Skip to content

Bump io.strimzi:api from 1.0.0 to 1.0.1 in the dependencies group#203

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/dependencies-5a517388b0
Closed

Bump io.strimzi:api from 1.0.0 to 1.0.1 in the dependencies group#203
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/dependencies-5a517388b0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 1 update: io.strimzi:api.

Updates io.strimzi:api from 1.0.0 to 1.0.1

Release notes

Sourced from io.strimzi:api's releases.

1.0.1

⚠️ ⚠️ ⚠️ Important: Strimzi 1.0.1 supports only the new v1 CRD API. The older v1beta2, v1beta1, and v1alpha1 APIs are no longer supported. Before upgrading to Strimzi 1.0.1, make sure to convert all custom resources and upgrade the CRDs.


Main changes since 1.0.0

  • Entity Operator cross-namespace watching is now controlled by the STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED environment variable in the Cluster Operator. This feature is now disabled by default. If you have watchedNamespace configured in your Kafka CR's Entity Operator sections and it differs from the cluster namespace, you must set STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED=true in the Cluster Operator deployment:
    env:
      - name: STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED
        value: "true"
  • Fixes CVE-2026-55225
  • Fixes CVE-2026-55226

Upgrading from Strimzi 0.51.0

See the documentation for upgrade instructions. Make sure to follow the CRD upgrade instructions!

Container images

The following container images are part of this release:

Name Image
Operators quay.io/strimzi/operator@sha256:9c32dfe22d8602f43e8d8780706fbf65f023bcde3cef272688f35d1eead2640f
Apache Kafka 4.1.0 quay.io/strimzi/kafka@sha256:b7da827ad38b199877387893a6cdf381d4eddae92854141eefe4a7a3b31c3b8f
Apache Kafka 4.1.1 quay.io/strimzi/kafka@sha256:1c4811ff5ac8368a44327e24431775602fe9e008c20a45814858776c348658c8
Apache Kafka 4.1.2 quay.io/strimzi/kafka@sha256:39bce6f044fe43c62b1355b4e855866899685f316db15cd25a27f7f37fffa99f
Apache Kafka 4.2.0 quay.io/strimzi/kafka@sha256:8cbd25d7bb132cc64fde7ac8460a5e4198fc67deadfd1bef5430866a7befbe47
Strimzi Bridge quay.io/strimzi/kafka-bridge@sha256:dcec1c978f4174c101b78fd290a698fad89f83439c9a868bbbd9c9750b146fdf
Kaniko executor quay.io/strimzi/kaniko-executor@sha256:ca8838eb04f394cd3ae6268d70dd9bc7852c5c603aa30ae6aff407c2c5a29639
Maven Builder quay.io/strimzi/maven-builder@sha256:101291b64945417a01d152d12803bc8b42a4d8c9b4735b61957c4c99e4ae9f35
Buildah builder quay.io/strimzi/buildah@sha256:3ac4d8fde6eca2ad837dc5258390f5ea704949b0539c77a394eb33a63c806b97
Changelog

Sourced from io.strimzi:api's changelog.

1.0.1

  • Entity Operator cross-namespace watching is now controlled by the STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED environment variable in the Cluster Operator. This feature is now disabled by default. If you have watchedNamespace configured in your Kafka CR's Entity Operator sections and it differs from the cluster namespace, you must set STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED=true in the Cluster Operator deployment:
    env:
      - name: STRIMZI_ENTITY_OPERATOR_WATCHED_NAMESPACE_ENABLED
        value: "true"
  • Fixes CVE-2026-55225
  • Fixes CVE-2026-55226
Commits
  • 833dbbd Bump central-publishing-maven-plugin to fix release pipeline issue
  • 636da0c Prepare for 1.0.1 release
  • b3bfeff Added enable flag for topic and user operators watched namespace
  • ecaef18 Added missing labels in the KSM deployment file (#12663)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 1 update: [io.strimzi:api](https://github.com/strimzi/strimzi-kafka-operator).


Updates `io.strimzi:api` from 1.0.0 to 1.0.1
- [Release notes](https://github.com/strimzi/strimzi-kafka-operator/releases)
- [Changelog](https://github.com/strimzi/strimzi-kafka-operator/blob/main/CHANGELOG.md)
- [Commits](strimzi/strimzi-kafka-operator@1.0.0...1.0.1)

---
updated-dependencies:
- dependency-name: io.strimzi:api
  dependency-version: 1.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 22, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Looks like io.strimzi:api is updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 29, 2026
@dependabot dependabot Bot deleted the dependabot/maven/dependencies-5a517388b0 branch June 29, 2026 06:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant