jun 19, 2026
7 links from the engineering internet.
consul 2.0.1 ships a security release on go 1.26.4 and new envoy
consul 2.0.1 patches three go vulnerabilities by moving to go 1.26.4 and upgrades the bundled envoy proxy versions. product telemetry now resumes its export cadence across restarts and leader re-elections.
wrangler 4.103.0 moves getworkernamefromproject out of the cli
cloudflare's wrangler 4.103.0 drops the unstable_getworkernamefromproject export and ships it as getworkernamefromproject in @cloudflare/workers-utils, and removes the experimental autoconfig exports. importers need to update their paths.
pytest 9.1.1 fixes parametrize and raisesgroup regressions
pytest 9.1.1 fixes a 9.1.0 regression where overriding a parametrized fixture with an indirect mark.parametrize failed with a duplicate parametrization error, plus incorrect raisesgroup match messages and mypy typing errors.
trivy 0.71.2 patch bumps the alpine base image and dependencies
aquasecurity ships trivy 0.71.2 on the 0.71 line, bumping the alpine base image to 3.24.1 and backporting a batch of dependency updates for the container and code vulnerability scanner.
metabase 0.61.5.4 backports a notifications memory-leak fix
metabase ships backport patch releases 0.61.5.4 and 0.60.10.5 fixing a memory leak tied to notifications under graalvm. self-hosted instances on the 0.60 and 0.61 lines get the fix without a major upgrade.
n8n 2.27.3 fixes a form trigger crash on older workflows
n8n 2.27.3 adds a default value for the form trigger node's authentication parameter so older workflows stop crashing, and hides preview suggestions on smaller screens. patch on the 2.27 line of the automation platform.
posthog-cli 0.7.29 quiets agent api discovery commands
posthog ships posthog-cli 0.7.29, a patch that quiets the agent api discovery commands. prebuilt binaries are published via the install script in the release.