build(deps): bump github.com/pulumi/pulumi/sdk/v3 from 3.208.0 to 3.209.0 in /deploy

[dependabot]

Bumps github.com/pulumi/pulumi/sdk/v3 from 3.208.0 to 3.209.0.

Release notes

Sourced from github.com/pulumi/pulumi/sdk/v3's releases.

v3.209.0

3.209.0 (2025-11-26)

Features

• [cli] Add native support for OIDC token exchange when logging into Pulumi Cloud. Run pulumi login --help for more information. #20974

• [sdk/python] Allow older grpcio and protobuf dependencies #21007

• [sdkgen/{dotnet,go,nodejs,python}] Generate .gitignore and .gitattributes files for generated SDKs #21034

Bug Fixes

• [cli/install] Correctly install non-standard plugins. See pulumi/pulumi#20953 for more information #20983

• [cli/new] Create pyproject.toml for uv and poetry projects when using --generate-only #20979

• [sdk/nodejs] Fix serialization errors due to SxS copies of the SDK #21029

• [sdk/python] Add PropertyValue runtime validation checks #21058

Miscellaneous

• [engine] Don't send root directory and runtime options to language plugins as command line arguments #21054

• [sdk/{dotnet,java,yaml}] Bump language runtimes for yaml, dotnet and java

Changelog

Sourced from github.com/pulumi/pulumi/sdk/v3's changelog.

3.209.0 (2025-11-26)

Features

• [cli] Add native support for OIDC token exchange when logging into Pulumi Cloud. Run pulumi login --help for more information. #20974

• [sdk/python] Allow older grpcio and protobuf dependencies #21007

• [sdkgen/{dotnet,go,nodejs,python}] Generate .gitignore and .gitattributes files for generated SDKs #21034

Bug Fixes

• [cli/install] Correctly install non-standard plugins. See pulumi/pulumi#20953 for more information #20983

• [cli/new] Create pyproject.toml for uv and poetry projects when using --generate-only #20979

• [sdk/nodejs] Fix serialization errors due to SxS copies of the SDK #21029

• [sdk/python] Add PropertyValue runtime validation checks #21058

Miscellaneous

• [engine] Don't send root directory and runtime options to language plugins as command line arguments #21054

• [sdk/{dotnet,java,yaml}] Bump language runtimes for yaml, dotnet and java

Commits

• 19f75d4 Bump language runtimes for yaml, dotnet and (#21076)
• 41f5496 Update deps (#21071)
• 4e043b1 [sdk/python] Allow older grpcio & protobuf dependencies (#21007)
• 7215332 Stop passing root and runtime options as args to language plugins (#21054)
• 560669f renovate: merge base branch config (#21060)
• 195d8d5 Bump starlette from 0.47.2 to 0.49.1 in /docs in the pip group across 1 direc...
• 794a66b [sdk/python] Add PropertyValue validation checks (#21058)
• f38b256 renovate: baseBranchPatterns -> baseBranches (#21056)
• ea019a8 Use pytest_asyncio.fixture for test fixtures that require an event loop (#21052)
• 2c0ab25 Add renovate config (#21051)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)