Bump sigs.k8s.io/kustomize/kyaml from 0.13.0 to 0.14.1

[dependabot]

Bumps sigs.k8s.io/kustomize/kyaml from 0.13.0 to 0.14.1.

Release notes

Sourced from sigs.k8s.io/kustomize/kyaml's releases.

kyaml/v0.14.1

#5058: perf: optimize Gvk.ApiVersion()

kyaml/v0.14.0

Breaking changes

#4926: copyutils.CopyDir() now requires a FileSystem argument #4019: remove Resid.LegacySortString()

Features

#4886: add creation support to PathMatcher filter #4947: Allow fieldspecs (used in advanced transformer configuration) to start with a slash.

Bug fixes/performance improvements

#4944: Refactor mapping node traversal and optimize RNode.GetAnnotations and RNode.GetLabels #4890: Fix null value handling when applying strategic merge patches. A null in the patch is a deletion directive, but a null in the target should be preserved. #4967: fix data race when using openapi from multiple goroutines #4990: Improve panic error message for invalid openapi schema file to include the parse error #4806: runtimeutils.GetFunctionSpec throws error when resource metadata is not found #4582: update openapi scripts to fetch protobuffer schemas

Dependencies

#4877: Update minimum Go version to Go 1.19 #4889: fix: all module net and text dependent package CVE-2022-41717 and CVE-2022-32149 vulnerabilities #4965: Bump k8s.io/kube-openapi to remove archived dependency #4960: Update sigs.k8s.io/yaml to v1.3.0 #4970: Replace github/pkg/errors with sigs.k8s.io/kustomize/kyaml/errors

kyaml/v0.13.10

#4727: Improve invalid node kind errors #4754: Stop using deprecated ioutil functions #4758: Emit a warning when using missing field in FunctionSpec #4764: Update internal go-yaml fork to v3.0.1, picking up bug fixes and a panic fix that has an associated CVE #4806: update golangci-lint version to v1.49.0 #4820: preallocate memory for performance improvements #4830: update kyaml's dependency swag to v0.22.3

kyaml/v0.13.9

#4742: prevent testing lib from being compiled in

kyaml/v0.13.8

#4675: Update dependency of github.com/xlab/treeprint to v1.1.0 #4677: Add filesys.ConfirmDir function to ensure that a path is a directory and clean it #4729: Allow colon in filenames for in-memory filesystem abstraction

kyaml/v0.13.7

... (truncated)

Commits

• 4ffc861 Merge pull request #5087 from KnVerey/prerelease_update
• 8338873 Changes from local test run
• dd520f8 Revert strict decoding of Kustomization due to regression in anchor handling ...
• bf6e6ad Merge pull request #5085 from koba1t/chore/update_golangci_to_1.51.2
• e1094da skip unrelevant lint
• 7d150ce Revert "use enable-all on golangci-lint"
• 39264a7 use enable-all on golangci-lint
• 736e166 update golangci-lint to 1.51.2
• e8b521e Merge pull request #5053 from kubernetes-sigs/dependabot/go_modules/functions...
• a4954d3 Bump golang.org/x/net in /functions/examples/application-cr/image
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #449.