chore(deps): Bump github.com/buildkite/agent/v3 from 3.103.1 to 3.107.0

[dependabot]

Bumps github.com/buildkite/agent/v3 from 3.103.1 to 3.107.0.

Release notes

Sourced from github.com/buildkite/agent/v3's releases.

v3.107.0

v3.107.0 (2025-09-18)

Full Changelog

Added

• Added ability to fetch multiple secrets in a single call #3483 (@​moskyb)
• Experiment for propagating agent config env vars #3471 (@​DrJosh9000)
• oidc request-token can now output in a GCP Workload Federation-compatible format #3480 (@​moskyb)

Changed

• Update docs for apply-if-changed information with agent minimum version #3485 (@​Damilola-obasa)

Internal

• Use the go.mod tool block for more tools #3481 (@​DrJosh9000)
• Update shellwords to v1.0.1, relax Go version directive #3464 (@​moskyb)
• build(deps): bump the container-images group across 5 directories with 1 update #3478 (@​dependabot[bot])
• Split Dependabot container updates #3477 (@​DrJosh9000)

v3.106.0

v3.106.0 (2025-09-15)

Full Changelog

Changed

• Support upcoming secrets pipeline syntax (currently in private preview) #3453 (@​matthewborden)
• Better plugin and hook path checks #3445 (@​DrJosh9000)

v3.105.0

v3.105.0 (2025-09-10)

Full Changelog

Fixed

• PS-1101: refresh Executor config for Job API env change in polyglot hook #3467 (@​zhming0)
• PB-610: fix hook environment variable unable to propagate via bk-agent env set #3466 (@​zhming0)

Added

• Support agent checkout on pull request merge refspecs #3436 (@​jonathanly)

Internal

• Lower Go containers back to 1.24 #3468 (@​DrJosh9000)
• Add replacer fuzz test corpus to repo, with fix #3448 (@​DrJosh9000)
• Re-add test race detection, and skip a known-racy test under the race regime #3452 (@​moskyb)
• Dependancy updates: #3463, #3465, #3462 ,#3457, #3460, #3456, #3454 (@​dependabot[bot])

v3.104.0

v3.104.0 (2025-09-05)

Full Changelog

Security

• Automatically redact OIDC tokens in logs #3450 (@​matthewborden)

... (truncated)

Changelog

Sourced from github.com/buildkite/agent/v3's changelog.

v3.107.0 (2025-09-18)

Full Changelog

Added

• Added ability to fetch multiple secrets in a single call #3483 (@​moskyb)
• Experiment for propagating agent config env vars #3471 (@​DrJosh9000)
• oidc request-token can now output in a GCP Workload Federation-compatible format #3480 (@​moskyb)

Changed

• Update docs for apply-if-changed information with agent minimum version #3485 (@​Damilola-obasa)

Internal

• Use the go.mod tool block for more tools #3481 (@​DrJosh9000)
• Update shellwords to v1.0.1, relax Go version directive #3464 (@​moskyb)
• build(deps): bump the container-images group across 5 directories with 1 update #3478 (@​dependabot[bot])
• Split Dependabot container updates #3477 (@​DrJosh9000)

v3.106.0 (2025-09-15)

Full Changelog

Changed

• Support upcoming secrets pipeline syntax (currently in private preview) #3453 (@​matthewborden)
• Better plugin and hook path checks #3445 (@​DrJosh9000)

v3.105.0 (2025-09-11)

Full Changelog

Fixed

• PS-1101: refresh Executor config for Job API env change in polyglot hook #3467 (@​zhming0)
• PB-610: fix hook environment variable unable to propagate via bk-agent env set #3466 (@​zhming0)

Added

• Support agent checkout on pull request merge refspecs #3436 (@​jonathanly)

Internal

• Lower Go containers back to 1.24 #3468 (@​DrJosh9000)
• Add replacer fuzz test corpus to repo, with fix #3448 (@​DrJosh9000)
• Re-add test race detection, and skip a known-racy test under the race regime #3452 (@​moskyb)
• Dependancy updates: #3463, #3465, #3462 ,#3457, #3460, #3456, #3454 (@​dependabot[bot])

v3.104.0 (2025-09-05)

Full Changelog

Security

• Automatically redact OIDC tokens in logs #3450 (@​matthewborden)

Added

• Allow multiple pipeline files for upload #3431 (@​DrJosh9000)

... (truncated)

Commits

• 4606e31 Merge pull request #3487 from buildkite/moskyb/release/3.107.0
• 68e9c84 Merge pull request #3474 from buildkite/dependabot/go_modules/golang-x-c79169...
• c91dd6e Bump version + changelog for v3.107.0
• 1c01367 build(deps): bump golang.org/x/net in the golang-x group
• da1cbfa Merge pull request #3483 from buildkite/batch-secrets
• 319a28a Update clicommand/secret_get.go
• a05f00c Cap secret fetching concurrency at 10, for now
• c07b3bb Allow setting explicit output format for single keys, but keep defaulting to ...
• 88cc860 Merge pull request #3485 from buildkite/SUP-4610-Update-if-change-information...
• 676a734 Update apply-if-changed information with minimum versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)