fix(deps): update module github.com/cloudnative-pg/cloudnative-pg to v1.29.1#898
Open
renovate[bot] wants to merge 1 commit intomainfrom
Open
fix(deps): update module github.com/cloudnative-pg/cloudnative-pg to v1.29.1#898renovate[bot] wants to merge 1 commit intomainfrom
renovate[bot] wants to merge 1 commit intomainfrom
Conversation
…v1.29.1 | datasource | package | from | to | | ---------- | ---------------------------------------- | ------- | ------- | | go | github.com/cloudnative-pg/cloudnative-pg | v1.29.0 | v1.29.1 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Contributor
Author
ℹ️ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.29.0→v1.29.1Release Notes
cloudnative-pg/cloudnative-pg (github.com/cloudnative-pg/cloudnative-pg)
v1.29.1Compare Source
Release date: May 8, 2026
Security and Supply Chain
CVE-2026-44477/GHSA-423p-g724-fr39: metrics exporter privilege escalation: the metrics exporter no longer authenticates as thepostgressuperuser. It now uses a dedicatedcnpg_metrics_exporterrole withpg_monitorprivileges only, closing a chain that let a low-privilege database user gain PostgreSQL superuser. (GHSA-423p-g724-fr39)Upgrade impact: custom monitoring queries that read user-owned tables, or use
target_databases: '*'against databases wherePUBLIC CONNECThas been revoked, need explicitGRANTstatements tocnpg_metrics_exporter. See "Custom query privileges and safety" and "Manually creating the metrics exporter role" in the monitoring documentation.For replica clusters, upgrade the source primary cluster before any replica clusters that consume from it. The
cnpg_metrics_exporterrole is created on the source primary and replicates downstream; a replica cluster upgraded first will scrape against a missing role until the source primary upgrades. The manual-recovery section linked above also covers replica clusters.Schema-qualified catalog references in default monitoring queries: hardened the shipped monitoring configuration and documentation samples by qualifying every
pg_catalogobject explicitly. Unqualified references resolve throughsearch_path, which a database user can manipulate to shadow built-in objects. (#10576)Discoverable SBOM and provenance attestations: SBOM and SLSA provenance attached to operator container images now follow the OCI 1.1 Referrers spec, so standard registry tooling and supply-chain scanners can discover them automatically. (#10601)
CVE remediation in
github.com/jackc/pgx/v5: bumped to v5.9.2 to pick up upstream fixes forCVE-2026-33816(memory-safety inpgproto3) andGHSA-j88v-2chj-qfwx(SQL injection via simple-protocol dollar-quoted string handling). (#10437, #10499)CVE remediation in the Go runtime: built with Go 1.26.3 to pick up upstream fixes in
crypto/x509,crypto/tls,net/http, andnet(CVE-2026-32280, CVE-2026-32281, CVE-2026-33810, CVE-2026-33814, CVE-2026-33811, CVE-2026-39825). (#10463, #10647)Build pipeline hardening: the Go 1.26.3 bump also addresses CVE-2026-42501 (
cmd/gomodule-checksum validation), reducing supply-chain exposure during release builds. The affected code paths are not reachable from the running operator. (#10647)Changes
VerifyPeerCertificatetoVerifyConnection, which runs on every completed handshake (the former is skipped on resumed TLS 1.3 sessions). Session resumption is not enabled in CloudNativePG today, so this has no observable effect, but it future-proofs verification if session caching is introduced later. (#10478)Fixes
Fixed a failover window where the former primary kept its primary label. If it returned during failover (for example, after a transient network partition), the
-rwservice kept routing to it, replicas could reconnect, and committed writes were lost topg_rewind. The old primary is now labeledunhealthyto isolate it from service traffic during failover. (#10409)Fixed failover not being triggered when the node hosting the primary becomes unreachable. The operator now reads the pod's
Readycondition (flipped toFalseby the node controller when the kubelet stops reporting) instead ofContainersReady, which stays stale asTruein that scenario. Combined with the spurious-failover guard (#10445), failover triggers only when Kubernetes itself marks the pod not Ready. (#10448)Fixed spurious failovers caused by transient failures on the primary's HTTP status endpoint. (#10445)
Fixed escaping of backslashes and control characters in PostgreSQL configuration values. Previously, such characters in parameters like
log_line_prefixcould corrupt the configuration file or be silently stripped at runtime. (#10515)Fixed
restore_commandconstruction to shell-quote each argument. Values such as adestinationPathcontaining whitespace (for example,s3://my bucket/wal) were word-split by the POSIX shell and passed to the WAL restore tool as separate arguments. (#10518)Tightened
recoveryTargetvalidation in the admission webhook:targetXIDmust now be a non-negative 32-bit integer, andtargetNamemust be shorter than 64 bytes and free of ASCII control characters. Malformed values are rejected at admission instead of failing later during PostgreSQL recovery. (#10565)Fixed snapshot restores failing when leftover
pgsql_tmp*directories were present in the data directory. (#10447)Fixed a deadlock occurring when PVC storage size and resource requests are changed simultaneously. (#10427)
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.