Skip to content

chore(release): cherry-pick v0.55.0-rc6 to release/0.55#11364

Merged
nithyatsu merged 10 commits intorelease/0.55from
DariuszPorowski/cherrypick-0.55.0-rc6
Mar 3, 2026
Merged

chore(release): cherry-pick v0.55.0-rc6 to release/0.55#11364
nithyatsu merged 10 commits intorelease/0.55from
DariuszPorowski/cherrypick-0.55.0-rc6

Conversation

@DariuszPorowski
Copy link
Member

@DariuszPorowski DariuszPorowski commented Mar 3, 2026
edited
Loading

Cherry-pick 10 commit(s) from main into release/0.55 for v0.55.0-rc6.

Each commit is replayed individually preserving original author and message.

SHA Message
ec31890 Flaky test fixes for race conditions and timing issues (#11339)
2e7a823 feat(codeowners): add on-call to manage github actions updates (#11342)
6f3a62f Add change detection to unit-tests.yaml to skip tests on doc-only changes (#11283)
e184868 Add issue investigator agent from Drasi repo (#11221)
231932b Bump the github-actions group across 1 directory with 9 updates (#11341)
0a710f8 Architecture skill with Mermaid pattern documentation (#11281)
8e26c85 allow upgrade to pass when upgrading between rcs (#11351)
d912167 chore(release): v0.55.0-rc6 (#11352)
0980cf9 Add apiextensions.k8s.io and dapr.io RBAC permissions to dynamic-rp service account (#11350)
a1059b6 Reorder docker command for accuracy (#11210)

Contributor checklist

Please verify that the PR meets the following requirements, where applicable:

  • An overview of proposed schema changes is included in a linked GitHub issue.
    • Yes
    • Not applicable
  • A design document PR is created in the design-notes repository, if new APIs are being introduced.
    • Yes
    • Not applicable
  • The design document has been reviewed and approved by Radius maintainers/approvers.
    • Yes
    • Not applicable
  • A PR for the samples repository is created, if existing samples are affected by the changes in this PR.
    • Yes
    • Not applicable
  • A PR for the documentation repository is created, if the changes in this PR affect the documentation or any user facing updates are made.
    • Yes
    • Not applicable
  • A PR for the recipes repository is created, if existing recipes are affected by the changes in this PR.
    • Yes
    • Not applicable

brooke-hamilton and others added 10 commits February 27, 2026 22:35
@brooke-hamilton
Flaky test fixes for race conditions and timing issues (#11339)
1630255 
# Description

Fix flaky tests caused by data races on `testing.T`, overly coarse poll
intervals, a race-sensitive provisioning state assertion, and in-memory
filesystem misuse in chart validation tests.

## Changes

- **Controller reconciler tests**: Replace `require.NoError` in non-test
goroutines with `panic` to avoid data races on `testing.T` when the
controller manager exits with an error. Affected files:
`deployment_reconciler_test.go`,
`deploymentresource_reconciler_test.go`,
`deploymenttemplate_reconciler_test.go`, `recipe_reconciler_test.go`,
`recipe_webhook_test.go`.
- **Poll interval reduction**: Decrease wait intervals from 1s to 200ms
across controller reconciler, flux controller, and shared test constants
to reduce overall test timing from ~ 1m30s to ~25s.
- **Proxy async test**: Replace exact `Accepted` provisioning state
check with a non-terminal state assertion, since `Updating` is also a
valid intermediate state.
- **Config check chart validation test**: Use the OS filesystem and real
temp files instead of an in-memory filesystem, fixing test failures when
the chart exists on disk but not in memory.
- Add a dedicated `make test-validate-cli` workflow step to run CLI
integration tests with race detection and its own coverage output.
- Upload both unit and CLI coverage files to Codecov so the new test run
is included in coverage reporting.
- Removing `-v` from the default unit test invocation to improve CI
reliability and reduce noisy/non-actionable output.

Notes on the reason for removing `-v`

- Our CI already uses gotestsum in package-summary mode, so per-test
verbose lines are not part of the primary signal we consume.
- In parallel test runs with direct stdout writes, verbose mode
increases output volume and interleaving, which can cause occasional
FAIL ... (unknown) reporting despite package-level success.
- I reproduced this behavior in stress runs: `go test -json -race -v`
showed missing per-test pass events for some tests, while non-verbose
runs were stable.
- JUnit reporting is unaffected: --junitfile output is still generated
and consumed by the Process Unit Test Results step.
Impact:
- Keeps package-level gotestsum output and CI pass/fail behavior intact.
- Preserves XML test artifacts (results.xml) and downstream PR
annotations.
- Reduces log noise and flake risk in the default CI path.
- Detailed per-test logs remain available for targeted debugging by
rerunning specific tests/packages with -v when needed.

## Type of change

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and does not change the functionality of
Radius (issue link optional).

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

---------

Signed-off-by: Brooke Hamilton <45323234+brooke-hamilton@users.noreply.github.com>

(cherry picked from commit ec31890)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@DariuszPorowski
feat(codeowners): add on-call to manage github actions updates (#11342)
9f28134 
# Description

This pull request updates the `.github/CODEOWNERS` file to improve and
clarify code ownership assignments, especially for configuration and
workflow files. The changes expand ownership to cover more files and
ensure the appropriate teams are notified for relevant changes.

## Type of change

<!--

Please select **one** of the following options that describes your
change and delete the others. Clearly identifying the type of change you
are making will help us review your PR faster, and is used in authoring
release notes.

If you are making a bug fix or functionality change to Radius and do not
have an associated issue link please create one now.

-->

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

<!--

Please update the following to link the associated issue. This is
required for some kinds of changes (see above).

-->

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

<!--
This checklist uses "TaskRadio" comments to make certain options
mutually exclusive.
See:
https://github.com/mheap/require-checklist-action?tab=readme-ov-file#radio-groups
For details on how this works and why it's required.
-->

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

---------

Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>

(cherry picked from commit 2e7a823)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
Add change detection to unit-tests.yaml to skip tests on doc-only cha…
4adbd02 
…nges (#11283)

`unit-tests.yaml` lacked the change detection logic already present in
the functional test workflows, causing unit tests to run unnecessarily
on PRs that only touch docs, markdown, or other unrelated files.

## Changes

- **Added `changes` job** calling the reusable
`.github/workflows/__changes.yml` workflow — same pattern used by
`functional-test-noncloud.yaml` and `functional-test-cloud.yaml`
- **Gated `unit-tests` job** on `needs.changes.outputs.only_changed !=
'true'`; the reusable workflow ensures tests still run unconditionally
on non-PR events (pushes to `main`/`release/*`)

```yaml
jobs:
  changes:
    name: Changes
    uses: ./.github/workflows/__changes.yml
    permissions:
      contents: read
      pull-requests: read

  unit-tests:
    needs: [changes]
    if: needs.changes.outputs.only_changed != 'true'
    ...
```

## Type of change

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

## Contributor checklist

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

<!-- START COPILOT ORIGINAL PROMPT -->



<details>

<summary>Original prompt</summary>

> 
> ----
> 
> *This section details on the original issue you should resolve*
> 
> <issue_title>Add change detection logic to 'unit-tests.yaml' workflow
to skip unit tests when unaffected</issue_title>
> <issue_description>### Area for Improvement
> 
> The 'unit-tests.yaml' workflow does not have logic to detect when code
changes do not affect unit tests. Currently, unit tests always run even
if the files changed in a PR do not require those tests.
> 
> ### Observed behavior
> 
> Functional test workflows (noncloud and cloud) use a change detection
mechanism to skip running tests if only docs, markdown, or unrelated
files are changed. The unit test workflow is missing this, leading to
unnecessary test runs.
> 
> ### Desired behavior
> 
> Implement the same change detection logic in 'unit-tests.yaml' as seen
in 'functional-test-cloud.yaml' and 'functional-test-noncloud.yaml'. The
unit tests should only run on PRs if at least one changed file falls
outside the excluded patterns (documentation, markdown, etc.), or
otherwise be skipped.
> 
> ### Proposed Fix
> 
> 1. Review the change detection logic used in functional tests:
> - Both 'functional-test-noncloud.yaml' and
'functional-test-cloud.yaml' call the '.github/workflows/__changes.yml'
reusable workflow for change detection. See:
> -
[functional-test-noncloud.yaml](https://github.com/radius-project/radius/blob/main/.github/workflows/functional-test-noncloud.yaml)
> -
[functional-test-cloud.yaml](https://github.com/radius-project/radius/blob/main/.github/workflows/functional-test-cloud.yaml)
> -
[__changes.yml](https://github.com/radius-project/radius/blob/main/.github/workflows/__changes.yml)
> - These workflows use the output 'only_changed' from the reusable
'changes' job to conditionally execute tests.
> 2. Apply the same pattern to 'unit-tests.yaml':
> - Add a job to call '.github/workflows/__changes.yml' for change
detection.
> - Use the output (e.g., needs.changes.outputs.only_changed) to
conditionally run or skip the unit tests job.
> - Ensure patterns match those for functional tests (docs, markdown,
etc.).
> 3. Confirm the workflow handles PRs, pushes, and other triggers as
needed.
> 
> Links to reference logic:
> -
[functional-test-noncloud.yaml](https://github.com/radius-project/radius/blob/main/.github/workflows/functional-test-noncloud.yaml)
> -
[functional-test-cloud.yaml](https://github.com/radius-project/radius/blob/main/.github/workflows/functional-test-cloud.yaml)
> -
[__changes.yml](https://github.com/radius-project/radius/blob/main/.github/workflows/__changes.yml)
> 
> ### rad Version
> 
> edge
> 
> ### Operating system
> 
> _No response_
> 
> ### Additional context
> 
> _No response_</issue_description>
> 
> ## Comments on the Issue (you are @copilot in this section)
> 
> <comments>
> </comments>
> 


</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

- Fixes #11282

<!-- START COPILOT CODING AGENT TIPS -->
---

💡 You can make Copilot smarter by setting up custom instructions,
customizing its development environment and configuring Model Context
Protocol (MCP) servers. Learn more [Copilot coding agent
tips](https://gh.io/copilot-coding-agent-tips) in the docs.

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: brooke-hamilton <45323234+brooke-hamilton@users.noreply.github.com>
Co-authored-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>

(cherry picked from commit 6f3a62f)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@nicolejms
Add issue investigator agent from Drasi repo (#11221)
a7936ba 
# Description

Adding an agent file used by the Drasi team to investigate issues and
report findings.

## Type of change

<!--

Please select **one** of the following options that describes your
change and delete the others. Clearly identifying the type of change you
are making will help us review your PR faster, and is used in authoring
release notes.

If you are making a bug fix or functionality change to Radius and do not
have an associated issue link please create one now.

-->
- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

<!--

Please update the following to link the associated issue. This is
required for some kinds of changes (see above).

-->

Fixes: none

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

<!--
This checklist uses "TaskRadio" comments to make certain options
mutually exclusive.
See:
https://github.com/mheap/require-checklist-action?tab=readme-ov-file#radio-groups
For details on how this works and why it's required.
-->

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

---------

Signed-off-by: Nicole James <101607760+nicolejms@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: aeroNJneer <nicolejames96@hotmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>

(cherry picked from commit e184868)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@dependabot
Bump the github-actions group across 1 directory with 9 updates (#11341)
affdeb5 
Bumps the github-actions group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `47.0.2` | `47.0.4` |
| [actions/setup-go](https://github.com/actions/setup-go) | `6.2.0` |
`6.3.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `6.0.0` | `7.0.0` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| `7.0.0` | `8.0.0` |
| [actions/stale](https://github.com/actions/stale) | `10.1.1` |
`10.2.0` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`4.32.2` | `4.32.4` |
| [securego/gosec](https://github.com/securego/gosec) | `2.23.0` |
`2.24.0` |
|
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
| `4.8.2` | `4.8.3` |
| [mikefarah/yq](https://github.com/mikefarah/yq) | `4.52.2` | `4.52.4`
|


Updates `tj-actions/changed-files` from 47.0.2 to 47.0.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's
releases</a>.</em></p>
<blockquote>
<h2>v47.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>update: release-tagger action to version 6.0.6 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2801">tj-actions/changed-files#2801</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4</a></p>
<h2>v47.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2790">tj-actions/changed-files#2790</a></li>
<li>update: release-tagger action to version 6.0.0 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2800">tj-actions/changed-files#2800</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">47.0.4</a>
- (2026-02-17)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Release-tagger action to version 6.0.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a">7dee1b0</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">47.0.3</a>
- (2026-02-17)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Release-tagger action to version 6.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6">28b28f6</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump github/codeql-action from 4.31.10 to
4.32.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d">875e6e5</a>)
- (dependabot[bot])</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.1...v47.0.2">47.0.2</a>
- (2026-02-09)</h1>
<h2><!-- raw HTML omitted -->🚀 Features</h2>
<ul>
<li>Add support for excluding symlinks and fix bug with commit not found
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2770">#2770</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8c4da285a3cb8b621b4a5cc251d6282b4b0a67a5">8c4da28</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2>
<ul>
<li>Update test.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2781">#2781</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/caee9d94cec72c6797349cc07842c787d2cc9f74">caee9d9</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2771">#2771</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/7d5bbf4e8d5c63a42c94e1c1bff2394247117e96">7d5bbf4</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2768">#2768</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/b3bb1f875362fa8c43662ad2fe58e3649eef37ac">b3bb1f8</a>)
- (github-actions[bot])</p>
<ul>
<li>Update README.md (<a
href="https://github.com/tj-actions/changed-files/commit/c6a5847dac4514198bf58e6181f70e2e83e8c49a">c6a5847</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump actions/setup-node from 6.1.0 to 6.2.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2766">#2766</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8cba46e29c11878d930bca7870bb54394d3e8b21">8cba46e</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
25.0.0 to 25.2.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2793">#2793</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/925972f627ac3ba50ec787d29479d19d5fd76899">925972f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump <code>@​stdlib/utils-convert-path</code>
from 0.2.2 to 0.2.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2795">#2795</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/a98754bb6adb8a47a1fc3d33dc1c465efdbb5ff8">a98754b</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/checkout from 6.0.1 to 6.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2777">#2777</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/9c13e73478ad1bfebb10d95fdbaa6e62f519ddf8">9c13e73</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/lodash</code> from
4.17.21 to 4.17.23 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2759">#2759</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/16d791cc10d1511516254b9487f4f3b5e2b7c7fe">16d791c</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-jest from 29.11.0 to
29.12.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2756">#2756</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8e056dec7d4b91f5a0f30055750dd52cad27f8c2">8e056de</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 4.31.7 to
4.31.10 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2761">#2761</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/078e2bcd1ef8f09b23d21604c2a9e3c26173126d">078e2bc</a>)
- (dependabot[bot])</li>
<li>Update matrix-example.yml (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2752">#2752</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/2f2f6cf099167fa7d7c6aba8fc0421327e181a5a">2f2f6cf</a>)
- (Tonye Jack)</li>
<li>Update dist (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2769">#2769</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/8262acc55927280c6067c697c63355e0fed93fe3">8262acc</a>)
- (Tonye Jack)</li>
<li><strong>deps:</strong> Bump <code>@​actions/core</code> from 2.0.0
to 2.0.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2757">#2757</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/daf9d2d49788d229faa7bd34252ab8ded7f087f3">daf9d2d</a>)
- (dependabot[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a"><code>7dee1b0</code></a>
update: release-tagger action to version 6.0.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6"><code>28b28f6</code></a>
update: release-tagger action to version 6.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d"><code>875e6e5</code></a>
chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>)</li>
<li>See full diff in <a
href="https://github.com/tj-actions/changed-files/compare/8cba46e29c11878d930bca7870bb54394d3e8b21...7dee1b0c1557f278e5c7dc244927139d78c0e22a">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-go` from 6.2.0 to 6.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update default Go module caching to use go.mod by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/705">actions/setup-go#705</a></li>
<li>Fix golang download url to go.dev by <a
href="https://github.com/178inaba"><code>@​178inaba</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/469">actions/setup-go#469</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v6...v6.3.0">https://github.com/actions/setup-go/compare/v6...v6.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-go/commit/4b73464bb391d4059bd26b0524d20df3927bd417"><code>4b73464</code></a>
Fix golang download url to go.dev (<a
href="https://redirect.github.com/actions/setup-go/issues/469">#469</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/a5f9b05d2d216f63e13859e0d847461041025775"><code>a5f9b05</code></a>
Update default Go module caching to use go.mod (<a
href="https://redirect.github.com/actions/setup-go/issues/705">#705</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-go/compare/7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5...4b73464bb391d4059bd26b0524d20df3927bd417">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 6.0.0 to 7.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>v7 What's new</h2>
<h3>Direct Uploads</h3>
<p>Adds support for uploading single files directly (unzipped). Callers
can set the new <code>archive</code> parameter to <code>false</code> to
skip zipping the file during upload. Right now, we only support single
files. The action will fail if the glob passed resolves to multiple
files. The <code>name</code> parameter is also ignored with this
setting. Instead, the name of the artifact will be the name of the
uploaded file.</p>
<h3>ESM</h3>
<p>To support new versions of the <code>@actions/*</code> packages,
we've upgraded the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Add proxy integration test by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
<li>Upgrade the module to ESM and bump dependencies by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li>
<li>Support direct file uploads by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link"><code>@​Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a>
Support direct file uploads (<a
href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a>
Upgrade the module to ESM and bump dependencies (<a
href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a>
from actions/Link-/add-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a>
Add proxy integration test</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/download-artifact` from 7.0.0 to 8.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2>v8 - What's new</h2>
<h3>Direct downloads</h3>
<p>To support direct uploads in <code>actions/upload-artifact</code>,
the action will no longer attempt to unzip all downloaded files.
Instead, the action checks the <code>Content-Type</code> header ahead of
unzipping and skips non-zipped files. Callers wishing to download a
zipped file as-is can also set the new <code>skip-decompress</code>
parameter to <code>false</code>.</p>
<h3>Enforced checks (breaking)</h3>
<p>A previous release introduced digest checks on the download. If a
download hash didn't match the expected hash from the server, the action
would log a warning. Callers can now configure the behavior on mismatch
with the <code>digest-mismatch</code> parameter. To be secure by
default, we are now defaulting the behavior to <code>error</code> which
will fail the workflow run.</p>
<h3>ESM</h3>
<p>To support new versions of the @actions/* packages, we've upgraded
the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Don't attempt to un-zip non-zipped downloads by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/460">actions/download-artifact#460</a></li>
<li>Add a setting to specify what to do on hash mismatch and default it
to <code>error</code> by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/461">actions/download-artifact#461</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v7...v8.0.0">https://github.com/actions/download-artifact/compare/v7...v8.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3"><code>70fc10c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/461">#461</a>
from actions/danwkennedy/digest-mismatch-behavior</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62"><code>f258da9</code></a>
Add change docs</li>
<li><a
href="https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c"><code>ccc058e</code></a>
Fix linting issues</li>
<li><a
href="https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd"><code>bd7976b</code></a>
Add a setting to specify what to do on hash mismatch and default it to
<code>error</code></li>
<li><a
href="https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c"><code>ac21fcf</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/460">#460</a>
from actions/danwkennedy/download-no-unzip</li>
<li><a
href="https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0"><code>15999bf</code></a>
Add note about package bumps</li>
<li><a
href="https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561"><code>974686e</code></a>
Bump the version to <code>v8</code> and add release notes</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75"><code>fbe48b1</code></a>
Update test names to make it clearer what they do</li>
<li><a
href="https://github.com/actions/download-artifact/commit/96bf374a614d4360e225874c3efd6893a3f285e7"><code>96bf374</code></a>
One more test fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/b8c4819ef592cbe04fd93534534b38f853864332"><code>b8c4819</code></a>
Fix skip decompress test</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/stale` from 10.1.1 to 10.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/stale/releases">actions/stale's
releases</a>.</em></p>
<blockquote>
<h2>v10.2.0</h2>
<h2>What's Changed</h2>
<h3>Bug Fix</h3>
<ul>
<li>Fix checking state cache (fix <a
href="https://redirect.github.com/actions/stale/issues/1136">#1136</a>)
and switch to Octokit helper methods by <a
href="https://github.com/itchyny"><code>@​itchyny</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1152">actions/stale#1152</a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Upgrade js-yaml from 4.1.0 to 4.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1304">actions/stale#1304</a></li>
<li>Upgrade lodash from 4.17.21 to 4.17.23 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1313">actions/stale#1313</a></li>
<li>Upgrade actions/cache from 4.0.3 to 5.0.2 and actions/github from
5.1.1 to 7.0.0 by <a
href="https://github.com/chiranjib-swain"><code>@​chiranjib-swain</code></a>
in <a
href="https://redirect.github.com/actions/stale/pull/1312">actions/stale#1312</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/itchyny"><code>@​itchyny</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1152">actions/stale#1152</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/stale/compare/v10...v10.2.0">https://github.com/actions/stale/compare/v10...v10.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/stale/commit/b5d41d4e1d5dceea10e7104786b73624c18a190f"><code>b5d41d4</code></a>
build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (<a
href="https://redirect.github.com/actions/stale/issues/1313">#1313</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/dcd2b9469d2220b7e8d08aedc00c105d277fd46b"><code>dcd2b94</code></a>
Fix punycode and url.parse Deprecation Warnings (<a
href="https://redirect.github.com/actions/stale/issues/1312">#1312</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/d6f8a33132340b15a7006f552936e4b9b39c00ec"><code>d6f8a33</code></a>
build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/actions/stale/issues/1304">#1304</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/a21a0816299b11691f9592ef0d63d08e02f06d9d"><code>a21a081</code></a>
Fix checking state cache (fix <a
href="https://redirect.github.com/actions/stale/issues/1136">#1136</a>),
also switch to octokit methods (<a
href="https://redirect.github.com/actions/stale/issues/1152">#1152</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/stale/compare/997185467fa4f803885201cee163a9f38240193d...b5d41d4e1d5dceea10e7104786b73624c18a190f">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 4.32.2 to 4.32.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.32.4</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>v4.32.3</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.32.4 - 20 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>4.32.3 - 13 Feb 2026</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
<h2>4.32.2 - 05 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1">2.24.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3460">#3460</a></li>
</ul>
<h2>4.32.1 - 02 Feb 2026</h2>
<ul>
<li>A warning is now shown in Default Setup workflow logs if a <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registry is configured</a> using a GitHub Personal Access Token
(PAT), but no username is configured. <a
href="https://redirect.github.com/github/codeql-action/pull/3422">#3422</a></li>
<li>Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. <a
href="https://redirect.github.com/github/codeql-action/pull/3421">#3421</a></li>
</ul>
<h2>4.32.0 - 26 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>4.31.11 - 23 Jan 2026</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<h2>4.31.9 - 16 Dec 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.8 - 11 Dec 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/89a39a4e59826350b863aa6b6252a07ad50cf83e"><code>89a39a4</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3494">#3494</a>
from github/update-v4.32.4-39ba80c47</li>
<li><a
href="https://github.com/github/codeql-action/commit/e5d84c885c00d506f7816d26a298534dbbffac6d"><code>e5d84c8</code></a>
Apply remaining review suggestions</li>
<li><a
href="https://github.com/github/codeql-action/commit/0c202097b5de484e2a3725d4467f9cb7e3107881"><code>0c20209</code></a>
Apply suggestions from code review</li>
<li><a
href="https://github.com/github/codeql-action/commit/314172e5a1e1691ba4ad232b3d0230ceaf3d9239"><code>314172e</code></a>
Fix typo</li>
<li><a
href="https://github.com/github/codeql-action/commit/cdda72d36b93310932b0afe1784acd0209d190dd"><code>cdda72d</code></a>
Add changelog entries</li>
<li><a
href="https://github.com/github/codeql-action/commit/cfda84cc5509282e2adc1570c3cf29c3167ae87f"><code>cfda84c</code></a>
Update changelog for v4.32.4</li>
<li><a
href="https://github.com/github/codeql-action/commit/39ba80c47550c834104c0f222b502461ac312c29"><code>39ba80c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3493">#3493</a>
from github/update-bundle/codeql-bundle-v2.24.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/00150dad957fc9c1cba52bdab82e458ae5c09fe5"><code>00150da</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/d97dce6561ae3dd4e4db9bfa95479f7572bd7566"><code>d97dce6</code></a>
Update default bundle to codeql-bundle-v2.24.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/50fdbb9ec845c41d6d3509d794e3a28af7032c59"><code>50fdbb9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3492">#3492</a>
from github/henrymercer/new-repository-properties-ff</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2...89a39a4e59826350b863aa6b6252a07ad50cf83e">compare
view</a></li>
</ul>
</details>
<br />

Updates `securego/gosec` from 2.23.0 to 2.24.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/securego/gosec/releases">securego/gosec's
releases</a>.</em></p>
<blockquote>
<h2>v2.24.0</h2>
<h2>Changelog</h2>
<ul>
<li>271492bcd930ef72dfb9d00e5bb9544b3b407fb5 fix: G704 false positive on
const URL (<a
href="https://redirect.github.com/securego/gosec/issues/1551">#1551</a>)</li>
<li>1341aeadb4c334014c4834c745344edb9dcf85b0 fix(G705): eliminate false
positive for non-HTTP io.Writer (<a
href="https://redirect.github.com/securego/gosec/issues/1550">#1550</a>)</li>
<li>f2262c88ffdfc9eb7be8444db19caa17cc71810f G120: avoid false positive
when MaxBytesReader is applied in middleware (<a
href="https://redirect.github.com/securego/gosec/issues/1547">#1547</a>)</li>
<li>5b580c76e4714fa553b2ceb8169a071e45bf6428 Fix G602 regression
coverage for issue <a
href="https://redirect.github.com/securego/gosec/issues/1545">#1545</a>
and stabilize G117 TOML test dependency (<a
href="https://redirect.github.com/securego/gosec/issues/1546">#1546</a>)</li>
<li>eba2d1582b13e37d5b6c991b643827bc60e58156 taint: skip
<code>context.Context</code> arguments during taint propagation to fix
false positives (<a
href="https://redirect.github.com/securego/gosec/issues/1543">#1543</a>)</li>
<li>a6381c1e2fe9a9a33ef105c76bea3191402ea4b3 test: add missing rules to
formatter report tests (<a
href="https://redirect.github.com/securego/gosec/issues/1540">#1540</a>)</li>
<li>fea9725934065d3dd5c96352f89f75d117ac12f6 chore(deps): update all
dependencies (<a
href="https://redirect.github.com/securego/gosec/issues/1541">#1541</a>)</li>
<li>f3e2fac4d58b7eca54307cd40ce2a836a12e4d95 Regenrate the TLS config
rule (<a
href="https://redirect.github.com/securego/gosec/issues/1539">#1539</a>)</li>
<li>200461fcf74ed836305bf95f72568c20925730c5 Improve documentation (<a
href="https://redirect.github.com/securego/gosec/issues/1538">#1538</a>)</li>
<li>078a62afc3331206fec1cd9a03637983ec4f9fc8 Expand analyzer-core test
coverage for orchestration, go/analysis adapter logic, and taint
integration (<a
href="https://redirect.github.com/securego/gosec/issues/1537">#1537</a>)</li>
<li>ffdc6205c82278cee0b62923814141923794219e Add unit tests for CLI
orchestration, TLS config generation, and SSA cache behavior (<a
href="https://redirect.github.com/securego/gosec/issues/1536">#1536</a>)</li>
<li>c13a48626bc160ef1caa293679044b5667d4d8ef Add G707 taint analyzer for
SMTP command/header injection (<a
href="https://redirect.github.com/securego/gosec/issues/1535">#1535</a>)</li>
<li>f61ed314c2467116ec3a5126150cb2b29a623406 Add G123 analyzer for
tls.VerifyPeerCertificate resumption bypass risk (<a
href="https://redirect.github.com/securego/gosec/issues/1534">#1534</a>)</li>
<li>b568aa1445e110ed12abe5c2433b3cfbcd0a5935 Add G122 SSA analyzer for
filepath.Walk/WalkDir symlink TOCTOU race risks (<a
href="https://redirect.github.com/securego/gosec/issues/1532">#1532</a>)</li>
<li>1735e5a9acd155702b8c6137d323df886c0252b5 fix(G602): avoid false
positives for range-over-array indexing (<a
href="https://redirect.github.com/securego/gosec/issues/1531">#1531</a>)</li>
<li>caf93d07f10ef7d07006011b17f1d9bd218b5a9d Improve taint analyzer
performance with shared SSA cache, parallel analyzer execution, and CI
regression guard (<a
href="https://redirect.github.com/securego/gosec/issues/1530">#1530</a>)</li>
<li>bd11fbe2bacb0abf1e541df8b6ec6b040bbe2723 fix: taint analysis false
positives with G703,G705 (<a
href="https://redirect.github.com/securego/gosec/issues/1522">#1522</a>)</li>
<li>e34e8dd8e880694cfa801d79977e2d9973df3fa1 Extend the G117 rule to
cover other types of serialization such as yaml/xml/toml (<a
href="https://redirect.github.com/securego/gosec/issues/1529">#1529</a>)</li>
<li>b940702d5e385d1a68def10326b1658e780655fe Fix the G117 rule to take
the JSON serialization into account (<a
href="https://redirect.github.com/securego/gosec/issues/1528">#1528</a>)</li>
<li>4f846273804abaf7e040f77b26bf2866336e8af9 (docs) fix justification
format (<a
href="https://redirect.github.com/securego/gosec/issues/1524">#1524</a>)</li>
<li>36ba72bb7f91306f5210a821f409696c03dcbf2b Add G121 analyzer for
unsafe CORS bypass patterns in CrossOriginProtection (<a
href="https://redirect.github.com/securego/gosec/issues/1521">#1521</a>)</li>
<li>238f9823256b1c4a6d7b0ccd7fa0f2ce1123c820 Add G120 SSA analyzer for
unbounded form parsing in HTTP handlers (<a
href="https://redirect.github.com/securego/gosec/issues/1520">#1520</a>)</li>
<li>89cde277b5e2b4a5dc47eb710911c51a0cb33b63 Add G119 analyzer for
unsafe redirect header propagation in CheckRedirect callbacks (<a
href="https://redirect.github.com/securego/gosec/issues/1519">#1519</a>)</li>
<li>14fdd9cb07c02ab1506fcc336f49c84bf27a5c2d Fix G115 false positives
and negatives (Issue <a
href="https://redirect.github.com/securego/gosec/issues/1501">#1501</a>)
(<a
href="https://redirect.github.com/securego/gosec/issues/1518">#1518</a>)</li>
<li>cec54ec685eda3083e2ab1adf72b6b7ec6cfdb6e chore(deps): update all
dependencies (<a
href="https://redirect.github.com/securego/gosec/issues/1517">#1517</a>)</li>
<li>2b2077e921b56c7ce6545cccceea0556ff8d5d91 Add G118 SSA analyzer for
context propagation failures that can cause goroutine/resource leaks (<a
href="https://redirect.github.com/securego/gosec/issues/1516">#1516</a>)</li>
<li>a7666f3c70c94d07dfb03e81613fed34bccc89ae Add G113: Detect HTTP
Request Smuggling via conflicting headers (CVE-2025-22891, CWE-444) (<a
href="https://redirect.github.com/securego/gosec/issues/1515">#1515</a>)</li>
<li>47f8b52fb8700c7ba017ffcc0ea6a32c83e33115 Add G408: SSH
PublicKeyCallback Authentication Bypass Analyzer (<a
href="https://redirect.github.com/securego/gosec/issues/1513">#1513</a>)</li>
<li>4f1f362671654660f7145c3c8655ffeaed037d55 Add more unit tests to
improve coverage (<a
href="https://redirect.github.com/securego/gosec/issues/1512">#1512</a>)</li>
<li>9344582ee4bd87b8fa5bc2e483d90fa661f8aa71 Improve test coverage in
various areas (<a
href="https://redirect.github.com/securego/gosec/issues/1511">#1511</a>)</li>
<li>8d1b2c63ae44e315fb0232813e535891ff0568fc Imprve the test coverage
(<a
href="https://redirect.github.com/securego/gosec/issues/1510">#1510</a>)</li>
<li>993c1c4da2d4426f7567591e23f53ee9f613d07c Fix incorrect detection of
fixed iv in G407 (<a
href="https://redirect.github.com/securego/gosec/issues/1509">#1509</a>)</li>
<li>8668b748925d8995cf7712d22bde62cbc96f2304 Add support for go 1.26.x
and removed support for go 1.24.x (<a
href="https://redirect.github.com/securego/gosec/issues/1508">#1508</a>)</li>
<li>514225c8cb01a6bab714db1dd557aeb0d7ab9dc9 Fix the sonar report to
follow the latest schema (<a
href="https://redirect.github.com/securego/gosec/issues/1507">#1507</a>)</li>
<li>000384e510a84a1e2a1118e0fbc56518d290113d fix: broken taint analysis
causing false positives (<a
href="https://redirect.github.com/securego/gosec/issues/1506">#1506</a>)</li>
<li>616192c9d92792998e2ff38530c080cd0fe293a8 fix: panic on float
constants in overflow analyzer (<a
href="https://redirect.github.com/securego/gosec/issues/1505">#1505</a>)</li>
<li>79956a3b4cdedc9a4cde5f567c57fc8b367448cf fix: panic when scanning
multi-module repos from root (<a
href="https://redirect.github.com/securego/gosec/issues/1504">#1504</a>)</li>
<li>5736e8b88b6ca97fc7e09ef1bf24b205ab35fd9c fix: G602 false positive
for array element access (<a
href="https://redirect.github.com/securego/gosec/issues/1499">#1499</a>)</li>
<li>1b7e1e94bc2077fc1adccfc1358399fad2958d5a Update gosec to version
v2.23.0 in the Github action (<a
href="https://redirect.github.com/securego/gosec/issues/1496">#1496</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/securego/gosec/commit/271492bcd930ef72dfb9d00e5bb9544b3b407fb5"><code>271492b</code></a>
fix: G704 false positive on const URL (<a
href="https://redirect.github.com/securego/gosec/issues/1551">#1551</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/1341aeadb4c334014c4834c745344edb9dcf85b0"><code>1341aea</code></a>
fix(G705): eliminate false positive for non-HTTP io.Writer (<a
href="https://redirect.github.com/securego/gosec/issues/1550">#1550</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/f2262c88ffdfc9eb7be8444db19caa17cc71810f"><code>f2262c8</code></a>
G120: avoid false positive when MaxBytesReader is applied in middleware
(<a
href="https://redirect.github.com/securego/gosec/issues/1547">#1547</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/5b580c76e4714fa553b2ceb8169a071e45bf6428"><code>5b580c7</code></a>
Fix G602 regression coverage for issue <a
href="https://redirect.github.com/securego/gosec/issues/1545">#1545</a>
and stabilize G117 TOML test dep...</li>
<li><a
href="https://github.com/securego/gosec/commit/eba2d1582b13e37d5b6c991b643827bc60e58156"><code>eba2d15</code></a>
taint: skip <code>context.Context</code> arguments during taint
propagation to fix false...</li>
<li><a
href="https://github.com/securego/gosec/commit/a6381c1e2fe9a9a33ef105c76bea3191402ea4b3"><code>a6381c1</code></a>
test: add missing rules to formatter report tests (<a
href="https://redirect.github.com/securego/gosec/issues/1540">#1540</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/fea9725934065d3dd5c96352f89f75d117ac12f6"><code>fea9725</code></a>
chore(deps): update all dependencies (<a
href="https://redirect.github.com/securego/gosec/issues/1541">#1541</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/f3e2fac4d58b7eca54307cd40ce2a836a12e4d95"><code>f3e2fac</code></a>
Regenrate the TLS config rule (<a
href="https://redirect.github.com/securego/gosec/issues/1539">#1539</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/200461fcf74ed836305bf95f72568c20925730c5"><code>200461f</code></a>
Improve documentation (<a
href="https://redirect.github.com/securego/gosec/issues/1538">#1538</a>)</li>
<li><a
href="https://github.com/securego/gosec/commit/078a62afc3331206fec1cd9a03637983ec4f9fc8"><code>078a62a</code></a>
Expand analyzer-core test coverage for orchestration, go/analysis
adapter log...</li>
<li>Additional commits viewable in <a
href="https://github.com/securego/gosec/compare/398ad549bbf1a51dc978fd966169f660c59774de...271492bcd930ef72dfb9d00e5bb9544b3b407fb5">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/dependency-review-action` from 4.8.2 to 4.8.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>4.8.3</h2>
<h2>Dependency Review Action v4.8.3</h2>
<p>This is a bugfix release that updates a number of upstream
dependencies and includes a fix for the earlier feature that detected
oversized summaries and upload them as artifacts, which could
occasionally crash the action.</p>
<p>We have also updated the release process to use a long-lived
<code>v4</code> <strong>branch</strong> for the action, instead of a
force-pushed tag, which aligns better with git branching strategies; the
change should be transparent to end users.</p>
<h2>What's Changed</h2>
<ul>
<li>GitHub Actions can't push to our protected main by <a
href="https://github.com/dangoor"><code>@​dangoor</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1017">actions/dependency-review-action#1017</a></li>
<li>Bump actions/stale from 9.1.0 to 10.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/995">actions/dependency-review-action#995</a></li>
<li>Bump github/codeql-action from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1003">actions/dependency-review-action#1003</a></li>
<li>Bump actions/setup-node from 4 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1005">actions/dependency-review-action#1005</a></li>
<li>Upgrade glob to address a vulnerability by <a
href="https://github.com/brrygrdn"><code>@​brrygrdn</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1024">actions/dependency-review-action#1024</a></li>
<li>Bump js-yaml by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1020">actions/dependency-review-action#1020</a></li>
<li>Addressing vulnerabilities by <a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1036">actions/dependency-review-action#1036</a></li>
<li>Bump fast-xml-parser from 5.3.3 to 5.3.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1050">actions/dependency-review-action#1050</a></li>
<li>Bump fast-xml-parser from 5.3.5 to 5.3.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1053">actions/dependency-review-action#1053</a></li>
<li>Properly truncate long summaries and catch errors by <a
href="https://github.com/juxtin"><code>@​juxtin</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1052">actions/dependency-review-action#1052</a></li>
<li>Bump spdx-expression-parse from 3.0.1 to 4.0.0 in the spdx-licenses
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/931">actions/dependency-review-action#931</a></li>
<li>Changes for Release 4.8.3 by <a
href="https://github.com/ahpook"><code>@​ahpook</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1054">actions/dependency-review-action#1054</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3">https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/05fe4576374b728f0c523d6a13d64c25081e0803"><code>05fe457</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1054">#1054</a>
from actions/ahpook/release-4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/3a8496cb71ebae2e228d1c4a47974cdc724cf07d"><code>3a8496c</code></a>
Update generated package files for v4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/0f22a0159293e2496eef4ce36c3b7b3b31081f7d"><code>0f22a01</code></a>
Update CONTRIBUTING for new release process</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/58be34364db3f04dc3de8db0417b5d18451a4fdf"><code>58be343</code></a>
Updating package versions for 4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/9284e0c621cb66311d82087d9ea1f539e40da6eb"><code>9284e0c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/931">#931</a>
from actions/dependabot/npm_and_yarn/spdx-licenses-20...</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/8b766562f01731bcb0f65222324f2152d142a19a"><code>8b76656</code></a>
Bump spdx-expression-parse in the spdx-licenses group across 1
directory</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/43f5f029f51af9c859564cae942f58ea63a22100"><code>43f5f02</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1052">#1052</a>
from actions/juxtin/fix-long-summaries</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/f0033fc4d6972851b5170177d58a8da79811a797"><code>f0033fc</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1053">#1053</a>
from actions/dependabot/npm_and_yarn/fast-xml-parser...</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/b379e2e05ffa2e429ca97047d4c2738a0039425e"><code>b379e2e</code></a>
Bump fast-xml-parser from 5.3.5 to 5.3.6</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/2e1cf54a500fb2037239e92489ed0bad323c8c68"><code>2e1cf54</code></a>
Properly truncate long summaries and catch errors</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...05fe4576374b728f0c523d6a13d64c25081e0803">compare
view</a></li>
</ul>
</details>
<br />

Updates `mikefarah/yq` from 4.52.2 to 4.52.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mikefarah/yq/releases">mikefarah/yq's
releases</a>.</em></p>
<blockquote>
<h2>v4.52.4</h2>
<ul>
<li>Dropping windows/arm - no longer supported in cross-compile</li>
<li>Fixing comments in TOML arrays (<a
href="https://redirect.github.com/mikefarah/yq/issues/2592">#2592</a>)</li>
<li>Bumped dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mikefarah/yq/blob/master/release_notes.txt">mikefarah/yq's
changelog</a>.</em></p>
<blockquote>
<p>4.52.4:</p>
<ul>
<li>Dropping windows/arm - no longer supported in cross-compile</li>
</ul>
<p>4.52.3:</p>
<ul>
<li>Fixing comments in TOML arrays (<a
href="https://redirect.github.com/mikefarah/yq/issues/2592">#2592</a>)</li>
<li>Bumped dependencies</li>
</ul>
<p>4.52.2:</p>
<ul>
<li>Fixed bad instructions file breaking go-install (<a
href="https://redirect.github.com/mikefarah/yq/issues/2587">#2587</a>)
Thanks <a
href="https://github.com/theyoprst"><code>@​theyoprst</code></a></li>
<li>Fixed TOML table scope after comments (<a
href="https://redirect.github.com/mikefarah/yq/issues/2588">#2588</a>)
Thanks <a
href="https://github.com/tomers"><code>@​tomers</code></a></li>
<li>Multiply uses a readonly context (<a
href="https://redirect.github.com/mikefarah/yq/issues/2558">#2558</a>)</li>
<li>Fixed merge globbing wildcards in keys (<a
href="https://redirect.github.com/mikefarah/yq/issues/2564">#2564</a>)</li>
<li>Fixing TOML subarray parsing issue (<a
href="https://redirect.github.com/mikefarah/yq/issues/2581">#2581</a>)</li>
</ul>
<p>4.52.1:</p>
<ul>
<li>
<p>TOML encoder support - you can now roundtrip! <a
href="https://redirect.github.com/mikefarah/yq/issues/1364">#1364</a></p>
</li>
<li>
<p>Parent now supports negative indices, and added a 'root' command for
referencing the top level document</p>
</li>
<li>
<p>Fixed scalar encoding for HCL</p>
</li>
<li>
<p>Add --yaml-compact-seq-indent / -c flag for compact sequence
indentation (<a
href="https://redirect.github.com/mikefarah/yq/issues/2583">#2583</a>)
Thanks <a href="https://github.com/jfenal"><code>@​jfenal</code></a></p>
</li>
<li>
<p>Add symlink check to file rename util (<a
href="https://redirect.github.com/mikefarah/yq/issues/2576">#2576</a>)
Thanks <a
href="https://github.com/Elias-elastisys"><code>@​Elias-elastisys</code></a></p>
</li>
<li>
<p>Powershell fixed default command used for __completeNoDesc alias (<a
href="https://redirect.github.com/mikefarah/yq/issues/2568">#2568</a>)
Thanks <a
href="https://github.com/teejaded"><code>@​teejaded</code></a></p>
</li>
<li>
<p>Unwrap scalars in shell output mode. (<a
href="https://redirect.github.com/mikefarah/yq/issues/2548">#2548</a>)
Thanks <a
href="https://github.com/flintwinters"><code>@​flintwinters</code></a></p>
</li>
<li>
<p>Added K8S KYAML output format support (<a
href="https://redirect.github.com/mikefarah/yq/issues/2560">#2560</a>)
Thanks <a
href="https://github.com/robbat2"><code>@​robbat2</code></a></p>
</li>
<li>
<p>Bumped dependencies</p>
</li>
<li>
<p>Special shout out to <a
href="https://github.com/ccoVeille"><code>@​ccoVeille</code></a> for
reviewing my PRs!</p>
</li>
</ul>
<p>4.50.1:</p>
<ul>
<li>Added HCL support!</li>
<li>Fixing handling of CRLF <a
href="https://redirect.github.com/mikefarah/yq/issues/2352">#2352</a></li>
<li>Bumped dependencies</li>
</ul>
<p>4.49.2:</p>
<ul>
<li>Fixing escape character bugs :sweat: <a
href="https://redirect.github.com/mikefarah/yq/issues/2517">#2517</a></li>
<li>Fixing snap release pipeline <a
href="https://redirect.github.com/mikefarah/yq/issues/2518">#2518</a>
Thanks <a
href="https://github.com/aalexjo"><code>@​aalexjo</code></a></li>
</ul>
<p>4.49.1:</p>
<ul>
<li>Added <code>--security</code> flags to disable env and file ops <a
href="https://redirect.github.com/mikefarah/yq/issues/2515">#2515</a></li>
<li>Fixing TOML ArrayTable parsing issues <a
href="https://redirect.github.com/mikefarah/yq/issues/1758">#1758</a></li>
<li>Fixing parsing of escaped characters <a
href="https://redirect.github.com/mikefarah/yq/issues/2506">#2506</a></li>
</ul>
<p>4.48.2:</p>
<ul>
<li>Strip whitespace when decoding base64 <a
href="https://redirect.github.com/mikefarah/yq/issues/2507">#2507</a></li>
<li>Upgraded to go-yaml v4! (thanks <a
href="https://github.com/ccoVeille"><code>@​ccoVeille</code></a>, <a
href="https://github.com/ingydotnet"><code>@​ingydotnet</code></a>)</li>
<li>Add linux/loong64 to release target (thanks <a
href="https://github.com/znley"><code>@​znley</code></a>)</li>
<li>Added --shell-key-separator flag for customizable shell output
format <a
href="https://redirect.github.com/mikefarah/yq/issues/2497">#2497</a>
(thanks <a
href="https://github.com/rsleedbx"><code>@​rsleedbx</code></a>)</li>
<li>Bumped dependencies</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mikefarah/yq/commit/5a7e72a743649b1b3a47d1a1d8214f3453173c51"><code>5a7e72a</code></a>
Bumping version</li>
<li><a
href="https://github.com/mikefarah/yq/commit/562531d9364808982fc9dd45576dcf4dcea4ff9f"><code>562531d</code></a>
Dropping windows/arm</li>
<li><a
href="https://github.com/mikefarah/yq/commit/2c471b64984fd03a22b54c488b8a8ae10841fa55"><code>2c471b6</code></a>
Bumping version</li>
<li><a
href="https://github.com/mikefarah/yq/commit/f4ef6ef3cf29dd6086e3b0deef59473f54e283f4"><code>f4ef6ef</code></a>
Release notes</li>
<li><a
href="https://github.com/mikefarah/yq/commit/f49f2bd2d8b92b725a1f8632dfbc9598d997365e"><code>f49f2bd</code></a>
Bump golang.org/x/mod from 0.31.0 to 0.33.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2606">#2606</a>)</li>
<li><a
href="https://github.com/mikefarah/yq/commit/6ccc7b77970452f0848dc878455a9f835d7c8d1b"><code>6ccc7b7</code></a>
Bump golang.org/x/net from 0.49.0 to 0.50.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2604">#2604</a>)</li>
<li><a
href="https://github.com/mikefarah/yq/commit/b3e1fbb7d199c76f1f6eff4579382ae682ee611d"><code>b3e1fbb</code></a>
Bump golang from 1.25.6 to 1.26.0 (<a
href="https://redirect.github.com/mikefarah/yq/issues/2603">#2603</a>)</li>
<li><a
href="https://github.com/mikefarah/yq/commit/288ca2d114a6698de073528f0e4fffabb2345e54"><code>288ca2d</code></a>
Fixing comments in TOML arrays <a
href="https://redirect.github.com/mikefarah/yq/issues/2592">#2592</a>
(<a
href="https://redirect.github.com/mikefarah/yq/issues/2595">#2595</a>)</li>
<li><a
href="https://github.com/mikefarah/yq/commit/eb04fa87af9a8eeeb276884e394e280fe45cbdcd"><code>eb04fa8</code></a>
More tests</li>
<li>See full diff in <a
href="https://github.com/mikefarah/yq/compare/2be0094729a1006f61e8339ce9934bfb3cbb549f...5a7e72a743649b1b3a47d1a1d8214f3453173c51">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

(cherry picked from commit 231932bec10643da24347660a564ff2da76f91ac)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@brooke-hamilton
Architecture skill with Mermaid pattern documentation (#11281)
9a261cf 
## Description

Adds the `architecture-documenter` skill to the Radius Copilot CLI with
comprehensive Mermaid diagram patterns and examples.

The prompt used to create this skill used the `/create-skill` prompt
that is currently bundled with VS Code Insiders. Here is what that
prompt was given:

```markdown
/create-skill Create a skill in the radius project that is very good at documenting application architectures. 
- It is an expert at abstracting the application architecture and generating understandable mermaid diagrams. 
- When asked it can go much deeper into the detailed interactions. It is especially good at producing true-to-code sequence diagrams (mermaid) and component diagrams that show entity relationships.
- It can distill ccomplex code concepts into simple to understand human readable text.
- It can dive deep into existing code, especially golang, to figure out how things work.
- It can suggest archtitectural improvements that would simplify the code.
- It can answer questions about the existing architecture
```

A follow-up prompt was useful in filling out the High Level Components
section:

```markdown
validate the "High-Level Components" section. 
- Are those paths and names correct? If not, fix them.
- Are there more paths and names that should be added?
```

## Type of change

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

## Contributor checklist

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [x] Not applicable
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [x] Not applicable
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [x] Not applicable
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [x] Not applicable
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [x] Not applicable
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [x] Not applicable

## Changes

- Added arch-documenter skill with SKILL.md documentation
- Added Mermaid pattern references for architecture diagrams

---------

Signed-off-by: Brooke Hamilton <45323234+brooke-hamilton@users.noreply.github.com>

(cherry picked from commit 0a710f8)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@nithyatsu
allow upgrade to pass when upgrading between rcs (#11351)
e8fd20e 
# Description

Fixes error similar to below, where we are upgrading Radius from one rc
version to next.


https://github.com/radius-project/radius/actions/runs/22571565116/job/65380431400

Version mismatch detected. Attempting upgrade from 0.55.0-rc4 to
0.55.0-rc5...
Current Radius version: 0.55.0-rc4
Target Radius version: 0.55.0-rc5
Running pre-flight checks...
  Running Kubernetes Connectivity...
    ✓ Connected (version: v1.34.2) with sufficient permissions
  Running Helm Connectivity...
✓ Helm successfully connected to cluster and found Radius release
(version: 0.55.0-rc4), Contour installed (version: 1.32.0)
  Running Radius Installation...
✓ Radius is installed (version: 0.55.0-rc4), Contour is installed
(version: 1.32.0)
  Running Version Compatibility...
Error: ERROR] Only incremental version upgrades are supported. Expected
next version: 0.56.0
Error: preflight checks failed: pre-flight check 'Version Compatibility'
failed: Only incremental version upgrades are supported. Expected next
version: 0.56.0


## Type of change

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

<!--
This checklist uses "TaskRadio" comments to make certain options
mutually exclusive.
See:
https://github.com/mheap/require-checklist-action?tab=readme-ov-file#radio-groups
For details on how this works and why it's required.
-->

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

---------

Signed-off-by: nithyatsu <nithyasu@microsoft.com>

(cherry picked from commit 8e26c85)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@DariuszPorowski
chore(release): v0.55.0-rc6 (#11352)
f68c422 
Automated RC release preparation for v0.55.0-rc6.

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>

(cherry picked from commit d912167)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
Add apiextensions.k8s.io and dapr.io RBAC permissions to dynamic-rp s…
157c731 
…ervice account (#11350)

# Description

The `dynamic-rp` service account lacks RBAC permissions required when
deploying Dapr Recipes. Two failures occur:

1. Cannot list CRDs (`apiextensions.k8s.io`) to resolve GVKs for custom
resources
2. Cannot manage Dapr resources (`dapr.io`) in target namespaces

Adds two rule blocks to the `dynamic-rp` ClusterRole:

- **`apiextensions.k8s.io/customresourcedefinitions`** — `get`, `list`,
`watch` (needed to look up GVKs among available CRDs)
- **`dapr.io`** — `components`, `subscriptions`, `configurations`,
`resiliencies` with full CRUD (matches the existing `applications-rp`
pattern for Dapr resource management)

## Type of change

- This pull request fixes a bug in Radius and has an approved issue
(issue link required).

## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

<!--
This checklist uses "TaskRadio" comments to make certain options
mutually exclusive.
See:
https://github.com/mheap/require-checklist-action?tab=readme-ov-file#radio-groups
For details on how this works and why it's required.
-->

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

<!-- START COPILOT CODING AGENT TIPS -->
---

💡 You can make Copilot smarter by setting up custom instructions,
customizing its development environment and configuring Model Context
Protocol (MCP) servers. Learn more [Copilot coding agent
tips](https://gh.io/copilot-coding-agent-tips) in the docs.

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: willtsai <28876888+willtsai@users.noreply.github.com>
Co-authored-by: kachawla <74574173+kachawla@users.noreply.github.com>

(cherry picked from commit 0980cf9)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@willtsai
Reorder docker command for accuracy (#11210)
22dbf39 
# Description

This pull request makes a minor update to the documentation to correct
the order of commands in an example for building and pushing Docker
images.

* Documentation: Corrected the example command in `README.md` to run
`docker-build` before `docker-push`, ensuring images are built before
being pushed.

## Type of change

<!--

Please select **one** of the following options that describes your
change and delete the others. Clearly identifying the type of change you
are making will help us review your PR faster, and is used in authoring
release notes.

If you are making a bug fix or functionality change to Radius and do not
have an associated issue link please create one now.

-->

- This pull request is a minor refactor, code cleanup, test improvement,
or other maintenance task and doesn't change the functionality of Radius
(issue link optional).

<!--

Please update the following to link the associated issue. This is
required for some kinds of changes (see above).

-->

Fixes: N/A
## Contributor checklist
Please verify that the PR meets the following requirements, where
applicable:

<!--
This checklist uses "TaskRadio" comments to make certain options
mutually exclusive.
See:
https://github.com/mheap/require-checklist-action?tab=readme-ov-file#radio-groups
For details on how this works and why it's required.
-->

- An overview of proposed schema changes is included in a linked GitHub
issue.
    - [ ] Yes <!-- TaskRadio schema -->
    - [x] Not applicable <!-- TaskRadio schema -->
- A design document PR is created in the [design-notes
repository](https://github.com/radius-project/design-notes/), if new
APIs are being introduced.
    - [ ] Yes <!-- TaskRadio design-pr -->
    - [x] Not applicable <!-- TaskRadio design-pr -->
- The design document has been reviewed and approved by Radius
maintainers/approvers.
    - [ ] Yes <!-- TaskRadio design-review -->
    - [x] Not applicable <!-- TaskRadio design-review -->
- A PR for the [samples
repository](https://github.com/radius-project/samples) is created, if
existing samples are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio samples-pr -->
    - [x] Not applicable <!-- TaskRadio samples-pr -->
- A PR for the [documentation
repository](https://github.com/radius-project/docs) is created, if the
changes in this PR affect the documentation or any user facing updates
are made.
    - [ ] Yes <!-- TaskRadio docs-pr -->
    - [x] Not applicable <!-- TaskRadio docs-pr -->
- A PR for the [recipes
repository](https://github.com/radius-project/recipes) is created, if
existing recipes are affected by the changes in this PR.
    - [ ] Yes <!-- TaskRadio recipes-pr -->
    - [x] Not applicable <!-- TaskRadio recipes-pr -->

---------

Signed-off-by: Will <28876888+willtsai@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Brooke Hamilton <45323234+brooke-hamilton@users.noreply.github.com>

(cherry picked from commit a1059b6)
Signed-off-by: Dariusz Porowski <3431813+DariuszPorowski@users.noreply.github.com>
@DariuszPorowski DariuszPorowski requested review from a team as code owners March 3, 2026 21:02
@radius-functional-tests
Copy link

radius-functional-tests bot commented Mar 3, 2026
edited
Loading

Radius functional test overview

🔍 Go to test action run

Click here to see the test run details
Name Value
Repository radius-project/radius
Commit ref 22dbf39
Unique ID func73da8659a2
Image tag pr-func73da8659a2
  • gotestsum 1.13.0
  • KinD: v0.29.0
  • Dapr: 1.14.4
  • Azure KeyVault CSI driver: 1.4.2
  • Azure Workload identity webhook: 1.3.0
  • Bicep recipe location ghcr.io/radius-project/dev/test/testrecipes/test-bicep-recipes/<name>:pr-func73da8659a2
  • Terraform recipe location http://tf-module-server.radius-test-tf-module-server.svc.cluster.local/<name>.zip (in cluster)
  • applications-rp test image location: ghcr.io/radius-project/dev/applications-rp:pr-func73da8659a2
  • dynamic-rp test image location: ghcr.io/radius-project/dev/dynamic-rp:pr-func73da8659a2
  • controller test image location: ghcr.io/radius-project/dev/controller:pr-func73da8659a2
  • ucp test image location: ghcr.io/radius-project/dev/ucpd:pr-func73da8659a2
  • deployment-engine test image location: ghcr.io/radius-project/deployment-engine:latest

Test Status

⌛ Building Radius and pushing container images for functional tests...
✅ Container images build succeeded
⌛ Publishing Bicep Recipes for functional tests...
✅ Recipe publishing succeeded
⌛ Starting ucp-cloud functional tests...
✅ ucp-cloud functional tests succeeded
✅ corerp-cloud functional tests succeeded

@github-actions
Copy link

github-actions bot commented Mar 3, 2026

Unit Tests

    2 files  +  1    415 suites  +85   6m 29s ⏱️ - 1m 31s
4 862 tests + 18  4 860 ✅ + 19  2 💤  - 1  0 ❌ ±0 
5 762 runs  +918  5 760 ✅ +919  2 💤  - 1  0 ❌ ±0 

Results for commit 22dbf39. ± Comparison against base commit 2b2b53d.

@nithyatsu nithyatsu merged commit 8f170d6 into release/0.55 Mar 3, 2026
49 of 50 checks passed
@nithyatsu nithyatsu deleted the DariuszPorowski/cherrypick-0.55.0-rc6 branch March 3, 2026 21:34
@codecov
Copy link

codecov bot commented Mar 3, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 51.11%. Comparing base (2b2b53d) to head (22dbf39).
⚠️ Report is 10 commits behind head on release/0.55.

Additional details and impacted files 
@@               Coverage Diff                @@
##           release/0.55   #11364      +/-   ##
================================================
- Coverage         51.18%   51.11%   -0.08%     
================================================
  Files               682      699      +17     
  Lines             43433    44067     +634     
================================================
+ Hits              22231    22523     +292     
- Misses            19062    19399     +337     
- Partials           2140     2145       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nithyatsu nithyatsu nithyatsu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@DariuszPorowski @nithyatsu @brooke-hamilton @nicolejms @willtsai