diff --git a/.github/workflows/chart-lint-and-test.yml b/.github/workflows/chart-lint-and-test.yml
index ba2eaa20..241a8a90 100644
--- a/.github/workflows/chart-lint-and-test.yml
+++ b/.github/workflows/chart-lint-and-test.yml
@@ -26,14 +26,15 @@ jobs:
           python-version: 3.7
 
       - name: Run Trivy vulnerability scanner in IaC mode
-        uses: aquasecurity/trivy-action@e5f43133f6e8736992c9f3c1b3296e24b37e17f2 # 0.10.0
+        uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # 0.14.0
         with:
           scan-type: 'config'
           hide-progress: false
           format: 'sarif'
           scan-ref: 'deploy/helm/pulumi-operator'
           output: 'trivy-results.sarif'
-          exit-code: '1'
+          limit-severities-for-sarif: true
+          exit-code: '0'
           ignore-unfixed: true
           severity: 'CRITICAL,HIGH'
 
@@ -44,7 +45,7 @@ jobs:
 
       - name: Setup Chart Linting
         id: lint
-        uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
+        uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
 
       - name: List changed charts
         id: list-changed
diff --git a/.github/workflows/chart-publish.yaml b/.github/workflows/chart-publish.yaml
index 205a8c83..2437806c 100644
--- a/.github/workflows/chart-publish.yaml
+++ b/.github/workflows/chart-publish.yaml
@@ -64,7 +64,7 @@ jobs:
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
 
-      - uses: sigstore/cosign-installer@204a51a57a74d190b284a0ce69b44bc37201f343 # v3.0.3
+      - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0
       - name: Push chart to GHCR
         env:
           COSIGN_EXPERIMENTAL: 1
diff --git a/deploy/helm/pulumi-operator/Chart.yaml b/deploy/helm/pulumi-operator/Chart.yaml
index 62c6a2a6..aa3a594f 100755
--- a/deploy/helm/pulumi-operator/Chart.yaml
+++ b/deploy/helm/pulumi-operator/Chart.yaml
@@ -9,8 +9,8 @@ icon: https://www.pulumi.com/logos/brand/twitter-card.png
 
 type: application
 
-version: 0.3.0
-appVersion: 1.13.0
+version: 0.4.0
+appVersion: 1.14.0
 
 keywords:
   - pulumi
@@ -25,10 +25,10 @@ maintainers:
 annotations:
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/changes: |
-    - indentation fix for adding new volumes and volume mounts  (#104)
+    - v1.14.0 release
   artifacthub.io/images: |
     - name: pulumi-kubernetes-operator
-      image: docker.io/pulumi-kubernetes-operator:v1.13.0
+      image: docker.io/pulumi-kubernetes-operator:v1.14.0
   artifacthub.io/license: Apache-2.0
   artifacthub.io/links: |
     - name: website