Release announcement: Continuous Delivery 5.15.0

[Puppet Product Updates]

We’re excited to announce the release of Continuous Delivery 5.15.0!

Highlights in CD 5.15.0

This release delivers better operational control, clearer data visibility, and stronger security—along with improvements to Pipelines as Code, Impact Analysis, and VCS integrations.

Enhancements

• Improved flexibility for VCS integrations through configurable webhook routing, supporting proxy‑based environments.
• Improved console security with a configurable web session idle timeout.
• More focused Impact Analysis results in Pipelines as Code by excluding nodes without catalog resources.
• Clearer pipeline attribution for Azure DevOps by displaying the initiating user’s display name.
• Improved GitLab integration by consistently attaching commit status updates to the same branch pipeline when native GitLab pipelines are present.
• Expanded platform support with Amazon Linux 2023 for Docker‑based installations.
• Updated Postgres base image to postgres:17-trixie.
  
  

Fixes

• Improved reliability of Impact Analysis result polling in the UI.
• Restored visibility of package_updates data for pe_patch in the fact picker.

Security updates

• Strengthened protections for sensitive endpoints with added CSRF safeguards and tighter authorization controls.
• Fixed issues that could allow unauthorized access to user and GraphQL data.
• Delivered fixes for multiple security vulnerabilities across platform dependencies. For full details, see the 5.15.0 release notes.

Learn more: 5.15.0 release notes

This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.