July 2026 Patches Merge-back#49754
Conversation
Merge-back from release/patch/20260701 into main. Bumps dependency-version for the 2026-07-01 patched libraries in version_client.txt (keeping main's current-version, and never downgrading libraries main has already released past the patch, e.g. azure-resourcemanager-network and azure-resourcemanager-storage), inserts the 2026-07-01 patch CHANGELOG entries below each library's top/Unreleased section (version-ordered), and regenerates downstream pom.xml files via update_versions.py --skip-readme (READMEs intentionally unchanged). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR re-creates the July 2026 patch-release merge-back from release/patch/20260701 into main, bringing back patch dependency-version bumps, dated 2026-07-01 CHANGELOG entries, and regenerated downstream pom.xml updates. It also carries two pipeline template updates from the patch branch and adds a new repository skill documenting the merge-back workflow.
Changes:
- Updated
eng/versioning/version_client.txtto bump patched libraries’ dependency-version while preservingmain’s current-version. - Inserted
## X.Y.Z (2026-07-01)patch entries into many packageCHANGELOG.mdfiles and regenerated manypom.xmlfiles viaupdate_versions.py --skip-readme. - Updated patch-release pipeline templates and added
.github/skills/azsdk-common-patch-mergeback/documentation for the merge-back process.
Reviewed changes
Copilot reviewed 203 out of 203 changed files in this pull request and generated 19 comments.
Show a summary per file
| File | Description |
|---|---|
| eng/versioning/version_client.txt | Patch merge-back dependency-version updates while preserving main current-versions. |
| eng/pipelines/templates/stages/archetype-sdk-client-patch.yml | Adds PipAuthenticate and pins Python package versions used during patch pipeline execution. |
| eng/pipelines/templates/stages/archetype-java-release-patch.yml | Adds Maven authentication/mirror setup step to patch release pipeline. |
| .github/skills/azsdk-common-patch-mergeback/SKILL.md | Documents the intended patch merge-back workflow and guardrails. |
| .github/skills/azsdk-common-patch-mergeback/references/version-client-resolution.md | Documents the version_client.txt reconciliation algorithm for merge-backs. |
| .github/skills/azsdk-common-patch-mergeback/references/changelog-resolution.md | Documents CHANGELOG reconciliation/merge-back rules for patch entries. |
| sdk/appservice/azure-resourcemanager-appservice/CHANGELOG.md | Adds 2026-07-01 patch entry; dependency “from” versions need correction to match prior release entry. |
| sdk/containerinstance/azure-resourcemanager-containerinstance/CHANGELOG.md | Adds 2026-07-01 patch entry; multiple dependency “from” versions need correction to match prior release entry. |
| sdk/keyvault/azure-resourcemanager-keyvault/CHANGELOG.md | Adds 2026-07-01 patch entry; dependency “from” versions need correction to match prior release entry. |
| sdk/msi/azure-resourcemanager-msi/CHANGELOG.md | Adds 2026-07-01 patch entry; dependency “from” versions need correction to match prior release entry. |
| sdk/sql/azure-resourcemanager-sql/CHANGELOG.md | Adds 2026-07-01 patch entry; dependency “from” versions need correction to match prior release entry. |
| sdk/eventhubs/azure-resourcemanager-eventhubs/CHANGELOG.md | Adds 2026-07-01 patch entry; dependency “from” versions need correction to match prior release entry. |
| sdk/trafficmanager/azure-resourcemanager-trafficmanager/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/servicebus/azure-resourcemanager-servicebus/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/authorization/azure-resourcemanager-authorization/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/search/azure-resourcemanager-search/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/redis/azure-resourcemanager-redis/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/privatedns/azure-resourcemanager-privatedns/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/monitor/azure-resourcemanager-monitor/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/cdn/azure-resourcemanager-cdn/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/dns/azure-resourcemanager-dns/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/network/azure-resourcemanager-network/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/cosmos/azure-resourcemanager-cosmos/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| sdk/containerregistry/azure-resourcemanager-containerregistry/CHANGELOG.md | Adds 2026-07-01 patch entry; resources dependency “from” version needs correction. |
| - Upgraded `azure-resourcemanager-storage` from `2.55.4` to version `2.56.1`. | ||
| - Upgraded `azure-resourcemanager-network` from `2.58.1` to version `2.58.3`. | ||
| - Upgraded `azure-resourcemanager-msi` from `2.53.7` to version `2.53.9`. | ||
| - Upgraded `azure-resourcemanager-authorization` from `2.53.8` to version `2.53.10`. |
| - Upgraded `azure-storage-file-share` from `12.29.2` to version `12.31.0`. | ||
| - Upgraded `azure-resourcemanager-resources` from `2.54.0` to version `2.54.2`. |
Brings back the second July 2026 patch batch (release/patch/20260707, patch prep #49743) and the azure-resourcemanager 2.63.0 GA release (#49738 / increment #49753) into main. - version_client.txt: bumped dependency-version for the 20260707 patched libraries (azure-resourcemanager-network 2.59.1, -storage 2.57.1, -compute 2.58.2, -sql 2.53.10, -appservice 2.55.4, -eventhubs 2.53.10, -containerinstance 2.53.12), keeping main's current-version; and set azure-resourcemanager to 2.63.0;2.64.0-beta.1 (GA + increment). - CHANGELOG.md: inserted the 2026-07-07 patch entries (version-ordered) for the 7 libraries and the azure-resourcemanager 2.63.0 GA entry (with 2.64.0-beta.1 Unreleased section). - pom.xml: regenerated via update_versions.py --skip-readme (READMEs unchanged). Deliberately excludes the source-code resets in the patch-prep commit; only version, CHANGELOG, and pom updates are brought back. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
|
||
| - Updated `api-version` to `2025-07-01`. | ||
|
|
||
| ## 2.58.3 (2026-07-01) |
There was a problem hiding this comment.
Note: The entry above has a higher version number (2.59.0) but shows a release date that's earlier than the one for this patch. It seems that is incorrect though, as the version mentioned above was actually released on July 3rd and does not include the dependency bump. I'd be concerned about having older dependencies on newer library versions, but fortunately there's an even newer version (2.59.1) that came out yesterday updating the dependency anyway (not sure why that's not in main yet though).
It's not a big deal, I'm just noting it because it seems that delays in merging PRs like this one can result in such scenarios where we have misaligned deps.
There was a problem hiding this comment.
This occurred be a version of ARM network got released before the mergeback got merged in for the patches. @XiaofeiCao released another version to contain the updated dependencies, making the SDK version consistent. That's why I'm pursuing an agentic solution to creating mergeback PRs, so they can be merged quicker, reducing the likelihood that this situation occurs,
| Produce, from top to bottom: | ||
|
|
||
| 1. **The `## X.Y.Z (Unreleased)` section exactly as it is on `main`** — including | ||
| any unreleased entries already present there. Do not add, edit, or remove |
There was a problem hiding this comment.
| any unreleased entries already present there. Do not add, edit, or remove | |
| any unreleased entries already present there. Do not add to, edit, or remove |
| Concretely: take the `main` version of the file and **insert the release | ||
| branch's `PATCH_DATE` entry immediately below the `(Unreleased)` section.** | ||
| Nothing else changes. |
There was a problem hiding this comment.
Sometimes our patches happen and then a beta release occurs, leaving us with an empty Unreleased section followed by said newer beta. Maybe we can update the verbiage here to guide the agent to use the reported release dates instead.
| - Do not merge, reorder, or de-duplicate other entries. | ||
| - Do not modify wording anywhere except inserting the patch block. | ||
| - Verify dependency-bump bullets inside the patch entry reference the correct | ||
| "from" version (the previously released version). Correct them if the release |
There was a problem hiding this comment.
What do you mean with the previously released version? The dependency version mentioned in a previous release?
There was a problem hiding this comment.
Correct, I'll update the skill to mention that the previously released version is explicitly the version of the library being patched. @copilot Update this skill to be clear that the (previously released version) in this context refers explicitly to the version of the library that the patch has been applied to, which does not necessarily have to be the most recent version released to Maven.
There was a problem hiding this comment.
Updated in commit above — the rule now explicitly states that the "from" version is the version of each dependency present in the release the patch was applied to (the base version the patch built on top of), and notes this is not necessarily the most recent version released to Maven.
| Repeat for every `CHANGELOG.md` in the last-two-commits diff of the release | ||
| branch. |
There was a problem hiding this comment.
This is assuming we don't have to manually fix anything, right? Have you had instances where you've had to manually intervene to fix conflicts with test recordings or other things? It used to happen to me back in the day every few releases.
There was a problem hiding this comment.
Yes, this assumes patches were released without issue. If things need to change then additional edits may need to be included into the Changelog.
| 1. If the release branch line has a **different `dependency-version`** than | ||
| `main`, take the release branch `dependency-version`. |
There was a problem hiding this comment.
Assuming the version from the patch is not older than what's on main. In a comment I made on the azure-resourcemanager-network changelog I noted there was a newer release than the one in the patch. If we think there will be no window long enough for a patch to be release followed by another stable version before we merge-back, I'd disregard this comment.
There was a problem hiding this comment.
The goal is to automate the process to a point where the patches can be released, the merge-back PR auto-merged, and BOM released in one smooth motion that would prevent any libraries being released in-between.
There was a problem hiding this comment.
Just out of curiosity, have you invoked the skill locally yourself? Are we planning to use this inside an agentic-workflow or will it only be manually triggered by us?
There was a problem hiding this comment.
I used the skill to create this PR. The end goal is for this to be used within an agentic workflow, but I have to iron out the issues first
| - **`version_client.txt`:** update only the `dependency-version` of SDK | ||
| libraries that changed on the release branch; **always keep the | ||
| `current-version` from `main`.** Never reset beta versions to `beta.1`. |
There was a problem hiding this comment.
Same comment on having a newer stable version on main than the one on the patch branch.
| ```bash | ||
| python eng/versioning/update_versions.py --skip-readme | ||
| ``` | ||
| Do not stage any manual pom.xml edits; only the generated output. Confirm no |
There was a problem hiding this comment.
nit;
| Do not stage any manual pom.xml edits; only the generated output. Confirm no | |
| Do not stage any manual `pom.xml` edits; only the generated output. Confirm no |
…l reference Co-authored-by: jairmyree <67484440+jairmyree@users.noreply.github.com>
Co-authored-by: jairmyree <67484440+jairmyree@users.noreply.github.com>
…ersions Co-authored-by: jairmyree <67484440+jairmyree@users.noreply.github.com>
Re-creates the July 2026 patch-release merge-back that was intended by #49731. The original PR became corrupted (a stale merge-base dragged ~146K lines of unrelated code reverts into the diff) and was closed. This branch is built cleanly on top of the current
mainand contains only the intended changes.Contents
1. First patch batch — merge-back from
release/patch/20260701(dated2026-07-01)version_client.txt: bumpeddependency-versionfor the 2026-07-01 patched libraries, keepingmain'scurrent-version. Librariesmainhad already released past the patch were left atmain's newer values (not downgraded).## X.Y.Z (2026-07-01)entry in the correct version-ordered position (pure insertions, 0 content lines removed).update_versions.py --skip-readme.2. Second patch batch — merge-back from
release/patch/20260707(dated2026-07-07)main's current-version kept):azure-resourcemanager-network2.59.1,-storage2.57.1,-compute2.58.2,-sql2.53.10,-appservice2.55.4,-eventhubs2.53.10,-containerinstance2.53.12.2.63.0;2.64.0-beta.1, with the## 2.63.0 (2026-07-07)CHANGELOG entry and2.64.0-beta.1Unreleased section.## X.Y.Z (2026-07-07)entries inserted version-ordered.update_versions.py --skip-readme.3. New merge-back MCP skill
.github/skills/azsdk-common-patch-mergeback/(SKILL.md + reference docs) describing how patch-release merge-back PRs should be created.4. Two pipeline commits carried back from the release branch
efe7805— Add Pip Authenticate task and pin package versions inarchetype-sdk-client-patch.yml.d3229eb— Add Maven authentication step inarchetype-java-release-patch.yml.Verification
eng/versioning/pom_file_version_scanner.ps1passes (exit 0).README.mdfiles unchanged (--skip-readme).Supersedes #49731.