Chores: Pick patches from main. (#11103)

* Release version v1.10.0

* set deploy url to v1-10-0 in docs

* quotes around numbers fort ports definitions

* Bump dorny/paths-filter from 3.0.1 to 3.0.2

Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/dorny/paths-filter/releases)
- [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md)
- [Commits](dorny/paths-filter@ebc4d7e...de90cc6)

---
updated-dependencies:
- dependency-name: dorny/paths-filter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

* Bump aquasecurity/trivy-action from 0.17.0 to 0.18.0

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.17.0 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@84384bd...062f259)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Bump github/codeql-action from 3.24.5 to 3.24.6

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@47b3d88...8a470fd)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

* Bump github.com/prometheus/common from 0.48.0 to 0.49.0

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.48.0 to 0.49.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.48.0...v0.49.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Bump docker/setup-buildx-action from 3.0.0 to 3.1.0

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@f95db51...0d103c3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Bump github.com/stretchr/testify from 1.8.4 to 1.9.0

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Bump actions/download-artifact from 4.1.2 to 4.1.4

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@eaceaf8...c850b93)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

* Update README.md

remove older version, left latest for release train.

* docs: update the 404 link to FAQ

* bump golang

* golangci-lint update, ci cleanup, group dependabot updates

* bump golangci-lint to v1.56.x

* cleanup empty lines

* group dependabot updates

* run on job changes as well

* remove deprecated checks

* fix lints and format

* Bump github.com/prometheus/common from 0.49.0 to 0.50.0

Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.49.0 to 0.50.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.49.0...v0.50.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

* Bump the all group with 1 update

Bumps the all group with 1 update: [google.golang.org/grpc](https://github.com/grpc/grpc-go).

Updates `google.golang.org/grpc` from 1.62.0 to 1.62.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.62.0...v1.62.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

* Bump the all group with 1 update

Bumps the all group with 1 update: [actions/add-to-project](https://github.com/actions/add-to-project).

Updates `actions/add-to-project` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](actions/add-to-project@31b3f3c...0609a27)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

* Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.16.0

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.15.0...v2.16.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

---------

Co-authored-by: Ricardo Katz <rikatz@users.noreply.github.com>
Co-authored-by: longwuyuan <longwuyuan@gmail.com>
Co-authored-by: Bartosz Fenski <fenio@debian.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Strong <strong.james.e@gmail.com>
Co-authored-by: Grinish <grinish@gmail.com>
Co-authored-by: Carlos Tadeu Panato Junior <ctadeu@gmail.com>

.github/actions/mkdocs/Dockerfile

@@ -1,4 +1,4 @@
-FROM squidfunk/mkdocs-material:9.4.5 
+FROM squidfunk/mkdocs-material:9.4.5
 
 COPY action.sh /action.sh
 

.github/dependabot.yml

@@ -9,6 +9,10 @@ updates:
       - "area/dependency"
       - "release-note-none"
       - "ok-to-test"
+    groups:
+      all:
+        update-types:
+          - "patch"
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
@@ -17,6 +21,11 @@ updates:
       - "area/dependency"
       - "release-note-none"
       - "ok-to-test"
+    groups:
+      all:
+        update-types:
+          - "minor"
+          - "patch"
   - package-ecosystem: "docker"
     directory: "/images"
     schedule:
@@ -25,3 +34,8 @@ updates:
       - "area/dependency"
       - "release-note-none"
       - "ok-to-test"
+    groups:
+      actions:
+        update-types:
+          - "minor"
+          - "patch"

.github/workflows/ci.yaml

@@ -49,7 +49,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
-      - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: filter
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -78,10 +78,10 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      
+
       - name: Get go version
         run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV
-        
+
       - name: Set up Go
         id: go
         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
@@ -100,13 +100,13 @@ jobs:
       golangversion: ${{ steps.golangversion.outputs.version }}
     if: |
       (needs.changes.outputs.go == 'true') || (needs.changes.outputs.charts == 'true') || (needs.changes.outputs.baseimage == 'true')
-     
+
     env:
         PLATFORMS: linux/amd64
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      
+
       - name: Get go version
         id: golangversion
         run: |
@@ -124,7 +124,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
+        uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0
         with:
           version: latest
 
@@ -136,14 +136,14 @@ jobs:
           curl -LO https://dl.k8s.io/release/v1.27.3/bin/linux/amd64/kubectl
           chmod +x ./kubectl
           sudo mv ./kubectl /usr/local/bin/kubectl
-      
+
       - name: Build NGINX Base image
         if: |
           needs.changes.outputs.baseimage == 'true'
         run: |
             export TAG=$(cat images/nginx-1.25/TAG)
             cd images/nginx-1.25/rootfs && docker buildx build --platform=${{ env.PLATFORMS }} --load -t registry.k8s.io/ingress-nginx/nginx-1.25:${TAG} .
-    
+
       - name: Build images
         env:
           TAG: 1.0.0-dev
@@ -200,7 +200,7 @@ jobs:
           helm unittest charts/ingress-nginx -d
 
       - name: cache
-        uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
+        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
         with:
           name: docker.tar.gz
 

.github/workflows/docs.yaml

@@ -25,7 +25,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
-      - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: filter
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/golangci-lint.yml

@@ -2,10 +2,9 @@ name: golangci-lint
 
 on:
   pull_request:
-    branches:
-      - "*"
     paths:
       - '**/*.go'
+      - '.github/workflows/golangci-lint.yml'
 
 permissions:
   contents: read
@@ -17,18 +16,18 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      
+
       - name: Get go version
         run: echo "GOLANG_VERSION=$(cat GOLANG_VERSION)" >> $GITHUB_ENV
-      
+
       - name: Set up Go
         id: go
         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
         with:
           go-version: ${{ env.GOLANG_VERSION }}
           check-latest: true
-      
+
       - name: golangci-lint
         uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
         with:
-          version: v1.55.2
+          version: v1.56

.github/workflows/helm.yaml

@@ -37,7 +37,7 @@ jobs:
         run: |
           ./build/run-in-docker.sh ./hack/verify-chart-lint.sh
 
-      - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: filter
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/images.yaml

@@ -42,7 +42,7 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: filter
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
@@ -69,7 +69,7 @@ jobs:
               - 'images/opentelemetry/**'
             nginx125:
               - 'images/nginx-1.25/TAG'
- 
+
   #### TODO: Make the below jobs 'less dumb' and use the job name as parameter (the github.job context does not work here)
   cfssl:
     needs: changes
@@ -89,7 +89,6 @@ jobs:
       name: custom-error-pages
     secrets: inherit
 
-
   e2e-test-echo:
     needs: changes
     if: |
@@ -201,7 +200,7 @@ jobs:
         uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
+        uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c # v3.1.0
         with:
           version: latest
           platforms: ${{ env.PLATFORMS }}
@@ -214,5 +213,3 @@ jobs:
         run: |
           export TAG=$(cat images/nginx-1.25/TAG)
           cd images/nginx-1.25/rootfs && docker buildx build --platform=${{ env.PLATFORMS }} --push -t ingressnginx/nginx-1.25:${TAG} .
-    
-

.github/workflows/plugin.yaml

@@ -33,7 +33,7 @@ jobs:
           args: release --snapshot --clean
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      
+
       - name: Run GoReleaser
         if: ${{ startsWith(github.ref, 'refs/tags/') }}
         uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0

.github/workflows/project.yml

@@ -13,7 +13,7 @@ jobs:
       repository-projects: write
       issues: write
     steps:
-      - uses: actions/add-to-project@31b3f3ccdc584546fc445612dec3f38ff5edb41c # v0.5.0
+      - uses: actions/add-to-project@0609a2702eefb44781da00f8e04901d6e5cd2b92 # v0.6.0
         with:
           project-url: https://github.com/orgs/kubernetes/projects/104
           github-token: ${{ secrets.PROJECT_WRITER }}

.github/workflows/scorecards.yml

@@ -59,6 +59,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
+        uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
         with:
           sarif_file: results.sarif

.github/workflows/vulnerability-scans.yaml

@@ -60,7 +60,7 @@ jobs:
 
       - name: Scan image with AquaSec/Trivy
         id: scan
-        uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0
+        uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d # v0.18.0
         with:
           image-ref: registry.k8s.io/ingress-nginx/controller:${{ matrix.versions }}
           format: 'sarif'
@@ -75,7 +75,7 @@ jobs:
 
       # This step checks out a copy of your repository.
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
+        uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
         with:
           token: ${{ github.token }}
           # Path to SARIF file relative to the root of the repository

.github/workflows/zz-tmpl-images.yaml

@@ -32,7 +32,7 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: filter
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/zz-tmpl-k8s-e2e.yaml

@@ -23,7 +23,7 @@ jobs:
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: cache
-        uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
+        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
         with:
           name: docker.tar.gz
 

.golangci.yml

@@ -200,9 +200,7 @@ linters-settings:
       - stringConcatSimplify
       - stringsCompare
       - switchTrue
-      - timeCmpSimplify
       - timeExprSimplify
-      - todoCommentWithoutDetail
       - tooManyResultsChecker
       - typeAssertChain
       - typeDefFirst

GOLANG_VERSION

@@ -1 +1 @@
-1.22.0
+1.22.1

README.md

@@ -12,7 +12,7 @@
 ingress-nginx is an Ingress controller for Kubernetes using [NGINX](https://www.nginx.org/) as a reverse proxy and load
 balancer.
 
-[Learn more about Ingress on the main Kubernetes documentation site](https://kubernetes.io/docs/concepts/services-networking/ingress/).
+[Learn more about Ingress on the Kubernetes documentation site](https://kubernetes.io/docs/concepts/services-networking/ingress/).
 
 ## Get started
 
@@ -28,7 +28,7 @@ If you encounter issues, review the [troubleshooting docs](docs/troubleshooting.
 
 See [the list of releases](https://github.com/kubernetes/ingress-nginx/releases) for all changes.
 For detailed changes for each release, please check the [changelog-$version.md](./changelog) file for the release version.
-For detailed changes on the `ingress-nginx` helm chart, please check the changelog folder for a specific version
+For detailed changes on the `ingress-nginx` helm chart, please check the changelog folder for a specific version.
 [CHANGELOG-$current-version.md](./charts/ingress-nginx/changelog) file.
 
 ### Supported Versions table
@@ -38,23 +38,19 @@ the versions listed. Ingress-Nginx versions **may** work on older versions, but
 
 |  Supported  | Ingress-NGINX version | k8s supported version        | Alpine Version | Nginx Version | Helm Chart Version |
 |:--:|-----------------------|------------------------------|----------------|---------------|------------------------------|
+| 🔄 | **v1.10.0**            | 1.29, 1.28, 1.27, 1.26        | 3.19.1         | 1.25.3        | 4.10.0*                 |
 | 🔄 | **v1.9.6**            | 1.29, 1.28, 1.27, 1.26, 1.25        | 3.19.0         | 1.21.6        | 4.9.1*                 |
 | 🔄 | **v1.9.5**            | 1.28, 1.27, 1.26, 1.25        | 3.18.4         | 1.21.6        | 4.9.0*                       |
 | 🔄 | **v1.9.4**            | 1.28, 1.27, 1.26, 1.25        | 3.18.4         | 1.21.6        | 4.8.3                        |
 | 🔄 | **v1.9.3**            | 1.28, 1.27, 1.26, 1.25        | 3.18.4         | 1.21.6        | 4.8.*                        |
 | 🔄 | **v1.9.1**            | 1.28, 1.27, 1.26, 1.25        | 3.18.4         | 1.21.6        | 4.8.*                        |
 | 🔄 | **v1.9.0**            | 1.28, 1.27, 1.26, 1.25        | 3.18.2         | 1.21.6        | 4.8.*                        |
-| 🔄 | **v1.8.4**            | 1.27, 1.26, 1.25, 1.24        | 3.18.2         | 1.21.6        | 4.7.*                        |
-| 🔄 | **v1.8.2**            | 1.27, 1.26, 1.25, 1.24        | 3.18.2         | 1.21.6        | 4.7.*                        |
-| 🔄 | **v1.8.1**            | 1.27, 1.26, 1.25, 1.24        | 3.18.2         | 1.21.6        | 4.7.*              |
-| 🔄 | **v1.8.0**            | 1.27, 1.26, 1.25, 1.24        | 3.18.0         | 1.21.6        | 4.7.*              |
-|  | **v1.7.1**            | 1.27, 1.26, 1.25, 1.24        | 3.17.2         | 1.21.6        | 4.6.*              |
-|  | **v1.7.0**            | 1.26, 1.25, 1.24             | 3.17.2         | 1.21.6        | 4.6.*              |
+|  | v1.8.4            | 1.27, 1.26, 1.25, 1.24        | 3.18.2         | 1.21.6        | 4.7.*                        |
+|  | v1.7.1            | 1.27, 1.26, 1.25, 1.24        | 3.17.2         | 1.21.6        | 4.6.*              |
 |    | v1.6.4                | 1.26, 1.25, 1.24, 1.23       | 3.17.0         | 1.21.6        | 4.5.*              |
 |    | v1.5.1                | 1.25, 1.24, 1.23             | 3.16.2         | 1.21.6        | 4.4.*              |
 |    | v1.4.0                | 1.25, 1.24, 1.23, 1.22       | 3.16.2         | 1.19.10†      | 4.3.0              |
 |    | v1.3.1                | 1.24, 1.23, 1.22, 1.21, 1.20 | 3.16.2         | 1.19.10†      | 4.2.5              |
-|    | v1.3.0                | 1.24, 1.23, 1.22, 1.21, 1.20 | 3.16.0         | 1.19.10†      | 4.2.3              |
 
 See [this article](https://kubernetes.io/blog/2021/07/26/update-with-ingress-nginx/) if you want upgrade to the stable
 Ingress API.

changelog/controller-1.10.0.md

@@ -0,0 +1,68 @@
+# Changelog
+
+This release is the first using NGINX v1.25.0!
+
+## Breaking changes
+* This version does not support chroot image, this will be fixed on a future minor patch release
+* This version dropped Opentracing and zipkin modules, just Opentelemetry is supported
+* This version dropped support for PodSecurityPolicy
+* This version dropped support for GeoIP (legacy). Only GeoIP2 is supported
+
+### controller-v1.10.0
+
+Images:
+
+* registry.k8s.io/ingress-nginx/controller:v1.10.0@sha256:42b3f0e5d0846876b1791cd3afeb5f1cbbe4259d6f35651dcc1b5c980925379c
+
+### All changes:
+
+* Start the release of v1.10.0 (#11038)
+* bump nginx and Go, remove tag file and old CI jobs (#11037)
+* Fix kubewebhook image tag (#11033)
+* add missing backend-protocol annotation option (#9545)
+* Update controller-prometheusrules.yaml (#8902)
+* Stop reporting interrupted tests (#11027)
+* test(gzip): reach ingress (#9541)
+* fix datasource, $exported_namespace variable in grafana nginx dashboard (#9092)
+* Properly support a TLS-wrapped OCSP responder (#10164)
+* Fix print-e2e-suite (#9536)
+* chore(deps): upgrade headers-more module to 0.37 (#10991)
+* Update ingress-path-matching.md (#11008)
+* Update ingress-path-matching.md (#11007)
+* E2E Tests: Explicitly enable metrics. (#10962)
+* Chart: Set `--enable-metrics` depending on `controller.metrics.enabled`. (#10959)
+* Chart: Remove useless `default` from `_params.tpl`. (#10957)
+* Fix golang makefile var name (#10932)
+* Fixing image push (#10931)
+* fix: live-docs script (#10928)
+* docs: Add vouch-proxy OAuth example (#10929)
+* Add OTEL build test and for NGINX v1.25 (#10889)
+* docs: update annotations docs with missing session-cookie section (#10917)
+* Release controller 1.9.6 and helm 4.9.1 (#10919)
+
+### Dependency updates:
+
+* Bump kubewebhook certgen (#11034)
+* Bump go libraries (#11023)
+* Bump modsecurity on nginx 1.25 (#11024)
+* Bump grpc and reintroduce OTEL compilation (#11021)
+* Bump github/codeql-action from 3.24.0 to 3.24.5 (#11017)
+* Bump actions/dependency-review-action from 4.0.0 to 4.1.3 (#11016)
+* Bump dorny/paths-filter from 3.0.0 to 3.0.1 (#10994)
+* Bump github.com/prometheus/client_model from 0.5.0 to 0.6.0 (#10998)
+* Bump actions/upload-artifact from 4.3.0 to 4.3.1 (#10978)
+* Bump actions/download-artifact from 4.1.1 to 4.1.2 (#10981)
+* Bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (#10979)
+* Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#10980)
+* Bump golang.org/x/crypto from 0.18.0 to 0.19.0 (#10976)
+* Bump github/codeql-action from 3.23.2 to 3.24.0 (#10971)
+* Bump github.com/opencontainers/runc from 1.1.11 to 1.1.12 (#10951)
+* Bump google.golang.org/grpc from 1.60.1 to 1.61.0 (#10938)
+* Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#10937)
+* Bump dorny/test-reporter from 1.7.0 to 1.8.0 (#10936)
+* Bump github/codeql-action from 3.23.1 to 3.23.2 (#10935)
+* Bump dorny/paths-filter from 2.11.1 to 3.0.0 (#10934)
+* Bump alpine to 3.19.1 (#10930)
+* Bump go to v1.21.6 and set a single source of truth (#10926)
+
+**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/controller-v1.9.6...controller-v1.10.0