This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [kairos-io/kairos](https://togithub.com/kairos-io/kairos) | minor |
`v3.0.14` -> `v3.1.2` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>kairos-io/kairos (kairos-io/kairos)</summary>

###
[`v3.1.2`](https://togithub.com/kairos-io/kairos/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/kairos-io/kairos/compare/v3.1.1...v3.1.2)

#### ⚠️ The following issues have been resolved, so it is safe to
upgrade again:

Kairos user ids change on upgrade, breaking ssh login
[#&#8203;2797](https://togithub.com/kairos-io/kairos/issues/2797)
Long duration hang during boot
[#&#8203;2802](https://togithub.com/kairos-io/kairos/issues/2802)

#### What's Changed

- 🤖 Check that install/recovery services are off during active
boot by [@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2775](https://togithub.com/kairos-io/kairos/pull/2775)
- 🐧 Disable pcrlock for all systemd distros by
[@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2778](https://togithub.com/kairos-io/kairos/pull/2778)
- 🐛 Empty machine-id instead of removing it by
[@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2784](https://togithub.com/kairos-io/kairos/pull/2784)
- 🐛 Fix +base-image for Remote Execution by
[@&#8203;sdwilsh](https://togithub.com/sdwilsh) in
[https://github.com/kairos-io/kairos/pull/2808](https://togithub.com/kairos-io/kairos/pull/2808)

**Full Changelog**:
kairos-io/kairos@v3.1.1...v3.1.2

###
[`v3.1.1`](https://togithub.com/kairos-io/kairos/releases/tag/v3.1.1)

[Compare
Source](https://togithub.com/kairos-io/kairos/compare/v3.1.0...v3.1.1)

### Upgrade issues

Be advised that there is currently an issue when upgrading from 3.0.x to
3.1.x in which the user ids will change. This will result in any files
owned by the user under its /home directory to lose permissions which
can lead to not being able to ssh (ssh keys will have a different user
id)

We are currently working on a workaround, so you are advised to not
upgrade until 3.1.2 is released with a fix for this.

#### What's Changed

Bug fixes 🐛

- Disable make cache timer on fedora by
[@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2717](https://togithub.com/kairos-io/kairos/pull/2717)
- It's not possible to login on an Alpine 3.19 RPi fixed by
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;2439](https://togithub.com/kairos-io/kairos/issues/2439)
- Expired password on system with no rtc (e.g. rpi4) on Alpine fixed by
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;1994](https://togithub.com/kairos-io/kairos/issues/1994)
- cgroup_memory not mounted in Alpine rpi4 fixed by
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;2002](https://togithub.com/kairos-io/kairos/issues/2002)
- reset from the GRUB menu on alpine, gets stuck in an endless loop
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;2136](https://togithub.com/kairos-io/kairos/issues/2136)

#### Known Issues

- RPi EFI booting no longer supported on kernels shipped with Ubuntu
24.04+ [#&#8203;2249](https://togithub.com/kairos-io/kairos/issues/2249)

**Full Changelog**:
kairos-io/kairos@v3.1.0...v3.1.1

###
[`v3.1.0`](https://togithub.com/kairos-io/kairos/releases/tag/v3.1.0)

[Compare
Source](https://togithub.com/kairos-io/kairos/compare/v3.0.14...v3.1.0)

### Upgrade issues

Be advised that there is currently an issue when upgrading from 3.0.x to
3.1.x in which the user ids will change. This will result in any files
owned by the user under its /home directory to lose permissions which
can lead to not being able to ssh (ssh keys will have a different user
id)

We are currently working on a workaround, so you are advised to not
upgrade until 3.1.2 is released with a fix for this.

#### Potential Breaking Changes

By default, Uki artifacts (identified by the -uki suffix) no longer
include Linux modules and firmware in the image. Real-world testing has
shown that many EFI firmwares are very particular about the size of the
EFI image, often refusing to boot if the file exceeds 300-400MB. Given
the wide variety of EFI firmware implementations, predicting whether a
UKI EFI file will boot on different hardware is challenging.

To enhance compatibility, we decided to slim down the UKI files by
removing the largest components: the Linux modules and firmware
packages. This results in EFI files around 200-300MB, which are much
more likely to boot correctly across various EFI implementations.

However, this change comes with a trade-off. Smaller images, while being
more compatible with a wide range of EFI firmwares, may lack
comprehensive hardware support because they do not include all the Linux
modules and firmware packages. This means that certain hardware
components may not function correctly or optimally when using these
slimmer UKI images.

On the other hand, larger UKI images, which include all necessary
modules and firmware for extensive hardware support, provide better
functionality and compatibility with a broad range of hardware. However,
these larger images are more likely to encounter boot issues due to EFI
firmware limitations, as many EFI implementations refuse to boot files
larger than 300-400MB.

We publish -uki artifacts ourselves, which are the slimmed versions, as
examples of how to build a slimmer UKI artifact. While these serve as a
reference, we recommend always building your own custom images to tailor
them to your specific hardware needs. If you need to include those
packages for full hardware support, you can create a custom artifact to
add them back, as detailed in the Kairos docs.

We recommend keeping your UKI EFI files as small as possible to maximize
boot success across different EFI firmware implementations. While
smaller images offer better compatibility, they may lack full hardware
support. Conversely, larger images, which include all necessary modules
and firmware, provide comprehensive hardware support but may fail to
boot due to EFI firmware constraints.

Check out how to build your own base images with the [Kairos
Factory](https://kairos.io/docs/reference/kairos-factory/)

#### What's Changed

💿  UKI

- UKI: measured systemd-sysext by
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;2117](https://togithub.com/kairos-io/kairos/issues/2117)
- UKI: Verify images signature before upgrade by
[@&#8203;Itxaka](https://togithub.com/Itxaka)
[#&#8203;2200](https://togithub.com/kairos-io/kairos/issues/2200)
- UKI: Enroll keys during setup
[#&#8203;2048](https://togithub.com/kairos-io/kairos/issues/2048)
- Install limited amount of modules for UKI Ubuntu by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2566](https://togithub.com/kairos-io/kairos/pull/2566)

🐧

- Support for Ubuntu 24.04 LTS by
[@&#8203;mauromorales](https://togithub.com/mauromorales)
[#&#8203;2138](https://togithub.com/kairos-io/kairos/issues/2138) and
deprecation of 23.10
- Support for Fedora 40 by [@&#8203;Itxaka](https://togithub.com/Itxaka)
in
[https://github.com/kairos-io/kairos/pull/2502](https://togithub.com/kairos-io/kairos/pull/2502)
and deprecation of previous versions
- refactor debian dockerfile to build arm by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2542](https://togithub.com/kairos-io/kairos/pull/2542)
- Bump opensuse Leap to 15.6 by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2623](https://togithub.com/kairos-io/kairos/pull/2623)

🐛

- fix(nvidia): do not ship nohang in nvidia-arm builds by
[@&#8203;mudler](https://togithub.com/mudler) in
[https://github.com/kairos-io/kairos/pull/2433](https://togithub.com/kairos-io/kairos/pull/2433)
- Allow https protocol in ipxe by
[@&#8203;jimmykarily](https://togithub.com/jimmykarily) in
[https://github.com/kairos-io/kairos/pull/2468](https://togithub.com/kairos-io/kairos/pull/2468)
- fix(orin): disable ISCSI in the initramfs generation by
[@&#8203;mudler](https://togithub.com/mudler) in
[https://github.com/kairos-io/kairos/pull/2474](https://togithub.com/kairos-io/kairos/pull/2474)
- 🐛 Move nfs-utils to common build target in opensuse flavor by
[@&#8203;kaiehrhardt](https://togithub.com/kaiehrhardt) in
[https://github.com/kairos-io/kairos/pull/2495](https://togithub.com/kairos-io/kairos/pull/2495)
- 🐛 Install cryptsetup for all arches in opensuse by
[@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2691](https://togithub.com/kairos-io/kairos/pull/2691)

📖

- 📖 chore: fix typos by
[@&#8203;xiaoxianBoy](https://togithub.com/xiaoxianBoy) in
[https://github.com/kairos-io/kairos/pull/2441](https://togithub.com/kairos-io/kairos/pull/2441)
- readme: add links to project governance by
[@&#8203;mudler](https://togithub.com/mudler) in
[https://github.com/kairos-io/kairos/pull/2498](https://togithub.com/kairos-io/kairos/pull/2498)
- Update LICENSE by [@&#8203;mudler](https://togithub.com/mudler) in
[https://github.com/kairos-io/kairos/pull/2503](https://togithub.com/kairos-io/kairos/pull/2503)
- Add OpenSSF best practices badge by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2639](https://togithub.com/kairos-io/kairos/pull/2639)
- Add clomonitor badge by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2640](https://togithub.com/kairos-io/kairos/pull/2640)
- Link to GH Security Draft Advisory form by
[@&#8203;mauromorales](https://togithub.com/mauromorales) in
[https://github.com/kairos-io/kairos/pull/2650](https://togithub.com/kairos-io/kairos/pull/2650)

🔧

- More options for enki outputs by
[@&#8203;Itxaka](https://togithub.com/Itxaka) in
[https://github.com/kairos-io/kairos/pull/2515](https://togithub.com/kairos-io/kairos/pull/2515)

#### New Contributors

- [@&#8203;xiaoxianBoy](https://togithub.com/xiaoxianBoy) made their
first contribution in
[https://github.com/kairos-io/kairos/pull/2441](https://togithub.com/kairos-io/kairos/pull/2441)

**Full Changelog**:
kairos-io/kairos@v3.0.14...v3.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/marinatedconcrete/config).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjUuMSIsInVwZGF0ZWRJblZlciI6IjM4LjU2LjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Shawn Wilsher <[email protected]>