Open
Conversation
Contributor
Author
|
renovate
bot
force-pushed
the
renovate/all
branch
14 times, most recently
from
8d662fb to
4cc7b92
Compare
renovate
bot
force-pushed
the
renovate/all
branch
from
4cc7b92 to
8d8a7b4
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.332.0→2.333.0v1.294.0→v1.296.0v1.73.1→v1.74.0v1.96.4→v1.97.1v1.18.0→v1.19.0d62b90e→e7be49av0.22.0→v0.23.0v7.21.0→v7.23.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v3.15.0→v3.16.0v4.27.0→v4.28.0v3.225.1→v3.227.0v0.5.1→v0.6.0v2.24.7→v2.25.018.9.0→18.10.0v1.53.0→v1.54.0v1.53.0→v1.54.0v1.9.0→v1.10.0v0.48.0→v0.49.03dfff04→7ab14463dfff04→7ab1446v0.33.0→v0.34.0v0.33.0→v0.34.0v0.51.0→v0.52.0v0.40.0→v0.41.0v0.34.0→v0.35.0v0.42.0→v0.43.0a57be14→d00831aa57be14→d00831a5b3e3fd→5883c5eb8788ab→28399d83.225.1→3.227.0v7.21.0→v7.23.0v3.15.0→v3.16.0v9.9.0→v9.10.071101fd→8b211cccecb1cd→05fa010Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/runner (actions/runner)
v2.333.0Compare Source
What's Changed
entrypointandcommandfor service containers by @ericsciple in #4276New Contributors
Full Changelog: actions/runner@v2.332.0...v2.333.0
Note: Actions Runner follows a progressive release policy, so the latest release might not be available to your enterprise, organization, or repository yet.
To confirm which version of the Actions Runner you should expect, please view the download instructions for your enterprise, organization, or repository.
See https://docs.github.com/en/enterprise-cloud@latest/actions/hosting-your-own-runners/adding-self-hosted-runners
Windows x64
We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows.
The following snipped needs to be run on
powershell:Windows arm64
We recommend configuring the runner in a root folder of the Windows drive (e.g. "C:\actions-runner"). This will help avoid issues related to service identity folder permissions and long file path restrictions on Windows.
The following snipped needs to be run on
powershell:OSX x64
OSX arm64 (Apple silicon)
Linux x64
Linux arm64
Linux arm
Using your self hosted runner
For additional details about configuring, running, or shutting down the runner please check out our product docs.
SHA-256 Checksums
The SHA-256 checksums for the packages included in this build are shown below:
aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2/service/ec2)
v1.296.0Module Highlights
github.com/aws/aws-sdk-go-v2/service/batch: v1.62.0github.com/aws/aws-sdk-go-v2/service/bedrockagentcore: v1.15.0github.com/aws/aws-sdk-go-v2/service/bedrockagentcorecontrol: v1.24.0github.com/aws/aws-sdk-go-v2/service/ec2: v1.296.0github.com/aws/aws-sdk-go-v2/service/observabilityadmin: v1.11.0github.com/aws/aws-sdk-go-v2/service/polly: v1.56.0v1.295.0Module Highlights
github.com/aws/aws-sdk-go-v2/service/ec2: v1.295.0github.com/aws/aws-sdk-go-v2/service/mediaconvert: v1.89.0fatih/color (github.com/fatih/color)
v1.19.0Compare Source
What's Changed
Fprint,Fprintfby @qualidafial in #282New Contributors
Full Changelog: fatih/color@v1.18.0...v1.19.0
pulumi/esc (github.com/pulumi/esc)
v0.23.0Compare Source
Improvements
Add warning in CLI when using an ambiguous 2-part environment ref
#622
Add support for
fn::finalbuilt-in function that marks values as final and unable to be overwritten.#621
Bug Fixes
Breaking changes
pulumi/pulumi-aws (github.com/pulumi/pulumi-aws/sdk/v7)
v7.23.0Compare Source
What's Changed
Full Changelog: pulumi/pulumi-aws@v7.22.0...v7.23.0
v7.22.0Compare Source
What's Changed
Full Changelog: pulumi/pulumi-aws@v7.21.0...v7.22.0
pulumi/pulumi-azure-native-sdk (github.com/pulumi/pulumi-azure-native-sdk/authorization/v3)
v3.16.0Compare Source
pulumi/pulumi-kubernetes (github.com/pulumi/pulumi-kubernetes/sdk/v4)
v4.28.0Compare Source
pulumi/pulumi (github.com/pulumi/pulumi/sdk/v3)
v3.227.0Compare Source
3.227.0 (2026-03-19)
Features
[engine] The engine will fill in Name and Type for ResourceReference values on the wire protocol
#22208
[sdk/bun] Add support for running policy packs with bun
#22206
[cli/policy] Auto-install missing policy analyzer plugins
#22196
[sdk/python] Add lock file detection for picking the Python toolchain
#22234
Bug Fixes
[cli] Use distinct exit codes for different types of error
#22205
[cli] Improve SAML SSO reauthorization error message
[engine] Fix snapshot integrity error in refresh v2 with changed parents
#22190
[pcl] Continue running after errors when running with --continue-on-error
#22171
[pcl] Deprecate labels on package blocks
#22253
[programgen] Preserve traversal parts in rewriteRelativeTraversalExpression
#22249
[sdk/bun] Check for an SDK version compatible with bun
#22262
[programgen/nodejs] Correctly generate
forexpressions#22219
[sdk/go] Add support for Azure DevOps git URLs in pulumi package publish code paths
#22217
[programgen/python] Correctly generate list & dictionary comprehension in Python code
#22182
Miscellaneous
[backend] Move CloudConsoleURL from httpstate to httpstate/client
#22258
[docs] Move remaining content from /developer-docs to /docs
#22225
[sdk/bun] Add a test for the function serialization error message when using bun
#22207
[sdk/bun] Run policy language tests for bun
#22209
[sdk/bun] Mark pulumi-language-bun as a bundled plugin
#22265
[sdk/{bun,nodejs}] Use defaultErrorMessage in run-plugin and run-policy-pack
#22210
v3.226.0Compare Source
3.226.0 (2026-03-11)
Features
[backend/service] Automatically repair snapshot integrity issues, while sending an error event to the backend for further diagnosis
#22179
[cli] Add a --otel-traces flag, that allows writing otel traces to a file, or directly to a grpc interface
#22129
[engine] Engine will use provider references from
__self__arguments to calls#22114
[sdk/bun] Support bun as a runtime
#22177
#22049
[sdk/bun] Add debugger support for the bun runtime
#22177
[sdk/bun] Add support for Bun as a plugin runtime
#22189
Bug Fixes
[engine] Fix ReplacementTrigger firing due to dependency changes
#22119
[engine] Correctly serialize output values to the snapshot rather than always recording them as computed even when known
#22120
[pcl] Support resource ranges in PCL
#22144
[cli/config] Include environments used when refreshing a stack's config
#22103
[cli/display] Fix
pulumi destroynot showing parent resource hierarchy#22148
[cli/package] Correctly parse package URLs with .git in them
#22174
[cli/plugin] Fix package get-schema for binary providers at relative paths
#22107
[sdk/python] Handle null detailedDiff in automation StepEventMetadata JSON parsing
#22140
[cli/state] Fix state move integrity errors when copied providers depend on resources left in source stack
#22141
Miscellaneous
[cli/about] Show bun information in
pulumi about#22121
[programgen/go] Target go 1.25 for generated go.mod files (instead of go 1.23)
#22070
[sdkgen/go] Target go 1.25 for generated go.mod files for SDKs (instead of go 1.20)
#22131
[sdk/python] Read Poetry and uv lockfiles to determine program dependencies
#22072
[sdk/python] Use importlib to find pulumi-plugin.json for installed packages
#22127
ryanrolds/sqlclosecheck (github.com/ryanrolds/sqlclosecheck)
v0.6.0Compare Source
What's Changed
New Contributors
Full Changelog: ryanrolds/sqlclosecheck@v0.5.1...v0.6.0
securego/gosec (github.com/securego/gosec/v2)
v2.25.0Compare Source
Changelog
223e19bchore(deps): bump google.golang.org/grpc from 1.75.0 to 1.79.3 (#1617)b23a9e5fix: allow barry action to access secrets on fork PRs (#1616)355cfa5fix: reduce G117 false positives for custom marshalers and transformed values (#1614) (#1615)744bfb5Add barry security scanner as a step in the CI (#1612)4fde15dchore(deps): update all dependencies (#1611)dec52c4fix: prevent taint analysis hang on packages with many CHA call graph edges (#1608) (#1610)a0de8b6Add some skills for claude code to automate some tasks (#1609)c2dfcecAdd G701-G706 rule-to-CWE mappings and CWE-117, CWE-918 entries (#1606)8aec3f4fix: skip SSA analysis on ill-typed packages to prevent panic (#1607)1ced32dPort G120 from SSA-based to taint analysis (fixes #1600, #1603) (#1605)befce8dfix(G118): eliminate false positive for package-level cancel variables (#1602)b7b2c7bfeat: add G124 rule for insecure HTTP cookie configuration (#1599)6e66a94feat: add G709 rule for unsafe deserialization of untrusted data (#1598)e7ea237feat: add G708 rule for server-side template injection via text/template (#1597)8895462fix(G118): eliminate false positive when cancel is called via struct field in a closure (#1596)619ce21Fix infinite recursion in interprocedural taint analysis (#1594)0e0eb17Fix G118 false positive when cancel is stored in returned struct field (#1593)59a9da0Fix G118 false positive on cancel called inside goroutine closure (#1592)cbf46b8fix(analyzer): per-package rule instantiation eliminates concurrent map crash (#1589)c6c3ba8chore(deps): update all dependencies (#1588)c709ed8fix(G118): treat returned cancel func as called (fixes #1584) (#1585)fa74dd7chore(go): update supported Go versions to 1.25.8 and 1.26.1 (#1583)cd1f29eUpdate the README with the correct version of the Github action for gosec (#1582)5887aeechore(deps): update all dependencies (#1579)6641fcfFix G115 false positives for guarded int64-to-byte conversions (#1578)3c9c3daUpdate the container image migration notice (#1576)973e94echore(action): bump gosec to 2.24.7 (#1575)gitlab-org/gitlab-runner (gitlab-org/gitlab-runner)
v18.10.0Compare Source
New features
Bug fixes
Configuration
📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.