🌿 Fern Regeneration -- May 11, 2026

[fern-api]

This PR regenerates code to match the latest API Definition.

[semgrep-code-merge-api]

Semgrep found 10 non-literal-import findings:

• src/merge/resources/hris/resources/groups/types/init.py
  • L18 - Triage
• src/merge/resources/hris/resources/groups/init.py
  • L18 - Triage
• src/merge/resources/filestorage/resources/link_token/types/init.py
  • L18 - Triage
• src/merge/resources/filestorage/resources/link_token/init.py
  • L18 - Triage
• src/merge/resources/filestorage/resources/groups/types/init.py
  • L22 - Triage
• src/merge/resources/filestorage/resources/groups/init.py
  • L21 - Triage
• src/merge/resources/accounting/resources/sales_orders/types/init.py
  • L22 - Triage
• src/merge/resources/accounting/resources/sales_orders/init.py
  • L21 - Triage
• src/merge/resources/accounting/resources/item_fulfillments/types/init.py
  • L22 - Triage
• src/merge/resources/accounting/resources/item_fulfillments/init.py
  • L21 - Triage

Untrusted user input in importlib.import_module() function allows an attacker to load arbitrary code. Avoid dynamic values in importlib.import_module() or use a whitelist to prevent running untrusted code.