c682778fc1d5e5bcc9ac5ce83457fe3c4b7a3d0af4dc3ef03eb1)</li>
<li><a href="https://get.helm.sh/helm-v3.18.5-windows-arm64.zip">Windows
arm64</a> (<a
href="https://get.helm.sh/helm-v3.18.5-windows-arm64.zip.sha256sum">checksum</a>
/ 82411e3ee4e349d30221ddf6c26397bb0a41666939b338ccf39f4cd2ec4e4410)</li>
</ul>
<p>The <a href="https://helm.sh/docs/intro/quickstart/">Quickstart
Guide</a> will get you going from there. For <strong>upgrade
instructions</strong> or detailed installation notes, check the <a
href="https://helm.sh/docs/intro/install/">install guide</a>. You can
also use a <a
href="https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3">script
to install</a> on any system with <code>bash</code>.</p>
<h2>What's Next</h2>
<ul>
<li>3.18.6 will contain only bug fixes.</li>
<li>3.19.5 is the next feature release. This release will focus on
...</li>
</ul>
<h2>Changelog</h2>
<ul>
<li>fix Chart.yaml handling 7799b483f52ceb665264a4056da3d2569d60f910
(Matt Farina)</li>
<li>Handle messy index files dd8502f7b4fd5824a696c99909babd0fbed77e9e
(Matt Farina)</li>
<li>json schema fix cb8595bc650e2ec7459427d2b0430599431a3dbe (Robert
Sirchia)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5"><code>b78692c</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/helm/helm/commit/ec5f59e2db56533d042a124f5bae54dd87b558e6"><code>ec5f59e</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/helm/helm/commit/7799b483f52ceb665264a4056da3d2569d60f910"><code>7799b48</code></a>
fix Chart.yaml handling</li>
<li><a
href="https://github.com/helm/helm/commit/dd8502f7b4fd5824a696c99909babd0fbed77e9e"><code>dd8502f</code></a>
Handle messy index files</li>
<li><a
href="https://github.com/helm/helm/commit/cb8595bc650e2ec7459427d2b0430599431a3dbe"><code>cb8595b</code></a>
json schema fix</li>
<li>See full diff in <a
href="https://github.com/helm/helm/compare/v3.18.4...v3.18.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=helm.sh/helm/v3&package-manager=go_modules&previous-version=3.18.4&new-version=3.18.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/open-component-model/ocm-e2e-framework/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

go.mod

@@ -281,6 +281,7 @@ require (
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/sagikazarmark/locafero v0.7.0 // indirect
+	github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 // indirect
 	github.com/sassoftware/relic v7.2.1+incompatible // indirect
 	github.com/secure-systems-lab/go-securesystemslib v0.9.0 // indirect
 	github.com/segmentio/ksuid v1.0.4 // indirect
@@ -300,7 +301,7 @@ require (
 	github.com/spf13/afero v1.14.0 // indirect
 	github.com/spf13/cast v1.7.1 // indirect
 	github.com/spf13/cobra v1.9.1 // indirect
-	github.com/spf13/pflag v1.0.6 // indirect
+	github.com/spf13/pflag v1.0.7 // indirect
 	github.com/spf13/viper v1.20.1 // indirect
 	github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
@@ -343,7 +344,7 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.2 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/crypto v0.39.0 // indirect
+	golang.org/x/crypto v0.40.0 // indirect
 	golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
 	golang.org/x/mod v0.25.0 // indirect
 	golang.org/x/net v0.41.0 // indirect
@@ -366,11 +367,11 @@ require (
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	helm.sh/helm/v3 v3.18.4 // indirect
+	helm.sh/helm/v3 v3.18.5 // indirect
 	k8s.io/component-base v0.33.3 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20250701173324-9bd5c66d9911 // indirect
-	k8s.io/kubectl v0.33.2 // indirect
+	k8s.io/kubectl v0.33.3 // indirect
 	k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect
 	oras.land/oras-go/v2 v2.6.0 // indirect
 	sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect

go.sum

@@ -302,6 +302,8 @@ github.com/distribution/distribution/v3 v3.0.0 h1:q4R8wemdRQDClzoNNStftB2ZAfqOiN
 github.com/distribution/distribution/v3 v3.0.0/go.mod h1:tRNuFoZsUdyRVegq8xGNeds4KLjwLCRin/tTo6i1DhU=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
+github.com/dlclark/regexp2 v1.11.5 h1:Q/sSnsKerHeCkc/jSTNq1oCm7KiVgUMZRDUoRu0JQZQ=
+github.com/dlclark/regexp2 v1.11.5/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 github.com/docker/cli v28.2.2+incompatible h1:qzx5BNUDFqlvyq4AHzdNB7gSyVTmU4cgsyN9SdInc1A=
 github.com/docker/cli v28.2.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
@@ -806,6 +808,8 @@ github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkB
 github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
 github.com/sagikazarmark/locafero v0.7.0 h1:5MqpDsTGNDhY8sGp0Aowyf0qKsPrhewaLSsFaodPcyo=
 github.com/sagikazarmark/locafero v0.7.0/go.mod h1:2za3Cg5rMaTMoG/2Ulr9AwtFaIppKXTRYnozin4aB5k=
+github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 h1:KRzFb2m7YtdldCEkzs6KqmJw4nqEVZGK7IN2kJkjTuQ=
+github.com/santhosh-tekuri/jsonschema/v6 v6.0.2/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU=
 github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGqpgjJU3DYAZeI05A=
 github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk=
 github.com/sassoftware/relic/v7 v7.6.2 h1:rS44Lbv9G9eXsukknS4mSjIAuuX+lMq/FnStgmZlUv4=
@@ -858,8 +862,9 @@ github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y=
 github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
 github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
 github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0=
-github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
 github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M=
+github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.20.1 h1:ZMi+z/lvLyPSCoNtFCpqjy0S4kPbirhpTMwl8BkW9X4=
 github.com/spf13/viper v1.20.1/go.mod h1:P9Mdzt1zoHIG8m2eZQinpiBjo6kCmZSKBClNNqjJvu4=
 github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE=
@@ -1038,8 +1043,8 @@ golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58
 golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
-golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
+golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
+golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw=
 golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM=
@@ -1221,8 +1226,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
 gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
-helm.sh/helm/v3 v3.18.4 h1:pNhnHM3nAmDrxz6/UC+hfjDY4yeDATQCka2/87hkZXQ=
-helm.sh/helm/v3 v3.18.4/go.mod h1:WVnwKARAw01iEdjpEkP7Ii1tT1pTPYfM1HsakFKM3LI=
+helm.sh/helm/v3 v3.18.5 h1:Cc3Z5vd6kDrZq9wO9KxKLNEickiTho6/H/dBNRVSos4=
+helm.sh/helm/v3 v3.18.5/go.mod h1:L/dXDR2r539oPlFP1PJqKAC1CUgqHJDLkxKpDGrWnyg=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 k8s.io/api v0.33.3 h1:SRd5t//hhkI1buzxb288fy2xvjubstenEKL9K51KBI8=
@@ -1241,8 +1246,8 @@ k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 k8s.io/kube-openapi v0.0.0-20250701173324-9bd5c66d9911 h1:gAXU86Fmbr/ktY17lkHwSjw5aoThQvhnstGGIYKlKYc=
 k8s.io/kube-openapi v0.0.0-20250701173324-9bd5c66d9911/go.mod h1:GLOk5B+hDbRROvt0X2+hqX64v/zO3vXN7J78OUmBSKw=
-k8s.io/kubectl v0.33.2 h1:7XKZ6DYCklu5MZQzJe+CkCjoGZwD1wWl7t/FxzhMz7Y=
-k8s.io/kubectl v0.33.2/go.mod h1:8rC67FB8tVTYraovAGNi/idWIK90z2CHFNMmGJZJ3KI=
+k8s.io/kubectl v0.33.3 h1:r/phHvH1iU7gO/l7tTjQk2K01ER7/OAJi8uFHHyWSac=
+k8s.io/kubectl v0.33.3/go.mod h1:euj2bG56L6kUGOE/ckZbCoudPwuj4Kud7BR0GzyNiT0=
 k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y=
 k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 ocm.software/ocm v0.26.0 h1:64bvOBWmqyrNWy224Dr/XP5S6L7dkrn34Sk3yC/2nHs=