v5.1.6

nancy ignore

CVE-2021-25749 ## Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.Fix not available in community till now.

v5.1.5

Determine token exchange URL based on cluster provider.
In case of satellite cluster provider, always use provided token exchange URL, if not provided use public IAM endpoint.

v5.1.4

Nancy Ignore

CVE-2020-8561 ## CWE-610: Externally Controlled Reference to a Resource in Another Sphere
CVE-2021-25740 ## CWE-610: Externally Controlled Reference to a Resource in Another Sphere
sonatype-2022-6522 ## 1 non-CVE vuln [pkg:golang/k8s.io/apiserver@v0.26.3]

v5.1.3

Upgrade golang to 1.19.6
Upgrade k8s dependencies to 1.26

v5.1.2

Read node instance ID from node spec provider ID
Avoid resizing filesystem for block volumes
Remove preStop hook for csi-driver-registrar in deployment file
CVE-2022-41717

v5.1.1

1. Remove dependency on gc_provider configuration.
2. Reading secrets and config map using golang k8s client, hence removing dependency on mounting the necessary k8s secret and config map.
3. Code changes to keep intact with secret-common-lib repository - passing initialised k8s client as argument to secret provider.

v5.1.0

• Snapshot size should reflect actual source volume size #100
• Improvements in Resize method. (Move Resize logic to IBM/ibm-csi-common)
  PR: IBM/ibm-csi-common#70
• Update kubernetes dependency to 1.25 #106

v5.0.2

What's Changed

• Multiple tags formatting issue by @sameshai in #102

Full Changelog: v5.0.1...v5.0.2

v4.4.6

What's Changed

• Multiple tags formatting issue by @sameshai in #103

Full Changelog: v4.4.5...v4.4.6

v5.0.1

Updated secret-common-lib dependency which has capability to read the k8s secret as per the provider type (VPC).