diff --git a/.github/workflows/_docker_build_scan_push.yml b/.github/workflows/_docker_build_scan_push.yml index 1edea61a..64664f7c 100644 --- a/.github/workflows/_docker_build_scan_push.yml +++ b/.github/workflows/_docker_build_scan_push.yml @@ -92,7 +92,7 @@ jobs: provenance: false - name: Trivy scan - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.23.0 with: image-ref: '${{ steps.docker_tags.outputs.semver_tag }}' severity: 'HIGH,CRITICAL' diff --git a/.github/workflows/analysis-codeql.yml b/.github/workflows/analysis-codeql.yml index 7f33085a..1adb04e9 100644 --- a/.github/workflows/analysis-codeql.yml +++ b/.github/workflows/analysis-codeql.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3.25.3 + uses: github/codeql-action/init@v3.25.11 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3.25.3 + uses: github/codeql-action/autobuild@v3.25.11 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -67,4 +67,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.25.3 \ No newline at end of file + uses: github/codeql-action/analyze@v3.25.11 \ No newline at end of file diff --git a/.github/workflows/analysis-tfsec-to-github-security.yml b/.github/workflows/analysis-tfsec-to-github-security.yml index 9f240812..656b2185 100644 --- a/.github/workflows/analysis-tfsec-to-github-security.yml +++ b/.github/workflows/analysis-tfsec-to-github-security.yml @@ -32,6 +32,6 @@ jobs: with: sarif_file: tfsec.sarif - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v3.25.3 + uses: github/codeql-action/upload-sarif@v3.25.11 with: sarif_file: tfsec.sarif \ No newline at end of file diff --git a/docs/support_scripts/load_testing/go.mod b/docs/support_scripts/load_testing/go.mod index 8afd3100..e82084f4 100644 --- a/docs/support_scripts/load_testing/go.mod +++ b/docs/support_scripts/load_testing/go.mod @@ -2,6 +2,6 @@ module load_testing go 1.20 -require github.com/aws/aws-sdk-go v1.52.2 +require github.com/aws/aws-sdk-go v1.54.10 require github.com/jmespath/go-jmespath v0.4.0 // indirect diff --git a/docs/support_scripts/load_testing/go.sum b/docs/support_scripts/load_testing/go.sum index e4567b2c..05bdf54d 100644 --- a/docs/support_scripts/load_testing/go.sum +++ b/docs/support_scripts/load_testing/go.sum @@ -2,6 +2,8 @@ github.com/aws/aws-sdk-go v1.44.281 h1:z/ptheJvINaIAsKXthxONM+toTKw2pxyk700Hfm6y github.com/aws/aws-sdk-go v1.44.281/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.52.2 h1:l4g9wBXRBlvCtScvv4iLZCzLCtR7BFJcXOnOGQ20orw= github.com/aws/aws-sdk-go v1.52.2/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.54.10 h1:dvkMlAttUsyacKj2L4poIQBLzOSWL2JG2ty+yWrqets= +github.com/aws/aws-sdk-go v1.54.10/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= diff --git a/docs/support_scripts/requests/go.mod b/docs/support_scripts/requests/go.mod index 7bfc5699..969c0ba7 100644 --- a/docs/support_scripts/requests/go.mod +++ b/docs/support_scripts/requests/go.mod @@ -2,6 +2,6 @@ module api_request go 1.20 -require github.com/aws/aws-sdk-go v1.52.2 +require github.com/aws/aws-sdk-go v1.54.10 require github.com/jmespath/go-jmespath v0.4.0 // indirect diff --git a/docs/support_scripts/requests/go.sum b/docs/support_scripts/requests/go.sum index 66934d1b..0f50d119 100644 --- a/docs/support_scripts/requests/go.sum +++ b/docs/support_scripts/requests/go.sum @@ -2,6 +2,8 @@ github.com/aws/aws-sdk-go v1.44.284 h1:Oc5Kubi43/VCkerlt3ZU3KpBju6BpNkoG3s7E8vj/ github.com/aws/aws-sdk-go v1.44.284/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.52.2 h1:l4g9wBXRBlvCtScvv4iLZCzLCtR7BFJcXOnOGQ20orw= github.com/aws/aws-sdk-go v1.52.2/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.54.10 h1:dvkMlAttUsyacKj2L4poIQBLzOSWL2JG2ty+yWrqets= +github.com/aws/aws-sdk-go v1.54.10/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= diff --git a/integration_tests/v1/requirements.txt b/integration_tests/v1/requirements.txt index b150b29c..68d7dfb2 100644 --- a/integration_tests/v1/requirements.txt +++ b/integration_tests/v1/requirements.txt @@ -1,10 +1,10 @@ -pytest==8.2.0 +pytest==8.2.2 pytest-env==1.1.3 pytest-xdist==3.6.1 pytest-html==4.1.1 requests_aws4auth==1.2.3 -boto3==1.34.98 +boto3==1.34.135 jsonschema==4.22.0 -fakeredis==2.22.0 +fakeredis==2.23.2 flask==3.0.3 -coverage==7.5.0 \ No newline at end of file +coverage==7.5.4 \ No newline at end of file diff --git a/lambda_functions/v1/requirements/dev-requirements.txt b/lambda_functions/v1/requirements/dev-requirements.txt index 371ad29c..3d6a2ceb 100644 --- a/lambda_functions/v1/requirements/dev-requirements.txt +++ b/lambda_functions/v1/requirements/dev-requirements.txt @@ -1,16 +1,16 @@ -connexion==3.0.6 -fakeredis==2.22.0 -flake8==7.0.0 +connexion==3.1.0 +fakeredis==2.23.2 +flake8==7.1.0 flake8-quotes==3.4.0 -hypothesis==6.100.2 -moto==5.0.6 -pytest==8.2.0 +hypothesis==6.104.1 +moto==5.0.9 +pytest==8.2.2 pytest-cov==5.0.0 pytest-env==1.1.3 pytest-html==4.1.1 -tenacity==8.2.3 -validators==0.28.1 +tenacity==8.4.2 +validators==0.28.3 yarl==1.9.4 importlib-metadata==8.0.0 opg-sirius-service==2.1.1 -typing-extensions==4.11.0 \ No newline at end of file +typing-extensions==4.12.2 \ No newline at end of file diff --git a/lambda_functions/v1/requirements/pact-requirements.txt b/lambda_functions/v1/requirements/pact-requirements.txt index 7914e7df..b6ee87ce 100644 --- a/lambda_functions/v1/requirements/pact-requirements.txt +++ b/lambda_functions/v1/requirements/pact-requirements.txt @@ -1,3 +1,3 @@ -connexion==3.0.6 +connexion==3.1.0 swagger-ui-bundle requests diff --git a/lambda_functions/v1/requirements/requirements.txt b/lambda_functions/v1/requirements/requirements.txt index e2057ad9..a845fd3d 100644 --- a/lambda_functions/v1/requirements/requirements.txt +++ b/lambda_functions/v1/requirements/requirements.txt @@ -2,8 +2,8 @@ Flask==3.0.3 markupsafe==2.1.5 localstack-client==2.5 -redis==5.0.4 -requests==2.31.0 +redis==5.0.7 +requests==2.32.2 Werkzeug==3.0.3 -requests-aws4auth==1.0.1 +requests-aws4auth==1.2.3 opg-sirius-service==2.1.1 diff --git a/mock_sirius_backend/requirements.txt b/mock_sirius_backend/requirements.txt index 15b44b36..05021196 100644 --- a/mock_sirius_backend/requirements.txt +++ b/mock_sirius_backend/requirements.txt @@ -1,4 +1,4 @@ -connexion==3.0.6 +connexion==3.1.0 Flask==3.0.3 markupsafe==2.1.5 requests diff --git a/terraform/environment/.terraform.lock.hcl b/terraform/environment/.terraform.lock.hcl index bfa444b6..5d36f94a 100644 --- a/terraform/environment/.terraform.lock.hcl +++ b/terraform/environment/.terraform.lock.hcl @@ -2,38 +2,38 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.55.0" + version = "5.56.0" constraints = "~> 5.0, >= 5.32.0" hashes = [ - "h1:3zm88eQrbQHiptPt27WpSr8sJRonvMzeeegFYKZ9/vQ=", - "h1:E6Ax11q2/k3KDz0XfKz+NWvM+MOqKgbnoe5iGI6UpvI=", - "h1:Ecp/Us36Q7cPmM6CJuhVoQpJ8Fr3857u2aY5u90b744=", - "h1:Fm/qcPuwi3JXV+x+6zKHeQwVGDdGkCu+mjdPKY+eBCQ=", - "h1:K/aEWNwFhDOjbU9bmtAUvy84IZCkVZDhNubxm2J8KuU=", - "h1:NHFZsgJpjqVy+n9tt7uV5gWArMkjFzfo7bUdaT90CQk=", - "h1:NHgKROQfH2vdYgpcD046DrCbFLIONgIzj4UeVNdku3w=", - "h1:V3StWoMxIwKEJ61jlwin+0fdGqDFeBBNQqje57B9nqc=", - "h1:bBEd61mviRihR9/r+nsd8Sq3OU+etHQhBcBdOaVix2g=", - "h1:e8vKwGg6c6CsbbHEpnjQE+5luDVcC5qyKZ5Vv/T5Z1U=", - "h1:lpxW8Myr+VNsbe/xiqbsQ6cLXAkGlmgIjjJYLhhQMf4=", - "h1:pbABD0XsrwOxYmctcsGKjwSTEzaGFL2RR164CSf1O+Q=", - "h1:vChl08zNYLVzuSzfxz3wp3wNSx+vjwl/jPuyPbg59Ks=", - "h1:ys4tLt+sbqNUEicl2tO7gWvEZ6QPK4PwEv/mPc31Na0=", - "zh:06fbb1cc4b61b9d6370d391bf7538aa6ef8b60b91c67d125a6be60a70b1d49f0", - "zh:1d52acd2184f379433a0fce2c29d5ed8fc7958d6a9d1b403310dcc36b2a3f626", - "zh:290bbce092f8836a1db530ac86d933cfea27d52b827639974a81bc48dfba8c34", - "zh:3531f2822c2de3ba837381c4ee4816c5b437fd204c07d659526a04d9154a65e8", - "zh:56d70db4c8c6c0ec1b665380b87726275f4ab3665b4b78ac86dc90e1010c0fe3", - "zh:8251d713c0b2c8c51b6858e51c70d083b484342ff9782a88c39e7eaa966c3da2", - "zh:9a7d1f7207e51382a7dd139dfd5786e7e905edf9bf89bbee4b59ad41365e87be", + "h1:09fAczBASw/S5fgA35pxTCjtUgTn1Q+u9AxVdu9PYT0=", + "h1:8MbNv87Ra7YheJYPChSg+gc096C3kauriXsVNkeF1Po=", + "h1:E+O/LiDjygxBwI34acHuP0bBzotJm5J2suD+1KGu3sw=", + "h1:F9Ad0SflY+F0M+1F5FohJlQ573cVpCGn+c7hIvJRwkg=", + "h1:UCEU5g7vSy6GM/PQvGbeAZ/rV9JhB/s4ntNCJ6sDDVQ=", + "h1:hZl0zxk0aLL2/ciDUkrY5ORH2LFKQdp8BvZAcs6VgIY=", + "h1:i6Isi/+mOmRDJ/MQBuHREnuKL7UMDp7CUC+YKI2Q6Ik=", + "h1:miKY6GMwGouo66zfTQldthgOfuXT0EoI7AyqagHNkZo=", + "h1:mn5tmUuTCiGsgdkCO6y/UFrLRQgt55AqLUqoHC/5qZ0=", + "h1:pMcbrG0VgbWLLZ1pzBxrQ2+n6sxgEP/XwD5/oZnXZeA=", + "h1:phfbHzGYnvHk/6+6I7n/QO8J91ovrZq0bylwOcGs8Nk=", + "h1:srhevnc1xdcEHMmuAYEHWF0tpsoLXSnyjsrxd7FT00U=", + "h1:uv8Qm0W/dNt9jnWswFeSoXj5Es6dfp2ZCYrVTD9nLi4=", + "h1:vkrI+WCNsaW9Bs7I4498tgZ6H20SJupIn8UZoYvkmqs=", + "zh:626ada4e076bd852fb7fc3d0722f17a0eddd87356d94cfce8b3595a520e8d91d", + "zh:6b31e0c5b60d830a623ae9cc7d8cf2db74f75735d83097c659607c8a6276adaf", + "zh:774d02a1c5ddcc9b5efbfe86bc967f4af8a52b8cb5880b2f5d1b255e5b0868ba", + "zh:8d0b9407f7fa868718a3cb4489ee79c17da129647994be2aa2de91c87ccbf365", + "zh:91908ac346a21fc993b16a7734b668d8457afa73970600f1caa7a1feae6d0432", + "zh:947b11319d9fba740940d46b3b3b3ca6d7ba53b105f7284c4e474a4e8b8bd1a6", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:a529c78dfc60063289524690af78794e99a768835b88e27cdfec15bc85439f7c", - "zh:b6da1843355db05c5d412126406fd97db2a6ff9edc166b81c1cea2994535b4eb", - "zh:bfc08cd23b1556b3287d1b28ac7f12c7d459471d97a0592bf2579ea68d11bae7", - "zh:c382088faf05894191636b57861069a21de10a5ff4eb8f7cc122e764ccf7a4a8", - "zh:e27f99f389921314ee428b24990d3a829057ce532b2beb33c69387458722edd9", - "zh:ef11285eedb45ffc3fb2ecdfefa206e64eb2760a87fff15c44dee42de9703436", - "zh:fedc4ebee0d6fe196691127004db5d1ff8bd22e3b667a74026bb92c607589b6c", + "zh:a18be89b54a333c2fb9e2da78b2e658ba3231f877520c7c21bf08e322e3516a4", + "zh:ae902f46864009d7284af22b473d4b73e3c87550f37dd028db4bd8551195af84", + "zh:c9ae5ec852a19cdd8f75754eaed2d7b3f833de3845ebe3aa2d0d30f622b68004", + "zh:d1c3ab7377789f6d2f97dc79d6195c31cfa7c66f530aead7ce8ad7efff0f487d", + "zh:f0233dc4a6db447e16349f486d817f76637fe5e9b1de9ad58ab4c3f09651a1ac", + "zh:f25840d0ff9bd6e55605019cacbcf4d4f96759d687770679cb4bc6210cb6a25c", + "zh:f2e5d0229db8fd114ac1740622c0fc6d8504d8c3d2f5c19b08e73e0469320e87", + "zh:f578bdab2e9dd8c76e6b19246c5b5631eba3ce99329a2b58fb85ebd9501dd450", ] } diff --git a/terraform/environment/lambda.tf b/terraform/environment/lambda.tf index 084abd29..aaa3f891 100644 --- a/terraform/environment/lambda.tf +++ b/terraform/environment/lambda.tf @@ -3,7 +3,7 @@ data "aws_secretsmanager_secret" "jwt_secret_key" { } module "lambda_lpa_v1" { - source = "github.com/terraform-aws-modules/terraform-aws-lambda.git?ref=v7.4.0" + source = "github.com/terraform-aws-modules/terraform-aws-lambda.git?ref=v7.7.0" function_name = "lpa-${local.environment}-v1" handler = "app.lpa.lambda_handler" diff --git a/terraform/environment/versions.tf b/terraform/environment/versions.tf index 6eab3d6b..1ce0edfe 100644 --- a/terraform/environment/versions.tf +++ b/terraform/environment/versions.tf @@ -5,5 +5,5 @@ terraform { version = "~> 5.0" } } - required_version = "1.8.5" + required_version = "1.9.0" } \ No newline at end of file