No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Shortly I'd hope, looks like it just needs some workflows updating to use a more recent Go version

Thank you so much, appreciate all the great work!

<https://github.com/pulumi/pulumi-std/releases/tag/v1.6.0>

Awesome! Any chance we could push this out too? <https://github.com/pulumi/pulumi-aws/pull/3237>

Thank you <@U02J3T6A8LB>! Just checking if these should have also been updated as well:

pulumi/pulumi
<https://github.com/pulumi/pulumi/pull/15078>

pulumi/pulumi-aws
<https://github.com/pulumi/pulumi-aws/blob/master/provider/go.mod#L194>
<https://github.com/pulumi/pulumi-aws/blob/main/provider/go.mod#L210>

The pulumi PR is just for tests, so shouldn't really matter.
The aws one should get updated but it shouldn't show up as a dependency in user programs.

Screenshot 2024-01-10 at 3.52.02 pm.png

Ah I see - weirdly we're still seeing these dependencies in our security scan using the latest releases

yeh we'll need to ensure this is updated through all the binary packages as well. aws might take a bit because it will need a pulumi release first probably, but the others we can take a look at today.

Thanks Fraser and the team :slightly_smiling_face:

<https://github.com/pulumi/pulumi-aws/releases/tag/v6.18.0> ?

Screenshot 2024-01-12 at 9.32.21 am.png

I think 6.18.0 still contains the old dependecies

I believe it's from these lines in /provider/go.mod

<https://github.com/pulumi/pulumi-aws/blob/master/provider/go.mod#L194>
<https://github.com/pulumi/pulumi-aws/blob/main/provider/go.mod#L210>

Yeh, sorry most of engineering has been at planning meetings this week so slow progress. I'll make sure this gets seen so it gets picked up though.

Weekend and Monday was MLK day so none of engineering has been in.
This should get picked up in the CLI release this week and then aws should pick that up soon after.

Ah I see! Thank you Fraser, enjoy your evening!

Updates for this to pulumi/pulumi have merged: <https://github.com/pulumi/pulumi/pull/15151>
So this will be in the release tomorrow. I'll check aws updates fully after that.

I see that there's a new release for pulumi/pulumi, are aws updates following soon?

Yeh they should be mostly on an automatic schedule afaik but I'll double check

It's planned to be out as soon as possible, just been some issues getting it out

Updated the packages and no more CVEs :raised_hands: thank you for all your help Fraser!