chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
alpine	final	patch	3.20.0 -> 3.20.1
github.com/aws/aws-sdk-go	require	patch	v1.54.1 -> v1.54.6
github.com/lestrrat-go/jwx/v2	require	minor	v2.0.21 -> v2.1.0
reviewdog/action-golangci-lint	action	patch	v2.6.1 -> v2.6.2

---

Release Notes

aws/aws-sdk-go (github.com/aws/aws-sdk-go)

v1.54.6

Compare Source

===

Service Client Updates

• service/bedrock-runtime: Updates service API and documentation
• service/codeartifact: Updates service API and documentation
• service/compute-optimizer: Updates service API and documentation
• service/cost-optimization-hub: Updates service API, documentation, and waiters
• service/dynamodb: Updates service API, documentation, waiters, paginators, and examples
  • Doc-only update for DynamoDB. Fixed Important note in 6 Global table APIs - CreateGlobalTable, DescribeGlobalTable, DescribeGlobalTableSettings, ListGlobalTables, UpdateGlobalTable, and UpdateGlobalTableSettings.
• service/glue: Updates service paginators
  • Fix Glue paginators for Jobs, JobRuns, Triggers, Blueprints and Workflows.
• service/ivs-realtime: Updates service API, documentation, and waiters
• service/sagemaker: Updates service API and documentation
  • Adds support for model references in Hub service, and adds support for cross-account access of Hubs
• service/securityhub: Updates service API and documentation

v1.54.5

Compare Source

===

Service Client Updates

• service/artifact: Updates service API, documentation, waiters, and examples
• service/athena: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/cur: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/directconnect: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/elastictranscoder: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/opensearch: Updates service API and documentation

v1.54.4

Compare Source

===

Service Client Updates

• service/bedrock-runtime: Updates service API and documentation
• service/cloudtrail: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/config: Updates service API
• service/eks: Updates service API and documentation
• service/lightsail: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/polly: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/rekognition: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/sagemaker: Updates service API, documentation, and paginators
  • Launched a new feature in SageMaker to provide managed MLflow Tracking Servers for customers to track ML experiments. This release also adds a new capability of attaching additional storage to SageMaker HyperPod cluster instances.
• service/shield: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/snowball: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.

v1.54.3

Compare Source

===

Service Client Updates

• service/acm-pca: Updates service API and documentation
• service/batch: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/codebuild: Updates service API and documentation
  • AWS CodeBuild now supports global and organization GitHub webhooks
• service/cognito-idp: Updates service API
• service/ds: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/elasticfilesystem: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• service/glue: Updates service API, documentation, and paginators
  • This release introduces a new feature, Usage profiles. Usage profiles allow the AWS Glue admin to create different profiles for various classes of users within the account, enforcing limits and defaults for jobs and sessions.
• service/kms: Updates service examples
  • Updating SDK example for KMS DeriveSharedSecret API.
• service/mediaconvert: Updates service API and documentation
  • This release includes support for creating I-frame only video segments for DASH trick play.
• service/secretsmanager: Updates service documentation
  • Doc only update for Secrets Manager
• service/waf: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.

v1.54.2

Compare Source

===

Service Client Updates

• service/datazone: Updates service API, documentation, and paginators
• service/ec2: Updates service documentation
  • Documentation updates for Amazon EC2.
• service/macie2: Updates service API, documentation, and paginators
• service/mediaconvert: Updates service API, documentation, and paginators
  • This release adds the ability to search for historical job records within the management console using a search box and/or via the SDK/CLI with partial string matching search on input file name.
• service/route53domains: Updates service API
  • Add v2 smoke tests and smithy smokeTests trait for SDK testing.

SDK Bugs

• Remove test dependency on golang.org/x/net.
  • This was used for h2 support which is now transparently available in the stdlib.

lestrrat-go/jwx (github.com/lestrrat-go/jwx/v2)

v2.1.0

Compare Source

v2.1.0 18 Jun 2024
[New Features]
  * [jwt] Added `jwt.ParseCookie()` function
  * [jwt] `jwt.ParseRequest()` can now accept a new option, jwt.WithCookieKey() to
    specify a cookie name to extract the token from.
  * [jwt] `jwt.ParseRequest()` and `jwt.ParseCookie()` can accept the `jwt.WithCookie()` option,
    which will, upon successful token parsing, make the functions assign the *http.Cookie
    used to parse the token. This allows users to further inspect the cookie where the
    token came from, should the need arise.
  * [jwt] (BREAKING CHANGE) `jwt.ParseRequest()` no longer automatically looks for "Authorization" header when
    only `jwt.WithFormKey()` is used. This behavior is the same for `jwt.WithCookieKey()` and
    any similar options that may be implemented in the future.
### previously
      jwt.ParseRequest(req) // looks under Authorization
      jwt.ParseReuqest(req, jwt.WithFormKey("foo")) // looks under foo AND Authorization
      jwt.ParseReuqest(req, jwt.WithHeaderKey("Authorization"), jwt.WithFormKey("foo")) // looks under foo AND Authorization
### since this release
      jwt.ParseRequest(req) // same as before
      jwt.ParseRequest(req, jwt.WithFormKey("foo")) // looks under foo
      jwt.ParseReuqest(req, jwt.WithHeaderKey("Authorization"), jwt.WithFormKey("foo")) // looks under foo AND Authorization

  * [jwt] Add `jwt.WithResetValidators()` option to `jwt.Validate()`. This option
    will allow you to tell `jwt.Validate()` to NOT automatically check the
    default validators (`iat`, `exp`, and `nbf`), so that you can completely customize
    the validation with the validators you specify using `jwt.WithValidator()`.

    This sort of behavior is useful for special cases such as 
    https://openid.net/specs/openid-connect-rpinitiated-1_0.html. However, you SHOULD NOT
    use this option unless you know exactly what you are doing, as this will pose
    significant security issues when used incorrectly.
 
   * [jwk] Provide a _stop-gap_ measure to work with PEM format ASN.1 DER encoded secp256k1 keys.
  
    In order to enable this feature, you must compile jwx with TWO build tags:
    `jwx_es256k` to enable ES256K/secp256k1, and `jwx_secp256k1_pem` to enable PEM handling.
    Not one, but BOTH tags need to be present.

    With this change, by suppliying the `WithPEM(true)` option, `jwk.Parse()` is now
    able to read sep256k1 keys. Also, `jwk.Pem()` should be able to handle `jwk.Key` objects
    that represent a secp256k1 key.

    Please do note that the implementation of this feature is dodgy at best. Currently
    Go's crypto/x509 does not allow handling additional EC curves, and thus in order to
    accomodate secp256k1 keys in PEM/ASN.1 DER format we need to "patch" the stdlib.
    We do this by copy-and-pasting relevant parts of go 1.22.2's crypto/x509 code and
    adding the minimum required code to make secp256k1 keys work.

    Because of the above, there are several important caveats for this feature:

    1. This feature is provided solely as a stop-gap measure until such time Go's stdlib
    provides a way to handle non-standard EC curves, or another external module
    is able to solve this issue. 

    2. This feature should be considered unstable and not guaranteed by semantic versioning
    backward compatibility. At any given point we may drop or modify this feature. It may be
    because we can no longer maintain the code, or perhaps a security issue is found in the
    version of the code that we ship with, etc.
 
     3. Please always remember that we are now bundling a static set of code for handling
    x509 formats. You are taking a possible security risk by code that could be outdated.
    Please always do your own research, and if possible, please notify us if the bundled
    code needs to be updated. Unless you know what you are doing, it is not recommended
    that you enable this feature.

    4. Please note that because we imported the code from go 1.22's src/crypto/x509,
    it has some go1.20-isms in its code. Therefore you will not be able to use the
    `jwx_secp256k1_pem` tag to enable secp256k1 key PEM handling against codebases
    that are built using go 1.19 and below (the build will succeed, but the feature
    will be unavailable).

    5. We have no plans to include more curves this way. One is already one too many.

  * [jwe] Fixed a bug when using encryption algorithms involving PBES2 along with the
    jwx.WithUseNumber() global option. Enabling this option would turn all values
    stored in the JSON content to be of type `json.Number`, but we did not account for
    it when checking for the value of `p2c` header, resulting in a conversion error.

reviewdog/action-golangci-lint (reviewdog/action-golangci-lint)

v2.6.2

Compare Source

What's Changed

• chore(deps): update dependency typescript to v5.4.2 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/684
• chore(deps): update dependency typescript to v5.4.3 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/685
• chore(deps): update dependency typescript to v5.4.4 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/688
• chore(deps): update dependency @​types/node to v20.12.4 - autoclosed by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/683
• chore(deps): update dependency typescript to v5.4.5 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/692
• chore(deps): update dependency @​types/node to v20.12.7 - autoclosed by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/689
• chore(deps): update dependency @​types/node to v20.12.11 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/693
• chore(deps): update dependency @​types/node to v20.12.12 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/697
• chore(deps): update dependency prettier to v3.3.1 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/700
• chore(deps): update dependency @​types/node to v20.14.2 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/699
• chore(deps): update dependency ts-jest to v29.1.4 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/698
• chore(deps): update dependency prettier to v3.3.2 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/701
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in https://github.com/reviewdog/action-golangci-lint/pull/702
• renovate: join @​typescript-eslint/parser and eslint-plugin-jest by @​massongit in https://github.com/reviewdog/action-golangci-lint/pull/704
• Bump undici from 5.26.3 to 5.28.4 by @​dependabot in https://github.com/reviewdog/action-golangci-lint/pull/703
• fix(deps): update dependency semver to v7.6.2 by @​renovate in https://github.com/reviewdog/action-golangci-lint/pull/694

New Contributors

• @​dependabot made their first contribution in https://github.com/reviewdog/action-golangci-lint/pull/702

Full Changelog: reviewdog/action-golangci-lint@v2.6.1...v2.6.2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 2 additional dependencies were updated

Details:

Package	Change
github.com/decred/dcrd/dcrec/secp256k1/v4	v4.2.0 -> v4.3.0
github.com/goccy/go-json	v0.10.2 -> v0.10.3

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 52.15%. Comparing base (06eec42) to head (50e75ec).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1149   +/-   ##
=======================================
  Coverage   52.15%   52.15%           
=======================================
  Files         550      550           
  Lines       18833    18833           
=======================================
  Hits         9822     9822           
  Misses       8447     8447           
  Partials      564      564           

[KellyMerrick]

lgtm