build: bump traefik/v2 from 2.11.10 to 2.11.18 in /apptests

[dependabot]

Bumps github.com/traefik/traefik/v2 from 2.11.10 to 2.11.18.

Release notes

Sourced from github.com/traefik/traefik/v2's releases.

v2.11.18

Bug fixes:

• [websocket,server] Disable http2 connect setting for websocket by default (#11412 by rtribotte)

v2.11.17

⚠️ There is an issue with websocket upgrade. If you want to use this version, please set the following environment variable GODEBUG=http2xconnect=0 ⚠️

Bug fixes:

• [acme] Update go-acme/lego to v4.21.0 (#11368 by ldez)
• [middleware] Fix typo in basicauth note (#11397 by tieje)
• [service] Configure ErrorLog in httputil.ReverseProxy (#11344 by peacewalker122)
• Bump golang.org/x/net to v0.33.0 (#11365 by kevinpollet)

Documentation:

• [acme] Fix allowACMEByPass TOML example (#11370 by hannesbraun)
• [k8s/crd] Update copyright for 2025 (#11383 by kevinpollet)

v2.11.16

Bug fixes:

• [server] Update golang.org/x dependencies (#11336 by rtribotte)

v2.11.15

CVE: CVE-2024-53259 (Advisory GHSA-hxr6-2p24-hf98)

Bug fixes:

• [acme] Update go-acme/lego to v4.20.4 (#11295 by ldez)
• [http3] Update github.com/quic-go/quic-go to v0.48.2 (#11320 by kevinpollet)

v2.11.14

CVE: CVE-2024-45410 (Advisory GHSA-h924-8g65-j9wg)

Important: Please read the migration guide.

Bug fixes:

• [acme] Update go-acme/lego to v4.20.2 (#11263 by ldez)
• [logs,server] Change level of peeking first byte error log to DEBUG (#11254 by rtribotte)
• [middleware,server] Drop untrusted X-Forwarded-Prefix header (#11253 by rtribotte)
• [server] Apply keepalive config to h2c entrypoints (#11276 by davefu113)
• [service] Fix internal handlers ServiceBuilder composition (#11281 by juliens)

Documentation:

• [accesslogs] Update access-logs.md, add examples for accesslog.format (#11275 by bluepuma77)
• Fix the defaultRule CLI examples (#11282 by kevinpollet)
• Fix spelling, grammar, and rephrase sections for clarity in some documentation pages (#11280 by AntoineDeveloper)
• Fix absolute link in the migration guide (#11269 by kevinpollet)
• Add X-Forwarded-Prefix to the migration guide (#11267 by kevinpollet)
• Fix a small typo in entrypoints documentation (#11261 by quiode)
• Add a warning about environment variables casing for static configuration (#11226 by anchal00)
• Improve documentation on dashboard (#11220 by mloiseleur)

... (truncated)

Changelog

Sourced from github.com/traefik/traefik/v2's changelog.

v2.11.18 (2025-01-07)

All Commits

Bug fixes:

• [websocket,server] Disable http2 connect setting for websocket by default (#11412 by rtribotte)

v3.3.0 (2025-01-06)

All Commits

Enhancements:

• [acme] Add options to control ACME propagation checks (#11241 by ldez)
• [api] Add support dump API endpoint (#11328 by mmatur)
• [http] Set Host header in HTTP provider request (#11237 by nikonhub)
• [k8s/crd,k8s] Make the IngressRoute kind optional (#11177 by skirtan1)
• [k8s/ingress,sticky-session,k8s/crd,k8s] Support serving endpoints (#11121 by BZValoche)
• [logs,accesslogs] OpenTelemetry Logs and Access Logs (#11319 by rtribotte)
• [logs,accesslogs] Add experimental flag for OTLP logs integration (#11335 by kevinpollet)
• [metrics,tracing,accesslogs] Manage observability at entrypoint and router level (#11308 by rtribotte)
• [middleware,authentication] Add an option to preserve the ForwardAuth Server Location header (#11318 by Nelwhix)
• [middleware,authentication] Only calculate basic auth hashes once for concurrent requests (#11143 by michelheusschen)
• [middleware,authentication] Send request body to authorization server for forward auth (#11097 by kyo-ke)
• [plugins] Add AbortOnPluginFailure option to abort startup on plugin load failure (#11228 by bmagic)
• [sticky-session] Configurable path for sticky cookies (#11166 by IIpragmaII)
• [webui,api] Configurable API & Dashboard base path (#11250 by rtribotte)

Bug fixes:

• [k8s/ingress,k8s/crd] Fix fenced server status computation (#11361 by kevinpollet)

Documentation:

• Prepare release v3.3.0-rc2 (#11362 by rtribotte)
• Prepare Release v3.3.0-rc1 (#11349 by rtribotte)

Misc:

• Merge branch v3.2 into v3.3 (#11402 by kevinpollet)
• Merge branch v3.2 into v3.3 (#11393 by mmatur)
• Merge branch v3.2 into v3.3 (#11389 by mmatur)
• Merge branch v3.2 into v3.3 (#11367 by kevinpollet)
• Merge branch v3.2 into master (#11340 by kevinpollet)
• Merge branch v3.2 into master (#11293 by kevinpollet)
• Merge branch v3.2 into master (#11239 by kevinpollet)
• Merge branch v3.2 into master (#11187 by kevinpollet)

v3.2.4 (2025-01-06)

All Commits

Bug fixes:

• [k8s/gatewayapi] Support empty value for core Kubernetes API group (#11386 by rtribotte)
• [tcp,k8s/crd] Pass TLS bool from IngressRouteTCP to TCPService (#11343 by lipmem)
• [tls] Upgrade github.com/spiffe/go-spiffe/v2 to v2.4.0 (#11385 by mmatur)
• Remove duplicate github.com/coreos/go-systemd dependency (#11354 by Juneezee)

... (truncated)

Commits

• 1aa450c Prepare release v2.11.18
• f9ff604 Disable http2 connect setting for websocket by default
• ee83055 Allow release only on traefik/traefik repo
• a31b026 Prepare release v2.11.17
• 20d4962 Fix typo in basicauth note
• 5f3c30e chore: update linter
• 38ac1e7 Update go-acme/lego to v4.21.0
• 109a871 Update copyright for 2025
• 278e739 Fix allowACMEByPass TOML example
• db31a4c Add webui static files in release tarball
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coveralls]

Pull Request Test Coverage Report for Build 13005962438

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 51.703%

---

Totals
Change from base Build 12999520075:	0.0%
Covered Lines:	167
Relevant Lines:	323

---

💛 - Coveralls

[SandhyaRavi2403]

@dependabot rebase

[SandhyaRavi2403]

@dependabot rebase

[dependabot]

Superseded by #3102.