chore(deps): update github actions to v4.2.1

[agntcy-automation]

This PR contains the following updates:

Package	Update	Change	Pending
helm/helm	patch	4.2.0 → 4.2.1	v4.2.2

---

Release Notes

helm/helm (helm/helm)

v4.2.1: Helm v4.2.1

Compare Source

Helm v4.2.1 is a patch release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Fixed data race detected by -race flag when concurrent goroutines (upgrade + rollback, install + uninstall) both call GetWaiterWithOptions on the same FailingKubeClient instance #​31925
• Fixed helm command success messages writing to stderr instead of stdout. Now correctly outputing to stdout #​32056
• Fixed Helm 4 emitting "unable to find exact version" when using version range constraints #​31757
• Fixed a race condition in WaitForDelete where the status observer canceled the watch too early, causing intermittent failures when running a full test suite #​32081
• Bumped golang.org/x/net to v0.55.0 to address GO-2026-5026 #​32153
• Fixed SDK errors by upgrading dependencies: cli-utils 1.2.1, controller-runtime 0.24.1 and k8s 1.36.1 #​32128
• Dependency updates

Installation and Upgrading

Download Helm v4.2.1. The common platform binaries are here:

• MacOS amd64 (checksum / 2a21c9f368d608bcf6eb794ebc06514eb6b529a846b60fe4a43dea7bcce65228)
• MacOS arm64 (checksum / 896472d2ec0740c60f64a9df0fc30d478beee38a1a2a6ed91aa6e6ee177c1575)
• Linux amd64 (checksum / 479dca836e5b45e8bd222400c5591b0e3a647378f03ff96597180db97c17fdae)
• Linux arm (checksum / 49e8f7856de6eab170dc09671cfb0578cc455d820df5b0f54e6453058dc0e3f3)
• Linux arm64 (checksum / 596b9a73d366c1e72ce67d595c22805480e30914593aafbc9f547694e72814db)
• Linux i386 (checksum / e038eab680f22b1cebe68fd0536cf2397b0c10798dcb23c28e500e0804ec1a55)
• Linux loong64 (checksum / 8ae26f15638d951c4ed21d0d3018b8800a137646e5e5151a3856cf324c2852ae)
• Linux ppc64le (checksum / 6f34eca5e314e941577a07be6c8b356f66b9cdefbed1175da1e7916368febcfc)
• Linux s390x (checksum / e6355691887d4185b7e077f058483c04f353229feb7d4a72edc3ebe0b8738a6a)
• Linux riscv64 (checksum / 16a4299f14ff1ffa79bb22115051911c662fa2ecdd90e85b65d7d143e8de9d02)
• Windows amd64 (checksum / 6e7fa7839444b8ddc407c5bcdb1edd1024f57d09c2db971dec511ee2f2616eb0)
• Windows arm64 (checksum / ae4c9acd0d9acd1f9e9da2f60105f793f65fd49ab7c03c6c7d13804c3b885657)

This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at @​scottrigby keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 4.2.2 and 3.21.2 are the next patch releases scheduled for July 8, 2026
• 4.3.0 and 3.22.0 are the next minor releases scheduled for September 9, 2026

Changelog

• fix: protect FailingKubeClient.RecordedWaitOptions from data race (#​31925) d591a19 (Terry Howe)
• fix: route registry client output to stdout instead of stderr (#​32056) 2a9fcae (Terry Howe)
• chore(deps): bump oras.land/oras-go/v2 from 2.6.0 to 2.6.1 ffa5bd6 (dependabot[bot])
• chore(deps): bump golang.org/x/crypto from 0.52.0 to 0.53.0 9f9dbaf (dependabot[bot])
• chore(deps): bump golang.org/x/term from 0.43.0 to 0.44.0 64a2891 (dependabot[bot])
• chore(deps): bump golang.org/x/text from 0.37.0 to 0.38.0 e54a4a2 (dependabot[bot])
• chore(deps): bump github/codeql-action from 4.36.1 to 4.36.2 acb762b (dependabot[bot])
• chore(deps): bump github/codeql-action from 4.36.0 to 4.36.1 768586d (dependabot[bot])
• fix(version): avoid false range detection on prerelease x/X eabfae5 (Benoit Tigeot)
• fix(version): version range || can has no space e3fd51f (Benoit Tigeot)
• feat: report in debug the version we select with version range arg 1e47395 (Benoit Tigeot)
• fix: prevent warning when using version range constraints a33e239 (Benoit Tigeot)
• fix(kube): always propagate context.Canceled in WaitForDelete fa06d44 (Terry Howe)
• fix(kube): prevent spurious early exit in WaitForDelete during informer sync 360d483 (Terry Howe)
• chore(deps): bump github.com/tetratelabs/wazero from 1.11.0 to 1.12.0 7651edf (dependabot[bot])
• chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 b132e7e (dependabot[bot])
• fix(deps): bump golang.org/x/net to v0.55.0 to address GO-2026-5026 eee491a (Terry Howe)
• chore(deps): bump golangci/golangci-lint-action from 9.2.0 to 9.2.1 3e3c575 (dependabot[bot])
• chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 c4ce2bb (dependabot[bot])
• chore(deps): bump actions/stale from 10.2.0 to 10.3.0 3892dc2 (dependabot[bot])
• chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 c4bbb62 (dependabot[bot])
• chore(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 a0d7f16 (dependabot[bot])
• chore(deps): bump github/codeql-action from 4.35.3 to 4.35.4 8a3de05 (dependabot[bot])
• fix(upstream): upgrade to cli-utils 1.2.1, controller-runtime 0.24.1 and k8s 1.36.1 57a4803 (Matheus Pimenta)
• chore(deps): bump github.com/fluxcd/cli-utils from 1.2.0 to 1.2.1 b33ae02 (dependabot[bot])

Full Changelog: helm/helm@v4.2.0...v4.2.1