Renovate Update Patch & Minor Updates

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending	Age	Adoption	Passing	Confidence
aquasecurity/trivy-action	action	minor	0.21.0 -> 0.22.0
aws (source)	required_provider	minor	5.52.0 -> 5.53.0
awscrt		patch	==0.20.10 -> ==0.20.11
boto3		patch	==1.34.117 -> ==1.34.122	1.34.123
botocore		patch	==1.34.117 -> ==1.34.122	1.34.123
github.com/aws/aws-sdk-go-v2	require	patch	v1.27.0 -> v1.27.2
github.com/aws/aws-sdk-go-v2/config	require	patch	v1.27.16 -> v1.27.18
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue	require	minor	v1.13.20 -> v1.14.1
github.com/aws/aws-sdk-go-v2/service/dynamodb	require	patch	v1.32.6 -> v1.32.8
github.com/aws/aws-sdk-go-v2/service/eventbridge	require	patch	v1.31.3 -> v1.31.5
github.com/aws/aws-sdk-go-v2/service/s3	require	minor	v1.54.3 -> v1.55.1
github.com/aws/aws-sdk-go-v2/service/secretsmanager	require	patch	v1.29.1 -> v1.29.3
go (source)	toolchain	patch	1.22.3 -> 1.22.4
golang	stage	patch	1.22.3 -> 1.22.4
requests (source, changelog)		patch	==2.32.0 -> ==2.32.3

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.22.0

Compare Source

What's Changed

• chore(docs): Reference the use of a pinned version by @​simar7 in https://github.com/aquasecurity/trivy-action/pull/356
• Upgrade trivy to v0.52.0 by @​Keralin in https://github.com/aquasecurity/trivy-action/pull/364

New Contributors

• @​Keralin made their first contribution in https://github.com/aquasecurity/trivy-action/pull/364

Full Changelog: aquasecurity/trivy-action@0.21.0...0.22.0

hashicorp/terraform-provider-aws (aws)

v5.53.0

Compare Source

FEATURES:

• New Resource: aws_paymentcryptography_key (#​37017)
• New Resource: aws_paymentcryptography_key_alias (#​37020)

ENHANCEMENTS:

• data-source/aws_customer_gateway: Add bgp_asn_extended argument (#​37815)
• data-source/aws_rds_engine_version: Add supports_limitless_database attribute (#​37271)
• provider: The use_fips_endpoint flag is now ignored for any service with a custom endpoint configured in endpoints. (#​34233)
• resource/aws_apigatewayv2_authorizer: Add configurable delete timeout (#​37732)
• resource/aws_customer_gateway: Add bgp_asn_extended argument (#​37815)
• resource/aws_fsx_lustre_file_system: Add metadata_configuration argument (#​37868)
• resource/aws_lb: Add support for IPv6-only Application Load Balancers (#​37700)
• resource/aws_mwaa_environment: Add max_webservers and min_webservers attributes (#​37632)
• resource/aws_pipes_pipe: Add log_configuration argument (#​37135)
• resource/aws_route53_record: Fix InvalidChangeBatch errors on resource Delete (#​37850)
• resource/aws_s3_bucket: Ignore UnsupportedOperation errors when reading acceleration_status, server_side_encryption_configuration and tags (#​37801)
• resource/aws_transfer_ssh_key: Add ssh_key_id attribute (#​37548)

BUG FIXES:

• resource/aws_apigatewayv2_authorizer: Fix ConflictException errors on resource Delete (#​37732)
• resource/aws_bedrockagent_agent: Increase instruction max length for validation to 4000 (#​37758)
• resource/aws_cloudwatch_log_group: Correctly handles tag updates with empty string tags (#​37668)
• resource/aws_kms_external_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#​37818)
• resource/aws_kms_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#​37818)
• resource/aws_kms_replica_external_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#​37818)
• resource/aws_kms_replica_key: Fixes timeout error on creation when ignore_tags matches tag assigned to resource (#​37818)
• resource/aws_mq_broker: Do not reboot on changes to maintenance_window_start_time or auto_minor_version_upgrade (#​36506)
• resource/aws_pipes_pipe: Mark source_parameters.self_managed_kafka_parameters.credentials.basic_auth as Optional (#​34293)
• resource/aws_secretsmanager_secret: Tags with empty values no longer remove all tags. (#​37743)
• resource/aws_ssm_parameter: Fix Cannot import non-existent remote object errors when importing resources with version (#​37832)
• resource/aws_vpc_endpoint: Restore pre-v5.51.0 default of false for private_dns_enabled (#​37715)
• service/chatbot: Correctly overrides region when using custom endpoint. (#​37851)
• service/costoptimizationhub: Correctly overrides region when using custom endpoint. (#​37851)
• service/cur: Correctly overrides region when using custom endpoint. (#​37851)
• service/globalaccelerator: Correctly overrides region when using custom endpoint. (#​37851)
• service/route53: Correctly overrides region when using custom endpoint. (#​37851)
• service/route53domains: Correctly overrides region when using custom endpoint. (#​37851)
• service/shield: Correctly overrides region when using custom endpoint. (#​37851)

awslabs/aws-crt-python (awscrt)

v0.20.11: Fix bug where last few bytes on socket go unread

Compare Source

What's Changed

• Fix bug where last few bytes on socket go unread by @​graebm in https://github.com/awslabs/aws-crt-python/pull/567

Full Changelog: awslabs/aws-crt-python@v0.20.10...v0.20.11

boto/boto3 (boto3)

v1.34.122

Compare Source

========

• api-change:auditmanager: [botocore] New feature: common controls. When creating custom controls, you can now use pre-grouped AWS data sources based on common compliance themes. Also, the awsServices parameter is deprecated because we now manage services in scope for you. If used, the input is ignored and an empty list is returned.
• api-change:b2bi: [botocore] Added exceptions to B2Bi List operations and ConflictException to B2Bi StartTransformerJob operation. Also made capabilities field explicitly required when creating a Partnership.
• api-change:codepipeline: [botocore] CodePipeline now supports overriding S3 Source Object Key during StartPipelineExecution, as part of Source Overrides.
• api-change:sagemaker: [botocore] This release introduces a new optional parameter: InferenceAmiVersion, in ProductionVariant.
• api-change:verifiedpermissions: [botocore] This release adds OpenIdConnect (OIDC) configuration support for IdentitySources, allowing for external IDPs to be used in authorization requests.

v1.34.121

Compare Source

========

• api-change:account: [botocore] This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member accounts within an AWS organization.
• api-change:alexaforbusiness: [botocore] The alexaforbusiness client has been removed following the deprecation of the service.
• api-change:firehose: [botocore] Adds integration with Secrets Manager for Redshift, Splunk, HttpEndpoint, and Snowflake destinations
• api-change:fsx: [botocore] This release adds support to increase metadata performance on FSx for Lustre file systems beyond the default level provisioned when a file system is created. This can be done by specifying MetadataConfiguration during the creation of Persistent_2 file systems or by updating it on demand.
• api-change:glue: [botocore] This release adds support for creating and updating Glue Data Catalog Views.
• api-change:honeycode: [botocore] The honeycode client has been removed following the deprecation of the service.
• api-change:iotwireless: [botocore] Adds support for wireless device to be in Conflict FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new one.
• api-change:location: [botocore] Added two new APIs, VerifyDevicePosition and ForecastGeofenceEvents. Added support for putting larger geofences up to 100,000 vertices with Geobuf fields.
• api-change:sns: [botocore] Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates.
• api-change:sqs: [botocore] Doc only updates for SQS. These updates include customer-reported issues and TCX3 modifications.
• api-change:storagegateway: [botocore] Adds SoftwareUpdatePreferences to DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure which contains AutomaticUpdatePolicy.
• enhancement:AWSCRT: [botocore] Update awscrt version to 0.20.11

v1.34.120

Compare Source

========

• api-change:globalaccelerator: [botocore] This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input.
• api-change:glue: [botocore] AWS Glue now supports native SaaS connectivity: Salesforce connector available now
• api-change:s3: [botocore] Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.

v1.34.119

Compare Source

========

• api-change:ec2: [botocore] U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs are now available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2 C7i instances that offer a baseline level of CPU performance with the ability to scale up to the full compute performance 95% of the time.
• api-change:pipes: [botocore] This release adds Timestream for LiveAnalytics as a supported target in EventBridge Pipes
• api-change:sagemaker: [botocore] Extend DescribeClusterNode response with private DNS hostname and IP address, and placement information about availability zone and availability zone ID.
• api-change:taxsettings: [botocore] Initial release of AWS Tax Settings API

v1.34.118

Compare Source

========

• api-change:amplify: [botocore] This doc-only update identifies fields that are specific to Gen 1 and Gen 2 applications.
• api-change:batch: [botocore] This release adds support for the AWS Batch GetJobQueueSnapshot API operation.
• api-change:eks: [botocore] Adds support for EKS add-ons pod identity associations integration
• api-change:iottwinmaker: [botocore] Support RESET_VALUE UpdateType for PropertyUpdates to reset property value to default or null

boto/botocore (botocore)

v1.34.122

Compare Source

========

• api-change:auditmanager: New feature: common controls. When creating custom controls, you can now use pre-grouped AWS data sources based on common compliance themes. Also, the awsServices parameter is deprecated because we now manage services in scope for you. If used, the input is ignored and an empty list is returned.
• api-change:b2bi: Added exceptions to B2Bi List operations and ConflictException to B2Bi StartTransformerJob operation. Also made capabilities field explicitly required when creating a Partnership.
• api-change:codepipeline: CodePipeline now supports overriding S3 Source Object Key during StartPipelineExecution, as part of Source Overrides.
• api-change:sagemaker: This release introduces a new optional parameter: InferenceAmiVersion, in ProductionVariant.
• api-change:verifiedpermissions: This release adds OpenIdConnect (OIDC) configuration support for IdentitySources, allowing for external IDPs to be used in authorization requests.

v1.34.121

Compare Source

========

• api-change:account: This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member accounts within an AWS organization.
• api-change:alexaforbusiness: The alexaforbusiness client has been removed following the deprecation of the service.
• api-change:firehose: Adds integration with Secrets Manager for Redshift, Splunk, HttpEndpoint, and Snowflake destinations
• api-change:fsx: This release adds support to increase metadata performance on FSx for Lustre file systems beyond the default level provisioned when a file system is created. This can be done by specifying MetadataConfiguration during the creation of Persistent_2 file systems or by updating it on demand.
• api-change:glue: This release adds support for creating and updating Glue Data Catalog Views.
• api-change:honeycode: The honeycode client has been removed following the deprecation of the service.
• api-change:iotwireless: Adds support for wireless device to be in Conflict FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new one.
• api-change:location: Added two new APIs, VerifyDevicePosition and ForecastGeofenceEvents. Added support for putting larger geofences up to 100,000 vertices with Geobuf fields.
• api-change:sns: Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates.
• api-change:sqs: Doc only updates for SQS. These updates include customer-reported issues and TCX3 modifications.
• api-change:storagegateway: Adds SoftwareUpdatePreferences to DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure which contains AutomaticUpdatePolicy.
• enhancement:AWSCRT: Update awscrt version to 0.20.11

v1.34.120

Compare Source

========

• api-change:globalaccelerator: This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input.
• api-change:glue: AWS Glue now supports native SaaS connectivity: Salesforce connector available now
• api-change:s3: Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.

v1.34.119

Compare Source

========

• api-change:ec2: U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs are now available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2 C7i instances that offer a baseline level of CPU performance with the ability to scale up to the full compute performance 95% of the time.
• api-change:pipes: This release adds Timestream for LiveAnalytics as a supported target in EventBridge Pipes
• api-change:sagemaker: Extend DescribeClusterNode response with private DNS hostname and IP address, and placement information about availability zone and availability zone ID.
• api-change:taxsettings: Initial release of AWS Tax Settings API

v1.34.118

Compare Source

========

• api-change:amplify: This doc-only update identifies fields that are specific to Gen 1 and Gen 2 applications.
• api-change:batch: This release adds support for the AWS Batch GetJobQueueSnapshot API operation.
• api-change:eks: Adds support for EKS add-ons pod identity associations integration
• api-change:iottwinmaker: Support RESET_VALUE UpdateType for PropertyUpdates to reset property value to default or null

aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2)

v1.27.2

Compare Source

v1.27.1

Compare Source

golang/go (go)

v1.22.4

psf/requests (requests)

v2.32.3

Compare Source

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
  HTTPAdapter. (#​6716)
• Fixed issue where Requests started failing to run on Python versions compiled
  without the ssl module. (#​6724)

v2.32.2

Compare Source

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted
  by the CVE changes in 2.32.0, we've renamed _get_connection to
  a new public API, get_connection_with_tls_context. Existing custom
  HTTPAdapters will need to migrate their code to use this new API.
  get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease
  migration, but we strongly urge users to evaluate if their custom adapter
  is subject to the same issue described in CVE-2024-35195. (#​6710)

v2.32.1

Compare Source

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

---

Configuration

📅 Schedule: Branch creation - "* 6 1 * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 13 additional dependencies were updated

Details:

Package	Change
github.com/aws/aws-sdk-go-v2/credentials	v1.17.16 -> v1.17.18
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.16.3 -> v1.16.5
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.3.7 -> v1.3.9
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.6.7 -> v2.6.9
github.com/aws/aws-sdk-go-v2/internal/v4a	v1.3.7 -> v1.3.9
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams	v1.20.8 -> v1.20.10
github.com/aws/aws-sdk-go-v2/service/internal/checksum	v1.3.9 -> v1.3.11
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery	v1.9.8 -> v1.9.10
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.11.9 -> v1.11.11
github.com/aws/aws-sdk-go-v2/service/internal/s3shared	v1.17.7 -> v1.17.9
github.com/aws/aws-sdk-go-v2/service/sso	v1.20.9 -> v1.20.11
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.24.3 -> v1.24.5
github.com/aws/aws-sdk-go-v2/service/sts	v1.28.10 -> v1.28.12