Sourced from github.com/aws-cloudformation/rain's releases.

Release v1.24.4

What's Changed

• Add govulncheck security scanning by @​kddejong in aws-cloudformation/rain#761
• Bump the minor-and-patch group across 1 directory with 22 updates by @​dependabot[bot] in aws-cloudformation/rain#763
• Bump the minor-and-patch group with 20 updates by @​dependabot[bot] in aws-cloudformation/rain#764
• Bump axios from 1.8.4 to 1.13.5 in /test/webapp/site by @​dependabot[bot] in aws-cloudformation/rain#754
• Bump js-yaml from 4.1.0 to 4.1.1 in /test/webapp/site by @​dependabot[bot] in aws-cloudformation/rain#728
• Bump minimatch from 3.1.2 to 3.1.5 in /test/webapp/site by @​dependabot[bot] in aws-cloudformation/rain#766
• Bump rollup from 4.40.0 to 4.59.0 in /test/webapp/site by @​dependabot[bot] in aws-cloudformation/rain#765
• Bump vite from 6.2.7 to 6.4.1 in /test/webapp/site by @​dependabot[bot] in aws-cloudformation/rain#725
• Bump github.com/aws/aws-sdk-go-v2/service/bedrockruntime from 1.50.0 to 1.50.4 by @​dependabot[bot] in aws-cloudformation/rain#779
• Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.96.1 to 1.97.3 by @​dependabot[bot] in aws-cloudformation/rain#780
• Upgrade golang stdlib from 1.26.0 to 1.26.2 by @​chrisqm-dev in aws-cloudformation/rain#785
• Release v1.24.4 by @​kddejong in aws-cloudformation/rain#788

New Contributors

• @​chrisqm-dev made their first contribution in aws-cloudformation/rain#785

Full Changelog: aws-cloudformation/rain@v1.24.3...v1.24.4

Release v1.24.3

What's Changed

• feat: Support environment variables for parameters and deploys in rain deploy by @​rtkjbeverly in aws-cloudformation/rain#729
• Fix linting issue: merge variable declaration with assignment (S1021) by @​atennak1 in aws-cloudformation/rain#753
• ci: scope down GitHub Token permissions by @​AdnaneKhan in aws-cloudformation/rain#726
• Bump github.com/aws/aws-sdk-go-v2/service/dynamodb from 1.53.1 to 1.55.0 by @​dependabot[bot] in aws-cloudformation/rain#755
• Bump github.com/aws/aws-sdk-go-v2/service/cloudformation from 1.71.0 to 1.71.5 by @​dependabot[bot] in aws-cloudformation/rain#756
• Bump github.com/aws/aws-sdk-go-v2/service/servicequotas from 1.33.8 to 1.34.1 by @​dependabot[bot] in aws-cloudformation/rain#758
• Bump github.com/aws/aws-sdk-go-v2/service/cloudfront from 1.57.0 to 1.60.0 by @​dependabot[bot] in aws-cloudformation/rain#759
• Bump github.com/aws/aws-sdk-go-v2/service/lightsail from 1.50.7 to 1.50.11 by @​dependabot[bot] in aws-cloudformation/rain#757
• Release v1.24.3 by @​kddejong in aws-cloudformation/rain#760

New Contributors

• @​rtkjbeverly made their first contribution in aws-cloudformation/rain#729
• @​atennak1 made their first contribution in aws-cloudformation/rain#753
• @​AdnaneKhan made their first contribution in aws-cloudformation/rain#726

Full Changelog: aws-cloudformation/rain@v1.24.2...v1.24.3

• 9b5ed09 Merge pull request #788 from kddejong/release/2026/04/23
• 8faaeab Release v1.24.4
• 2abdf2b Merge pull request #785 from aws-cloudformation/fix/golang-stdlib
• 8e86634 Upgrade golang stdlib from 1.26.0 to 1.26.2
• a669c92 Merge pull request #780 from aws-cloudformation/dependabot/go_modules/github....
• 73a6e9a Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.96.1 to 1.97.3
• 03dff7a Merge pull request #779 from aws-cloudformation/dependabot/go_modules/github....
• 6795433 Bump github.com/aws/aws-sdk-go-v2/service/bedrockruntime
• fabc4bd Merge pull request #725 from aws-cloudformation/dependabot/npm_and_yarn/test/...
• da7129a Merge pull request #765 from aws-cloudformation/dependabot/npm_and_yarn/test/...
• Additional commits viewable in compare view

Sourced from github.com/open-policy-agent/opa's releases.

v1.16.1

This is a patch release addressing a regression in the plugin manager that may cause the service to hang on shutdown (#8590).

v1.16.0

[!WARNING]

A regression has been found in the plugin manager, which may cause the service to hang on shutdown. Users are advised to go directly to v1.16.1.

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

• New uri.parse and uri.is_valid built-in functions
• Data API Request/Response Metadata
• Prometheus metrics exported via OTLP
• Formatter improvements

NOTE:

In v1.15.x, OPA was dropping logs for bundle downloads, print() calls and other plugin-originated logs. Users are advised to update, v1.16.0 fixes this bug in (#8544).

New uri.parse and uri.is_valid built-in functions (#8263)

Two new built-in functions have been added: uri.parse for parsing a given URI, and uri.is_valid for verifying the structure of a given URI.

uri.parse

Parses a URI and returns an object containing its components according to RFC 3986. Empty components are omitted.

package example
test_uri if {
uri.parse("https://example.com:8080/api?q=1#top") == {
"scheme": "https",
"hostname": "example.com",
"port": "8080",
"path": "/api",
"raw_path": "/api",
"raw_query": "q=1",
"fragment": "top",
}
}

uri.is_valid

Returns true if the input can be parsed as a URI, false otherwise.

... (truncated)

Sourced from github.com/open-policy-agent/opa's changelog.

1.16.1

This is a patch release addressing a regression (#8590) in the plugin manager that may cause the service to hang on shutdown.

1.16.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

• New uri.parse and uri.is_valid built-in functions
• Data API Request/Response Metadata
• Prometheus metrics exported via OTLP
• Formatter improvements

NOTE:

In v1.15.x, OPA was dropping logs for bundle downloads, print() calls and other plugin-originated logs. Users are advised to update, v1.16.0 fixes this bug in (#8544).

New uri.parse and uri.is_valid built-in functions (#8263)

Two new built-in functions have been added: uri.parse for parsing a given URI, and uri.is_valid for verifying the structure of a given URI.

uri.parse

Parses a URI and returns an object containing its components according to RFC 3986. Empty components are omitted.

package example
test_uri if {
uri.parse("https://example.com:8080/api?q=1#top") == {
"scheme": "https",
"hostname": "example.com",
"port": "8080",
"path": "/api",
"raw_path": "/api",
"raw_query": "q=1",
"fragment": "top",
}
}

uri.is_valid

Returns true if the input can be parsed as a URI, false otherwise.

package example
deny contains "invalid URI" if {
</tr></table>

... (truncated)

• a72f9fa Prepare v1.16.1 release
• 9339812 plugins: Ensure plugin status functions don't hang after manager is stopped (...
• f3adf61 Release v1.16.0 (#8581)
• c5a446f Add regression test for comparing objects with array keys
• 7bc92c6 workflow: update benchmarks notebook generation
• 882d5a7 build(deps): bump the dependencies group across 2 directories with 9 updates ...
• b33179c docs: Fix input value type in not undefined example (#8580)
• 3d602ca perf: Add CopyNonGround() methods for Array, Set, and Object (#8323)
• 1a8e7b1 docs(policy-reference): add aggregates examples for count and sum (#8566)
• 343ddf5 builtins: Add uri.parse and uri.is_valid built in functions (#8578)
• Additional commits viewable in compare view

Sourced from github.com/samber/lo's releases.

v1.53.0

Announcing the latest release of lo with lots of good gifts! 🎁

🌊 First, a big thanks to @​d-enk for making lots of performance improvements in the recent weeks.

🧪 Second, this release introduces a new simd experimental package. If you run on an amd64 architecture and a recent CPU, you can perform very fast operations thanks to SIMD CPU instructions. -> Documentation: https://lo.samber.dev/docs/experimental/simd

💥 Third, this version adds *Err variants of many lo helpers (like MapErr, FlatMapErr, ReduceErr, etc.) whose callbacks can return an error and short-circuit execution when one occurs.

[!NOTE] The simd sub-package is considered not stable. We might break the initial API based on developers' feedback in the coming months.

---

Features & improvements

• feat: adding SIMD helpers by @​samber in samber/lo#801
• feat: adding Error variants: MapErr, FlatMapErr, ReduceErr... by @​samber in samber/lo#823
• feat: support for buffer iterator by @​mimol91 in samber/lo#824
• feat: add Take, TakeWhile, FilterTake, Window, and Sliding functions by @​juliazadorozhnaya in samber/lo#760
• feat: add a Concat slice function. by @​FGasper in samber/lo#714
• feat: add iterator slice helpers by @​juliazadorozhnaya in samber/lo#791
• feat(it): adding loit.Concat by @​samber in samber/lo#722
• feat: Allow Union/Intersect to take many lists by @​frankywahl in samber/lo#181
• feat: Add Clone function to return shallow copy of slice collections by @​quexer in samber/lo#732
• feat: IntersectBy by @​ghosx in samber/lo#653
• feat: Support Custom Assert by @​RelicOfTesla in samber/lo#755
• feat: Must support Custom error handler. by @​RelicOfTesla in samber/lo#752
• feat: WithoutNth handle non-comparable types by @​urisimchoni in samber/lo#774
• refactor: remove unnecessary type arguments in NewThrottle by @​d-enk in samber/lo#773
• refactor: lo.IntersectBy + adding loit.IntersectBy + adding doc by @​samber in samber/lo#739
• fix: rename IsSortedByKey to IsSortedBy by @​NathanBaulch in samber/lo#735
• fix(iter/tuples): support break iteration over Zip[By] seq by @​d-enk in samber/lo#757
• fix(it.Mode): align behavior with lo.Mode and ensure consistent slice… by @​intojhanurag in samber/lo#711
• fix: improve Clone function to preserve nilness and avoid liveness issues by @​quexer in samber/lo#740
• fix: reset n counter per iteration in it.Replace by @​LikimiaD in samber/lo#799
• fix: make Ellipsis operate on runes instead of bytes to prevent Unicode truncation by @​veeceey in samber/lo#796
• fix: correct DropByIndex handling of negative indices out of bounds by @​d-enk in samber/lo#778

Deprecation

• refactor: remove helpers deprecated for more than 3y by @​samber in samber/lo#810

Performance improvements

• feat: Optimize UniqMap to reduce unnecessary slice preallocation by @​ivolkoff in samber/lo#710
• refactor(it): simplify DropLast, TrimSuffix, TrimPrefix and use range loops by @​d-enk in samber/lo#782
• bench: fix iterators to actually iterate in benchmarks by @​d-enk in samber/lo#781
• refactor: simplify slice cut/trim prefix/suffix functions by @​d-enk in samber/lo#787
• perf: optimize Sliding by pre-allocating result capacity by @​d-enk in samber/lo#783

... (truncated)

• cf6fb4f bump v1.53.0
• 56ef3be feat: support for buffer iterator (#824)
• 6a9f881 💄
• 7f0c2e0 feat: adding UnzipByErrX helpers
• af46a13 feat: adding RejectErr helpers
• 6f42e74 doc: improve examples
• ff0e293 feat: adding FilterErr helpers
• 4bb58fd feat: adding RepeatByErr helpers
• 72a33aa feat: adding FilterKeysErr + FilterValuesErr helpers
• dd1d58e feat: adding FindDuplicatesByErr helper
• Additional commits viewable in compare view

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.42.0

What's Changed

⚠️ Breaking Changes

• chore!: migrate to moby modules (#3591) @​thaJeztah

🔒 Security

• chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @​thaJeztah

🐛 Bug Fixes

• fix: return an error when docker host cannot be retrieved (#3613) @​ash2k

🧹 Housekeeping

• chore: gitignore Gas Town agent artifacts (#3633) @​mdelapenya
• fix(usage-metrics): include last release in the legend pop over (#3630) @​mdelapenya
• chore: update usage metrics (2026-04) (#3621) @github-actions[bot]
• fix(usage-metrics): order of actions matters (#3623) @​mdelapenya
• fix(usage-metrics): reduce rate-limit cascade errors (#3622) @​mdelapenya
• fix(usage-metrics): replace the per-version inline retry with a multi-pass approach (#3620) @​mdelapenya

📦 Dependency updates

• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.28.0 to 1.43.0 in /modules/grafana-lgtm (#3639) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.42.0 to 1.43.0 in /modules/compose (#3641) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.42.0 to 1.43.0 in /modules/compose (#3645) @dependabot[bot]
• chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626) @dependabot[bot]
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.2 to 1.97.3 in /modules/localstack (#3638) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.41.0 to 1.43.0 in /modules/grafana-lgtm (#3643) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/sdk from 1.41.0 to 1.43.0 in /modules/milvus (#3644) @dependabot[bot]
• chore: update to Go 1.25.9, 1.26.9 (#3647) @​thaJeztah
• chore(deps): bump bump github.com/klauspost/compress v1.18.5, github.com/docker/compose v5.1.2 (#3646) @​thaJeztah
• chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @​thaJeztah
• chore(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0 (#3629) @dependabot[bot]
• chore(deps): bump github.com/moby/patternmatcher from 0.6.0 to 0.6.1 (#3628) @dependabot[bot]
• chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.2 to 4.26.3 (#3627) @dependabot[bot]
• fix(localstack): accept community-archive as a valid tag (#3601) @​johnduhart
• chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /modules/gcloud (#3632) @dependabot[bot]
• chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#3625) @dependabot[bot]
• chore(deps): bump pygments from 2.19.2 to 2.20.0 (#3615) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/milvus (#3612) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/etcd (#3611) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/ollama (#3610) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/pinecone (#3609) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/couchbase (#3608) @dependabot[bot]
• chore(deps): bump requests from 2.32.4 to 2.33.0 (#3604) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/meilisearch (#3607) @dependabot[bot]
• chore(deps): bump github.com/moby/buildkit from 0.27.1 to 0.28.1 in /modules/compose (#3605) @dependabot[bot]

... (truncated)

• 6e58418 chore: use new version (v0.42.0) in modules and examples
• f713dc0 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
• 300827a chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
• 7a15ac1 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 5bae3d2 fix: return an error when docker host cannot be retrieved (#3613)
• fc19484 chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626)
• 95bdc0c chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 (#3638)
• 75aa226 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 2f59938 chore(deps): bump go.opentelemetry.io/otel/sdk in /modules/milvus (#3644)
• 580abf6 chore: update to Go 1.25.9, 1.26.9 (#3647)
• Additional commits viewable in compare view

Sourced from github.com/testcontainers/testcontainers-go/modules/registry's releases.

v0.42.0

What's Changed

⚠️ Breaking Changes

• chore!: migrate to moby modules (#3591) @​thaJeztah

🔒 Security

• chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @​thaJeztah

🐛 Bug Fixes

• fix: return an error when docker host cannot be retrieved (#3613) @​ash2k

🧹 Housekeeping

• chore: gitignore Gas Town agent artifacts (#3633) @​mdelapenya
• fix(usage-metrics): include last release in the legend pop over (#3630) @​mdelapenya
• chore: update usage metrics (2026-04) (#3621) @github-actions[bot]
• fix(usage-metrics): order of actions matters (#3623) @​mdelapenya
• fix(usage-metrics): reduce rate-limit cascade errors (#3622) @​mdelapenya
• fix(usage-metrics): replace the per-version inline retry with a multi-pass approach (#3620) @​mdelapenya

📦 Dependency updates

• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.28.0 to 1.43.0 in /modules/grafana-lgtm (#3639) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.42.0 to 1.43.0 in /modules/compose (#3641) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.42.0 to 1.43.0 in /modules/compose (#3645) @dependabot[bot]
• chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626) @dependabot[bot]
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.2 to 1.97.3 in /modules/localstack (#3638) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.41.0 to 1.43.0 in /modules/grafana-lgtm (#3643) @dependabot[bot]
• chore(deps): bump go.opentelemetry.io/otel/sdk from 1.41.0 to 1.43.0 in /modules/milvus (#3644) @dependabot[bot]
• chore: update to Go 1.25.9, 1.26.9 (#3647) @​thaJeztah
• chore(deps): bump bump github.com/klauspost/compress v1.18.5, github.com/docker/compose v5.1.2 (#3646) @​thaJeztah
• chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @​thaJeztah
• chore(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0 (#3629) @dependabot[bot]
• chore(deps): bump github.com/moby/patternmatcher from 0.6.0 to 0.6.1 (#3628) @dependabot[bot]
• chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.2 to 4.26.3 (#3627) @dependabot[bot]
• fix(localstack): accept community-archive as a valid tag (#3601) @​johnduhart
• chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /modules/gcloud (#3632) @dependabot[bot]
• chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#3625) @dependabot[bot]
• chore(deps): bump pygments from 2.19.2 to 2.20.0 (#3615) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/milvus (#3612) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/etcd (#3611) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/ollama (#3610) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/pinecone (#3609) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/couchbase (#3608) @dependabot[bot]
• chore(deps): bump requests from 2.32.4 to 2.33.0 (#3604) @dependabot[bot]
• chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/meilisearch (#3607) @dependabot[bot]
• chore(deps): bump github.com/moby/buildkit from 0.27.1 to 0.28.1 in /modules/compose (#3605) @dependabot[bot]

... (truncated)

• 6e58418 chore: use new version (v0.42.0) in modules and examples
• f713dc0 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
• 300827a chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
• 7a15ac1 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 5bae3d2 fix: return an error when docker host cannot be retrieved (#3613)
• fc19484 chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626)
• 95bdc0c chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 (#3638)
• 75aa226 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 2f59938 chore(deps): bump go.opentelemetry.io/otel/sdk in /modules/milvus (#3644)
• 580abf6 chore: update to Go 1.25.9, 1.26.9 (#3647)
• Additional commits viewable in compare view

• 8577a70 go.mod: update golang.org/x dependencies
• 7ca2c6d go.mod: update golang.org/x dependencies
• 73d1ba9 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Sourced from mvdan.cc/sh/v3's releases.

v3.13.1

• cmd/shfmt
  • Add support for [[zsh]] in EditorConfig files
  • Detect the shell variant from filenames like .zshrc and .bash_profile
  • Fix --apply-ignore when used with explicit args - #1310
• syntax
  • Revert an accidental change to how array subscripts are formatted - #1314
  • Never join ;; with the previous line when formatting - #1289
  • Fix a bug where $1[foo] was parsed as a subscript in Zsh - #1288
  • Correctly parse $! in double quotes in Zsh - #1298
  • Allow indexing into special parameters in Zsh - #1299
  • Allow parameter expansions with empty names in Zsh - #1280
• interp
  • Test against Bash 5.3 and fix three new discrepancies
  • Fix a few bugs related to nameref variables
  • Avoid panics when user input encounters unimplemented features

Consider becoming a sponsor if you benefit from the work that went into this release!

Binaries built on go version go1.26.1 linux/amd64 with:

CGO_ENABLED=0 go build -trimpath -ldflags="-w -s"

v3.13.0

This release introduces support for Zsh in the parser and formatter, which was tracked in issue #120 alongside the label https://github.com/mvdan/sh/labels/zsh. While support is not complete, it should be far enough for many use cases.

This release also drops support for Go 1.24 and includes many other enhancements:

• cmd/shfmt
  • Exit with a non-zero status when -l prints any filenames
  • shfmt -version is now derived from the git current tag, dropping the -ldflags workaround
• syntax
  • New nodes types and node fields are introduced alongside LangZsh
  • LangVariant is now a bitset, allowing the use of sets like "Bash-like"
  • Add InteractiveSeq and StmtsSeq iterator methods for Parser
  • Stop exposing the internal buffer in Printer via struct embedding
  • Support the use of brace expansions like declare {a,b}_c=value
  • Fix a bug where POSIX and Bash incorrectly allowed empty command lists
• interp
  • Add support for shopt -s dotglob and shopt -s extglob
  • Add support for simple uses of !(expr) extended glob patterns
  • Support more builtin flags for declare, type, read
  • Fix various bugs relating to nulls, errors, and arrays
• expand
  • Add Config.DotGlob and Config.ExtGlob for the interpreter
  • Add Variable.Flags to get the one-character declare flags
  • Do not force env vars on Windows to be uppercase
  • Fix various bugs relating to glob pattern matching
• pattern
  • Add GlobLeadingDot and ExtendedOperators for the interpreter

... (truncated)

Sourced from mvdan.cc/sh/v3's changelog.

[3.13.1] - 2026-03-09

• cmd/shfmt
  • Add support for [[zsh]] in EditorConfig files
  • Detect the shell variant from filenames like .zshrc and .bash_profile
  • Fix --apply-ignore when used with explicit args - #1310
• syntax
  • Revert an accidental change to how array subscripts are formatted - #1314
  • Never join ;; with the previous line when formatting - #1289
  • Fix a bug where $1[foo] was parsed as a subscript in Zsh - #1288
  • Correctly parse $! in double quotes in Zsh - #1298
  • Allow indexing into special parameters in Zsh - #1299
  • Allow parameter expansions with empty names in Zsh - #1280
• interp
  • Test against Bash 5.3 and fix three new discrepancies
  • Fix a few bugs related to nameref variables
  • Avoid panics when user input encounters unimplemented features

[3.13.0] - 2026-03-09

This release introduces support for Zsh in the parser and formatter, which was tracked in issue #120 alongside the label https://github.com/mvdan/sh/labels/zsh. While support is not complete, it should be far enough for many use cases.

This release also drops support for Go 1.24 and includes many other enhancements:

• cmd/shfmt
  • Exit with a non-zero status when -l prints any filenames
  • shfmt -version is now derived from the git current tag, dropping the -ldflags workaround
• syntax
  • New nodes types and node fields are introduced alongside LangZsh
  • LangVariant is now a bitset, allowing the use of sets like "Bash-like"
  • Add InteractiveSeq and StmtsSeq iterator methods for Parser
  • Stop exposing the internal buffer in Printer via struct embedding
  • Support the use of brace expansions like declare {a,b}_c=value
  • Fix a bug where POSIX and Bash incorrectly allowed empty command lists
• interp
  • Add support for shopt -s dotglob and shopt -s extglob
  • Add support for simple uses of !(expr) extended glob patterns
  • Support more builtin flags for declare, type, read
  • Fix various bugs relating to nulls, errors, and arrays
• expand
  • Add Config.DotGlob and Config.ExtGlob for the interpreter
  • Add Variable.Flags to get the one-character declare flags
  • Do not force env vars on Windows to be uppercase
  • Fix various bugs relating to glob pattern matching
• pattern
  • Add GlobLeadingDot and ExtendedOperators for the interpreter
  • Add NegExtGlobError to mark the use of !(expr) negation patterns

• 2f3f5e3 CHANGELOG: add entry for v3.13.1
• 1b77144 CHANGELOG: add late entry for v3.13.0
• 4fe0cc2 README: bring output in caveats examples up to date
• d2b044b syntax: only make index expressions compact when it's a comma
• 1569230 syntax: add test cases for issue #1314
• e97b2b0 interp: avoid the last panics which can be triggered by users
• f299f47 cmd/shfmt: --apply-ignore should not skip explicit args based on extension
• 2315483 interp: fix a few nameref bugs
• 7e3be04 interp: test with Bash 5.3 and fix three bugs uncovered by it
• 8852860 pattern: tokenize patterns rune by rune
• Additional commits viewable in compare view