deps(go): bump github.com/pulumi/pulumi/sdk/v3 from 3.209.0 to 3.228.0

[dependabot]

Bumps github.com/pulumi/pulumi/sdk/v3 from 3.209.0 to 3.228.0.

Release notes

Sourced from github.com/pulumi/pulumi/sdk/v3's releases.

v3.228.0

3.228.0 (2026-03-25)

Features

• [cli] Don't apply the secrets filter to true and false (case-insensitive) #22269

• [cli] Add grpcs:// support and header authentication to OTLP exporter #22320

• [cli] Read OTEL_RESOURCE_ATTRIBUTES #22329

• [auto/nodejs] Add low-level "cancel" command to the auto-generated interface #22156

• [cli/state] Allow pulumi state delete to accept multiple resource URNs and delete them in a dependency-safe order

Bug Fixes

• [cli] Allow relative file paths for --otel-traces #22300

• [cli] Bridge opentracing spans from providers into OTel #22313

• [cli] Correctly end spans for GRPC streams #22304

• [cli/about] Do not include the access token in plain text #22347

• [display] Fix detailed diff indentation so changed resources are not visually nested under unrelated visible resources when unchanged parents are hidden. #22317

• [cli/import] Fix import codegen when generating references to non-standard names #22319

• [engine] Update golang version #22277

• [pcl] Typecheck component inputs in PCL programs #22292

• [programgen/{nodejs,python}] Fix literal conversion when calling into local components #22306

... (truncated)

Changelog

Sourced from github.com/pulumi/pulumi/sdk/v3's changelog.

3.228.0 (2026-03-25)

Features

• [cli] Don't apply the secrets filter to true and false (case-insensitive) #22269

• [cli] Add grpcs:// support and header authentication to OTLP exporter #22320

• [cli] Read OTEL_RESOURCE_ATTRIBUTES #22329

• [auto/nodejs] Add low-level "cancel" command to the auto-generated interface #22156

• [cli/state] Allow pulumi state delete to accept multiple resource URNs and delete them in a dependency-safe order

Bug Fixes

• [cli] Allow relative file paths for --otel-traces #22300

• [cli] Bridge opentracing spans from providers into OTel #22313

• [cli] Correctly end spans for GRPC streams #22304

• [cli/about] Do not include the access token in plain text #22347

• [display] Fix detailed diff indentation so changed resources are not visually nested under unrelated visible resources when unchanged parents are hidden. #22317

• [cli/import] Fix import codegen when generating references to non-standard names #22319

• [engine] Update golang version #22277

• [pcl] Typecheck component inputs in PCL programs #22292

• [programgen/{nodejs,python}] Fix literal conversion when calling into local components #22306

... (truncated)

Commits

• 7551b7f feat(cli/state): multiple URNs and substring match for pulumi state delete ...
• 6a1c2d2 env: mark AccessToken as Secret (#22347)
• 9630cec Deprecate legacy mode (#19625)
• 3171ca6 Fix l2-component-call-simple (#22339)
• d5bf67e Fix use of sanitised names in import codegen (#22319)
• 6589fd4 Allow setting a GRPC endpoint for performance tests (#22330)
• fba98e9 Unskip l2-snake-names (#22337)
• 469eb83 [display] Fix detailed diff indentation when hidden parents are unchanged (#2...
• fe4a635 Update golang version to fix CVEs (#22277)
• cfb587b fix(sdk/go/pulumi-language-go/goversion): handle non-standard toolchains (#22...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)