build(deps): bump sigs.k8s.io/secrets-store-csi-driver from 1.3.4 to 1.4.1

[dependabot]

Bumps sigs.k8s.io/secrets-store-csi-driver from 1.3.4 to 1.4.1.

Release notes

Sourced from sigs.k8s.io/secrets-store-csi-driver's releases.

v1.4.1 - 2024-01-16

Changelog

Continuous Integration 💜

• 10b07c1c ci: remove low quota regions for aks windows job
• d4e169bf ci: remove aks-engine job templates
• 80637cac ci: add script for aks windows cluster

Maintenance 🔧

• 2884c1d2 chore: bump version to v1.4.1 in release-1.4
• b9101a72 chore: update to go 1.21.6 in docker

Security Fix 🛡️

• eb644a30 security: bump golang.org/x/crypto to v0.17.0 to fix CVE-2023-48795

v1.4.0 - 2023-11-20

Breaking Changes ⚠️

• total_ prefix in the metrics name has been dropped as part of the latest otel bump in the driver. For Prometheus counters, by default the otel library appends total suffix.
  • total_rotation_reconcile -> rotation_reconcile_total
  • total_rotation_reconcile_error -> rotation_reconcile_error_total
  • total_node_publish -> node_publish_total
  • total_node_unpublish -> node_unpublish_total
  • total_node_publish_error -> node_publish_error_total
  • total_node_unpublish_error -> node_unpublish_error_total
  • total_sync_k8s_secret -> sync_k8s_secret_total

Changelog

Bug Fixes 🐞

• 604019ce fix: make manifest diff
• a1380ba0 fix: update nodeserver publish logs
• cdf0b778 fix: put annotations in right position of daemonset
• bb1815ab fix: escape dot in target path regex
• 97d34520 fix: fix CVE-2022-32149 and CVE-2022-27664 (#1059)
• d98c93cb fix: handles pfx certs in k8s secrets sync
• 9fcdbb2c fix: update base image reference in script
• ede4c706 fix: sanitize service account tokens in logs
• 2ee77ca0 fix: use os.Lstat to resolve os.Stat issue in windows
• 3ae12bd2 fix: remove files before cleanup mount point in unpublish
• 0af24830 fix: panic when using --log-format-json
• 830d184a fix: update err variable in defer to prevent err shadowing
• c452ac46 fix: add unit test to validate error shadowed bug

Code Refactoring 💎

• b0af2b93 refactor: use NewSharedInformerFactoryWithOptions for new shared informer
• 14489c70 refactor: update mdbook install and serve

Continuous Integration 💜

• 35d88b78 ci: [StepSecurity] Apply security best practices
• 76b329da ci: add codecov.yml
• 0d4d5a31 ci: update kubernetes versions for staging image tests
• 47bd3215 ci: enable tests with kubernetes v1.26
• 12cdcb42 ci: ignore slack badge in markdown link check
• a3c0e4eb ci: add codeql action

... (truncated)

Commits

• d2cc6c4 Merge pull request #1424aramase/automated-cherry-pick-of-#1423
• 148e1dd release: update manifest and helm charts for v1.4.1
• 48c6fa2 Merge pull request #1422 from aramase/aramase/c/bump_release_1.4_v1.4.1
• 2884c1d chore: bump version to v1.4.1 in release-1.4
• 14967d2 Merge pull request #1412aramase/automated-cherry-pick-of-#1393
• b9101a7 chore: update to go 1.21.6 in docker
• 1b69584 Merge pull request #1411aramase/automated-cherry-pick-of-#1410
• 10b07c1 ci: remove low quota regions for aks windows job
• 5df3a6a Merge pull request #1409aramase/automated-cherry-pick-of-#1407
• eb644a3 security: bump golang.org/x/crypto to v0.17.0 to fix CVE-2023-48795
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[martyn-meister]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.