Bump github.com/crossplane/crossplane from 1.12.1 to 1.12.3

[dependabot]

Bumps github.com/crossplane/crossplane from 1.12.1 to 1.12.3.

Release notes

Sourced from github.com/crossplane/crossplane's releases.

v1.12.3

v1.12.3 solves some minor bug fixes and addresses a few security issues shared during the security audit by Ada Logic and facilitated by OSTIF, sponsored by CNCF. See the report for more details.

Notable changes

• Fix composition functions to be able to run with unconfined AppArmor profile.
• Security fixes, see the report for more details.
• Minor fix to composition schema validation alpha feature.

What's Changed

• [Backport release-1.12] chore(Dockerfile): use COPY instead of ADD by @​github-actions in crossplane/crossplane#4176
• Update debian:bookworm-slim Docker digest to d8f9d38 (release-1.12) by @​renovate in crossplane/crossplane#4197
• [Backport release-1.12] fix: limit xfn stdout and stderr by @​github-actions in crossplane/crossplane#4237
• [Backport release-1.12] fix(xfn): set max layers number limit for images by @​github-actions in crossplane/crossplane#4239
• [Backport release-1.12] fix(crank): copy to tar file one chunk at a time by @​github-actions in crossplane/crossplane#4235
• [Backport release-1.12] Run xfn with unconfined AppArmor profile by @​github-actions in crossplane/crossplane#4248
• Update debian:bookworm-slim Docker digest to 9bd077d (release-1.12) by @​renovate in crossplane/crossplane#4336
• [Backport release-1.12] fix: limit max number of layers for Packages by @​github-actions in crossplane/crossplane#4353
• [Backport release-1.12] fix: stop rbac manager's rule expansion on timeout by @​github-actions in crossplane/crossplane#4354
• [Backport release-1.12] chore: bump go-containerregistry to v0.15.3-0.20230625233257-b8504803… by @​phisco in crossplane/crossplane#4357
• [Backport release-1.12] fix(alpha): re-evaluating additional fields against schema by @​github-actions in crossplane/crossplane#4360
• [Backport release-1.12] fix: properly handle annotations schema aware validation by @​github-actions in crossplane/crossplane#4362
• [Backport release-1.12] fix: max size of package parsed limited to 200MB by @​github-actions in crossplane/crossplane#4364
• [Backport release-1.12] fix: validate Package images by @​github-actions in crossplane/crossplane#4374
• [Backport release-1.12] composite: fix nil-dereference by @​github-actions in crossplane/crossplane#4382
• Update ci.yml hashes by @​ezgidemirel in crossplane/crossplane#4392

Full Changelog: crossplane/crossplane@v1.12.2...v1.12.3

v1.12.2

v1.12.2 addresses a few minor bugs and bumps a few dependencies to address vulnerabilities image scanners might have reported.

Notable changes

• Clarified the ControllerConfig deprecation message, highlighting that it's not going to be removed until a better option is available and a clear migration path has been well documented and publicly shared. Reduced also the number of times the message is shown to reduce noise.
• Fixed CRDs retrieval for the schema-aware Composition validation (alpha) in case of multiple CRDs defining the same Kind, but in different groups.
• Bumped a few dependencies to remove the number of HIGH CVEs reported by image scanners.

What's Changed

• Update gcr.io/distroless/static Docker digest to 7198a35 (release-1.12) by @​renovate in crossplane/crossplane#4090
• Update debian:bookworm-slim Docker digest to e1a80fd (release-1.12) by @​renovate in crossplane/crossplane#4089
• [Backport release-1.12] fix(alpha): schema-aware validation properly retrieving crds by @​github-actions in crossplane/crossplane#4112
• [Backport release-1.12] fix: handle nil deletion policy as not being foreground by @​github-actions in crossplane/crossplane#4123
• [Backport release-1.12] chore: bump go-containerregistry by @​phisco in crossplane/crossplane#4145
• [Backport release-1.12] Clarify ControllerConfig deprecation message to reduce confusion by @​github-actions in crossplane/crossplane#4153

Full Changelog: crossplane/crossplane@v1.12.1...v1.12.2

Commits

• 57e1f45 Merge pull request #4392 from ezgidemirel/patch-1.12
• 30f2080 add "Cleanup Disk" step to the publish-artifacts job
• 887996a Update ci.yml hashes
• 1b5b783 Merge pull request #4382 from crossplane/backport-4380-to-release-1.12
• 109b5c0 composite: fix nil-dereference
• 6190adf Merge pull request #4374 from crossplane/backport-4370-to-release-1.12
• ed79a7e tests: remove successfull package fetch test case
• a129395 fix: validate Package images against manifest on pull
• 2719ea3 Merge pull request #4364 from crossplane/backport-4358-to-release-1.12
• aa6d3b6 Merge pull request #4362 from crossplane/backport-4361-to-release-1.12
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.