chore(deps): update crossplane dependencies

[renovate]

This PR contains the following updates:

Package	Update	Change
crossplane-contrib/function-patch-and-transform	minor	v0.4.0 -> v0.8.1
upbound/configuration-gcp-network	minor	v0.5.0 -> v0.7.0
upbound/provider-gcp	patch	v0.41.1 -> v0.41.4

---

Release Notes

crossplane-contrib/function-patch-and-transform (crossplane-contrib/function-patch-and-transform)

v0.8.1

Compare Source

What's Changed

• Update module golang.org/x/net to v0.33.0 release-0.8 [SECURITY] by @​turkenf in https://github.com/crossplane-contrib/function-patch-and-transform/pull/163

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.8.0...v0.8.1

v0.8.0

Compare Source

What's Changed

• chore(deps): update dependency go to v1.22.6 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/140
• fixed missing mergeoptions for CombineFromVariablesPatch by @​gschei in https://github.com/crossplane-contrib/function-patch-and-transform/pull/141
• Use distroless/static image instead of distroless/base since glibc is not used by @​vilmosmartinek in https://github.com/crossplane-contrib/function-patch-and-transform/pull/157
• chore: update go to 1.22.9 by @​AbrohamLincoln in https://github.com/crossplane-contrib/function-patch-and-transform/pull/154
• fix: Mark composite as unready if resources are skipped by @​MisterMX in https://github.com/crossplane-contrib/function-patch-and-transform/pull/137
• fix(deps): update module github.com/crossplane/function-sdk-go to v0.4.0 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/148

New Contributors

• @​vilmosmartinek made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/157
• @​AbrohamLincoln made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/154

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.7.0...v0.8.0

v0.7.0

Compare Source

What's Changed

• added string transform replace by @​gschei in https://github.com/crossplane-contrib/function-patch-and-transform/pull/135
• add required to resources.patches.transforms.string.type by @​jaymiracola in https://github.com/crossplane-contrib/function-patch-and-transform/pull/131
• Update go.mod dependencies regarding CVE issue by @​turkenf in https://github.com/crossplane-contrib/function-patch-and-transform/pull/138
• chore(deps): update dependency go to v1.22.5 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/126
• fix(deps): update module google.golang.org/protobuf to v1.34.2 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/128
• chore(deps): update docker/build-push-action action to v6 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/129
• fix(deps): update k8s.io/utils digest to 18e509b by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/134
• added string transform join by @​gschei in https://github.com/crossplane-contrib/function-patch-and-transform/pull/133
• Check and run go mod tidy by @​Moulick in https://github.com/crossplane-contrib/function-patch-and-transform/pull/139

New Contributors

• @​gschei made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/135
• @​jaymiracola made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/131
• @​turkenf made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/138
• @​Moulick made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/139

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.6.0...v0.7.0

v0.6.0

Compare Source

What's Changed

• chore(deps): update golangci/golangci-lint-action action to v5 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/111
• Clarify mergeOptions to toFieldPath migration logic by @​jbw976 in https://github.com/crossplane-contrib/function-patch-and-transform/pull/112
• Provider multistep pipeline example mixing P&T and Go Templating by @​ytsarev in https://github.com/crossplane-contrib/function-patch-and-transform/pull/115
• chore(deps): update dependency go to v1.22.3 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/118
• chore(deps): update golangci/golangci-lint-action action to v6 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/117
• fix(deps): update module google.golang.org/protobuf to v1.34.1 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/113
• fix(deps): update module k8s.io/utils to v0.0.0-20240502163921-fe8a2dddb1d0 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/114
• fix: allow using function only to patch to and from the environment by @​phisco in https://github.com/crossplane-contrib/function-patch-and-transform/pull/122
• fix: Add back support for To|FromEnvironmentFieldPath type in environment patches by @​truongnht in https://github.com/crossplane-contrib/function-patch-and-transform/pull/125

New Contributors

• @​ytsarev made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/115
• @​truongnht made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/125

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.5.0...v0.6.0

v0.5.0

Compare Source

Notable Changes

• Update toFieldPath policies with options compatible to upstream mergeOptions by @​ravilr in https://github.com/crossplane-contrib/function-patch-and-transform/pull/102

What's Changed

• fix(deps): update kubernetes packages to v0.29.3 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/100
• pass down mergeOptions for wildcarded toField patches by @​ravilr in https://github.com/crossplane-contrib/function-patch-and-transform/pull/103
• round-trip the fieldPath value in FromFieldPath patches through integer-preserving JSON unmarhsal by @​ravilr in https://github.com/crossplane-contrib/function-patch-and-transform/pull/105
• chore(deps): update dependency go to v1.22.2 by @​renovate in https://github.com/crossplane-contrib/function-patch-and-transform/pull/108

New Contributors

• @​ravilr made their first contribution in https://github.com/crossplane-contrib/function-patch-and-transform/pull/102

Full Changelog: crossplane-contrib/function-patch-and-transform@v0.4.0...v0.5.0

upbound/configuration-gcp-network (upbound/configuration-gcp-network)

v0.7.0

Compare Source

What's Changed

• chore(deps): update crossplane dependencies by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/45
• 🔄 synced file(s) with upbound/sa-up by @​upbound-bot in https://github.com/upbound/configuration-gcp-network/pull/46
• chore(deps): update dependency upbound/up to v0.36.4 by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/44
• Switch to v1 provider tags by @​ytsarev in https://github.com/upbound/configuration-gcp-network/pull/47

Full Changelog: upbound/configuration-gcp-network@v0.6.0...v0.7.0

v0.6.0

Compare Source

What's Changed

• chore(deps): update reviewdog/action-yamllint action to v1.13.0 by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/33
• Point e2e reusable workflow to the new location by @​ytsarev in https://github.com/upbound/configuration-gcp-network/pull/36
• 🔄 synced file(s) with upbound/sa-up by @​upbound-bot in https://github.com/upbound/configuration-gcp-network/pull/39
• chore(deps): update github-actions dependencies by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/40
• chore(deps): update dependency ubuntu to v24 by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/42
• chore(deps): update crossplane dependencies by @​renovate in https://github.com/upbound/configuration-gcp-network/pull/41

New Contributors

• @​upbound-bot made their first contribution in https://github.com/upbound/configuration-gcp-network/pull/39

Full Changelog: upbound/configuration-gcp-network@v0.5.0...v0.6.0

upbound/provider-gcp (upbound/provider-gcp)

v0.41.4

Compare Source

The release v0.41.4 introduces:

• Adds info logs in the monolithic provider's output that communicate the deprecation and the next steps https://github.com/crossplane-contrib/provider-upjet-gcp/pull/493
• Adds SSA merge strategy to container Cluster's nodeConfig to avoid fights over ownership https://github.com/crossplane-contrib/provider-upjet-gcp/pull/487

What's Changed

• [Backport release-0.41] Add SSA merge strategy to container Cluster's nodeConfig to avoid fights over ownership. by @​github-actions in https://github.com/crossplane-contrib/provider-upjet-gcp/pull/494
• [Backport release-0.41] Log a deprecation message when the monolithic provider is run by @​github-actions in https://github.com/crossplane-contrib/provider-upjet-gcp/pull/496

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.3...v0.41.4

v0.41.3

Compare Source

The release v0.41.3 sets a default io.Discard logger for the controller-runtime if debug logging is not enabled. If debug logging is enabled, then the controller-runtime uses a debug mode zap logger as usual.

What's Changed

• Set log.Default's output to io.Discard by @​ulucinar in https://github.com/crossplane-contrib/provider-upjet-gcp/pull/482

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.2...v0.41.3

v0.41.2

Compare Source

The release v0.41.2 includes some important bug fixes and dependency bumps detailed below:

• Bump crossplane-runtime to v1.15.1 along with various bug fixes.
• Bump upjet to v1.1.1
• There’s a fix in the implementation of the LateInitialize management policy in the context of the no-fork architecture. Previously, we were relying solely on the managed reconciler for preventing the late-initialization of the managed resources if the specified policies do not contain it. Now, we also explicitly skip the late-initialization in upjet to prevent some accidental updates to the spec.forProvider while, for example, updating the annotations.
• Adds a more explanatory error message when immutable fields of a managed resource have changed.

What's Changed

• [Release-0.41] Switch from the NoFork terminology to the TerraformPluginSDK terminology and bump dependiencies by @​turkenf in https://github.com/upbound/provider-gcp/pull/462

Full Changelog: crossplane-contrib/provider-upjet-gcp@v0.41.1...v0.41.2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[village-labs-bot]

upbound/configuration-gcp-database #47
Change Summary:

• Provider dependency updates for GCP SQL and GCP Service Networking from v0.41.1 to v0.41.4
• Update of function-patch-and-transform dependency from v0.4.0 to v0.7.0

Potential Vulnerability:

• File: crossplane.yaml:22-24
• Code: version: "v0.41.4"
• Explanation: While not immediately vulnerable, version updates should be carefully reviewed to ensure there are no breaking changes in the provider APIs, especially when updating multiple related providers simultaneously (GCP SQL and Service Networking)

Code Smell:
No code smells identified in this change. The modifications are straightforward version updates in the dependency specification.

Debug Log:
No debug logs present in the changes.

Unintended Consequences:

• File: crossplane.yaml:31

• Code: version: "v0.7.0"

• Explanation: The function-patch-and-transform update from v0.4.0 to v0.7.0 represents a significant version jump (3 minor versions). This could introduce breaking changes in function behavior that might affect existing configurations. The changelog should be carefully reviewed for any breaking changes.

• File: crossplane.yaml:22-24

• Code: version: "v0.41.4" version: "v0.41.4"

• Explanation: Simultaneous updates of interdependent providers (GCP SQL and Service Networking) could lead to temporary inconsistencies during deployment if the providers have different deployment times or if one update fails while the other succeeds.

Risk Score: 6
The relatively high risk score is due to:

1. The significant version jump in function-patch-and-transform
2. Simultaneous updates of interdependent providers
3. Potential for breaking changes across multiple components

[kaessert]

/test-examples

[ytsarev]

/test-examples

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[ytsarev]

/test-examples

[ytsarev]

/test-examples

[ytsarev]

/test-examples

[ytsarev]

/test-examples