chore(deps): bump github.com/traefik/traefik/v3 from 3.6.12 to 3.6.14 in /tests

[dependabot]

Bumps github.com/traefik/traefik/v3 from 3.6.12 to 3.6.14.

Release notes

Sourced from github.com/traefik/traefik/v3's releases.

v3.6.14

Important: Please read the migration guide.

CVE fixed:

• CVE-2026-40912 (Advisory GHSA-6jwx-7vp4-9847)
• CVE-2026-39858 (Advisory GHSA-5m6w-wvh7-57vm)
• CVE-2026-35051 (Advisory GHSA-6384-m2mw-rf54)
• CVE-2026-41263 (Advisory GHSA-6x2q-h3cr-8j2h)
• CVE-2026-41174 (Advisory GHSA-xhjw-95fp-8vgq)

Bug fixes:

• [acme] Bump github.com/go-acme/lego/v4 to v4.34.0 (#12993 @​ldez)
• [docker] Downgrade log level for missing container on inspect (#12900 @​Otoru)
• [sticky-session, k8s/crd] Make SameSite cookie value case-insensitive (#12922 @​murataslan1)
• [k8s/crd, k8s] Honor allowCrossNamespace with chain middleware CRD (#12976 @​rtribotte)
• [middleware] Remove untrusted X headers with underscores (#12961 @​rtribotte)
• [middleware] Sanitize the request URL after stripping the prefix (#12990 @​kevinpollet)
• [middleware] Deprecate ForwardAuth.TrustForwardHeader option (#13012 @​kevinpollet)
• [middleware, authentication] Remove map lookup making the basic auth notFoundSecret empty (#12960 @​rtribotte)
• [middleware, authentication] Fix trustForwardHeader on forward auth middleware (#12994 @​juliens)
• [middleware, authentication] Cleanup and make ForwardAuth logs consistent (#13013 @​kevinpollet)
• [webui] Upgrade form-data to 2.5.4, 3.0.4, 4.0.4 (#12958 @​orbisai0security)

Documentation:

• [k8s] Fix yaml indentation (#12957 @​isayme)
• [k8s] Clarify install config watchNamespace watches only one namespace (#12962 @​parkerfath)
• [k8s/crd] Update ingressroute.md (#12916 @​Rajakavitha1)
• Reverse versions order in migration guide (#12959 @​nmengin)
• Update vulnerability submission guidelines (#12968 @​emilevauge)

v3.6.13

Bug fixes:

• [middleware] Bump github.com/klauspost/compress v1.18.4 and fix TestNegotiation (#12937 @​thaJeztah)

Documentation:

• [docker] Fix docker-compose.yaml location in Docker setup page (#12860 @​ScottA38)
• [docker, consul, ecs, k8s] Fix documentation on how to restrict the scope of service discovery (#12645 @​mloiseleur)
• [k8s/ingress-nginx] Add OVHcloud (OpenStack Octavia) to Cloud-Specific IP Management (#12759 @​antonin-a)
• [k8s/ingress-nginx] Clarify IngressClass selection logic (#12926 @​kevinpollet)
• Add missing redirects for Getting started (#12886 @​nmengin)
• Add redirects for deleted pages (#12889 @​sheddy-traefik)
• Fix default value of http.sanitizePath (#12904 @​iTob191)

Changelog

Sourced from github.com/traefik/traefik/v3's changelog.

v3.6.14 (2026-04-22)

All Commits

Bug fixes:

• [acme] Bump github.com/go-acme/lego/v4 to v4.34.0 (#12993 @​ldez)
• [docker] Downgrade log level for missing container on inspect (#12900 @​Otoru)
• [sticky-session, k8s/crd] Make SameSite cookie value case-insensitive (#12922 @​murataslan1)
• [k8s/crd, k8s] Honor allowCrossNamespace with chain middleware CRD (#12976 @​rtribotte)
• [middleware] Remove untrusted X headers with underscores (#12961 @​rtribotte)
• [middleware] Sanitize the request URL after stripping the prefix (#12990 @​kevinpollet)
• [middleware] Deprecate ForwardAuth.TrustForwardHeader option (#13012 @​kevinpollet)
• [middleware, authentication] Remove map lookup making the basic auth notFoundSecret empty (#12960 @​rtribotte)
• [middleware, authentication] Fix trustForwardHeader on forward auth middleware (#12994 @​juliens)
• [middleware, authentication] Cleanup and make ForwardAuth logs consistent (#13013 @​kevinpollet)
• [webui] Upgrade form-data to 2.5.4, 3.0.4, 4.0.4 (#12958 @​orbisai0security)

Documentation:

• [k8s] Fix yaml indentation (#12957 @​isayme)
• [k8s] Clarify install config watchNamespace watches only one namespace (#12962 @​parkerfath)
• [k8s/crd] Update ingressroute.md (#12916 @​Rajakavitha1)
• Reverse versions order in migration guide (#12959 @​nmengin)
• Update vulnerability submission guidelines (#12968 @​emilevauge)

v2.11.43 (2026-04-22)

All Commits

Bug fixes:

• [middleware, authentication] Remove map lookup making the basic auth notFoundSecret empty (#12960 @​rtribotte)
• [middleware, authentication] Fix trustForwardHeader on forward auth middleware (#12994 @​juliens)
• [middleware, authentication] Cleanup and make ForwardAuth logs consistent (#13013 @​kevinpollet)
• [middleware] Remove untrusted X headers with underscores (#12961 @​rtribotte)
• [middleware] Sanitize the request URL after stripping the prefix (#12990 @​kevinpollet)
• [k8s/crd, k8s] Honor allowCrossNamespace with chain middleware CRD (#12976 @​rtribotte)

v3.6.13 (2026-04-07)

All Commits

Bug fixes:

• [middleware] Bump github.com/klauspost/compress v1.18.4 and fix TestNegotiation (#12937 @​thaJeztah)

Documentation:

• [docker] Fix docker-compose.yaml location in Docker setup page (#12860 @​ScottA38)
• [docker, consul, ecs, k8s] Fix documentation on how to restrict the scope of service discovery (#12645 @​mloiseleur)
• [k8s/ingress-nginx] Add OVHcloud (OpenStack Octavia) to Cloud-Specific IP Management (#12759 @​antonin-a)
• [k8s/ingress-nginx] Clarify IngressClass selection logic (#12926 @​kevinpollet)
• Add missing redirects for Getting started (#12886 @​nmengin)
• Add redirects for deleted pages (#12889 @​sheddy-traefik)
• Fix default value of http.sanitizePath (#12904 @​iTob191)

Commits

• a6664c9 Prepare release v3.6.14
• 379d691 Merge v2.11 into v3.6
• a9ce32a Prepare release v2.11.43
• 5375274 Deprecate ForwardAuth.TrustForwardHeader option
• 13302a2 Cleanup and make ForwardAuth logs consistent
• 4aea15f Merge v2.11 into v3.6
• 5e1de22 Fix trustForwardHeader on forward auth middleware
• 184de70 Remove duplicate step in CI
• f4766d7 Bump github.com/go-acme/lego/v4 to v4.34.0
• 1a43505 Sanitize the request URL after stripping the prefix
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #190.