Puppet CD 5.14.0 and 4.39.0 now available!

Published: 1 week ago (January 30, 2026 at 08:15 AM EST)

2 min read

Source: Dev.to

Cover image for Puppet CD 5.14.0 and 4.39.0 now available!

Important reminder: Continuous Delivery 4.x reaches its end‑of‑life on February 5, 2026. Upgrade to CD 5.x to ensure continued support, security updates, and feature enhancements. For full details and information about migrating to CD version 5.x, see the End‑of‑life announcement: Continuous Delivery version 4.x.

CD 5.14.0

Enhancements

Improved in‑app error messaging to more clearly communicate CORS and other browser‑level errors, making configuration issues easier to diagnose.
Strengthened password validation for users creating or updating accounts. Passwords must now be at least 12 characters and include uppercase, lowercase, numeric, and special characters.
Updated puppet‑dev‑tools image to include PDK 3.6.1, which requires compatibility with Puppet 8 and Ruby 3.x. Continued support for Puppet 7 and Ruby 2.7 via the image gcr.io/platform-services-297419/puppet-dev-tools:puppet7 (includes PDK 3.4.1).

Fixes

Impact Analysis

Fixed issue where resource changes were incorrectly reported for certain data types.
Impact Analysis now correctly validates oversized titles and returns clear error messaging.
Corrected pipeline status links sent to version‑control providers.
Azure DevOps Server integration fix for truncated host URLs that previously broke repository links.

Security updates

This release includes fixes for the following vulnerabilities:
CVE‑2026‑21452, CVE‑2025‑68161, CVE‑2024‑49761, CVE‑2025‑68973, CVE‑2025‑6020, and CVE‑2025‑13465.

🔗 Get the full details in the 5.14.0 release notes.

CD 4.39.0

Enhancements

Updated puppet‑dev‑tools image to include PDK 3.6.1, aligning CD pipelines with Puppet 8 and Ruby 3.x requirements. Continued Puppet 7 support is available via the puppet7 image (PDK 3.4.1).

Fixes

Impact Analysis

Fixed issue where resource changes were incorrectly reported for certain data types.
Impact Analysis now correctly validates oversized titles and returns clear error messaging.

Security updates

This version includes fixes for the following vulnerabilities:
CVE‑2026‑21452, CVE‑2025‑68161, CVE‑2025‑68973, CVE‑2025‑6020, and CVE‑2025‑13465.

🔗 Full details are available in the 4.39.0 release notes.

Puppet CD 5.14.0 and 4.39.0 now available!

CD 5.14.0

Enhancements

Fixes

Impact Analysis

Security updates

CD 4.39.0

Enhancements

Fixes

Impact Analysis

Security updates

Related posts

Introducing nono: A Secure Sandbox for AI Agents

Switch Claude Code providers in seconds with claude-provider (Plugin + CLI)

How to Set Up OpenClaw in 5-10 Minutes (No Mac Mini, No VPS, No Code)

Debugging My Brain: Why Procrastination is Actually an 'Emotional Regulation' Glitch

CD 5.14.0

Enhancements

Fixes

Impact Analysis

Security updates

CD 4.39.0

Enhancements

Fixes

Impact Analysis

Security updates

Related posts

Introducing nono: A Secure Sandbox for AI Agents

Switch Claude Code providers in seconds with claude-provider (Plugin + CLI)

How to Set Up OpenClaw in 5-10 Minutes (No Mac Mini, No VPS, No Code)

Debugging My Brain: Why Procrastination is Actually an 'Emotional Regulation' Glitch

CD 5.14.0

CD 4.39.0