DEV Community: puppet

Puppet Enterprise 2025.10 Resolves Malformed Task and Plan Metadata Failures

Jason St-Cyr — Tue, 31 Mar 2026 18:28:46 +0000

We’ve released a patch in Puppet Enterprise 2025.10 to resolve an issue affecting task and plan metadata handling.

Prior to PE 2025.9: Malformed task or plan metadata was logged in the bolt-server log, and the affected task or plan was ignored. Other tasks and plans continued to work as expected.

In PE 2025.9: Malformed metadata caused the task and plan listing to fail to load entirely and prevented affected tasks or plans from running. Errors were written to the bolt-server log.

With PE 2025.10: Task and plans retain the improvements from 2025.9 but will now also load correctly even when malformed metadata is present.

More: 👉 Official 2025.10 Release Notes

Puppet Enterprise 2025.9 and 2023.8.9 are available!

Jason St-Cyr — Wed, 25 Mar 2026 13:24:08 +0000

Puppet Enterprise 2025.9 and 2023.8.9 are now available, delivering improved operational visibility, expanded agent platform support, and important security fixes for both the latest and 2023.8 LTS streams.

What's new in PE 2025.9?

In Puppet Enterprise 2025.9, this release improves day-to-day operations with:

Real-time visibility into Advanced Patching runs directly in the PE console
Clearer error and warning messages when patch group creation fails, plus retry support from the console or API
The ability to edit workflows and stop running workflows from the PE console or via API
Agent support for Debian 13 on amd64 and aarch64
Multiple CVEs addressed, along with fixes to Advanced Patching behavior and Infra Assistant reliability

What's new in PE 2025.8.9?

Puppet Enterprise 2023.8.9 adds:

Agent support for Debian 13 on amd64 and aarch64
Multiple security fixes for customers on the 2023.8 LTS stream

Release notes

🔔Lifecycle Reminder

Starting with Puppet Enterprise 2026.0 (expected August 2026), Puppet Enterprise will move from the STS/LTS model to a Latest / Latest-1 support lifecycle.

Ubuntu 24.04 support comes to Puppet SCE for Linux

Jason St-Cyr — Wed, 18 Mar 2026 17:52:28 +0000

The latest 2.6.0 version of Puppet Security Compliance Enforcement (SCE) for Linux is now available. This release adds support for Ubuntu 24.04 LTS and includes a few operational improvements aimed at making SCE easier to run and troubleshoot in day‑to‑day Puppet environments.

Below is a quick overview of what’s new.

Ubuntu 24.04 LTS support

One of the main additions in this release is support for Ubuntu 24.04 LTS. SCE for Linux now allows you to enforce the CIS benchmarks v1.0.0 on Ubuntu 24.04 systems. Both Level 1 and Level 2 CIS profiles are supported.

Operational improvements

This release also includes some changes intended to improve visibility and troubleshooting.

Logging changes

Most SCE logs are now written to the Puppet agent run log. This means you can get more insight into SCE behavior by running the Puppet agent in debug mode, rather than checking separate log locations.

Updated mount information fact

The custom fact sce_mount_info has been updated to report information about all mounted file systems, providing a more complete view of the system during enforcement.

Updated Puppet module dependencies

SCE for Linux now supports the latest versions of puppet/systemd, puppet/logrotate, and puppetlabs/augeas_core.

Resolved issues

Puppet runs no longer fail on systems where the rsyslog package is not installed. This helps avoid unnecessary failures on minimal or customized Linux images.
Unnecessary PAM_POSITION_ALIASES warning messages related to the augeasproviders_pam module should no longer display.

More details

For the full list of changes and additional details, see the official release notes:

https://help.puppet.com/sce/current/linux/scel_relnotes_260.htm

Puppet Agent OS Support EOL: 90 Day Notice

Jason St-Cyr — Fri, 13 Mar 2026 13:13:55 +0000

ℹ️ NOTE: This notice was originally posted by the Product Team on 2026-03-12

This is a 90-day notice that Puppet Agent support for the following operating system platforms is reaching End of Life (EOL). Support for these platforms will be discontinued in upcoming Puppet releases:

Amazon Linux 2
Debian 10
Fedora 40
Red Hat Enterprise Linux 7
Ubuntu 18.04
Ubuntu 20.04
Windows 10

After this period, these platforms will no longer receive updates or be included in future puppet-agent releases.

If you have any questions or concerns regarding this change, please don’t hesitate to reach out.

Puppetlabs Modules Roundup – February 2026

Jason St-Cyr — Thu, 05 Mar 2026 16:51:13 +0000

Welcome back to the Puppetlabs Modules Roundup! This series is all about keeping you in the loop on what’s new and updated in the Perforce Puppet puppetlabs modules on the Forge. This month we look back at the latest updates from February 2026.

If you want a quick look at the latest developments across the Puppet module ecosystem, this is the place to catch up!

Highlighted Updates

SQL Server 2025 and DSC Reporting Fixes

The latest sqlserver module release now supports SQL Server 2025
The latest sce_windows module corrects DSC reporting issues.

Continued Deprecation of Puppet 7 in New Releases

A few more modules received updates to have better alignment with Puppet Core and have stopped supporting Puppet 7 in the new releases, in line with changes to other modules from previous months.

Docker
firewall
inifile
sqlserver

What Updates Happened to Puppetlabs Modules in February 2026?

The following is an alphabetical listing of modules which received updates in February 2026. If a module had multiple versions released the updates are collected together, numbered with the "latest" version available.

docker 10.4.0

📅 Latest release: 2026-02-10 (🌐 View on the Forge)

Several updates to support Puppet Core better and updates for APT keyrings:

Now uses puppetlabs-apt for modern APT keyrings on Debian family (by kenyon)
APT keyring used to manage GPG key (by techsk8)
Dependency on cgroupfs-mount for Debian Trixie has been removed (by zen-fu)
Services with restart no are now ignored in the exists? method
Puppet 7 support removed
Target ruby version updated to 3.1 (2.7 removed)
Changes to better support PDK latest releases
CI tests now run against Ubuntu 24.04 (replacing Ubuntu 20.04)

firewall 8.3.0

📅 Latest release: 2026-02-09 (🌐 View on the Forge)

Several updates to support Puppet Core better and updates for SUSE IPv6:

IPv6 rule saving command added for SUSE in utility
Puppet 7 support removed
Target ruby version updated to 3.1 (2.7 removed)
Changes to better support PDK latest releases
CI tests now run against Debian 12 instead of Debian 10 for primary testing

influxdb 3.0.1

📅 Latest release: 2026-02-05 (🌐 View on the Forge)

Small release here to provide an updated GPG key.

inifile 6.3.1

📅 Latest release: 2026-02-17 (🌐 View on the Forge)

Several updates to support Puppet Core better and updates for handling empty sections:

Removing the last setting of a section will no longer remove the “empty” section (by smortex)
Puppet 7 support removed
Target ruby version updated to 3.1 (2.7 removed)
Changes to better support PDK latest releases

puppet_agent 4.27.0

📅 Latest release: 2026-02-24 (🌐 View on the Forge)

Debian 13 (Trixie) acceptance tests added for ARM and x86_64

pwshlib 2.0.1

📅 Latest release: 2026-02-24 (🌐 View on the Forge)

This release fixes per-property change event reporting in PE when using DSC resources with custom_insync.

sce_windows 2.2.1

📅 Latest release: 2026-02-24 (🌐 View on the Forge)

SCE for Windows now supports the latest versions of the puppetlabs‑pwshlib dependency, including a fix for DSC reporting issues. In addition, resource names are updated to correctly reference SCE instead of the legacy CEM name.

Check the official release notes for Security Compliance Enforcement 2.2.1

sqlserver 5.1.0

📅 Latest release: 2026-02-26 (🌐 View on the Forge)

Support was added for SQL Server 2025 along with changes to better support Puppet Core.

Support added for SQL Server 2025
Several changes to match with requirements for Puppet Core
Puppet 7 support removed
Target ruby version updated to 3.1 (2.6 removed)
Changes to better support PDK latest releases

Until Next Time!

That’s a wrap for this roundup! If you want to dive deeper into any of these modules, check out the module documentation on the Forge or explore the individual module repos on GitHub for more details.

Got feedback or ideas for future updates? We’d love to hear from you! Add a comment here or join the conversation in the Perforce Community Slack.

Catch you at the next roundup!

Puppet Security Compliance Enforcement for Windows now fixes DSC reporting issues

Jason St-Cyr — Wed, 25 Feb 2026 15:40:03 +0000

Security Compliance Enforcement (SCE) for Windows now supports the latest versions of the puppetlabs‑pwshlib dependency, including a fix for DSC reporting issues. In addition, resource names are updated to correctly reference SCE instead of the legacy CEM name.

NOTE: When updating to the latest release of SCE for Windows, you will also want to upgrade puppetlabs-pwshlib as well.

💾 Download the latest SCE for Windows from the Forge: sce_windows module.

📖 Read more in the latest release notes for SCE for Windows .

Puppet Core 8.17 Drops with Major Security Updates

Jason St-Cyr — Fri, 20 Feb 2026 13:19:28 +0000

The Puppet Core team is at it again keeping on top of industry vulnerabilities! This release updates or removes dependencies to resolve nearly 20 reported CVEs (details in the release notes).

Security Updates in 8.17

Curl updated to 8.18 [addresses 8 CVEs]
Ruby updated to version 3.2.10 [addresses 2 CVEs]
OpenSSL updated to version 3.0.19 [addresses 8 CVEs]

Deprecations and removals

The Ruby API has been removed from leatherman as part of ongoing efforts to streamline and modernize internal components.
Brotli and zstd have been removed from agent curl builds. No impact to Puppet or PXP agents.

👉 Check out the full official Release notes for 8.17

Puppetlabs Modules Roundup – January 2026

Jason St-Cyr — Thu, 05 Feb 2026 13:54:46 +0000

Welcome back to the Puppetlabs Modules Roundup! This series is all about keeping you in the loop on what’s new and updated in the Perforce Puppet ‘puppetlabs’ modules on the Forge. This month we look back at the latest updates from January 2026.

If you want a quick look at the latest developments across the Puppet module ecosystem, this is the place to catch up!

Highlighted Updates

New Continuous Delivery releases!

New releases for v5.14.0 and v4.39.0 brought updates to the CD modules, including dropping support for Puppet 7 and Ruby 2.7. See details in the release notes:

v5.14.0 👉 Continuous Delivery (CD) release notes | Continuous Delivery (CD) | 5.14.0
v4.39 👉 Continuous Delivery for PE release notes

Continued Deprecation of Puppet 7 in New Releases

A few more modules received updates to have better alignment with Puppet Core and stop supporting Puppet 7 in the new releases, in line with changes to other modules from previous months.

cd4peadm
wsus_client

What Updates Happened to Puppetlabs Modules in January 2026?

The following is an alphabetical listing of modules which received updates in January 2026. If a module had multiple versions released the updates are collected together, numbered with the ‘latest’ version available.

cd4peadm 5.14.0

📅 Latest release: 2026-01-27 (🌐 View on the Forge)

The v5.14.0 release had several improvements, including multiple security updates to resolve vulnerabilities. Puppet 7 and Ruby 2.7 support was also dropped in the new releases for both the v5 and v4 streams. Check the release notes for the full details!

v5.14.0 👉 Continuous Delivery (CD) release notes | Continuous Delivery (CD) | 5.14.0

peadm 3.35.0

📅 Latest release: 2026-01-22 (🌐 View on the Forge)

Minor updates to add support for the latest Puppet Enterprise releases for 2023.8.8 and 2025.8.

wsus_client 6.3.0

📅 Latest release: 2026-01-23 (🌐 View on the Forge)

Several updates to support Puppet Core better, including PDK and Puppet version updates:

Support added for configuring Active Hours in WSUS client module
- New parameters active_hours_start and active_hours_end
Puppet 7 support removed
Target ruby version updated to 3.1 (2.7 removed)
Changes to better support PDK latest releases
Puppet Agent outdated pin removed

zone_core 2.0.2

📅 Latest release: 2026-01-05 (🌐 View on the Forge)

Mostly under-the-hood maintenance changes here, including an update to allow more recent versions of puppetlabs/zfs_core

Until Next Time!

Got feedback or ideas for future updates? We’d love to hear from you! Add a comment here or join the conversation in the Perforce Community Slack.

Catch you at the next roundup in March!

Puppet Continuous Delivery (CD) 5.14.0 and 4.39.0 now available!

Jason St-Cyr — Fri, 30 Jan 2026 13:15:09 +0000

👀 Important reminder: Continuous Delivery 4.x reaches its end‑of‑life on February 5, 2026. Upgrade to CD 5.x to ensure continued support, security updates, and feature enhancements. For full details and information about migrating to CD version 5.x, see End-of-life announcement: Continuous Delivery version 4.x.

Highlights in CD 5.14.0

In addition to important fixes and security updates, version 5.14.0 provides Puppet Enterprise (PE) and PE Advanced customers with improvements across usability, security, and platform reliability.

Enhancements

Improved in‑app error messaging to more clearly communicate CORS and other browser‑level errors, making configuration issues easier to diagnose.
Strengthened password validation for users creating or updating accounts. Passwords must now be at least 12 characters and include uppercase, lowercase, numeric, and special characters.
Updated puppet‑dev‑tools image to include PDK 3.6.1, which requires compatibility with Puppet 8 and Ruby 3.x. Continued support for Puppet 7 and Ruby 2.7 via: gcr.io/platform-services-297419/puppet-dev-tools:puppet7 (includes PDK 3.4.1).

Fixes

Impact Analysis:
- Fixed issue where resource changes were incorrectly reported for certain data types.
- Impact Analysis now correctly validates oversized titles and returns clear error messaging.
Corrected pipeline status links sent to version‑control providers.
Azure DevOps Server integration fix for truncated host URLs that previously broke repository links.

Security updates

This release includes fixes for the following vulnerabilities: CVE‑2026‑21452, CVE‑2025‑68161, CVE‑2024‑49761, CVE‑2025‑68973, CVE‑2025‑6020, and CVE‑2025‑13465

🔗 Get the full details on everything in the 5.14.0 release notes

CD 4.39.0

Enhancements

Updated puppet‑dev‑tools image to include PDK 3.6.1, aligning CD pipelines with Puppet 8 and Ruby 3.x requirements. Continued Puppet 7 support available via the puppet7 image (PDK 3.4.1).

Fixes

Impact Analysis:
- Fixed issue where resource changes were incorrectly reported for certain data types.
- Impact Analysis now correctly validates oversized titles and returns clear error messaging.

Security updates

This version includes fixes for the following vulnerabilities: CVE‑2026‑21452, CVE‑2025‑68161, CVE‑2025‑68973, CVE‑2025‑6020, and CVE‑2025‑13465.

🔗 Full detail in the 4.39.0 release notes.

PEClient.rb - The Puppet API Ruby Client Library

Zach Bensley — Thu, 29 Jan 2026 10:39:57 +0000

TL; DR

If you’ve ever glued together 12 curl calls, piped them through jq, and told yourself “This is fine”… This PEClient Ruby library might be just what you need.

PEClient.rb is a Ruby client library for Puppet Enterprise / Puppet Core HTTP APIs that lets you call endpoints like Ruby code, not like a shell script that is one whitespace away from chaos.

Use the PEClient library when pe-client-tools doesn’t go far enough, or when you need Puppet API access inside your Ruby automation (Rake tasks, CI jobs, internal tooling). This post will help you better understand when to reach for PEClient, how it works, and quick examples to start.

Who Is This For?

PEClient will be a great fit for you if:

You operate Puppet at scale and need repeatable automation, not “ClickOps.”
You’re integrating Puppet with other tooling (Terraform, CI/CD, internal platforms).
You need API access beyond what the Console or pe-client-tools conveniently exposes.
You would rather write Ruby than parse CLI output that changes on update day.

PEClient is not an official, supported, Perforce Puppet library and is maintained on a best-effort basis. That means it is not a fit for teams that can only use libraries that have official vendor support and SLAs on response. However, if you love bringing in new open-source tools into your stack, this will be a great fit!

The Problem

Puppet exposes a lot of API endpoints, which is great, until you’re stuck assembling authentication, headers, request bodies, and response parsing in every script.

Sure, you can curl everything… but you’ll eventually end up maintaining your own mini client anyway. Nobody wakes up excited to debug their own ad‑hoc HTTP wrapper at 2 A.M.

If you’re hitting APIs with ad‑hoc scripts, you end up researching endpoints, wiring auth and headers, and managing request/response parsing. Then you must maintain it. Wasting time on the scripts which is time stolen from real automation.

What About `pe-client-tools`?

Puppet Enterprise Client Tools are great for humans at a terminal providing “secure and convenient” access from a workstation.

When you embed these tools inside automation, you inherit a few risks:

Parsing CLI output is brittle (format changes happen).
You end up writing a wrapper anyway (input validation, retries, error mapping).
Your "library" becomes a collection of shell-outs (harder to test, harder to maintain).

There is a Better Way!

With Puppet already using Ruby, your team is most likely already familiar with the language.
You probably have custom tooling you use to automate things like provisioning your infrastructure, handling ad-hoc requests from management, and more.

Why not leave the finer details of how to talk to APIs to a library that can take that off your hands? Built using Faraday, the PEClient library requests and responses use Plain Old Ruby Objects (PORO), no special Structs, and no custom objects to force your data into. PEClient.rb allows you to write API calls in the most natural way we know how... with Ruby!

The PEClient library has as few dependencies as possible with faraday being the only one. And if you are wondering about Ruby support, we’ve got that covered too. PEClient supports all currently supported Ruby versions (3.2 to 4.0), with each version being tested to confirm it works as expected.

In practice, this means less glue code, fewer brittle wrappers, and API calls that read like Ruby instead of raw HTTP.

What you get with PEClient:

Ruby methods that map to Puppet APIs (no DIY URL stitching)
Plain hashes in/out (PORO-friendly)
Token or certificate authentication supported
Consistent error classes for HTTP failures

So, what's the catch? Good news! There isn’t one. PEClient is designed to be easy to implement, so you can focus automating your infrastructure.

Architecture Overview

Ease of use was a primary goal for this library. It should be easy to install, use, and customize to suit your needs.

To facilitate this, the library is designed using a client for handling HTTP interactions and Resources which provide entry points for the API endpoints:

Resources are lazy loaded only being required when you need it.
The client owns connection/authorization concerns.
Resources group the API endpoints in a way that mirrors the docs, so you can discover APIs via code completion.
Lazy loading keeps startup time low, handy for short-lived jobs like CI steps or one-off automation runs.

Quickstart

Install the gem via Bundler to pull the repository directly from GitHub.

# Gemfile
gem "pe_client", git: "https://github.com/puppetlabs/pe_client.rb"

# Install
bundle install

The following is an example with minimal configuration, configuring the client using environment variables. Once the client has been initialised an API request can be made, such as calling the RBAC V1 API endpoint to return the current user.

base_url is the URL of your puppet server, for example https://puppet.example.com.
api_key is your RBAC API key generated through puppet-access (part of pe-client-tools), the PE Console or with PEClient by calling client.rbac_v1.tokens.generate.
ca_file is your certificate authority public key to secure the connection between PEClient and your Puppet Server.

# Initializes the client, authenticates, and performs a simple call
client = PEClient.new(  
  base_url: ENV.fetch("PE_BASE_URL"),
  api_key:  ENV.fetch("PE_API_TOKEN"),
  ca_file:  ENV.fetch("PE_CA_FILE", "/etc/puppetlabs/puppet/ssl/certs/ca.pem"),
)

# Get the current user (who the API Key belongs to)
client.rbac_v1.users.current
# => 
# {"email" => "",
#  "is_revoked" => false,
#  "last_login" => "2025-12-16T01:56:58.87Z",
#  "is_remote" => false,
#  "login" => "admin",
#  "is_superuser" => true,
#  "id" => "42bf351c-f9ec-40af-84ad-e976fec7f4bd",
#  "role_ids" => [1],
#  "display_name" => "Administrator",
#  "is_group" => false}

Authentication

With Puppet Enterprise you have two methods available for authentication: RBAC and Certificate.

If you need to interact with majority of the API endpoints provided, you usually want to use RBAC for authentication. RBAC is used to grant individual users the permission to perform specific actions without needing to give them the keys to the kingdom.
You can generate an API Token either through the PE Console, or straight from within PEClient.

The following example shows multiple ways to initialize the client:

Providing an API Token that you have already generated.
Generating a token using PEClient.

# Bring your own token
client = PEClient.new(
  base_url: ENV.fetch("PE_BASE_URL"),
  api_key:  ENV.fetch("PE_API_TOKEN"),
  ca_file:  ENV.fetch("PE_CA_FILE", "/etc/puppetlabs/puppet/ssl/certs/ca.pem"),
)

# Generate a token
client = PEClient.new(
  base_url: ENV.fetch("PE_BASE_URL"),
  ca_file:  ENV.fetch("PE_CA_FILE", "/etc/puppetlabs/puppet/ssl/certs/ca.pem"),
)
## Creates a token that lasts 5 minutes
response = client.rbac_v1.tokens.generate(
  login:    "<USERNAME>",
  password: "<PASSWORD>",
  lifetime: "5m"
)
## => {"token" => "generated_secret_api_key"}
client = PEClient.new(
  base_url: ENV.fetch("PE_BASE_URL"),
  api_key:  response["token"],
  ca_file:  ENV.fetch("PE_CA_FILE", "/etc/puppetlabs/puppet/ssl/certs/ca.pem"),
)

What about those API endpoints that don't support RBAC but require a certificate? PEClient.rb can handle that too! This example shows how to initialize the client with a client certificate and key.

# Client certificate authentication
client = PEClient.new(
  base_url: ENV.fetch("PE_BASE_URL"),
  ca_file:  ENV.fetch("PE_CA_FILE", "/etc/puppetlabs/puppet/ssl/certs/ca.pem"),
) do |conn|
  conn.ssl[:client_cert] = '/path/to/client_cert.pem'
  conn.ssl[:client_key]  = '/path/to/client_key.pem'
end

Errors

All errors raised by PEClient.rb come under the PEClient::Error base class, which can be used to capture any generic error raised by PEClient.rb.

For HTTP Errors a PEClient::HTTPError base class is used.

# HTTP 400 errors  
class BadRequestError < HTTPError; end  
# HTTP 401 errors  
class UnauthorizedError < HTTPError; end  
# HTTP 403 errors  
class ForbiddenError < HTTPError; end  
# HTTP 404 errors  
class NotFoundError < HTTPError; end  
# HTTP 409 errors  
class ConflictError < HTTPError; end  
# HTTP 500-599 errors  
class ServerError < HTTPError; end

For example:

begin
  users = client.rbac_v1.users.list("invalid SID")
rescue PEClient::HTTPError => e
  warn "HTTP #{e.response.code}: #{e.response.body}"
rescue PEClient::Error => e
  warn "PEClient error: #{e.message}"
end

Compatibility and Versioning

These are the current language and API compatibility notes at the time of publishing. Please check the GitHub repo for the latest notes on compatibility.

Ruby: 3.2–4.0 (CI tested)
Puppet API versions: Targeting PE 2025.6 / Puppet Core 8.16+
Deprecations: Marked endpoints emit warnings via @deprecated docs

Where Can I Find PEClient?

PEClient can be found on GitHub. Please note that this library is not an official, supported Perforce product and is maintained on a best-effort basis.
If you encounter any bugs or want to request a missing feature, please raise an issue. Pull Requests are always welcome!

Puppet Enterprise 2025.8 and 2023.8.8 now available

Jason St-Cyr — Wed, 21 Jan 2026 13:16:18 +0000

These releases deliver an important security update and fix a defect affecting Advanced Patching in PE 2025.7.

Updates in PE 2025.8

Advanced Patching: Resolved an issue causing Puppet run failures: In PE 2025.7, removing nodes from all patch groups could cause Puppet runs to fail on those nodes. This issue has been fixed, restoring consistent and expected Puppet run behavior.
Addressed CVE‑2025‑58767: Although this CVE was partially addressed in the previous PE release (PE 2025.7), an update to Puppet Server’s vendored gems was missing. The complete fix is included in this release.

Updates in PE 2023.8.8

This release also includes the complete fix for CVE‑2025‑58767.

🤔 Reminder: In August 2026, Puppet Enterprise 2023.x will now stop receiving maintenance releases. See more details in the release notes!

Learn more from the official release notes

🔗 2025.8 Release notes
🔗 2023.8.7 Release notes

Run Bolt on RHEL 10/Windows 11 and a new plan_context function in Bolt 5.0.1

Jason St-Cyr — Thu, 15 Jan 2026 16:12:17 +0000

You can now install Bolt 5.0.1 which brings a new plan_context function to get information about whether a plan is running in Bolt or Puppet Enterprise. Windows 11 and RHEL 10 support were also added!

⚠️ Note: RHEL 10 package is available for Puppet Enterprise (PE) customers.

You can see details on the changes in the official release notes for Bolt 5.0.1.

DEV Community: puppet

Puppet Enterprise 2025.10 Resolves Malformed Task and Plan Metadata Failures

Puppet Enterprise 2025.9 and 2023.8.9 are available!

What's new in PE 2025.9?

What's new in PE 2025.8.9?

Release notes

🔔Lifecycle Reminder

Ubuntu 24.04 support comes to Puppet SCE for Linux

Ubuntu 24.04 LTS support

Operational improvements

Logging changes

Updated mount information fact

Updated Puppet module dependencies

Resolved issues

More details

Puppet Agent OS Support EOL: 90 Day Notice

Puppetlabs Modules Roundup – February 2026

Highlighted Updates

SQL Server 2025 and DSC Reporting Fixes

Continued Deprecation of Puppet 7 in New Releases

What Updates Happened to Puppetlabs Modules in February 2026?

docker 10.4.0

firewall 8.3.0

influxdb 3.0.1

inifile 6.3.1

puppet_agent 4.27.0

pwshlib 2.0.1

sce_windows 2.2.1

sqlserver 5.1.0

Until Next Time!

Puppet Security Compliance Enforcement for Windows now fixes DSC reporting issues

Puppet Core 8.17 Drops with Major Security Updates

Security Updates in 8.17

Deprecations and removals

Puppetlabs Modules Roundup – January 2026

Highlighted Updates

New Continuous Delivery releases!

Continued Deprecation of Puppet 7 in New Releases

What Updates Happened to Puppetlabs Modules in January 2026?

cd4peadm 5.14.0

peadm 3.35.0

wsus_client 6.3.0

zone_core 2.0.2

Until Next Time!

Puppet Continuous Delivery (CD) 5.14.0 and 4.39.0 now available!

Highlights in CD 5.14.0

Enhancements

Fixes

Security updates

CD 4.39.0

Enhancements

Fixes

Security updates

PEClient.rb - The Puppet API Ruby Client Library

TL; DR

Who Is This For?

The Problem

What About pe-client-tools?

There is a Better Way!

Architecture Overview

Quickstart

Authentication

Errors

Compatibility and Versioning

Where Can I Find PEClient?

Puppet Enterprise 2025.8 and 2023.8.8 now available

Updates in PE 2025.8

Updates in PE 2023.8.8

Learn more from the official release notes

Run Bolt on RHEL 10/Windows 11 and a new plan_context function in Bolt 5.0.1

What About `pe-client-tools`?