Skip to content

chore(deps): update pre-commit hook mongodb/kingfisher to v1.106.0#566

Merged
renovate[bot] merged 1 commit into
mainfrom
renovate/mongodb-kingfisher-1.x
Jul 11, 2026
Merged

chore(deps): update pre-commit hook mongodb/kingfisher to v1.106.0#566
renovate[bot] merged 1 commit into
mainfrom
renovate/mongodb-kingfisher-1.x

Conversation

@renovate

@renovate renovate Bot commented Jul 11, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
mongodb/kingfisher repository minor v1.105.0v1.106.0

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

mongodb/kingfisher (mongodb/kingfisher)

v1.106.0

Compare Source

  • Added content-based ZIP detection so Terraform plan files (e.g. tfplan, *.plan — real ZIPs with no archive extension) are extracted and scanned instead of treated as opaque compressed bytes; a file whose bytes begin with a ZIP signature is now extracted regardless of name, reusing the existing looks_like_zip() magic-byte helper. Non-ZIP files are untouched, so plain-text *.plan files are not mis-extracted. Content-detected ZIPs go through the same bounded in-memory extractor with unchanged zip-slip protection and zip-bomb caps, respect --no-extract-archives and --no-binary, and empty or unreadable ZIPs fall back to raw-byte scanning. The only added cost is a single 4-byte header read per file whose extension is not already a recognized archive. Verified against a real Terraform plan: 0 → 9 findings (AWS keys, Vault token, JWT, bcrypt hashes). @​beer4code
  • Merged the open dependabot "bump" PRs from main: CI/action bumps for dtolnay/rust-toolchain, actions/setup-python (6.2.0 → 6.3.0), and google/clusterfuzzlite build/run fuzzers actions (82652fb884713a) across the cflite_batch and cflite_pr workflows.
  • Bumped gix from 0.84 to 0.85 in kingfisher-core, and applied cargo minor/patch updates: aws-sdk-ec2 1.232.1 → 1.233.0, aws-sdk-lambda 1.128.0 → 1.129.0, plus the cargo-patch group (8 crate updates) and a rand 0.10.0 → 0.10.1 bump in the fuzz crate.
  • Reconciled the workspace and fuzz lockfiles after stacking the dependabot updates, and removed a duplicate base32 package block that PR #​330 introduced into fuzz/Cargo.lock.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Only on Saturday (* * * * 6)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Third-party library dependencies. label Jul 11, 2026
@renovate renovate Bot enabled auto-merge (squash) July 11, 2026 07:53
@renovate renovate Bot added the dependencies Third-party library dependencies. label Jul 11, 2026
@renovate renovate Bot merged commit 233ee5c into main Jul 11, 2026
12 checks passed
@renovate renovate Bot deleted the renovate/mongodb-kingfisher-1.x branch July 11, 2026 07:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Third-party library dependencies.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants