fix(deps): update module helm.sh/helm/v3 to v3.19.0 (main)

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
helm.sh/helm/v3	v3.18.6 -> v3.19.0

---

Release Notes

helm/helm (helm.sh/helm/v3)

v3.19.0: Helm v3.19.0

Compare Source

Helm v3.19.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Fixed a helm pull regression from 3.18 - error pulling OCI charts with --password #​31230
• Fixed a helm lint regression from Helm 3.18 - rejected JSON Schema $ref URLs that worked in 3.17.x #​31166
• Fixed go mod tidy #​31154
• Fixed k8s version parsing not matching original #​31091
• Fixed charts failing when using a redirect registry #​31087
• Fixed missing debug logging for OCI transport
• Fixed broken legacy docker support for login #​30941
• Fixed bugs from the move to ORAS v2
• Fixed processing all hook deletions on failure #​30673
• Feature for helm create added httproute from gateway-api to create chart template #​30658

Installation and Upgrading

Download Helm v3.19.0. The common platform binaries are here:

• MacOS amd64 (checksum / 09a108c0abda42e45af172be65c49125354bf7cd178dbe10435e94540e49c7b9)
• MacOS arm64 (checksum / 31513e1193da4eb4ae042eb5f98ef9aca7890cfa136f4707c8d4f70e2115bef6)
• Linux amd64 (checksum / a7f81ce08007091b86d8bd696eb4d86b8d0f2e1b9f6c714be62f82f96a594496)
• Linux arm (checksum / 8708367b8e8bed9bdf8429bb57536e4223cdca96245dffc205cb0cb670b151f4)
• Linux arm64 (checksum / 440cf7add0aee27ebc93fada965523c1dc2e0ab340d4348da2215737fc0d76ad)
• Linux i386 (checksum / ca0329cd1b09267e7c63c563e32462265949c31512b537dd6615d0b5190040fc)
• Linux ppc64le (checksum / f57ea04d7fa62cc3e90a831eb67edb1400c810df6083875bee3a7c195a795ce4)
• Linux s390x (checksum / 0dff2f249f71690e3b420ebb5efc573eb26a51b4a614c4391c8c7fa3e47863f2)
• Linux riscv64 (checksum / 978af545a3d72a253ce1d4c03c9febb509a239a48b2581107e548883ab61a227)
• Windows amd64 (checksum / 6488630c2e5d5945ed990fa02fd9e99f9c6792cdbcd79eb264b6cfb90179d2d1)
• Windows arm64 (checksum / 488f7530a1776da1b46b14e988bf305c9d7419c78e7e73aeb92f198a41c9ef6b)

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.19.1 will contain only bug fixes.
• 3.20.0 is the next feature release.

Changelog

• bump version to v3.19.0 3d8990f (Scott Rigby)
• fix: use username and password if provided 9a54bf1 (Evans Mungai)
• chore(deps): bump the k8s-io group with 7 updates 5af0f68 (dependabot[bot])
• chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 e485606 (dependabot[bot])
• chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 6355c3d (dependabot[bot])
• chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 ec61f66 (dependabot[bot])
• fix(helm-lint): fmt b278020 (Isaiah Lewis)
• fix(helm-lint): Add TLSClientConfig d33ac5e (Isaiah Lewis)
• fix(helm-lint): Add HTTP/HTTPS URL support for json schema references 8543709 (Isaiah Lewis)
• chore(deps): bump the k8s-io group with 7 updates 89a3f90 (dependabot[bot])
• fix: go mod tidy for v3 da4c583 (Terry Howe)
• chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0 e40b1b3 (dependabot[bot])
• chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 a27e9db (dependabot[bot])
• fix Chart.yaml handling f13afaa (Matt Farina)
• Handle messy index files 039b0b1 (Matt Farina)
• chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28 bec98a9 (dependabot[bot])
• json schema fix 6d9509a (Robert Sirchia)
• fix: k8s version parsing to match original 807225e (Borys Hulii)
• chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 cbbd569 (dependabot[bot])
• Do not explicitly set SNI in HTTPGetter 5e8ff72 (Terry Howe)
• chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 5b5fb5b (dependabot[bot])
• chore(deps): bump the k8s-io group with 7 updates d12538a (dependabot[bot])
• chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 303f803 (dependabot[bot])
• chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 abcc2ed (dependabot[bot])
• chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 521c67b (dependabot[bot])
• Disabling linter due to unknown issue 227c9cb (Matt Farina)
• Updating link handling 4389fa6 (Matt Farina)
• Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 372e403 (dependabot[bot])
• build(deps): bump the k8s-io group with 7 updates 4fa5a64 (dependabot[bot])
• build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 6284ed8 (dependabot[bot])
• fix: user username password for login 2c55a4e (Terry Howe)
• Update pkg/registry/transport.go a16e986 (Terry Howe)
• Update pkg/registry/transport.go cea26d8 (Terry Howe)
• fix: add debug logging to oci transport b52bb41 (Terry Howe)
• build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 45075cf (dependabot[bot])
• build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0 73a7826 (dependabot[bot])
• fix: legacy docker support broken for login 733f94c (Terry Howe)
• fix: plugin installer test with no Internet fc36041 (Terry Howe)
• Handle an empty registry config file. cfe8cef (Matt Farina)
• Prevent fetching newReference again as we have in calling method c33215d (Benoit Tigeot)
• Prevent failure when resolving version tags in oras memory store f552b67 (Benoit Tigeot)
• fix(client): skipnode utilization for PreCopy a18a52e (Brandt Keller)
• test: Skip instead of returning early. looks more intentional fedf502 (Jesse Simpson)
• test: tests repo stripping functionality fe512ba (Jesse Simpson)
• test: include tests for Login based on different protocol prefixes 099a9e1 (Jesse Simpson)
• fix(client): layers now returns manifest - remove duplicate from descriptors b07ab77 (Brandt Keller)
• fix(client): return nil on non-allowed media types c225c12 (Brandt Keller)
• Fix 3.18.0 regression: registry login with scheme c0f3ace (Scott Rigby)
• Update pkg/plugin/plugin.go dce60ad (Benoit Tigeot)
• Update pkg/plugin/plugin.go cda0865 (Benoit Tigeot)
• Wait for Helm v4 before raising when platformCommand and Command are set 5d9d9a0 (Benoit Tigeot)
• Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" c5249c1 (Matt Farina)
• build(deps): bump the k8s-io group with 7 updates 5b0520d (dependabot[bot])
• chore: update generalization warning message afefca8 (Feng Cao)
• build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0 8d6d27c (dependabot[bot])
• build(deps): bump the k8s-io group with 7 updates 502c0d5 (dependabot[bot])
• build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0 92be9ac (dependabot[bot])
• fix: move warning to top of block eb5b6d5 (Feng Cao)
• fix: govulncheck workflow 6b15f26 (Matthieu MOREL)
• fix: replace fmt warning with slog 6b5c944 (Feng Cao)
• fix: add warning when ignore repo flag 247bf7c (Feng Cao)
• bump version to v3.18.0 9404459 (Robert Sirchia)
• backport #​30673 to dev-v3 0a800e8 (Gerard Nguyen)
• feat: add httproute from gateway-api to create chart template bd1b67b (Henrik Gerdes)

Full Changelog: helm/helm@v3.18.6...v3.19.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

[red-hat-konflux]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 10 additional dependencies were updated

Details:

Package	Change
k8s.io/api	v0.33.4 -> v0.34.0
k8s.io/apiextensions-apiserver	v0.33.4 -> v0.34.0
k8s.io/apimachinery	v0.33.4 -> v0.34.0
k8s.io/client-go	v0.33.4 -> v0.34.0
k8s.io/component-base	v0.33.4 -> v0.34.0
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	v0.58.0 -> v0.60.0
k8s.io/apiserver	v0.33.4 -> v0.34.0
k8s.io/kms	v0.33.4 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20250701173324-9bd5c66d9911 -> v0.0.0-20250710124328-f3f2b991d03b

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign sahare for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[openshift-ci]

@red-hat-konflux[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/unit	517d372	link	true	/test unit
ci/prow/images	517d372	link	true	/test images

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.