build(deps): bump github.com/cert-manager/cert-manager from 1.9.1 to 1.14.7

[dependabot]

Bumps github.com/cert-manager/cert-manager from 1.9.1 to 1.14.7.

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.14.7

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

📜 Changes since v1.14.6

Bugfixes

• BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. (#7113, @​cert-manager-bot)

Other (Cleanup or Flake)

• Update github.com/Azure/azure-sdk-for-go/sdk/azidentity to address CVE-2024-35255 (#7093, @​ThatsMrTalbot)

v1.14.6

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

📜 Changes since v1.14.5

Other (Cleanup or Flake)

• Upgrade Go to 1.21.10, fixing GO-2024-2824 (GHSA-2jwv-jmq4-4j3r). (#7008, @​inteon)
• Helm: the cainjector ConfigMap was not mounted in the cainjector deployment. (#7053, @​cert-manager-bot)
• Updated Go to 1.21.11 bringing in security fixes for archive/zip and net/netip. (#7076, @​ThatsMrTalbot)

v1.14.5

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

v1.14.5 fixes a bug in the DigitalOcean DNS-01 provider which could cause incorrect DNS records to be deleted when using a domain with a CNAME. Special thanks to @​BobyMCbobs for reporting this issue and testing the fix!

It also patches CVE-2023-45288.

📜 Changes since v1.14.4

• ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see 1.14 release notes for more information.

Changes

Bug or Regression

• DigitalOcean: Ensure that only TXT records are considered for deletion when cleaning up after an ACME challenge (#6893 , @​SgtCoDFish)
• Bump golang.org/x/net to address CVE-2023-45288 (#6931 , @​SgtCoDFish)

v1.14.4

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager 1.14 brings a variety of features, security improvements and bug fixes, including: support for creating X.509 certificates with "Other Name" fields, and support for creating CA certificates with "Name Constraints" and "Authority Information Accessors" extensions.

⚠️ Known Issues

• ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations

... (truncated)

Commits

• 6365596 Merge pull request #7113 from cert-manager-bot/cherry-pick-7111-to-release-1.14
• 68c1f79 add testcase
• a6d2cb3 only retry when encountering a Vault non-InvalidData error
• 6d339be BUGFIX: retry signing when encountering transient error
• 5895487 Merge pull request #7093 from ThatsMrTalbot/chore/release-1.14-update-azidentity
• 9f1dc2d chore: updating github.com/Azure/azure-sdk-for-go/sdk/azidentity to address C...
• b551790 Merge pull request #7098 from ThatsMrTalbot/fix/normalize-azure-errors
• 6328d7c feat: normalize azure errors
• 3c77ff5 Merge pull request #7078 from ThatsMrTalbot/update-cmd/ctl/v1.14.6
• 3f1d344 Update cmd/ctl's go.mod to v1.14.6
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/cert-manager/cert-manager	[>= 1.15.a, < 1.16]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #72.