This release keeps dependencies and maintenance posture current for teams operating this tool.
✓ No known CVEs patched in this version
Topics
Affected surfaces
Summary
AI summaryMinor fixes and improvements.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Dependency | Medium |
Bump chainguard.dev/sdk from 0.1.54 to 0.1.55. Bump chainguard.dev/sdk from 0.1.54 to 0.1.55. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump github/codeql-action from 4.35.4 to 4.35.5. Bump github/codeql-action from 4.35.4 to 4.35.5. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump go.step.sm/crypto from 0.78.0 to 0.81.0. Bump go.step.sm/crypto from 0.78.0 to 0.81.0. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump google.golang.org/api from 0.278.0 to 0.279.0. Bump google.golang.org/api from 0.278.0 to 0.279.0. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump k8s.io/apimachinery from 0.36.0 to 0.36.1. Bump k8s.io/apimachinery from 0.36.0 to 0.36.1. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump step-security/harden-runner from 2.19.1 to 2.19.3. Bump step-security/harden-runner from 2.19.1 to 2.19.3. Source: llm_adapter@2026-05-25 Confidence: high |
— |
| Dependency | Medium |
Bump zizmorcore/zizmor-action from 0.5.3 to 0.5.5. Bump zizmorcore/zizmor-action from 0.5.3 to 0.5.5. Source: llm_adapter@2026-05-25 Confidence: high |
— |
Full changelog
Changelog
- 9034253a6869d3aeb1b1ef5dc09d80d85143d70d build(deps): bump chainguard.dev/sdk from 0.1.54 to 0.1.55 (#2236)
- 00304a309de87a3199e6f12c7576e6e49e3d757c build(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (#2237)
- 71f084bd28cb8a70dac6b5f4bf664b1e99335265 build(deps): bump go.step.sm/crypto from 0.78.0 to 0.81.0 (#2235)
- 2015c631a07cd5bb4ec1860ee05b330aba4d5341 build(deps): bump google.golang.org/api from 0.278.0 to 0.279.0 (#2234)
- 295b1155065087b93718877ab8ecccb6d63884a0 build(deps): bump k8s.io/apimachinery from 0.36.0 to 0.36.1 (#2232)
- 31ce42d8b5398541d141bf97f5683e3d1a0b9d85 build(deps): bump step-security/harden-runner from 2.19.1 to 2.19.3 (#2233)
- 289d76107c9f42b0b0f7cc09ab39eab1bdd74e96 build(deps): bump zizmorcore/zizmor-action from 0.5.3 to 0.5.5 (#2238)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Beta — feedback welcome: [email protected]