Bump demisto-sdk from 1.38.14 to 1.38.19 in /docker/demisto-sdk

[dependabot]

Bumps demisto-sdk from 1.38.14 to 1.38.19.

Release notes

Sourced from demisto-sdk's releases.

v1.38.19

Feature

• Added the AG109 validator to ensure that Agentix Agent system instructions do not exceed the maximum allowed size of 65535 bytes. #5205
• Added validation AG104 to ensure the agent color is a valid 6-digit RGB hex format. #5092
• Added --create-graph-from-scratch flag to the validate command to force creating the content graph from scratch instead of downloading it from the bucket. #5230
• Added the detach command, which allows detaching content items (Incident Types, Layouts, Playbooks, Scripts). #5217
• Added the reattach command, which allows reattaching previously detached content items. #5217
• Modified the validate command to enforce that the 'provider' field in integration YAML files must exist and be non-empty for integrations supported in the platform marketplace. #5203

Fix

• Fixed an issue where the upload command incorrectly reported success when uploading system content-items failed. #5198
• Fix ID set on non py. file when content item is script. #5003

Internal

• Changed PB130 and PB131 validations from errors to warnings. #5230

v1.38.18

Feature

• Update BC115 validation to support default supportedModules handling. #5122
• Adds a new validation (BA129) that ensures commands/scripts declare the appropriate compliantpolicies when using arguments associated with specific compliance standards (defined in compliant_policies.json). #5168
• Improved handling private repositories. #5185

Internal

• Added AgentixAgent to test tools. #5143
• Delete Link PR to Jira github actions #5191
• Added support for the fromversion and toversion fields for Agentix items. #5180
• Updated Agentix items default marketplaces to platform only. #5180

v1.38.17

Feature

• Added IN168 validator to ensure MCP integrations have only PLATFORM marketplace. #5174
• Added LLM configuration fields under promptConfig object (temperature, maxOutputTokens, webSearch) to Script schemas for AI Tasks with automatic defaults. #5170
• Updated the update release notes command to support --private-content-path. #5176

Internal

• Content packs containing MCP integrations are now automatically tagged as MCP packs. #5156
• Added new GR111 and GR112 validations. #5093

v1.38.16

Feature

• Added support for handling private repositories. #5159

Fix

• Fixed an issue where the format command attempted to format list data files when it should only format list metadata files. #5166

Internal

• Ignore Gr110 when validating all in the Github action. #5169

v1.38.15

Feature

... (truncated)

Changelog

Sourced from demisto-sdk's changelog.

1.38.19 (2026-02-03)

Feature

• Added the AG109 validator to ensure that Agentix Agent system instructions do not exceed the maximum allowed size of 65535 bytes. #5205
• Added validation AG104 to ensure the agent color is a valid 6-digit RGB hex format. #5092
• Added --create-graph-from-scratch flag to the validate command to force creating the content graph from scratch instead of downloading it from the bucket. #5230
• Added the detach command, which allows detaching content items (Incident Types, Layouts, Playbooks, Scripts). #5217
• Added the reattach command, which allows reattaching previously detached content items. #5217
• Modified the validate command to enforce that the 'provider' field in integration YAML files must exist and be non-empty for integrations supported in the platform marketplace. #5203

Fix

• Fixed an issue where the upload command incorrectly reported success when uploading system content-items failed. #5198
• Fix ID set on non py. file when content item is script. #5003

Internal

• Changed PB130 and PB131 validations from errors to warnings. #5230

1.38.18 (2026-01-14)

Feature

• Update BC115 validation to support default supportedModules handling. #5122
• Adds a new validation (BA129) that ensures commands/scripts declare the appropriate compliantpolicies when using arguments associated with specific compliance standards (defined in compliant_policies.json). #5168
• Improved handling private repositories. #5185

Internal

• Added AgentixAgent to test tools. #5143
• Delete Link PR to Jira github actions #5191
• Added support for the fromversion and toversion fields for Agentix items. #5180
• Updated Agentix items default marketplaces to platform only. #5180

1.38.17 (2026-01-05)

Feature

• Added IN168 validator to ensure MCP integrations have only PLATFORM marketplace. #5174
• Added LLM configuration fields under promptConfig object (temperature, maxOutputTokens, webSearch) to Script schemas for AI Tasks with automatic defaults. #5170
• Updated the update release notes command to support --private-content-path. #5176

Internal

• Content packs containing MCP integrations are now automatically tagged as MCP packs. #5156
• Added new GR111 and GR112 validations. #5093

1.38.16 (2025-12-28)

Feature

• Added support for handling private repositories. #5159

Fix

• Fixed an issue where the format command attempted to format list data files when it should only format list metadata files. #5166

Internal

... (truncated)

Commits

• c222682 Provider validation (#5203)
• f33581b Add firstCreated Field (#4707)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[xsoar-bot]

Docker Image Ready - Dev

Docker automatic build has deployed your docker image: devdemisto/demisto-sdk:1.38.19.6996422
It is available now on docker hub at: https://hub.docker.com/r/devdemisto/demisto-sdk/tags
Get started by pulling the image:

docker pull devdemisto/demisto-sdk:1.38.19.6996422

Docker Metadata

• Image Size: 664.71 MB
• Image ID: sha256:95e2516282e18d9d0f27a85f1c455d745aab9d69b4fa57a6cb556675e2fda586
• Created: 2026-02-03T14:21:49.432872277Z
• Arch: linux/amd64
• Command: ["demisto-sdk","--help"]
• Environment:
  • PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
  • LANG=C.UTF-8
  • GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305
  • PYTHON_VERSION=3.12.12
  • PYTHON_SHA256=fb85a13414b028c49ba18bbd523c2d055a30b56b18b92ce454ea2c51edc656c4
  • DOCKER_IMAGE=devdemisto/demisto-sdk:1.38.19.6996422
• Labels:
  • org.opencontainers.image.authors:Demisto <containers@demisto.com>
  • org.opencontainers.image.revision:b58c90387584252fd807cffb3f712fdc5eeac0b3
  • org.opencontainers.image.version:1.38.19.6996422