30e1a98140c9171dacfed98a8435e73cb01bedf4
290 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
pulumi-provider-automation[bot]
|
30e1a98140 |
Update GitHub Actions workflows. (#828)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[88db566266daeb5f581215c84cd3e8c5f389a18d](
|
||
|
pulumi-provider-automation[bot]
|
0b291cf120 |
Update GitHub Actions workflows. (#826)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[a4ba5d1c3db54f4aa8e7674e03c3032eabd24aaa](
|
||
|
pulumi-provider-automation[bot]
|
2e27061ccc |
Update GitHub Actions workflows. (#825)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[e46e1ac50228764e2a7fa7a76403fca94224df68](
|
||
|
pulumi-provider-automation[bot]
|
740410488f |
Update GitHub Actions workflows. (#824)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[4065ed8e56aa6623046a204c35d57c0376c7cf6c](
|
||
|
pulumi-provider-automation[bot]
|
f24d1e662a |
Update GitHub Actions workflows. (#823)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[7f0c56e9f79bc22f3b4cc6379312d705a56411c6](
|
||
|
pulumi-provider-automation[bot]
|
703dd21dc8 |
Update GitHub Actions workflows. (#822)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[144a8c45ec5f8a164b55365078d914dd6955b209](
|
||
|
pulumi-provider-automation[bot]
|
8328de32ef |
Update GitHub Actions workflows. (#821)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[2bc9cb47c63304319f6a34a84c861bedc53274ae](
|
||
|
pulumi-provider-automation[bot]
|
c9ec41986b |
Update GitHub Actions workflows. (#820)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[5aad94d008deea2e7db42fa2579fe93fb88256b8](
|
||
|
pulumi-renovate[bot]
|
ef554c455f |
Update dependency @pulumi/pulumi to v3.231.0 (#818)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.230.0` -> `3.231.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.230.0/3.231.0) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.231.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.231.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.230.0...v3.231.0) ##### 3.231.0 (2026-04-16) ##### Features - \[cli] Auto-detect Mercurial repository metadata for `pulumi up` / `pulumi preview` updates, mirroring existing Git support [#​22618](https://redirect.github.com/pulumi/pulumi/pull/22618) - \[engine] Send Cancel RPC to plugins on host close for graceful shutdown [#​22569](https://redirect.github.com/pulumi/pulumi/pull/22569) - \[engine] Pass resource options to hooks through the engine [#​22582](https://redirect.github.com/pulumi/pulumi/pull/22582) - \[engine] Add GetDeploymentInfo to the resource monitor service - \[auto/go] Add `New` command to Automation API [#​22439](https://redirect.github.com/pulumi/pulumi/pull/22439) - \[auto/{go,nodejs,python}] Add --diff to automation api for destroy [#​22563](https://redirect.github.com/pulumi/pulumi/pull/22563) - \[auto/python] Add `new` command to Automation API [#​22439](https://redirect.github.com/pulumi/pulumi/pull/22439) - \[pcl] Support for resource hooks in PCL [#​22365](https://redirect.github.com/pulumi/pulumi/pull/22365) - \[sdk-nodejs] Warn when a non-ComponentResource class is passed in the explicit `components` list to `componentProviderHost` [#​22619](https://redirect.github.com/pulumi/pulumi/pull/22619) - \[sdk-python] Warn when a non-ComponentResource class is passed in the explicit `components` list to `component_provider_host` [#​22619](https://redirect.github.com/pulumi/pulumi/pull/22619) - \[cli/import] Add support for providers to be defined in the same import file as their users [#​21671](https://redirect.github.com/pulumi/pulumi/pull/21671) - \[cli/policy] ESC environment support for local policy packs [#​22495](https://redirect.github.com/pulumi/pulumi/pull/22495) - \[sdk/nodejs] Support package.yaml when using pnpm [#​22491](https://redirect.github.com/pulumi/pulumi/pull/22491) - \[sdk/python] Add function decorator variants for resource and error hooks [#​22519](https://redirect.github.com/pulumi/pulumi/pull/22519) ##### Bug Fixes - \[auto/{nodejs,python}] Support --run-program for inline programs with preview_refresh/destroy - \[backend/diy] Remove state lock for destroy and import with preview only for diy backend [#​22561](https://redirect.github.com/pulumi/pulumi/pull/22561) - \[engine] Fix snapshot integrity error with component/provider resources in refresh --run-program [#​21817](https://redirect.github.com/pulumi/pulumi/pull/21817) - \[pcl] Type list and tuple indices as integers not numbers [#​22592](https://redirect.github.com/pulumi/pulumi/pull/22592) - \[pcl] Builtin functions element and range take int parameters not numbers [#​22597](https://redirect.github.com/pulumi/pulumi/pull/22597) - \[programgen/{go,nodejs,python}] Fix some cases of name conflicts in program gen not being handled correctly [#​22556](https://redirect.github.com/pulumi/pulumi/pull/22556) - \[programgen/nodejs] Add necessary casts between types in generated programs [#​22557](https://redirect.github.com/pulumi/pulumi/pull/22557) - \[programgen/{nodejs,python}] Fix imports of camelCase modules [#​22536](https://redirect.github.com/pulumi/pulumi/pull/22536) - \[sdk/python] Support Input\[Optional\[T]] in Python runtime type unwrapping [#​22553](https://redirect.github.com/pulumi/pulumi/pull/22553) - \[sdkgen] Warn about modules nested under the index module which are not supported [#​22531](https://redirect.github.com/pulumi/pulumi/pull/22531) ##### Miscellaneous - \[java] Upgrade java to v1.24.0 [#​22615](https://redirect.github.com/pulumi/pulumi/pull/22615) - \[yaml] Upgrade yaml to v1.31.1 [#​22610](https://redirect.github.com/pulumi/pulumi/pull/22610) - \[sdk/dotnet] Upgrade dotnet to v3.103.0 [#​22614](https://redirect.github.com/pulumi/pulumi/pull/22614) - \[sdk/nodejs] Replace `got` by `fetch` [#​22533](https://redirect.github.com/pulumi/pulumi/pull/22533) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-provider-automation[bot]
|
0b52de6543 |
Update GitHub Actions workflows. (#816)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[b05dbe61dbea8fb6ea0c4cde662bde1101961819](
|
||
|
pulumi-renovate[bot]
|
a3072f6aa3 |
Update module github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 to v3.103.0 (#815)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3](https://redirect.github.com/pulumi/pulumi-dotnet) | require | minor | `v3.102.1` -> `v3.103.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi-dotnet (github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3)</summary> ### [`v3.103.0`](https://redirect.github.com/pulumi/pulumi-dotnet/blob/HEAD/CHANGELOG.md#v31030---2026-04-15) [Compare Source](https://redirect.github.com/pulumi/pulumi-dotnet/compare/v3.102.1...v3.103.0) ##### Improvements - \[sdk] Clarify docs on the `remote` parameter of `ComponentResource` / `Resource` [#​963](https://redirect.github.com/pulumi/pulumi-dotnet/pull/963) ##### Bug Fixes - \[sdk] Fix `ResourceTransforms` being silently dropped when `CustomResourceOptions.Merge` is called (affects all generated SDK resources using the `MakeResourceOptions` pattern) [#​958](https://redirect.github.com/pulumi/pulumi-dotnet/pull/958) - \[sdk] Add missing `[Input]` attribute to `StashArgs.Input`, fixing serialization of the Stash resource [#​960](https://redirect.github.com/pulumi/pulumi-dotnet/pull/960) - \[sdk/auto] Fix running inline programs with refresh/destroy and --run-program [#​725](https://redirect.github.com/pulumi/pulumi-dotnet/pull/725) ##### Improvements - \[runtime] Add codegen support for AdditionalSecretOutputs, Version, and PluginDownloadURL resource options [#​953](https://redirect.github.com/pulumi/pulumi-dotnet/pull/953) ##### Bug Fixes - \[runtime] Fix property paths in resource options (IgnoreChanges, ReplaceOnChanges, HideDiffs) being incorrectly prefixed with @​ for C# reserved words [#​934](https://redirect.github.com/pulumi/pulumi-dotnet/pull/934) - \[runtime] Fix NuGet package name and version extraction for packages with prerelease versions (e.g. `3.0.0-alpha.1.internal`) [#​947](https://redirect.github.com/pulumi/pulumi-dotnet/pull/947) - \[runtime] Support call methods in program generation [#​946](https://redirect.github.com/pulumi/pulumi-dotnet/pull/946) - \[runtime] Add missing `System` namespace import for `sha1` builtin, fixing `BitConverter` not found error [#​961](https://redirect.github.com/pulumi/pulumi-dotnet/pull/961) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-provider-automation[bot]
|
afe301cb52 |
Update GitHub Actions workflows. (#814)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[bf992a9000f6297ee7e288347f354ed2ca8d6bbf](
|
||
|
Keith Mosher
|
b0c5918c7c |
Migrate Windows code signing to Azure Trusted Signing (#811)
## Summary Migrates Windows binary signing from Azure Key Vault (`jsign --storetype AZUREKEYVAULT`) to [Azure Trusted Signing](https://learn.microsoft.com/en-us/azure/trusted-signing/). The previous AKV code-signing cert expired, breaking the release pipeline. Trusted Signing issues short-lived Microsoft-managed certs so there's nothing to rotate. - `Makefile` / `scripts/crossbuild.mk`: bump `jsign` 6.0 → 7.4, switch `--storetype` to `TRUSTEDSIGNING`, use the `https://codesigning.azure.net` token audience, derive the keystore host from `AZURE_SIGNING_ACCOUNT_ENDPOINT`, pass account/profile via `--alias`, update the `SKIP_SIGNING` guard and error message. - `.github/workflows/{build,release,prerelease,build_provider}.yml`: replace the `AZURE_SIGNING_KEY_VAULT_URI` env passthrough with the three new `AZURE_SIGNING_ACCOUNT_*` outputs and update the `SKIP_SIGNING` expression. Companion to pulumi/ci-mgmt#2126, pulumi/pulumi-command#1200, and pulumi/pulumi-provider-boilerplate#1236. The ESC environment already exposes the new variables and the signing SP has the `Artifact Signing Certificate Profile Signer` role on the `pulumi-code-signing/pulumi-code-signing` profile. Verified end-to-end against pulumi-command, pulumi-random, and pulumi-provider-boilerplate. ## Test plan - [ ] CI release build produces a Windows binary with a valid Trusted Signing certificate chain |
||
|
pulumi-provider-automation[bot]
|
00ec8e3ebe |
Update GitHub Actions workflows. (#812)
This PR was triggered by @kmosher generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[9753531fe8d3f70139c072186a6ddcaa32d27b63](
|
||
|
pulumi-renovate[bot]
|
2079e52a5f |
Update first-party Pulumi dependencies to v3.230.0 (#809)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.229.0` -> `3.230.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.229.0/3.230.0) | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.229.0` -> `v3.230.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.230.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32300-2026-04-08) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.229.0...v3.230.0) ##### Features - \[cli] Detect AI agents and send in update metadata [#​22497](https://redirect.github.com/pulumi/pulumi/pull/22497) - \[auto/nodejs] Add "org" commands (get-default, set-default, search, search ai) to the auto-generated interface [#​22395](https://redirect.github.com/pulumi/pulumi/pull/22395) - \[auto/nodejs] Add "new" command to the auto-generated interface [#​22421](https://redirect.github.com/pulumi/pulumi/pull/22421) - \[sdk/{nodejs,python}] Add Cancel handler to Python & Node.js providers [#​22516](https://redirect.github.com/pulumi/pulumi/pull/22516) - \[cli/policy] Add ESC environment resolution for policy packs [#​22425](https://redirect.github.com/pulumi/pulumi/pull/22425) ##### Bug Fixes - \[auto/go] Insert --non-interactive flag before "--" positional separator to avoid misinterpretation as a positional argument [#​22462](https://redirect.github.com/pulumi/pulumi/pull/22462) - \[ci] Add code coverage collection for Node.js automation tools tests [#​22412](https://redirect.github.com/pulumi/pulumi/pull/22412) - \[pcl] Allow key indexing into a map of resources created by range [#​22498](https://redirect.github.com/pulumi/pulumi/pull/22498) - \[programgen/go] Fix an issue with formatted index modules not importing correctly - \[cli/state] Check for Pulumi.yaml projects and `backend` option in `state upgrade` [#​22483](https://redirect.github.com/pulumi/pulumi/pull/22483) - \[sdk/go] Fix Go program generation for ternary expressions inside apply callbacks, add Go predeclared identifiers to reserved words, handle optional list types in union type codegen, and fix unmarshalOutput for known outputs with null elements. [#​22460](https://redirect.github.com/pulumi/pulumi/pull/22460) - \[sdk/nodejs] Fix inherited input properties missing from component schema when args interface extends another interface [#​22446](https://redirect.github.com/pulumi/pulumi/pull/22446) - \[sdk/python] Fix inherited input properties missing from component schema when args class inherits from a base class [#​22484](https://redirect.github.com/pulumi/pulumi/pull/22484) ##### Miscellaneous - \[java] Upgrade java to v1.23.0 - \[sdk/dotnet] Upgrade dotnet to v3.102.1 - \[yaml] Upgrade to v1.31.0 [#​22501](https://redirect.github.com/pulumi/pulumi/pull/22501) - \[programgen/{dotnet,go,java,nodejs,pcl,python,yaml}] Remove `mimeType` & `readDir` from PCL [#​22449](https://redirect.github.com/pulumi/pulumi/pull/22449) </details> <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.230.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.230.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.229.0...v3.230.0) #### 3.230.0 (2026-04-08) ##### Features - \[cli] Detect AI agents and send in update metadata [#​22497](https://redirect.github.com/pulumi/pulumi/pull/22497) - \[auto/nodejs] Add "org" commands (get-default, set-default, search, search ai) to the auto-generated interface [#​22395](https://redirect.github.com/pulumi/pulumi/pull/22395) - \[auto/nodejs] Add "new" command to the auto-generated interface [#​22421](https://redirect.github.com/pulumi/pulumi/pull/22421) - \[sdk/{nodejs,python}] Add Cancel handler to Python & Node.js providers [#​22516](https://redirect.github.com/pulumi/pulumi/pull/22516) - \[cli/policy] Add ESC environment resolution for policy packs [#​22425](https://redirect.github.com/pulumi/pulumi/pull/22425) ##### Bug Fixes - \[auto/go] Insert --non-interactive flag before "--" positional separator to avoid misinterpretation as a positional argument [#​22462](https://redirect.github.com/pulumi/pulumi/pull/22462) - \[ci] Add code coverage collection for Node.js automation tools tests [#​22412](https://redirect.github.com/pulumi/pulumi/pull/22412) - \[pcl] Allow key indexing into a map of resources created by range [#​22498](https://redirect.github.com/pulumi/pulumi/pull/22498) - \[programgen/go] Fix an issue with formatted index modules not importing correctly - \[cli/state] Check for Pulumi.yaml projects and `backend` option in `state upgrade` [#​22483](https://redirect.github.com/pulumi/pulumi/pull/22483) - \[sdk/go] Fix Go program generation for ternary expressions inside apply callbacks, add Go predeclared identifiers to reserved words, handle optional list types in union type codegen, and fix unmarshalOutput for known outputs with null elements. [#​22460](https://redirect.github.com/pulumi/pulumi/pull/22460) - \[sdk/nodejs] Fix inherited input properties missing from component schema when args interface extends another interface [#​22446](https://redirect.github.com/pulumi/pulumi/pull/22446) - \[sdk/python] Fix inherited input properties missing from component schema when args class inherits from a base class [#​22484](https://redirect.github.com/pulumi/pulumi/pull/22484) ##### Miscellaneous - \[java] Upgrade java to v1.23.0 - \[sdk/dotnet] Upgrade dotnet to v3.102.1 - \[yaml] Upgrade to v1.31.0 [#​22501](https://redirect.github.com/pulumi/pulumi/pull/22501) - \[programgen/{dotnet,go,java,nodejs,pcl,python,yaml}] Remove `mimeType` & `readDir` from PCL [#​22449](https://redirect.github.com/pulumi/pulumi/pull/22449) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
fd5b2ee95b |
Update first-party Pulumi dependencies (#807)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3](https://redirect.github.com/pulumi/pulumi-dotnet) | require | patch | `v3.102.0` -> `v3.102.1` | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.228.0` -> `v3.229.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi-dotnet (github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3)</summary> ### [`v3.102.1`](https://redirect.github.com/pulumi/pulumi-dotnet/blob/HEAD/CHANGELOG.md#v31021---2026-04-08) [Compare Source](https://redirect.github.com/pulumi/pulumi-dotnet/compare/v3.102.0...v3.102.1) ##### Bug Fixes - \[sdk] Fix inherited \[Input] properties missing from component schema when using base class inheritance on args types [#​930](https://redirect.github.com/pulumi/pulumi-dotnet/pull/930) - \[sdk] Fix GetResourceType() returning empty string for DependencyProviderResource [#​922](https://redirect.github.com/pulumi/pulumi-dotnet/pull/922) </details> <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.229.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.229.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.228.0...v3.229.0) #### 3.229.0 (2026-04-02) ##### Features - \[auto/python] Add org get-default and set-default commands to Automation API - \[backend/diy] Avoid unnecessary S3 bucket HEAD calls to improve performance [#​22373](https://redirect.github.com/pulumi/pulumi/pull/22373) - \[cli] Allow TRACEPARENT to be set for CLI invocations, parenting the pulumi spans under an existing parent span [#​22369](https://redirect.github.com/pulumi/pulumi/pull/22369) - \[cli/display] Add `--urns` flag to display full resource URNs instead of short names in preview, up, destroy, refresh, import, and watch commands [#​22007](https://redirect.github.com/pulumi/pulumi/pull/22007) - \[pcl] Type integer literals as integers rather than numbers in PCL [#​22268](https://redirect.github.com/pulumi/pulumi/pull/22268) - \[pcl] Support parameterized providers in PCL [#​22251](https://redirect.github.com/pulumi/pulumi/pull/22251) - \[protobuf] Add RunPlugin2 bidirectional streaming RPC to LanguageRuntime proto [#​22389](https://redirect.github.com/pulumi/pulumi/pull/22389) - \[yaml] Update YAML runtime to 1.30.2 [#​22426](https://redirect.github.com/pulumi/pulumi/pull/22426) - \[sdk/go] Add org get-default and set-default commands to Automation API - \[sdk/nodejs] Modernize generated tsconfig.json to align with TypeScript defaults [#​22370](https://redirect.github.com/pulumi/pulumi/pull/22370) - \[cli/policy] Add a new `policy analyze` command to run a policy pack against existing state [#​22250](https://redirect.github.com/pulumi/pulumi/pull/22250) ##### Bug Fixes - \[backend/diy] Remove state lock for refresh --preview-only for diy backend [#​22385](https://redirect.github.com/pulumi/pulumi/pull/22385) - \[cli] Fix OTEL flushing on provider shutdown [#​22358](https://redirect.github.com/pulumi/pulumi/pull/22358) - \[cli/display] Fix deadlock in message renderer when cancelling an operation [#​22433](https://redirect.github.com/pulumi/pulumi/pull/22433) - \[engine] Fix `--include` and `--exclude` not working for program-based refresh (RefreshV2) [#​22404](https://redirect.github.com/pulumi/pulumi/pull/22404) - \[engine] Parallelize plugin cancellation in SignalCancellation [#​22431](https://redirect.github.com/pulumi/pulumi/pull/22431) - \[pcl] Fix looking up variables in parent scopes [#​22379](https://redirect.github.com/pulumi/pulumi/pull/22379) - \[pcl] Apply default values from resource schemas [#​22393](https://redirect.github.com/pulumi/pulumi/pull/22393) - \[sdk/{bun,go,nodejs,python}] Wire Cancel RPC to language host Run [#​22397](https://redirect.github.com/pulumi/pulumi/pull/22397) - \[sdk/nodejs] Allow TypeScript 6 as a peer dependency [#​22340](https://redirect.github.com/pulumi/pulumi/pull/22340) - \[sdk/nodejs] Fix closure serialization for \__importStar-wrapped modules [#​22388](https://redirect.github.com/pulumi/pulumi/pull/22388) - \[sdk/python] Cache type metadata and class references in Python SDK to reduce CPU overhead during serialization [#​22422](https://redirect.github.com/pulumi/pulumi/pull/22422) - \[sdk/python] Replace busy-wait polling in wait_for_rpcs with asyncio.wait [#​22411](https://redirect.github.com/pulumi/pulumi/pull/22411) ##### Miscellaneous - \[cli] Add update metadata to the otel root span [#​22357](https://redirect.github.com/pulumi/pulumi/pull/22357) - \[java] Update to v1.22.0 [#​22437](https://redirect.github.com/pulumi/pulumi/pull/22437) - \[sdk/nodejs] Use nodenext for moduleResolution and module [#​22363](https://redirect.github.com/pulumi/pulumi/pull/22363) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
8ef055d5e7 |
Update first-party Pulumi dependencies (#803)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.227.0` -> `3.229.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.227.0/3.229.0) | | [github.com/pulumi/pulumi-java/pkg](https://redirect.github.com/pulumi/pulumi-java) | require | minor | `v1.21.3` -> `v1.22.0` | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.227.0` -> `v3.228.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.229.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.229.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.228.0...v3.229.0) #### 3.229.0 (2026-04-02) ##### Features - \[auto/python] Add org get-default and set-default commands to Automation API - \[backend/diy] Avoid unnecessary S3 bucket HEAD calls to improve performance [#​22373](https://redirect.github.com/pulumi/pulumi/pull/22373) - \[cli] Allow TRACEPARENT to be set for CLI invocations, parenting the pulumi spans under an existing parent span [#​22369](https://redirect.github.com/pulumi/pulumi/pull/22369) - \[cli/display] Add `--urns` flag to display full resource URNs instead of short names in preview, up, destroy, refresh, import, and watch commands [#​22007](https://redirect.github.com/pulumi/pulumi/pull/22007) - \[pcl] Type integer literals as integers rather than numbers in PCL [#​22268](https://redirect.github.com/pulumi/pulumi/pull/22268) - \[pcl] Support parameterized providers in PCL [#​22251](https://redirect.github.com/pulumi/pulumi/pull/22251) - \[protobuf] Add RunPlugin2 bidirectional streaming RPC to LanguageRuntime proto [#​22389](https://redirect.github.com/pulumi/pulumi/pull/22389) - \[yaml] Update YAML runtime to 1.30.2 [#​22426](https://redirect.github.com/pulumi/pulumi/pull/22426) - \[sdk/go] Add org get-default and set-default commands to Automation API - \[sdk/nodejs] Modernize generated tsconfig.json to align with TypeScript defaults [#​22370](https://redirect.github.com/pulumi/pulumi/pull/22370) - \[cli/policy] Add a new `policy analyze` command to run a policy pack against existing state [#​22250](https://redirect.github.com/pulumi/pulumi/pull/22250) ##### Bug Fixes - \[backend/diy] Remove state lock for refresh --preview-only for diy backend [#​22385](https://redirect.github.com/pulumi/pulumi/pull/22385) - \[cli] Fix OTEL flushing on provider shutdown [#​22358](https://redirect.github.com/pulumi/pulumi/pull/22358) - \[cli/display] Fix deadlock in message renderer when cancelling an operation [#​22433](https://redirect.github.com/pulumi/pulumi/pull/22433) - \[engine] Fix `--include` and `--exclude` not working for program-based refresh (RefreshV2) [#​22404](https://redirect.github.com/pulumi/pulumi/pull/22404) - \[engine] Parallelize plugin cancellation in SignalCancellation [#​22431](https://redirect.github.com/pulumi/pulumi/pull/22431) - \[pcl] Fix looking up variables in parent scopes [#​22379](https://redirect.github.com/pulumi/pulumi/pull/22379) - \[pcl] Apply default values from resource schemas [#​22393](https://redirect.github.com/pulumi/pulumi/pull/22393) - \[sdk/{bun,go,nodejs,python}] Wire Cancel RPC to language host Run [#​22397](https://redirect.github.com/pulumi/pulumi/pull/22397) - \[sdk/nodejs] Allow TypeScript 6 as a peer dependency [#​22340](https://redirect.github.com/pulumi/pulumi/pull/22340) - \[sdk/nodejs] Fix closure serialization for \__importStar-wrapped modules [#​22388](https://redirect.github.com/pulumi/pulumi/pull/22388) - \[sdk/python] Cache type metadata and class references in Python SDK to reduce CPU overhead during serialization [#​22422](https://redirect.github.com/pulumi/pulumi/pull/22422) - \[sdk/python] Replace busy-wait polling in wait_for_rpcs with asyncio.wait [#​22411](https://redirect.github.com/pulumi/pulumi/pull/22411) ##### Miscellaneous - \[cli] Add update metadata to the otel root span [#​22357](https://redirect.github.com/pulumi/pulumi/pull/22357) - \[java] Update to v1.22.0 [#​22437](https://redirect.github.com/pulumi/pulumi/pull/22437) - \[sdk/nodejs] Use nodenext for moduleResolution and module [#​22363](https://redirect.github.com/pulumi/pulumi/pull/22363) ### [`v3.228.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32280-2026-03-25) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.227.0...v3.228.0) ##### Features - \[cli] Don't apply the secrets filter to `true` and `false` (case-insensitive) [#​22269](https://redirect.github.com/pulumi/pulumi/pull/22269) - \[cli] Add grpcs:// support and header authentication to OTLP exporter [#​22320](https://redirect.github.com/pulumi/pulumi/pull/22320) - \[cli] Read OTEL_RESOURCE_ATTRIBUTES [#​22329](https://redirect.github.com/pulumi/pulumi/pull/22329) - \[auto/nodejs] Add low-level "cancel" command to the auto-generated interface [#​22156](https://redirect.github.com/pulumi/pulumi/pull/22156) - \[cli/state] Allow `pulumi state delete` to accept multiple resource URNs and delete them in a dependency-safe order ##### Bug Fixes - \[cli] Allow relative file paths for --otel-traces [#​22300](https://redirect.github.com/pulumi/pulumi/pull/22300) - \[cli] Bridge opentracing spans from providers into OTel [#​22313](https://redirect.github.com/pulumi/pulumi/pull/22313) - \[cli] Correctly end spans for GRPC streams [#​22304](https://redirect.github.com/pulumi/pulumi/pull/22304) - \[cli/about] Do not include the access token in plain text [#​22347](https://redirect.github.com/pulumi/pulumi/pull/22347) - \[display] Fix detailed diff indentation so changed resources are not visually nested under unrelated visible resources when unchanged parents are hidden. [#​22317](https://redirect.github.com/pulumi/pulumi/pull/22317) - \[cli/import] Fix import codegen when generating references to non-standard names [#​22319](https://redirect.github.com/pulumi/pulumi/pull/22319) - \[engine] Update golang version [#​22277](https://redirect.github.com/pulumi/pulumi/pull/22277) - \[pcl] Typecheck component inputs in PCL programs [#​22292](https://redirect.github.com/pulumi/pulumi/pull/22292) - \[programgen/{nodejs,python}] Fix literal conversion when calling into local components [#​22306](https://redirect.github.com/pulumi/pulumi/pull/22306) ##### Miscellaneous - \[cli] Add CLI metadata to the root span [#​22305](https://redirect.github.com/pulumi/pulumi/pull/22305) - \[cli] Add more OTel interceptors for GRPC clients [#​22309](https://redirect.github.com/pulumi/pulumi/pull/22309) - \[cli] Add spans for plugin installation and add more attributes for dependency installation [#​22303](https://redirect.github.com/pulumi/pulumi/pull/22303) - \[cli] Allow setting a GRPC endpoint for performance tests [#​22330](https://redirect.github.com/pulumi/pulumi/pull/22330) - \[backend/diy] Start deprecation of non-project mode for DIY backends [#​19625](https://redirect.github.com/pulumi/pulumi/pull/19625) </details> <details> <summary>pulumi/pulumi-java (github.com/pulumi/pulumi-java/pkg)</summary> ### [`v1.22.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1220---2026-04-01) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.21.3...v1.22.0) ##### Bug Fixes - \[runtime] Do not leak java processes on failed resource creates [#​2103](https://redirect.github.com/pulumi/pulumi-java/pull/2103) ##### Improvements - \[codegen] Support `cwd()` builtin in program generation [#​2092](https://redirect.github.com/pulumi/pulumi-java/pull/2092) - \[codegen] Support `additionalSecretOutputs` resource option in program generation [#​2098](https://redirect.github.com/pulumi/pulumi-java/pull/2098) - \[codegen] Support `deleteBeforeReplace` and `replaceOnChanges` resource options in program and SDK generation [#​2101](https://redirect.github.com/pulumi/pulumi-java/pull/2101) ##### Bug Fixes - \[codegen] Emit integer numbers as floats so generated code compiles [#​2102](https://redirect.github.com/pulumi/pulumi-java/pull/2102) - \[codegen] Generate `pom.xml` in the program directory when `main` is set in `Pulumi.yaml` [#​2093](https://redirect.github.com/pulumi/pulumi-java/pull/2093) - \[codegen] Fix generated SDK `settings.gradle` to work with Gradle 9 [#​2097](https://redirect.github.com/pulumi/pulumi-java/pull/2097) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
f98315e8ee |
Update first-party Pulumi dependencies to v3.227.0 (#802)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.226.0` -> `3.227.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.226.0/3.227.0) | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.226.0` -> `v3.227.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.227.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32270-2026-03-19) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.226.0...v3.227.0) ##### Features - \[engine] The engine will fill in Name and Type for ResourceReference values on the wire protocol [#​22208](https://redirect.github.com/pulumi/pulumi/pull/22208) - \[sdk/bun] Add support for running policy packs with bun [#​22206](https://redirect.github.com/pulumi/pulumi/pull/22206) - \[cli/policy] Auto-install missing policy analyzer plugins [#​22196](https://redirect.github.com/pulumi/pulumi/pull/22196) - \[sdk/python] Add lock file detection for picking the Python toolchain [#​22234](https://redirect.github.com/pulumi/pulumi/pull/22234) ##### Bug Fixes - \[cli] Use distinct exit codes for different types of error [#​22205](https://redirect.github.com/pulumi/pulumi/pull/22205) - \[cli] Improve SAML SSO reauthorization error message - \[engine] Fix snapshot integrity error in refresh v2 with changed parents [#​22190](https://redirect.github.com/pulumi/pulumi/pull/22190) - \[pcl] Continue running after errors when running with --continue-on-error [#​22171](https://redirect.github.com/pulumi/pulumi/pull/22171) - \[pcl] Deprecate labels on package blocks [#​22253](https://redirect.github.com/pulumi/pulumi/pull/22253) - \[programgen] Preserve traversal parts in rewriteRelativeTraversalExpression [#​22249](https://redirect.github.com/pulumi/pulumi/pull/22249) - \[sdk/bun] Check for an SDK version compatible with bun [#​22262](https://redirect.github.com/pulumi/pulumi/pull/22262) - \[programgen/nodejs] Correctly generate `for` expressions [#​22219](https://redirect.github.com/pulumi/pulumi/pull/22219) - \[sdk/go] Add support for Azure DevOps git URLs in pulumi package publish code paths [#​22217](https://redirect.github.com/pulumi/pulumi/pull/22217) - \[programgen/python] Correctly generate list & dictionary comprehension in Python code [#​22182](https://redirect.github.com/pulumi/pulumi/pull/22182) ##### Miscellaneous - \[backend] Move CloudConsoleURL from httpstate to httpstate/client [#​22258](https://redirect.github.com/pulumi/pulumi/pull/22258) - \[docs] Move remaining content from /developer-docs to /docs [#​22225](https://redirect.github.com/pulumi/pulumi/pull/22225) - \[sdk/bun] Add a test for the function serialization error message when using bun [#​22207](https://redirect.github.com/pulumi/pulumi/pull/22207) - \[sdk/bun] Run policy language tests for bun [#​22209](https://redirect.github.com/pulumi/pulumi/pull/22209) - \[sdk/bun] Mark pulumi-language-bun as a bundled plugin [#​22265](https://redirect.github.com/pulumi/pulumi/pull/22265) - \[sdk/{bun,nodejs}] Use defaultErrorMessage in run-plugin and run-policy-pack [#​22210](https://redirect.github.com/pulumi/pulumi/pull/22210) </details> <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.227.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.227.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.226.0...v3.227.0) ##### 3.227.0 (2026-03-19) ##### Features - \[engine] The engine will fill in Name and Type for ResourceReference values on the wire protocol [#​22208](https://redirect.github.com/pulumi/pulumi/pull/22208) - \[sdk/bun] Add support for running policy packs with bun [#​22206](https://redirect.github.com/pulumi/pulumi/pull/22206) - \[cli/policy] Auto-install missing policy analyzer plugins [#​22196](https://redirect.github.com/pulumi/pulumi/pull/22196) - \[sdk/python] Add lock file detection for picking the Python toolchain [#​22234](https://redirect.github.com/pulumi/pulumi/pull/22234) ##### Bug Fixes - \[cli] Use distinct exit codes for different types of error [#​22205](https://redirect.github.com/pulumi/pulumi/pull/22205) - \[cli] Improve SAML SSO reauthorization error message - \[engine] Fix snapshot integrity error in refresh v2 with changed parents [#​22190](https://redirect.github.com/pulumi/pulumi/pull/22190) - \[pcl] Continue running after errors when running with --continue-on-error [#​22171](https://redirect.github.com/pulumi/pulumi/pull/22171) - \[pcl] Deprecate labels on package blocks [#​22253](https://redirect.github.com/pulumi/pulumi/pull/22253) - \[programgen] Preserve traversal parts in rewriteRelativeTraversalExpression [#​22249](https://redirect.github.com/pulumi/pulumi/pull/22249) - \[sdk/bun] Check for an SDK version compatible with bun [#​22262](https://redirect.github.com/pulumi/pulumi/pull/22262) - \[programgen/nodejs] Correctly generate `for` expressions [#​22219](https://redirect.github.com/pulumi/pulumi/pull/22219) - \[sdk/go] Add support for Azure DevOps git URLs in pulumi package publish code paths [#​22217](https://redirect.github.com/pulumi/pulumi/pull/22217) - \[programgen/python] Correctly generate list & dictionary comprehension in Python code [#​22182](https://redirect.github.com/pulumi/pulumi/pull/22182) ##### Miscellaneous - \[backend] Move CloudConsoleURL from httpstate to httpstate/client [#​22258](https://redirect.github.com/pulumi/pulumi/pull/22258) - \[docs] Move remaining content from /developer-docs to /docs [#​22225](https://redirect.github.com/pulumi/pulumi/pull/22225) - \[sdk/bun] Add a test for the function serialization error message when using bun [#​22207](https://redirect.github.com/pulumi/pulumi/pull/22207) - \[sdk/bun] Run policy language tests for bun [#​22209](https://redirect.github.com/pulumi/pulumi/pull/22209) - \[sdk/bun] Mark pulumi-language-bun as a bundled plugin [#​22265](https://redirect.github.com/pulumi/pulumi/pull/22265) - \[sdk/{bun,nodejs}] Use defaultErrorMessage in run-plugin and run-policy-pack [#​22210](https://redirect.github.com/pulumi/pulumi/pull/22210) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
a479383c41 |
Update module google.golang.org/grpc to v1.79.3 [SECURITY] (#800)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | indirect | patch | `v1.79.2` -> `v1.79.3` | | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | indirect | minor | `v1.72.1` -> `v1.79.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. ### GitHub Vulnerability Alerts #### [CVE-2026-33186](https://redirect.github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3) ### Impact _What kind of vulnerability is it? Who is impacted?_ It is an **Authorization Bypass** resulting from **Improper Input Validation** of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present. **Who is impacted?** This affects gRPC-Go servers that meet both of the following criteria: 1. They use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`. 2. Their security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. ### Patches _Has the problem been patched? What versions should users upgrade to?_ Yes, the issue has been patched. The fix ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. Users should upgrade to the following versions (or newer): * **v1.79.3** * The latest **master** branch. It is recommended that all users employing path-based authorization (especially `grpc/authz`) upgrade as soon as the patch is available in a tagged release. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: #### 1. Use a Validating Interceptor (Recommended Mitigation) Add an "outermost" interceptor to your server that validates the path before any other authorization logic runs: ```go func pathValidationInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) { if info.FullMethod == "" || info.FullMethod[0] != '/' { return nil, status.Errorf(codes.Unimplemented, "malformed method name") } return handler(ctx, req) } // Ensure this is the FIRST interceptor in your chain s := grpc.NewServer( grpc.ChainUnaryInterceptor(pathValidationInterceptor, authzInterceptor), ) ``` #### 2. Infrastructure-Level Normalization If your gRPC server is behind a reverse proxy or load balancer (such as Envoy, NGINX, or an L7 Cloud Load Balancer), ensure it is configured to enforce strict HTTP/2 compliance for pseudo-headers and reject or normalize requests where the `:path` header does not start with a leading slash. #### 3. Policy Hardening Switch to a "default deny" posture in your authorization policies (explicitly listing all allowed paths and denying everything else) to reduce the risk of bypasses via malformed inputs. --- ### Release Notes <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.79.3`](https://redirect.github.com/grpc/grpc-go/releases/tag/v1.79.3): Release 1.79.3 [Compare Source](https://redirect.github.com/grpc/grpc-go/compare/v1.79.2...v1.79.3) ### Security - server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like `grpc/authz`. Any request with a non-canonical path is now immediately rejected with an `Unimplemented` error. ([#​8981](https://redirect.github.com/grpc/grpc-go/issues/8981)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-provider-automation[bot]
|
474e757992 |
Update GitHub Actions workflows. (#799)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[4eeb9c0311bcea38a166c43eb897cf2a2f88ea4c](
|
||
|
pulumi-renovate[bot]
|
23583bfdc8 |
Update module github.com/pulumi/pulumi-go-provider to v1.3.1 (#798)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi-go-provider](https://redirect.github.com/pulumi/pulumi-go-provider) | require | patch | `v1.3.0` -> `v1.3.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi-go-provider (github.com/pulumi/pulumi-go-provider)</summary> ### [`v1.3.1`](https://redirect.github.com/pulumi/pulumi-go-provider/releases/tag/v1.3.1) [Compare Source](https://redirect.github.com/pulumi/pulumi-go-provider/compare/v1.3.0...v1.3.1) #### What's Changed - Update module github.com/pulumi/pulumi/pkg/v3 to v3.226.0 by [@​pulumi-renovate](https://redirect.github.com/pulumi-renovate)\[bot] in[https://github.com/pulumi/pulumi-go-provider/pull/487](https://redirect.github.com/pulumi/pulumi-go-provider/pull/487)7 - Serialize Enum Names by [@​iwahbe](https://redirect.github.com/iwahbe) in [https://github.com/pulumi/pulumi-go-provider/pull/488](https://redirect.github.com/pulumi/pulumi-go-provider/pull/488) - Allow annotating enums by [@​iwahbe](https://redirect.github.com/iwahbe) in [https://github.com/pulumi/pulumi-go-provider/pull/489](https://redirect.github.com/pulumi/pulumi-go-provider/pull/489) **Full Changelog**: https://github.com/pulumi/pulumi-go-provider/compare/v1.3.0...v1.3.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-renovate[bot]
|
c1ec48af0a |
Update first-party Pulumi dependencies to v3.226.0 (#796)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.225.1` -> `3.226.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.225.1/3.226.0) | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.225.1` -> `v3.226.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.226.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32260-2026-03-11) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.225.1...v3.226.0) ##### Features - \[backend/service] Automatically repair snapshot integrity issues, while sending an error event to the backend for further diagnosis [#​22179](https://redirect.github.com/pulumi/pulumi/pull/22179) - \[cli] Add a --otel-traces flag, that allows writing otel traces to a file, or directly to a grpc interface [#​22129](https://redirect.github.com/pulumi/pulumi/pull/22129) - \[engine] Engine will use provider references from `__self__` arguments to calls [#​22114](https://redirect.github.com/pulumi/pulumi/pull/22114) - \[sdk/bun] Support bun as a runtime [#​22177](https://redirect.github.com/pulumi/pulumi/pull/22177) [#​22049](https://redirect.github.com/pulumi/pulumi/pull/22049) - \[sdk/bun] Add debugger support for the bun runtime [#​22177](https://redirect.github.com/pulumi/pulumi/pull/22177) - \[sdk/bun] Add support for Bun as a plugin runtime [#​22189](https://redirect.github.com/pulumi/pulumi/pull/22189) ##### Bug Fixes - \[engine] Fix ReplacementTrigger firing due to dependency changes [#​22119](https://redirect.github.com/pulumi/pulumi/pull/22119) - \[engine] Correctly serialize output values to the snapshot rather than always recording them as computed even when known [#​22120](https://redirect.github.com/pulumi/pulumi/pull/22120) - \[pcl] Support resource ranges in PCL [#​22144](https://redirect.github.com/pulumi/pulumi/pull/22144) - \[cli/config] Include environments used when refreshing a stack's config [#​22103](https://redirect.github.com/pulumi/pulumi/pull/22103) - \[cli/display] Fix `pulumi destroy` not showing parent resource hierarchy [#​22148](https://redirect.github.com/pulumi/pulumi/pull/22148) - \[cli/package] Correctly parse package URLs with .git in them [#​22174](https://redirect.github.com/pulumi/pulumi/pull/22174) - \[cli/plugin] Fix package get-schema for binary providers at relative paths [#​22107](https://redirect.github.com/pulumi/pulumi/pull/22107) - \[sdk/python] Handle null detailedDiff in automation StepEventMetadata JSON parsing [#​22140](https://redirect.github.com/pulumi/pulumi/pull/22140) - \[cli/state] Fix state move integrity errors when copied providers depend on resources left in source stack [#​22141](https://redirect.github.com/pulumi/pulumi/pull/22141) ##### Miscellaneous - \[cli/about] Show bun information in `pulumi about` [#​22121](https://redirect.github.com/pulumi/pulumi/pull/22121) - \[programgen/go] Target go 1.25 for generated go.mod files (instead of go 1.23) [#​22070](https://redirect.github.com/pulumi/pulumi/pull/22070) - \[sdkgen/go] Target go 1.25 for generated go.mod files for SDKs (instead of go 1.20) [#​22131](https://redirect.github.com/pulumi/pulumi/pull/22131) - \[sdk/python] Read Poetry and uv lockfiles to determine program dependencies [#​22072](https://redirect.github.com/pulumi/pulumi/pull/22072) - \[sdk/python] Use importlib to find pulumi-plugin.json for installed packages [#​22127](https://redirect.github.com/pulumi/pulumi/pull/22127) </details> <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.226.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.226.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.225.1...v3.226.0) #### 3.226.0 (2026-03-11) ##### Features - \[backend/service] Automatically repair snapshot integrity issues, while sending an error event to the backend for further diagnosis [#​22179](https://redirect.github.com/pulumi/pulumi/pull/22179) - \[cli] Add a --otel-traces flag, that allows writing otel traces to a file, or directly to a grpc interface [#​22129](https://redirect.github.com/pulumi/pulumi/pull/22129) - \[engine] Engine will use provider references from `__self__` arguments to calls [#​22114](https://redirect.github.com/pulumi/pulumi/pull/22114) - \[sdk/bun] Support bun as a runtime [#​22177](https://redirect.github.com/pulumi/pulumi/pull/22177) [#​22049](https://redirect.github.com/pulumi/pulumi/pull/22049) - \[sdk/bun] Add debugger support for the bun runtime [#​22177](https://redirect.github.com/pulumi/pulumi/pull/22177) - \[sdk/bun] Add support for Bun as a plugin runtime [#​22189](https://redirect.github.com/pulumi/pulumi/pull/22189) ##### Bug Fixes - \[engine] Fix ReplacementTrigger firing due to dependency changes [#​22119](https://redirect.github.com/pulumi/pulumi/pull/22119) - \[engine] Correctly serialize output values to the snapshot rather than always recording them as computed even when known [#​22120](https://redirect.github.com/pulumi/pulumi/pull/22120) - \[pcl] Support resource ranges in PCL [#​22144](https://redirect.github.com/pulumi/pulumi/pull/22144) - \[cli/config] Include environments used when refreshing a stack's config [#​22103](https://redirect.github.com/pulumi/pulumi/pull/22103) - \[cli/display] Fix `pulumi destroy` not showing parent resource hierarchy [#​22148](https://redirect.github.com/pulumi/pulumi/pull/22148) - \[cli/package] Correctly parse package URLs with .git in them [#​22174](https://redirect.github.com/pulumi/pulumi/pull/22174) - \[cli/plugin] Fix package get-schema for binary providers at relative paths [#​22107](https://redirect.github.com/pulumi/pulumi/pull/22107) - \[sdk/python] Handle null detailedDiff in automation StepEventMetadata JSON parsing [#​22140](https://redirect.github.com/pulumi/pulumi/pull/22140) - \[cli/state] Fix state move integrity errors when copied providers depend on resources left in source stack [#​22141](https://redirect.github.com/pulumi/pulumi/pull/22141) ##### Miscellaneous - \[cli/about] Show bun information in `pulumi about` [#​22121](https://redirect.github.com/pulumi/pulumi/pull/22121) - \[programgen/go] Target go 1.25 for generated go.mod files (instead of go 1.23) [#​22070](https://redirect.github.com/pulumi/pulumi/pull/22070) - \[sdkgen/go] Target go 1.25 for generated go.mod files for SDKs (instead of go 1.20) [#​22131](https://redirect.github.com/pulumi/pulumi/pull/22131) - \[sdk/python] Read Poetry and uv lockfiles to determine program dependencies [#​22072](https://redirect.github.com/pulumi/pulumi/pull/22072) - \[sdk/python] Use importlib to find pulumi-plugin.json for installed packages [#​22127](https://redirect.github.com/pulumi/pulumi/pull/22127) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
20b453c00b |
Update module github.com/pulumi/esc to v0.23.0 (#795)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/esc](https://redirect.github.com/pulumi/esc) | indirect | minor | `v0.22.0` -> `v0.23.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>pulumi/esc (github.com/pulumi/esc)</summary> ### [`v0.23.0`](https://redirect.github.com/pulumi/esc/releases/tag/v0.23.0) [Compare Source](https://redirect.github.com/pulumi/esc/compare/v0.22.0...v0.23.0) ##### Improvements - Add warning in CLI when using an ambiguous 2-part environment ref [#​622](https://redirect.github.com/pulumi/esc/pull/622) - Add support for `fn::final` built-in function that marks values as final and unable to be overwritten. [#​621](https://redirect.github.com/pulumi/esc/pull/621) ##### Bug Fixes ##### Breaking changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
Pulumi Bot
|
f6b499a9d4 |
[rollout] Set up GH-AW and install shared PR review workflows (#794)
## Summary This PR sets up GitHub Agentic Workflows (GH-AW) and installs shared PR review workflows in `pulumi/pulumi-docker-build`. ### Commands Executed - `gh-aw version` → `v0.56.2` (used as entrypoint) - `gh-aw init` → ran (`.github/aw/` was not present) - `gh-aw add pulumi-labs/gh-aw-internal/.github/workflows/gh-aw-pr-review.md@main --name docker-build-pr-review --force` - `gh-aw add pulumi-labs/gh-aw-internal/.github/workflows/gh-aw-pr-rereview.md@main --name docker-build-pr-rereview --force` - `gh-aw compile` - `gh-aw validate` ### Configuration | Property | Value | |---|---| | AW entrypoint | `gh-aw` (v0.56.2) | | Target base branch | `main` | | `prefix_stem` | `docker-build` | | `gh-aw init` | Ran (was not previously initialized) | ### Changed Files - `.gitattributes` — added `merge=ours` strategy for `.github/workflows/*.lock.yml` - `.github/agents/agentic-workflows.agent.md` — created by `gh-aw init` - `.github/workflows/copilot-setup-steps.yml` — generated dependency workflow - `.github/workflows/docker-build-pr-review.md` — shared PR review workflow source - `.github/workflows/docker-build-pr-review.lock.yml` — compiled lock file - `.github/workflows/docker-build-pr-rereview.md` — shared PR re-review workflow source - `.github/workflows/docker-build-pr-rereview.lock.yml` — compiled lock file - `.github/workflows/shared/review.md` — imported shared workflow - `.github/workflows/shared/plugins/code-review/code-review.md` — imported shared plugin ### Validation Output **compile:** ```` ⚠ Compiled 2 workflow(s): 0 error(s), 2 warning(s) ``` **validate:** ``` ⚠ Compiled 2 workflow(s): 0 error(s), 2 warning(s) ``` ### Validation Warnings Both workflows produced the same non-blocking warning: ``` warning: This workflow grants id-token: write permission OIDC tokens can authenticate to cloud providers (AWS, Azure, GCP). Ensure proper audience validation and trust policies are configured. ```` These warnings are expected for the shared review workflows which use OIDC for cloud authentication and are non-blocking. --- Rollout triggered by [provider-ops#41](https://github.com/pulumi/provider-ops/issues/41). > Generated by [Generic Rollout Worker](https://github.com/pulumi/provider-ops/actions/runs/23014445857) · [◷](https://github.com/search?q=repo%3Apulumi%2Fpulumi-docker-build+%22gh-aw-workflow-id%3A+gh-aw-workflow-rollout-worker%22&type=pullrequests) <!-- gh-aw-agentic-workflow: Generic Rollout Worker, engine: claude, id: 23014445857, workflow_id: gh-aw-workflow-rollout-worker, run: https://github.com/pulumi/provider-ops/actions/runs/23014445857 --> <!-- gh-aw-workflow-id: gh-aw-workflow-rollout-worker --> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|
pulumi-renovate[bot]
|
a8af1bfb5d |
Update module github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 to v3.102.0 (#792)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3](https://redirect.github.com/pulumi/pulumi-dotnet) | require | minor | `v3.101.2` -> `v3.102.0` | --- ### Release Notes <details> <summary>pulumi/pulumi-dotnet (github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3)</summary> ### [`v3.102.0`](https://redirect.github.com/pulumi/pulumi-dotnet/blob/HEAD/CHANGELOG.md#v31020---2026-03-11) [Compare Source](https://redirect.github.com/pulumi/pulumi-dotnet/compare/v3.101.2...v3.102.0) ##### Improvements - \[runtime] Support 'secret' in pcl config blocks [#​897](https://redirect.github.com/pulumi/pulumi-dotnet/pull/897) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-renovate[bot]
|
158160e33c |
Update module github.com/pulumi/pulumi-java/pkg to v1.21.3 (#791)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi-java/pkg](https://redirect.github.com/pulumi/pulumi-java) | require | patch | `v1.21.2` -> `v1.21.3` | --- ### Release Notes <details> <summary>pulumi/pulumi-java (github.com/pulumi/pulumi-java/pkg)</summary> ### [`v1.21.3`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#vv1213---2026-03-11) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.21.2...v1.21.3) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-provider-automation[bot]
|
c7b308d64b |
Update GitHub Actions workflows. (#789)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[7dff4f888cb6e5bfa153146d3658d3e86ba74c6f](
|
||
|
Cam Soper
|
ac9653175b |
Fix syntax for language chooser in documentation (#771)
@pose Fixes a bug in the doc that prevents completion of the build in `pulumi/registry`. |
||
|
pulumi-renovate[bot]
|
76a990fcb2 |
Update module github.com/pulumi/pulumi/pkg/v3 to v3.225.1 (#788)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | patch | `v3.225.0` -> `v3.225.1` | --- ### Release Notes <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.225.1`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.225.1) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.225.0...v3.225.1) #### 3.225.1 (2026-03-05) ##### Bug Fixes - \[engine] Fix inheritence of default providers across resources of different packages [#​22101](https://redirect.github.com/pulumi/pulumi/pull/22101) - \[programgen/go] Fix panic on digit-prefixed schema properties in Go code generation [#​21917](https://redirect.github.com/pulumi/pulumi/pull/21917) - \[programgen/go] Fix plain values not always being lifted to input/output values when needed [#​22084](https://redirect.github.com/pulumi/pulumi/pull/22084) - \[programgen/python] Fix generation of `entries` and `lookup` calls [#​22086](https://redirect.github.com/pulumi/pulumi/pull/22086) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-provider-automation[bot]
|
aeb64dc959 |
Update GitHub Actions workflows. (#787)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[46f89691d9162d78e8ac301d8b8746b1469b2338](
|
||
|
pulumi-renovate[bot]
|
14fafe1ba2 |
Update dependency @pulumi/pulumi to v3.225.1 (#786)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | patch | [`3.225.0` -> `3.225.1`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.225.0/3.225.1) | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.225.1`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.225.1) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.225.0...v3.225.1) #### 3.225.1 (2026-03-05) ##### Bug Fixes - \[engine] Fix inheritence of default providers across resources of different packages [#​22101](https://redirect.github.com/pulumi/pulumi/pull/22101) - \[programgen/go] Fix panic on digit-prefixed schema properties in Go code generation [#​21917](https://redirect.github.com/pulumi/pulumi/pull/21917) - \[programgen/go] Fix plain values not always being lifted to input/output values when needed [#​22084](https://redirect.github.com/pulumi/pulumi/pull/22084) - \[programgen/python] Fix generation of `entries` and `lookup` calls [#​22086](https://redirect.github.com/pulumi/pulumi/pull/22086) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-renovate[bot]
|
38664fbc57 |
Update first-party Pulumi dependencies to v3.225.0 (#784)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.224.0` -> `3.225.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.224.0/3.225.0) | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.224.0` -> `v3.225.0` | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.225.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.225.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.224.0...v3.225.0) ##### 3.225.0 (2026-03-04) ##### Features - \[engine] Automatically make invoke outputs secret when there is a secret input, and the invoke provider does not support secrets [#​21959](https://redirect.github.com/pulumi/pulumi/pull/21959) - \[engine] The engine now handles the inheritance of the `provider` option in resource registrations [#​21999](https://redirect.github.com/pulumi/pulumi/pull/21999) - \[engine] Enable journaling by default. It can still be turned off using the PULUMI_DISABLE_JOURNALING env variable [#​22041](https://redirect.github.com/pulumi/pulumi/pull/22041) - \[programgen] PCL can now express config values should be read as secrets [#​22066](https://redirect.github.com/pulumi/pulumi/pull/22066) - \[yaml] Update yaml to v1.30.0 - \[cli/engine] Add a flag for automatically opening a Neo task on preview/up failure [#​21960](https://redirect.github.com/pulumi/pulumi/pull/21960) - \[cli/package] Support source-based packages in `pulumi schema check`, not just schema files [#​21897](https://redirect.github.com/pulumi/pulumi/pull/21897) ##### Bug Fixes - \[cli] Fix `stack import` panicking when importing a service stack into a DIY backend [#​22076](https://redirect.github.com/pulumi/pulumi/pull/22076) - \[engine] Fix panic when a new component resource in the program is not targeted [#​21957](https://redirect.github.com/pulumi/pulumi/pull/21957) - \[sdk/nodejs] Implement GetProgramDependencies for bun and pnpm [#​22065](https://redirect.github.com/pulumi/pulumi/pull/22065) ##### Miscellaneous - \[cli] Build language plugins with the grpcnotrace tag to reduce the binary size [#​22012](https://redirect.github.com/pulumi/pulumi/pull/22012) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
8befdfed62 |
Update module github.com/pulumi/pulumi/pkg/v3 to v3.224.0 (#780)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.223.0` -> `v3.224.0` | --- ### Release Notes <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.224.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.224.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.223.0...v3.224.0) ##### 3.224.0 (2026-02-26) ##### Features - \[backend/diy] Add zstd compression option for DIY backend state files [#​21877](https://redirect.github.com/pulumi/pulumi/pull/21877) - \[engine] Automatically make invoke outputs secret when there is a secret input, and the invoke provider does not support secrets - \[cli/package] Support source-based packages in `pulumi schema check`, not just schema files [#​21897](https://redirect.github.com/pulumi/pulumi/pull/21897) ##### Bug Fixes - \[pkg] Correct the schema for "pulumi:pulumi:StackReference" [#​21895](https://redirect.github.com/pulumi/pulumi/pull/21895) - \[programgen/nodejs] Correct the semantics of singleOrNone in generated files [#​21947](https://redirect.github.com/pulumi/pulumi/pull/21947) - \[sdk/python] Fix `StepEventMetadata.from_json` reading `detailed_diff` (snake_case) instead of `detailedDiff` (camelCase), and `PolicyEvent.from_json` reading `resource_urn` instead of `resourceUrn`, causing both fields to always be `None` [#​21714](https://redirect.github.com/pulumi/pulumi/pull/21714) - \[sdk/python] Convert integer component inputs to `int` [#​21944](https://redirect.github.com/pulumi/pulumi/pull/21944) - \[sdk/python] Fix crash in forked processes using automation API [#​21937](https://redirect.github.com/pulumi/pulumi/pull/21937) - \[engine] Fix panic when a new component resource in the program is not targeted [#​21957](https://redirect.github.com/pulumi/pulumi/pull/21957) ##### Miscellaneous - \[sdk] Update java, dotnet & yaml [#​21961](https://redirect.github.com/pulumi/pulumi/pull/21961) - \[sdk/python] Improve the performance of `contains_unknowns` for large objects [#​21893](https://redirect.github.com/pulumi/pulumi/pull/21893) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
1e0f067064 |
Update module github.com/cloudflare/circl to v1.6.3 [SECURITY] (#776)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/cloudflare/circl](https://redirect.github.com/cloudflare/circl) | indirect | patch | `v1.6.1` -> `v1.6.3` | ### GitHub Vulnerability Alerts #### [CVE-2026-1229](https://redirect.github.com/cloudflare/circl/security/advisories/GHSA-q9hv-hpm4-hj6x) The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in **[v1.6.3](https://redirect.github.com/cloudflare/circl/releases/tag/v1.6.3)**. --- ### Release Notes <details> <summary>cloudflare/circl (github.com/cloudflare/circl)</summary> ### [`v1.6.3`](https://redirect.github.com/cloudflare/circl/releases/tag/v1.6.3): CIRCL v1.6.3 [Compare Source](https://redirect.github.com/cloudflare/circl/compare/v1.6.2...v1.6.3) ##### CIRCL v1.6.3 Fix a bug on ecc/p384 scalar multiplication. ##### What's Changed - sign/mldsa: Check opts for nil value by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/582](https://redirect.github.com/cloudflare/circl/pull/582) - ecc/p384: Point addition must handle point doubling case. by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/583](https://redirect.github.com/cloudflare/circl/pull/583) - Release CIRCL v1.6.3 by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/584](https://redirect.github.com/cloudflare/circl/pull/584) **Full Changelog**: https://github.com/cloudflare/circl/compare/v1.6.2...v1.6.3 ### [`v1.6.2`](https://redirect.github.com/cloudflare/circl/releases/tag/v1.6.2): CIRCL v1.6.2 [Compare Source](https://redirect.github.com/cloudflare/circl/compare/v1.6.1...v1.6.2) ##### CIRCL v1.6.2 - New SLH-DSA, improvements in ML-DSA for arm64. - Tested compilation on WASM. ##### What's Changed - Optimize pairing product computation by moving exponentiations to G1. by [@​dfaranha](https://redirect.github.com/dfaranha) in [https://github.com/cloudflare/circl/pull/547](https://redirect.github.com/cloudflare/circl/pull/547) - sign: Adding SLH-DSA signature by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/512](https://redirect.github.com/cloudflare/circl/pull/512) - Update code generators to CIRCL v1.6.1. by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/548](https://redirect.github.com/cloudflare/circl/pull/548) - ML-DSA: Add preliminary Wycheproof test vectors by [@​bwesterb](https://redirect.github.com/bwesterb) in [https://github.com/cloudflare/circl/pull/552](https://redirect.github.com/cloudflare/circl/pull/552) - go fmt by [@​bwesterb](https://redirect.github.com/bwesterb) in [https://github.com/cloudflare/circl/pull/554](https://redirect.github.com/cloudflare/circl/pull/554) - gz-compressing test vectors, use of HexBytes and ReadGzip functions. by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/555](https://redirect.github.com/cloudflare/circl/pull/555) - group: Removes use of elliptic Marshal and Unmarshal functions. by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/556](https://redirect.github.com/cloudflare/circl/pull/556) - Support encoding/decoding ML-DSA private keys (as long as they contain seeds) by [@​bwesterb](https://redirect.github.com/bwesterb) in [https://github.com/cloudflare/circl/pull/559](https://redirect.github.com/cloudflare/circl/pull/559) - Update to golangci-lint v2 by [@​bwesterb](https://redirect.github.com/bwesterb) in [https://github.com/cloudflare/circl/pull/560](https://redirect.github.com/cloudflare/circl/pull/560) - Preparation for ARM64 Implementation of poly operations for dilithium package. by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/562](https://redirect.github.com/cloudflare/circl/pull/562) - prepare power2Round for custom implementations in assembly by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/564](https://redirect.github.com/cloudflare/circl/pull/564) - ARM64 implementation for poly.PackLe16 by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/563](https://redirect.github.com/cloudflare/circl/pull/563) - add arm64 version of polyMulBy2toD by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/565](https://redirect.github.com/cloudflare/circl/pull/565) - add arm64 version of polySub by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/566](https://redirect.github.com/cloudflare/circl/pull/566) - group: add byteLen method for short groups and RandomScalar uses rand.Int by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/568](https://redirect.github.com/cloudflare/circl/pull/568) - add arm64 version of poly.Add/Sub by [@​elementrics](https://redirect.github.com/elementrics) in [https://github.com/cloudflare/circl/pull/572](https://redirect.github.com/cloudflare/circl/pull/572) - group: Adding cryptobyte marshaling to scalars by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/569](https://redirect.github.com/cloudflare/circl/pull/569) - Bumping up to Go1.25 by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/574](https://redirect.github.com/cloudflare/circl/pull/574) - ci: Including WASM compilation. by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/577](https://redirect.github.com/cloudflare/circl/pull/577) - Revert to using package-declared HPKE errors for shortkem instead of standard library errors by [@​harshiniwho](https://redirect.github.com/harshiniwho) in [https://github.com/cloudflare/circl/pull/578](https://redirect.github.com/cloudflare/circl/pull/578) - Release v1.6.2 by [@​armfazh](https://redirect.github.com/armfazh) in [https://github.com/cloudflare/circl/pull/579](https://redirect.github.com/cloudflare/circl/pull/579) ##### New Contributors - [@​dfaranha](https://redirect.github.com/dfaranha) made their first contribution in [https://github.com/cloudflare/circl/pull/547](https://redirect.github.com/cloudflare/circl/pull/547) - [@​elementrics](https://redirect.github.com/elementrics) made their first contribution in [https://github.com/cloudflare/circl/pull/562](https://redirect.github.com/cloudflare/circl/pull/562) - [@​harshiniwho](https://redirect.github.com/harshiniwho) made their first contribution in [https://github.com/cloudflare/circl/pull/578](https://redirect.github.com/cloudflare/circl/pull/578) **Full Changelog**: https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
52f09191a7 |
Update first-party Pulumi dependencies (#769)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.221.0` -> `3.224.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.221.0/3.224.0) | | [github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild](https://redirect.github.com/pulumi/pulumi-docker-build) | require | patch | `v0.0.12` -> `v0.0.15` | | [github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3](https://redirect.github.com/pulumi/pulumi-dotnet) | require | patch | `v3.101.0` -> `v3.101.2` | | [github.com/pulumi/pulumi-java/pkg](https://redirect.github.com/pulumi/pulumi-java) | require | minor | `v1.16.0` -> `v1.21.2` | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.220.0` -> `v3.223.0` | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.224.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.224.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.223.0...v3.224.0) ##### 3.224.0 (2026-02-26) ##### Features - \[backend/diy] Add zstd compression option for DIY backend state files [#​21877](https://redirect.github.com/pulumi/pulumi/pull/21877) - \[engine] Automatically make invoke outputs secret when there is a secret input, and the invoke provider does not support secrets - \[cli/package] Support source-based packages in `pulumi schema check`, not just schema files [#​21897](https://redirect.github.com/pulumi/pulumi/pull/21897) ##### Bug Fixes - \[pkg] Correct the schema for "pulumi:pulumi:StackReference" [#​21895](https://redirect.github.com/pulumi/pulumi/pull/21895) - \[programgen/nodejs] Correct the semantics of singleOrNone in generated files [#​21947](https://redirect.github.com/pulumi/pulumi/pull/21947) - \[sdk/python] Fix `StepEventMetadata.from_json` reading `detailed_diff` (snake_case) instead of `detailedDiff` (camelCase), and `PolicyEvent.from_json` reading `resource_urn` instead of `resourceUrn`, causing both fields to always be `None` [#​21714](https://redirect.github.com/pulumi/pulumi/pull/21714) - \[sdk/python] Convert integer component inputs to `int` [#​21944](https://redirect.github.com/pulumi/pulumi/pull/21944) - \[sdk/python] Fix crash in forked processes using automation API [#​21937](https://redirect.github.com/pulumi/pulumi/pull/21937) - \[engine] Fix panic when a new component resource in the program is not targeted [#​21957](https://redirect.github.com/pulumi/pulumi/pull/21957) ##### Miscellaneous - \[sdk] Update java, dotnet & yaml [#​21961](https://redirect.github.com/pulumi/pulumi/pull/21961) - \[sdk/python] Improve the performance of `contains_unknowns` for large objects [#​21893](https://redirect.github.com/pulumi/pulumi/pull/21893) ### [`v3.223.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32230-2026-02-19) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.222.0...v3.223.0) ##### Bug Fixes - \[engine] Report policy pack installation errors [#​21882](https://redirect.github.com/pulumi/pulumi/pull/21882) ### [`v3.222.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32220-2026-02-18) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.221.0...v3.222.0) ##### Features - \[programgen/go] Generate Call requests [#​21836](https://redirect.github.com/pulumi/pulumi/pull/21836) ##### Bug Fixes - \[sdk/{nodejs,python}] Fix hang when loading policy packs that use v1.18.1 or older of the policy SDK [#​21866](https://redirect.github.com/pulumi/pulumi/pull/21866) </details> <details> <summary>pulumi/pulumi-docker-build (github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild)</summary> ### [`v0.0.15`](https://redirect.github.com/pulumi/pulumi-docker-build/compare/v0.0.14...v0.0.15) [Compare Source](https://redirect.github.com/pulumi/pulumi-docker-build/compare/v0.0.14...v0.0.15) ### [`v0.0.14`](https://redirect.github.com/pulumi/pulumi-docker-build/compare/v0.0.13...v0.0.14) [Compare Source](https://redirect.github.com/pulumi/pulumi-docker-build/compare/v0.0.13...v0.0.14) ### [`v0.0.13`](https://redirect.github.com/pulumi/pulumi-docker-build/releases/tag/v0.0.13) [Compare Source](https://redirect.github.com/pulumi/pulumi-docker-build/compare/v0.0.12...v0.0.13) #### What's Changed - Improve exec error messages by [@​blampe](https://redirect.github.com/blampe) in [https://github.com/pulumi/pulumi-docker-build/pull/553](https://redirect.github.com/pulumi/pulumi-docker-build/pull/553) - Update p-go-provider to fix version replacement behavior by [@​blampe](https://redirect.github.com/blampe) in [https://github.com/pulumi/pulumi-docker-build/pull/584](https://redirect.github.com/pulumi/pulumi-docker-build/pull/584) **Full Changelog**: https://github.com/pulumi/pulumi-docker-build/compare/v0.0.12...v0.0.13 </details> <details> <summary>pulumi/pulumi-dotnet (github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3)</summary> ### [`v3.101.2`](https://redirect.github.com/pulumi/pulumi-dotnet/blob/HEAD/CHANGELOG.md#v31012---2026-02-25) [Compare Source](https://redirect.github.com/pulumi/pulumi-dotnet/compare/v3.101.0...v3.101.2) </details> <details> <summary>pulumi/pulumi-java (github.com/pulumi/pulumi-java/pkg)</summary> ### [`v1.21.2`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#vv1212---2026-02-25) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.21.1...v1.21.2) ### [`v1.21.1`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#vv1211---2026-02-25) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.21.0...v1.21.1) ##### Bug Fixes - \[runtime] Fix `unknown provider package` error in automation API and correctly propagate errors from inline programs. [#​2029](https://redirect.github.com/pulumi/pulumi-java/pull/2029) ### [`v1.21.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#vv1210---2026-01-28) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.20.0...v1.21.0) ##### Improvements - \[sdk] Add Deployment.requirePulumiVersion [#​1979](https://redirect.github.com/pulumi/pulumi-java/pull/1979) - \[codegen] Implement alias resource options generation [#​1982](https://redirect.github.com/pulumi/pulumi-java/pull/1982) ##### Bug Fixes - \[codegen] Use config.require in codegen when there is no default value [#​1983](https://redirect.github.com/pulumi/pulumi-java/pull/1983) ### [`v1.20.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#vv1200---2025-12-29) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.19.0...v1.20.0) ##### Improvements - \[sdk] Add support for the `replacementTrigger` resource option [#​1958](https://redirect.github.com/pulumi/pulumi-java/pull/1958) ### [`v1.19.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1190---2025-12-10) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.18.0...v1.19.0) ##### Improvements - \[codegen] Add .gitattributes file to generated SDKs [#​1949](https://redirect.github.com/pulumi/pulumi-java/pull/1949) ##### Bug Fixes - \[language] Stop parsing runtime options at startup [#​1947](https://redirect.github.com/pulumi/pulumi-java/pull/1947) ### [`v1.18.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1180---2025-12-03) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.17.1...v1.18.0) ##### Improvements - \[sdk] Add `ReplaceWith` as a resource option ### [`v1.17.1`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1171---2025-11-26) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.17.0...v1.17.1) ##### Improvements - \[sdk] Dependency bumps ### [`v1.17.0`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1170---2025-11-12) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.16.3...v1.17.0) ##### Improvements - \[sdk] Get the event log in the automation API over gRPC, instead of through a text file ### [`v1.16.3`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1163---2025-11-05) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.16.2...v1.16.3) ##### Improvements - \[sdk] Update pulumi pkg & sdk to 3.205.0 - \[runtime] Implement `Language.Link` ### [`v1.16.2`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1162---2025-10-10) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.16.1...v1.16.2) ##### Bug Fixes - \[sdk] Add `hideDiffs` as a new resource option. See details ### [`v1.16.1`](https://redirect.github.com/pulumi/pulumi-java/blob/HEAD/CHANGELOG.md#v1161---2025-07-31) [Compare Source](https://redirect.github.com/pulumi/pulumi-java/compare/v1.16.0...v1.16.1) ##### Bug Fixes - \[codegen] Fix generated 'plan' argument of 'preview' command </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
pulumi-provider-automation[bot]
|
7a9b31c60f |
Update GitHub Actions workflows. (#777)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[599b3ade95c3408830d062a38ea7cf9c8607a12f](
|
||
|
Pulumi Bot
|
e5da099be4 |
Upgrade to golangci-lint v2 (#775)
Upgrades golangci-lint from v1 to v2. Automated by Linear issue IT-144. Co-authored-by: CI <ci@pulumi.com> |
||
|
pulumi-provider-automation[bot]
|
1b95d18edc |
Update GitHub Actions workflows. (#773)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[b8b29dc51d452160accc76a310efd6eb38760b50](
|
||
|
pulumi-provider-automation[bot]
|
5eabae0608 |
Update GitHub Actions workflows. (#772)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[f591fbcab3c096e497ab858d7155b31b12495ed1](
|
||
|
pulumi-provider-automation[bot]
|
583183d5e6 |
Update GitHub Actions workflows. (#768)
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[cf7cafe004bfe263736eb8a33fbeead26cc57b58](
|
||
|
pulumi-renovate[bot]
|
a30d557dc3 |
Update dependency @pulumi/pulumi to v3.221.0 (#767)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.220.0` -> `3.221.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.220.0/3.221.0) | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.221.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.221.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.220.0...v3.221.0) #### 3.221.0 (2026-02-17) ##### Features - \[auto] Support Go 1.26 [#​21835](https://redirect.github.com/pulumi/pulumi/pull/21835) - \[engine] BREAKING: Rename `pulumiVersionRange` to `requiredPulumiVersion` in `PulumiPlugin.yaml` [#​21807](https://redirect.github.com/pulumi/pulumi/pull/21807) - \[cli/plugin] Reduce GitHub API usage when downloading plugins [#​21774](https://redirect.github.com/pulumi/pulumi/pull/21774) - \[protobuf] Add loader_target to RunPluginRequest [#​21763](https://redirect.github.com/pulumi/pulumi/pull/21763) - \[sdk/nodejs] Support enums when inferring schemas from components [#​21787](https://redirect.github.com/pulumi/pulumi/pull/21787) - \[sdk/nodejs] Support the Partial<T> utility type in component schema inference [#​21802](https://redirect.github.com/pulumi/pulumi/pull/21802) - \[sdk/nodejs] Support the Required<T> utility type in component schema inference [#​21803](https://redirect.github.com/pulumi/pulumi/pull/21803) ##### Bug Fixes - \[cli] Make stack graph output deterministic [#​21786](https://redirect.github.com/pulumi/pulumi/pull/21786) - \[engine] Fix snapshot integrity error in `refresh --run-program` with component resources [#​21806](https://redirect.github.com/pulumi/pulumi/pull/21806) - \[engine] Fix race in refresh --run-program [#​21815](https://redirect.github.com/pulumi/pulumi/pull/21815) - \[programgen/go] Correctly handle import paths for nested modules [#​21812](https://redirect.github.com/pulumi/pulumi/pull/21812) - \[sdkgen] Support type references to parameterized and third-party packages [#​21804](https://redirect.github.com/pulumi/pulumi/pull/21804) - \[sdkgen/go] Do not depend on pulumix against instructions for enums [#​21818](https://redirect.github.com/pulumi/pulumi/pull/21818) - \[cli/{install,package}] Don't panic when a non-absolute path is passed to `pulumi package get-schema` where the PulumiPlugin.yaml has a packages section [#​21794](https://redirect.github.com/pulumi/pulumi/pull/21794) - \[cli/{install,package}] Only link a Pulumi project once [#​21788](https://redirect.github.com/pulumi/pulumi/pull/21788) - \[cli/{install,package}] Run in the correct location when using `uv` to link python packages [#​21796](https://redirect.github.com/pulumi/pulumi/pull/21796) - \[cli/package] Allow underscores in the path of plugin URLs [#​21778](https://redirect.github.com/pulumi/pulumi/pull/21778) - \[sdk/{nodejs,python}] Use new policy plugin support to run policy packs [#​21684](https://redirect.github.com/pulumi/pulumi/pull/21684) - \[sdk/python] Surface errors from uv, poetry or pip during linking [#​21770](https://redirect.github.com/pulumi/pulumi/pull/21770) - \[sdk/python] Always surface errors from uv, poetry or pip during dependency installation [#​21814](https://redirect.github.com/pulumi/pulumi/pull/21814) - \[sdkgen/python] Add missing blank line before :param lists [#​21789](https://redirect.github.com/pulumi/pulumi/pull/21789) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
Bryce Lampe
|
710f5d816b |
Remove unnecessary envOverride (#766)
Our DockerHub password is in ESC, and a bunch of the other variables were copy-pasted defaults. We need to keep GCP because that isn't in ESC yet. Refs https://github.com/pulumi/ci-mgmt/issues/1583. |
||
|
pulumi-provider-automation[bot]
|
6aa0b4dde7 |
Update GitHub Actions workflows. (#765)
This PR was automatically generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit ee5e1047ced9aa4de854f25974720cb5d4243799. Co-authored-by: Pulumi Bot <bot@pulumi.com> |
||
|
Alberto Pose
|
13a14388f2 |
Fix workflow failure by ensuring bin directory exists (#762)
# **Note: This is a temporary fix until we get this to `ci-mgmt`**
## Summary
Fixes the GoReleaser workflow failure that started on Feb 6, 2026.
## Root Cause
Commit
|
||
|
pulumi-renovate[bot]
|
13acd934b6 |
Update first-party Pulumi dependencies (#760)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/pulumi/esc](https://redirect.github.com/pulumi/esc) | indirect | minor | `v0.21.0` -> `v0.22.0` | | [github.com/pulumi/pulumi/pkg/v3](https://redirect.github.com/pulumi/pulumi) | require | minor | `v3.219.0` -> `v3.220.0` | --- ### Release Notes <details> <summary>pulumi/esc (github.com/pulumi/esc)</summary> ### [`v0.22.0`](https://redirect.github.com/pulumi/esc/releases/tag/v0.22.0) [Compare Source](https://redirect.github.com/pulumi/esc/compare/v0.21.0...v0.22.0) ##### Improvements ##### Bug Fixes ##### Breaking changes </details> <details> <summary>pulumi/pulumi (github.com/pulumi/pulumi/pkg/v3)</summary> ### [`v3.220.0`](https://redirect.github.com/pulumi/pulumi/releases/tag/v3.220.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.219.0...v3.220.0) ##### 3.220.0 (2026-02-10) ##### Features - \[cli] Show environment variables that were set if a snapshot integrity error happens [#​21709](https://redirect.github.com/pulumi/pulumi/pull/21709) - \[cli/{install,package}] Use the Pulumi Cloud Registry by default to resolve package names - \[engine] Pass replacement trigger through to Construct [#​21408](https://redirect.github.com/pulumi/pulumi/pull/21408) - \[engine] Add EnvVarMappings resource option for provider resources, allowing environment variables to be remapped before being passed to the provider [#​21572](https://redirect.github.com/pulumi/pulumi/pull/21572) - \[pkg] BREAKING: Deprecate github.com/pulumi/pulumi/pkg/v3/codegen/dotnet in favor of github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3/codegen. This package will be removed from pulumi/pulumi soon! [#​21720](https://redirect.github.com/pulumi/pulumi/pull/21720) ##### Bug Fixes - \[cli] Retry `yarn install` when it fails (e.g. during `pulumi install`) [#​21707](https://redirect.github.com/pulumi/pulumi/pull/21707) - \[engine] Deal with errors in elided journal entries correctly [#​21576](https://redirect.github.com/pulumi/pulumi/pull/21576) - \[sdk/nodejs] Fix remote components with PULUMI_NODEJS_SKIP_COMPONENT_INPUTS - \[sdk/python] Fix `_LazyModule` to not trigger full module load for introspection attributes [#​21620](https://redirect.github.com/pulumi/pulumi/pull/21620) - \[sdkgen/python] Remove workaround for slow typechecking with MyPy and PyCharm [#​21722](https://redirect.github.com/pulumi/pulumi/pull/21722) ##### Miscellaneous - \[cli] Write logfile location if verbosity is >= 1 to stderr instead of stdout [#​21663](https://redirect.github.com/pulumi/pulumi/pull/21663) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> Co-authored-by: Ian Wahbe <me@iwahbe.com> |
||
|
pulumi-provider-automation[bot]
|
8cb8d21332 |
Update GitHub Actions workflows. (#761)
This PR was automatically generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit f34bb277a6b5001ebd945cebced51ef890cdb7b9. Co-authored-by: Pulumi Bot <bot@pulumi.com> |
||
|
pulumi-renovate[bot]
|
c11144e1b3 |
Update dependency @pulumi/pulumi to v3.220.0 (#759)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.219.0` -> `3.220.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.219.0/3.220.0) | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.220.0`](https://redirect.github.com/pulumi/pulumi/compare/v3.219.0...v3.220.0) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.219.0...v3.220.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |
||
|
pulumi-renovate[bot]
|
ca8a59a077 |
Update module github.com/go-git/go-git/v5 to v5.16.5 [SECURITY] (#758)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/go-git/go-git/v5](https://redirect.github.com/go-git/go-git) | indirect | patch | `v5.16.0` -> `v5.16.5` | ### GitHub Vulnerability Alerts #### [CVE-2026-25934](https://redirect.github.com/go-git/go-git/security/advisories/GHSA-37cx-329c-33x3) ### Impact A vulnerability was discovered in `go-git` whereby data integrity values for `.pack` and `.idx` files were not properly verified. This resulted in `go-git` potentially consuming corrupted files, which would likely result in unexpected errors such as `object not found`. For context, clients fetch [`packfiles`](https://git-scm.com/docs/pack-protocol#_packfile_data) from upstream Git servers. Those files contain a checksum of their contents, so that clients can perform integrity checks before consuming it. The pack indexes (`.idx`) are [generated](https://git-scm.com/docs/pack-format) locally by `go-git`, or the `git` cli, when new `.pack` files are received and processed. The integrity checks for both files were not being verified correctly. Note that the lack of verification of the packfile checksum has no impact on the trust relationship between the client and server, which is enforced based on the protocol being used (e.g. TLS in the case of `https://` or known hosts for `ssh://`). In other words, the packfile checksum verification does not provide any security benefits when connecting to a malicious or compromised Git server. ### Patches Users should upgrade to `v5.16.5`, or the latest `v6` [pseudo-version](https://go.dev/ref/mod#pseudo-versions), in order to mitigate this vulnerability. ### Workarounds In case updating to a fixed version of `go-git` is not possible, users can run [git fsck](https://git-scm.com/docs/git-fsck) from the `git` cli to check for data corruption on a given repository. ### Credit Thanks @​N0zoM1z0 for finding and reporting this issue privately to the `go-git` project. --- ### Release Notes <details> <summary>go-git/go-git (github.com/go-git/go-git/v5)</summary> ### [`v5.16.5`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.5) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.4...v5.16.5) ##### What's Changed - build: Update module golang.org/x/crypto to v0.45.0 \[SECURITY] (releases/v5.x) by [@​go-git-renovate](https://redirect.github.com/go-git-renovate)\[bot] in[https://github.com/go-git/go-git/pull/1744](https://redirect.github.com/go-git/go-git/pull/1744)4 - build: Bump Go test versions to 1.23-1.25 (v5) by [@​pjbgf](https://redirect.github.com/pjbgf) in [https://github.com/go-git/go-git/pull/1746](https://redirect.github.com/go-git/go-git/pull/1746) - \[v5] git: worktree, Don't delete local untracked files when resetting worktree by [@​Ch00k](https://redirect.github.com/Ch00k) in [https://github.com/go-git/go-git/pull/1800](https://redirect.github.com/go-git/go-git/pull/1800) - Expand packfile checks by [@​pjbgf](https://redirect.github.com/pjbgf) in [https://github.com/go-git/go-git/pull/1836](https://redirect.github.com/go-git/go-git/pull/1836) **Full Changelog**: https://github.com/go-git/go-git/compare/v5.16.4...v5.16.5 ### [`v5.16.4`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.4) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.3...v5.16.4) ##### What's Changed - backport plumbing: format/idxfile, prevent panic by [@​swills](https://redirect.github.com/swills) in [https://github.com/go-git/go-git/pull/1732](https://redirect.github.com/go-git/go-git/pull/1732) - \[backport] build: test, Fix build on Windows. by [@​pjbgf](https://redirect.github.com/pjbgf) in [https://github.com/go-git/go-git/pull/1734](https://redirect.github.com/go-git/go-git/pull/1734) - build: Update module golang.org/x/net to v0.38.0 \[SECURITY] (releases/v5.x) by [@​go-git-renovate](https://redirect.github.com/go-git-renovate)\[bot] in[https://github.com/go-git/go-git/pull/1742](https://redirect.github.com/go-git/go-git/pull/1742)2 - build: Update module github.com/cloudflare/circl to v1.6.1 \[SECURITY] (releases/v5.x) by [@​go-git-renovate](https://redirect.github.com/go-git-renovate)\[bot] in[https://github.com/go-git/go-git/pull/1741](https://redirect.github.com/go-git/go-git/pull/1741)1 - build: Update module github.com/go-git/go-git/v5 to v5.13.0 \[SECURITY] (releases/v5.x) by [@​go-git-renovate](https://redirect.github.com/go-git-renovate)\[bot] in[https://github.com/go-git/go-git/pull/1743](https://redirect.github.com/go-git/go-git/pull/1743)3 **Full Changelog**: https://github.com/go-git/go-git/compare/v5.16.3...v5.16.4 ### [`v5.16.3`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.3) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.2...v5.16.3) ##### What's Changed - internal: Expand regex to fix build \[5.x] by [@​baloo](https://redirect.github.com/baloo) in [https://github.com/go-git/go-git/pull/1644](https://redirect.github.com/go-git/go-git/pull/1644) - build: raise timeouts for windows CI tests and disable CIFuzz \[5.x] by [@​baloo](https://redirect.github.com/baloo) in [https://github.com/go-git/go-git/pull/1646](https://redirect.github.com/go-git/go-git/pull/1646) - plumbing: support commits extra headers, support jujutsu signed commit \[5.x] by [@​baloo](https://redirect.github.com/baloo) in [https://github.com/go-git/go-git/pull/1633](https://redirect.github.com/go-git/go-git/pull/1633) **Full Changelog**: https://github.com/go-git/go-git/compare/v5.16.2...v5.16.3 ### [`v5.16.2`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.2) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.1...v5.16.2) ##### What's Changed - utils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by [@​kane8n](https://redirect.github.com/kane8n) in [https://github.com/go-git/go-git/pull/1567](https://redirect.github.com/go-git/go-git/pull/1567) **Full Changelog**: https://github.com/go-git/go-git/compare/v5.16.1...v5.16.2 ### [`v5.16.1`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.1) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.0...v5.16.1) ##### What's Changed - utils: merkletrie, Fix diff on sparse-checkout index. Fixes [#​1406](https://redirect.github.com/go-git/go-git/issues/1406) to releases/v5.x by [@​kane8n](https://redirect.github.com/kane8n) in [https://github.com/go-git/go-git/pull/1561](https://redirect.github.com/go-git/go-git/pull/1561) ##### New Contributors - [@​kane8n](https://redirect.github.com/kane8n) made their first contribution in [https://github.com/go-git/go-git/pull/1561](https://redirect.github.com/go-git/go-git/pull/1561) **Full Changelog**: https://github.com/go-git/go-git/compare/v5.16.0...v5.16.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> --------- Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> Co-authored-by: pulumi-bot <bot@pulumi.com> |
||
|
Bryce Lampe
|
5b05d733ea |
Fix lint issues (#755)
Lint fixes in preparation of https://github.com/pulumi/ci-mgmt/pull/2024. |
||
|
pulumi-renovate[bot]
|
e9f6bbf15d |
Update first-party Pulumi dependencies (#717)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@pulumi/pulumi](https://redirect.github.com/pulumi/pulumi) ([source](https://redirect.github.com/pulumi/pulumi/tree/HEAD/sdk/nodejs)) | dependencies | minor | [`3.212.0` -> `3.219.0`](https://renovatebot.com/diffs/npm/@pulumi%2fpulumi/3.212.0/3.219.0) | | [github.com/pulumi/esc](https://redirect.github.com/pulumi/esc) | indirect | minor | `v0.20.0` -> `v0.21.0` | --- ### Release Notes <details> <summary>pulumi/pulumi (@​pulumi/pulumi)</summary> ### [`v3.219.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32190-2026-02-05) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.218.0...v3.219.0) ##### Features - \[cli] Allow setting `requiredPulumiVersion` in Pulumi.yaml [#​21627](https://redirect.github.com/pulumi/pulumi/pull/21627) - \[cli/{install,package}] Allow using private packages as local dependencies in components [#​21664](https://redirect.github.com/pulumi/pulumi/pull/21664) - \[cli/policy] Add `pulumi policy install` command [#​21652](https://redirect.github.com/pulumi/pulumi/pull/21652) - \[engine] Run analyzer calls in parallel [#​21631](https://redirect.github.com/pulumi/pulumi/pull/21631) - \[programgen/dotnet] Codegen RequirePulumiVersion for Dotnet [#​21621](https://redirect.github.com/pulumi/pulumi/pull/21621) - \[sdk/python] Add support for the `OnError` resource hook [#​21644](https://redirect.github.com/pulumi/pulumi/pull/21644) - \[sdk/python] Add support for protobuf 6 [#​21647](https://redirect.github.com/pulumi/pulumi/pull/21647) ##### Bug Fixes - \[cli] Allow positional arguments to be passed to `convert` again [#​21604](https://redirect.github.com/pulumi/pulumi/pull/21604) [#​21614](https://redirect.github.com/pulumi/pulumi/pull/21614) - \[engine] Download/install required policy packs in parallel with plugins [#​21651](https://redirect.github.com/pulumi/pulumi/pull/21651) - \[cli/package] Correctly install packages that depend on other packages for `pulumi package add` and `pulumi package get-schema`. [#​21321](https://redirect.github.com/pulumi/pulumi/pull/21321) - \[programgen/python] Fix panic when ranging over a resource output that is an array of objects [#​21679](https://redirect.github.com/pulumi/pulumi/pull/21679) - \[sdk/python] Fix issue with generic subclasses of `dynamic.Resource` [#​21670](https://redirect.github.com/pulumi/pulumi/pull/21670) ##### Miscellaneous - \[sdk/python] Relax pip version constraint [#​21639](https://redirect.github.com/pulumi/pulumi/pull/21639) ### [`v3.218.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32180-2026-01-29) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.217.1...v3.218.0) ##### Features - \[sdk/nodejs] Add support for the `OnError` resource hook ##### Bug Fixes - \[cli] Allow positional arguments to be passed to `convert` again - \[cli/install] Correctly include git forge organizations as schema namespaces when generating SDKs [#​21579](https://redirect.github.com/pulumi/pulumi/pull/21579) - \[cli/{install,package}] Correctly grab package names for Python & NodeJS [#​21577](https://redirect.github.com/pulumi/pulumi/pull/21577) ### [`v3.217.1`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32171-2026-01-27) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.217.0...v3.217.1) ##### Features - \[sdk/go] Add support for the `OnError` resource hook [#​21515](https://redirect.github.com/pulumi/pulumi/pull/21515) ##### Bug Fixes - \[cli/install] Copy files when linking to be robust to copying across file partitions [#​21549](https://redirect.github.com/pulumi/pulumi/pull/21549) - \[cli/install] Do not double install plugins with explicit parameterizations [#​21548](https://redirect.github.com/pulumi/pulumi/pull/21548) - \[cli/install] Copy files when linking instead of renaming [#​21549](https://redirect.github.com/pulumi/pulumi/pull/21549) **Full Changelog**: https://github.com/pulumi/pulumi/compare/v3.217.0...v3.217.1 ### [`v3.217.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32170-2026-01-23) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.216.0...v3.217.0) ##### Features - \[cli] Extract organization, team, and user from OIDC JWT claims during login [#​21462](https://redirect.github.com/pulumi/pulumi/pull/21462) - \[engine] Add the `OnError` resource hook to allow for custom retry policies [#​21291](https://redirect.github.com/pulumi/pulumi/pull/21291) - \[cli/engine] Add --plan up flag [#​21368](https://redirect.github.com/pulumi/pulumi/pull/21368) - \[sdk/nodejs] Add requirePulumiVersion to the Node.js SDK [#​21528](https://redirect.github.com/pulumi/pulumi/pull/21528) [#​21478](https://redirect.github.com/pulumi/pulumi/pull/21478) - \[sdk/python] Add require_pulumi_version to the Python SDK [#​21528](https://redirect.github.com/pulumi/pulumi/pull/21528) [#​21430](https://redirect.github.com/pulumi/pulumi/pull/21430) - \[sdk/go] Add CheckPulumiVersion to the Go SDK [#​21528](https://redirect.github.com/pulumi/pulumi/pull/21528) [#​21514](https://redirect.github.com/pulumi/pulumi/pull/21514) ##### Bug Fixes - \[auto/python] Implement `About` in Python automation API server [#​21479](https://redirect.github.com/pulumi/pulumi/pull/21479) - \[engine] When importing a state file that refers to the service backed secret manager, make `stack import` reconfigure it for the target stack if required [#​20966](https://redirect.github.com/pulumi/pulumi/pull/20966) - \[protobuf] Fix alias options being passed to Construct for remote components [#​21050](https://redirect.github.com/pulumi/pulumi/pull/21050) - \[sdk/nodejs] Fix issue with serialized async generators [#​21484](https://redirect.github.com/pulumi/pulumi/pull/21484) ### [`v3.216.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32160-2026-01-16) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.215.0...v3.216.0) ##### Features - \[build] Don't set PULUMI_ROOT with mise [#​21457](https://redirect.github.com/pulumi/pulumi/pull/21457) - \[cli] Default to Pulumi Cloud when using an OIDC token for login [#​21322](https://redirect.github.com/pulumi/pulumi/pull/21322) - \[engine] Add CheckPulumiVersion RPC to the engine [#​21429](https://redirect.github.com/pulumi/pulumi/pull/21429) - \[protobuf] Remove ProviderHandshakeResponse.pulumi_version_range [#​21438](https://redirect.github.com/pulumi/pulumi/pull/21438) - \[sdk/nodejs] Allow dynamic providers to return inputs from read() for accurate diffs after refresh [#​21315](https://redirect.github.com/pulumi/pulumi/pull/21315) - \[sdk/nodejs] Add support for serializing async generators [#​21410](https://redirect.github.com/pulumi/pulumi/pull/21410) - \[sdk/python] Allow dynamic providers to return inputs from read() for accurate diffs after refresh [#​21315](https://redirect.github.com/pulumi/pulumi/pull/21315) ##### Bug Fixes - \[engine] Optimize StackReference performance [#​21446](https://redirect.github.com/pulumi/pulumi/pull/21446) - \[cli/display] Fix message renderer on windows [#​21401](https://redirect.github.com/pulumi/pulumi/pull/21401) - \[sdk/nodejs] Fix RangeError in defaultErrorMessage when error objects are large [#​21409](https://redirect.github.com/pulumi/pulumi/pull/21409) ##### Miscellaneous - \[sdk/dotnet] Update dotnet to v3.97.0 ### [`v3.215.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32150-2026-01-07) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.214.1...v3.215.0) ##### Features - \[cli/plugin] Allow plugins to specify a supported version range for the CLI [#​21335](https://redirect.github.com/pulumi/pulumi/pull/21335) ##### Bug Fixes - \[cli] Filter internal properties like \__defaults from diff display [#​21359](https://redirect.github.com/pulumi/pulumi/pull/21359) - \[cli/config] Make `config set --type bool` accept different spellings of boolean values instead of only lowercase "true" [#​21314](https://redirect.github.com/pulumi/pulumi/pull/21314) - \[sdk/python] Fix import_resources with converter failing due to --stack argument placement [#​21373](https://redirect.github.com/pulumi/pulumi/pull/21373) ##### Miscellaneous - \[cli] Update pulumi-dotnet to 3.96.1 - \[cli/package] Remove superfluous version string [#​21351](https://redirect.github.com/pulumi/pulumi/pull/21351) ### [`v3.214.1`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32141-2026-01-03) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.214.0...v3.214.1) ##### Bug Fixes - \[cli/package] Preserve existing behavior when `pulumi package add` is used with a local provider [#​21350](https://redirect.github.com/pulumi/pulumi/pull/21350) - \[pkg] Create namespace aliases to avoid Pulumi namespace collisions during codegen [#​21325](https://redirect.github.com/pulumi/pulumi/pull/21325) ### [`v3.214.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32140-2025-12-30) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.213.0...v3.214.0) ##### Features - \[cli] Add --config and --config-path options to destroy and refresh [#​21299](https://redirect.github.com/pulumi/pulumi/pull/21299) - \[sdkgen] Add `OutputStyleOnly` flag to functions to not emit their plain variants [#​21198](https://redirect.github.com/pulumi/pulumi/pull/21198) - \[sdk/python] Add support for `replacement_trigger` in the Python SDK [#​20940](https://redirect.github.com/pulumi/pulumi/pull/20940) ##### Bug Fixes - \[engine] Pass ignoreChanges when issuing no-diff updates that resolve initErrors [#​21319](https://redirect.github.com/pulumi/pulumi/pull/21319) - \[programgen] Fix a bug in programgen binding to invokes from parameterized packages [#​21284](https://redirect.github.com/pulumi/pulumi/pull/21284) - \[cli/plugin] Fix plugin download URL overrides for fallback mechanism [#​21095](https://redirect.github.com/pulumi/pulumi/pull/21095) ##### Miscellaneous - \[pkg] Upgrade pulumi-java to 1.20.0 ### [`v3.213.0`](https://redirect.github.com/pulumi/pulumi/blob/HEAD/CHANGELOG.md#32130-2025-12-17) [Compare Source](https://redirect.github.com/pulumi/pulumi/compare/v3.212.0...v3.213.0) ##### Bug Fixes - \[sdkgen/go] Generate three-level nested builtin output types for Go SDK [#​21248](https://redirect.github.com/pulumi/pulumi/pull/21248) ##### Miscellaneous - \[pkg] Move plugin downloading from pkg into sdk [#​21220](https://redirect.github.com/pulumi/pulumi/pull/21220) </details> <details> <summary>pulumi/esc (github.com/pulumi/esc)</summary> ### [`v0.21.0`](https://redirect.github.com/pulumi/esc/releases/tag/v0.21.0) [Compare Source](https://redirect.github.com/pulumi/esc/compare/v0.20.0...v0.21.0) ##### Improvements - Added support for `fn::split` built-in function to split strings into arrays. [#​281](https://redirect.github.com/pulumi/esc/issues/281) - Add native support for OIDC token exchange when logging into Pulumi Cloud. Run `esc login --help` for more information. [#​607](https://redirect.github.com/pulumi/esc/pull/607) ##### Bug Fixes ##### Breaking changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Monday through Friday ( * * * * 1-5 ) (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19--> Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com> |