chore(deps): Bump github.com/kyverno/kyverno from 1.13.2 to 1.13.3 in /backend

[dependabot]

Bumps github.com/kyverno/kyverno from 1.13.2 to 1.13.3.

Release notes

Sourced from github.com/kyverno/kyverno's releases.

v1.13.3

✨ Added ✨

• Added a flag to disable reports sanity checks (#11867)

⚠️ Changed ⚠️

• Removed policy exception dependency from global context (#11788)
• Updated annotations of Kyverno images (#11935)
• Replaced ghcr.io with reg.kyverno.io for image registry (#12031)

🐛 Fixed 🐛

• Fixed distributed labels in group, version, and resource to avoid exceeding limits (#11620)
• Fixed Helm mergeOverwrite overwriting nested objects (#11584)
• Fixed default value for apiCall context (#11733)
• Fixed exemption error caused by convertChecks function for validate.podSecurity subrule (#11780)
• Fixed an image verification issue by copying all fields of public keys (#11770)
• Removed extra line in ConfigMap (#11762)
• Reverted default background scan interval to 1h (#11754)
• Fixed policy with failureActionOverrides not applying desired failure actions in desired namespaces (#11811)
• Fixed an global context logging issue by not emitting an error log on success (#11815)
• Fixed panic in the admission controller when rules are empty (#11821)
• Fixed CLI crash when scanning a namespace YAML object with CEL (#11834)
• Fixed panic in the background controller when updating Generate rules (#11835)
• Fixed the result column for Kyverno test command (#11842)
• Fixed non-fatal parsing errors in logs (#11932)
• Fixed CVEs (#12040, #11926, #11753, #11199)

Helm

• Fixed Helm mergeOverwrite overwriting nested objects (#11584)
• Removed extra line in ConfigMap (#11762)

🔧 Others 🔧

• Updated Chainsaw test apply timeout to 30s (#11794)
• Bumped Python to 3.13.1 (#11801)
• Fixed custom Sigstore conformance tests for Ubuntu 24.04 runner (#11772)
• Chore: Bumped dependencies and updated configurations for various tools and libraries.

Commits

• 425ff9d feat: release v1.13.3 (#12105)
• 81276a8 replace ghcr.io to reg.kyverno.io (#12031) (#12106)
• c2525ec chore: bump golang.org/x/net to 0.33.0 for release-1.13 (#12040)
• fd5698b Fix default value for apiCall context (#11733) (#11988)
• 896c7d1 log non fatal parsing errors (#11932) (#11949)
• d581e9a feat: update annotations of kyverno images (#11935) (#11938)
• 60a9f24 chore: bump opa 0.68.0 (#11786)
• 6f533d3 fix(reports-controller): add a flag to disable reports sanity checks (#11867)...
• 285b5e4 remove policy exception dependancy from globalcontext and add some tests (#11...
• 0316f00 fix global context error message logic error (#11815) (#11853)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 12.81%. Comparing base (c31c3a6) to head (5e05d43).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #869   +/-   ##
=======================================
  Coverage   12.81%   12.81%           
=======================================
  Files          34       34           
  Lines        1342     1342           
=======================================
  Hits          172      172           
  Misses       1124     1124           
  Partials       46       46           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dependabot]

Superseded by #873.