fix(deps): update module helm.sh/helm/v3 to v3.14.2 [security] (#2329)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [helm.sh/helm/v3](https://togithub.com/helm/helm) | `v3.14.1` ->
`v3.14.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/helm.sh%2fhelm%2fv3/v3.14.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/helm.sh%2fhelm%2fv3/v3.14.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/helm.sh%2fhelm%2fv3/v3.14.1/v3.14.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/helm.sh%2fhelm%2fv3/v3.14.1/v3.14.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

### GitHub Vulnerability Alerts

####
[CVE-2024-26147](https://togithub.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6)

A Helm contributor discovered uninitialized variable vulnerability when
Helm parses index and plugin yaml files missing expected content.

### Impact

When either an `index.yaml` file or a plugins `plugin.yaml` file were
missing all metadata a panic would occur in Helm.

In the Helm SDK this is found when using the `LoadIndexFile` or
`DownloadIndexFile` functions in the `repo` package or the `LoadDir`
function in the `plugin` package. For the Helm client this impacts
functions around adding a repository and all Helm functions if a
malicious plugin is added as Helm inspects all known plugins on each
invocation.

### Patches

This issue has been resolved in Helm v3.14.2.

### Workarounds

If a malicious plugin has been added which is causing all Helm client
commands to panic, the malicious plugin can be manually removed from the
filesystem.

If using Helm SDK versions prior to 3.14.2, calls to affected functions
can use `recover` to catch the panic.

### For more information

Helm's security policy is spelled out in detail in our
[SECURITY](https://togithub.com/helm/community/blob/master/SECURITY.md)
document.

### Credits

Disclosed by Jakub Ciolek at AlphaSense.

---

### Release Notes

<details>
<summary>helm/helm (helm.sh/helm/v3)</summary>

### [`v3.14.2`](https://togithub.com/helm/helm/releases/tag/v3.14.2):
Helm v3.14.2

[Compare
Source](https://togithub.com/helm/helm/compare/v3.14.1...v3.14.2)

Helm v3.14.2 is a security (patch) release. Users are strongly
recommended to update to this release.

A Helm contributor discovered uninitialized variable vulnerability when
Helm parses index and plugin yaml files missing expected content.

Jakub Ciolek with AlphaSense discovered the vulnerability.

#### Installation and Upgrading

Download Helm v3.14.2. The common platform binaries are here:

- [MacOS amd64](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz.sha256sum)
/ 64c633ae194bde77b7e7b7936a2814a7417817dc8b7bb7d270bd24a7a17b8d12)
- [MacOS arm64](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz.sha256sum)
/ ff502fd39b06497fa3d5a51ec2ced02b9fcfdb0e9a948d315fb1b2f13ddc39fb)
- [Linux amd64](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz.sha256sum)
/ 0885a501d586c1e949e9b113bf3fb3290b0bbf74db9444a1d8c2723a143006a5)
- [Linux arm](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz.sha256sum)
/ b70fb6fa2cdf0a5c782320c9d7e7b155fcaec260169218c98316bb3cf0d431d9)
- [Linux arm64](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz.sha256sum)
/ c65d6a9557bb359abc2c0d26670de850b52327dc3976ad6f9e14c298ea3e1b61)
- [Linux i386](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz.sha256sum)
/ 0e08cd56cc952ab4646c57c5ec7cde2412c39373aec3df659a14597dd9874461)
- [Linux ppc64le](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz.sha256sum)
/ f3bc8582ff151e619cd285d9cdf9fef1c5733ee5522d8bed2ef680ef07f87223)
- [Linux s390x](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz.sha256sum)
/ 7bda34aa26638e5116b31385f3b781172572175bf4c1ae00c87d8b154458ed94)
- [Linux riscv64](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz)
([checksum](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz.sha256sum)
/ f6278facd3e2e6af52a5f6d038f2149428d115ba2b4523edbe5889d1170e9203)
- [Windows amd64](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip)
([checksum](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip.sha256sum)
/ aa094e435da74ad574f96924c37ecd0c75f0be707ac604ef97ed6021d6bc0784)

This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2
5E36 B98E ` and can be found at
[@&#8203;mattfarina](https://togithub.com/mattfarina) [keybase
account](https://keybase.io/mattfarina). Please use the attached
signatures for verifying this release using `gpg`.

The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get
you going from there. For **upgrade instructions** or detailed
installation notes, check the [install
guide](https://helm.sh/docs/intro/install/). You can also use a [script
to
install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3)
on any system with `bash`.

#### What's Next

- 3.14.3 will contain only bug fixes and be released on March 13, 2024.
-   3.15.0 is the next feature release and will be on May 08, 2024.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMDAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIwMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

go.mod

@@ -47,7 +47,7 @@ require (
 	golang.org/x/crypto v0.18.0
 	golang.org/x/sync v0.6.0
 	golang.org/x/term v0.17.0
-	helm.sh/helm/v3 v3.14.1
+	helm.sh/helm/v3 v3.14.2
 	k8s.io/api v0.29.1
 	k8s.io/apimachinery v0.29.1
 	k8s.io/client-go v0.29.1

go.sum

@@ -2404,8 +2404,8 @@ gorm.io/gorm v1.25.5 h1:zR9lOiiYf09VNh5Q1gphfyia1JpiClIWG9hQaxB/mls=
 gorm.io/gorm v1.25.5/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
 gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
 gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
-helm.sh/helm/v3 v3.14.1 h1:4AwRLx+wfzlPtvrsbDmWP5PUokGmf9/nAmEdk21vae8=
-helm.sh/helm/v3 v3.14.1/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424=
+helm.sh/helm/v3 v3.14.2 h1:V71fv+NGZv0icBlr+in1MJXuUIHCiPG1hW9gEBISTIA=
+helm.sh/helm/v3 v3.14.2/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=