@hulumi/policies <1.4.0: HULUMI-H5 exemption validation bypass

HULUMI-H5 policy in @hulumi/policies <1.4.0 only checked sibling resource types, not that they applied to the exempted bucket. Fixed in 1.4.0 by requiring sibling to share the same parent SecureBucket instance and reference the exempted bucket explicitly.

Consumers using HulumiHardeningPack with @hulumi/policies <1.4.0 who rely on the SecureBucket exemption for raw S3 buckets.

Upgrade to @hulumi/[email protected] immediately to ensure HULUMI-H5 correctly validates sibling hardening resources apply to the exempted bucket.