Update dependency jdx/mise to v2026.6.5 (dev)

[renovate]

This PR contains the following updates:

Package	Update	Change	Pending
jdx/mise	patch	v2026.6.3 → v2026.6.5	v2026.6.11 (+5)

---

Release Notes

jdx/mise (jdx/mise)

v2026.6.5: : Trust hardening and aqua attestation fixes

Compare Source

This release closes several trust-bypass vectors where a local mise.toml or mise-tasks/ directory could run code before the user trusted a project, and brings aqua's GitHub attestation verification in line with what the registry asks for.

Fixed

• (config) Treat github.credential_command, gitlab.credential_command, and forgejo.credential_command as global-only. They are stripped from project/local config at parse time (with a warning) so an untrusted mise.toml cannot use a credential command to execute arbitrary shell when fetching tokens. Global config, CLI flags, and environment variables are unchanged (#​10356 by @​jdx).
• (config) Fix GHSA-436v-8fw5-4mj8 by ignoring ci, paranoid, trusted_config_paths, and yes when they come from local config files. A malicious mise.toml can no longer set trusted_config_paths = ["/"] or paranoid = false to auto-trust itself before _.source scripts run (#​10357 by @​jdx).
• (task) Require trust before loading default task include directories (mise-tasks/, .mise-tasks/, and related layouts) in repos with no local mise config. Previously, a clone with only a mise-tasks/ directory could render Tera templates (including exec()) in task descriptions before the user trusted the project. Global task include paths and includes declared from a trusted mise.toml are still exempt (#​10355 by @​jdx).
• (aqua) Model and forward github_artifact_attestations.predicate_type to GitHub during attestation detection and verification. Packages like foundry-rs/foundry and gleam-lang/gleam that pin an SPDX SBOM predicate now enforce that predicate instead of accepting whatever attestation happens to verify. Predicate-filtered requests bypass the digest-only versions-host attestation cache (#​10169 by @​risu729).
• (aqua) Canonicalize aqua var options across plain keys, nested vars tables, and literal "vars.<name>" backend-option keys into a single lock/cache identity. Duplicate final vars now fail with a source-neutral conflicting aqua var error rather than silently picking one spelling; normal higher-precedence config overrides still apply (#​10187 by @​risu729).
• (schema) Forbid hide, quiet, raw, interactive, and raw_args on [task_templates.*] in the JSON Schema, and drop the unused fields from TaskTemplate. Runtime never merged these into tasks (templates can't tell "unset" from false for plain bools), so editors no longer suggest keys that did nothing (#​10242 by @​risu729).
• (schema) Accept supported OS, architecture, and os-arch selectors on registry backend platforms entries and backends.options.platforms.* tables — for example windows-x64, linux-arm64, darwin-aarch64, macos-arm64 — fixing false schema errors reported in discussion #​10296 (#​10358 by @​risu729).

Full Changelog: jdx/mise@v2026.6.4...v2026.6.5

💚 Sponsor mise

mise is built by @​jdx under en.dev — an independent studio making developer tooling (mise, aube, and more). Development is funded by sponsors.

If mise saves you or your team time, please consider sponsoring at en.dev. Individual and company sponsorships keep mise fast, free, and independent.

v2026.6.4: : Declarative system packages

Compare Source

Added

• (system) Declarative system packages ([system.packages]) for apt, dnf, pacman, and Homebrew core formulae (installed without a brew CLI) via new experimental mise system status / install commands (#​10326 by @​jdx).
• (system) New mise system use and mise system upgrade to write [system.packages] entries and refresh installed system packages (#​10346 by @​jdx).
• (github) Added matching (substring) and matching_regex asset options to the github, gitlab, and forgejo backends, applied before platform autodetection and scoped through SLSA provenance verification (#​10325 by @​devnulled).
• (oci) mise oci build --owner UID[:GID] plus [oci].user_id / [oci].group_id config for layer file ownership (#​10075 by @​ThomasK33).

Fixed

• (backend) --minimum-release-age=0s now correctly disables the release-age cutoff instead of falling back to the default, and stable fast-path metadata avoids an unnecessary full version-list fetch (#​10344 by @​jdx).
• (aqua) Route GitHub metadata through mise-versions only for mise-registry-backed Aqua tools, eliminating noisy 403 warnings for packages like aqua:aws/session-manager-plugin (#​10341 by @​jdx).
• (aqua) Support overrides[].envs selectors so platform-specific Aqua overrides for packages like apache/tomcat and eza-community/eza apply correctly (#​10200 by @​risu729).
• (task) Resolve monorepo-relative task refs (:task, //pkg:task, aliases) the same way at validation time as runtime, so mise tasks validate no longer reports false missing-dependency errors (#​10342 by @​jdx).
• (task) Forwarded args now reach inline bash -c tasks on Windows instead of being assigned to $0 (#​10321 by @​JamBalaya56562).
• (task) Multiline task description values are surfaced in mise <task> --help and mise run <task> --help while task listings remain single-line (#​10204 by @​risu729).
• (tasks) Refactor editor (EDITOR / VISUAL) command handling to support values with arguments and improve error reporting (#​9752 by @​roele).
• (core) Preserve inner double quotes for the remaining cmd /c call sites on Windows (mise exec -c, tera exec(), watch_files, postinstall hooks, [deps], credential commands) (#​10323 by @​JamBalaya56562).
• (install) Skip unknown tools that are inactive on the current OS or disabled via disable_tools/enable_tools before raising registry errors (#​10206 by @​risu729).
• (java) Include the resolved shorthand_vendor in the lockfile identity for shorthand requests like java@17 (#​9989 by @​risu729).
• (dotnet) Include runtime in the core .NET plugin lockfile identity so SDK and runtime installs no longer share a lock entry (#​10175 by @​risu729).

Registry

• Added ghtkn (#​9967 by @​TyceHerrman) and antigravity-cli (#​10324 by @​rhanneken).

💚 Sponsor mise

mise is built by @​jdx under en.dev — an independent studio making developer tooling (mise, aube, and more). Development is funded by sponsors.

If mise saves you or your team time, please consider sponsoring at en.dev. Individual and company sponsorships keep mise fast, free, and independent.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.