Renovate Update Patch & Minor Updates

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update	Pending
@ministryofjustice/frontend	3.1.0 -> 3.3.0					dependencies	minor
actions/setup-go	v5.1.0 -> v5.2.0					action	minor
actions/upload-artifact	v4.4.3 -> v4.5.0					action	minor
aws (source)	~> 5.80.0 -> ~> 5.82.0					required_provider	minor
codecov/codecov-action	v5.1.1 -> v5.1.2					action	patch
cypress (source)	13.16.1 -> 13.17.0					devDependencies	minor
docker/setup-buildx-action	v3.7.1 -> v3.8.0					action	minor
esbuild	0.24.0 -> 0.24.2					dependencies	patch
github.com/aws/aws-sdk-go-v2	v1.32.6 -> v1.32.7					require	patch
github.com/aws/aws-sdk-go-v2/config	v1.28.6 -> v1.28.7					require	patch
github.com/aws/aws-sdk-go-v2/credentials	v1.17.47 -> v1.17.48					require	patch
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue	v1.15.20 -> v1.15.22					require	patch
github.com/aws/aws-sdk-go-v2/service/cloudwatch	v1.43.3 -> v1.43.4					require	patch
github.com/aws/aws-sdk-go-v2/service/dynamodb	v1.38.0 -> v1.38.1					require	patch
github.com/aws/aws-sdk-go-v2/service/eventbridge	v1.36.0 -> v1.36.1					require	patch
github.com/aws/aws-sdk-go-v2/service/s3	v1.71.0 -> v1.71.1					require	patch
github.com/aws/aws-sdk-go-v2/service/s3control	v1.52.0 -> v1.52.1					require	patch
github.com/aws/aws-sdk-go-v2/service/secretsmanager	v1.34.7 -> v1.34.8					require	patch
github.com/aws/aws-sdk-go-v2/service/sqs	v1.37.2 -> v1.37.3					require	patch
github.com/aws/aws-sdk-go-v2/service/ssm	v1.56.1 -> v1.56.2					require	patch
github.com/ministryofjustice/opg-go-common	v1.41.0 -> v1.62.0					require	minor
github/codeql-action	v3.27.6 -> v3.28.0					action	minor
go.opentelemetry.io/contrib/detectors/aws/ecs	v1.32.0 -> v1.33.0					require	minor
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda	v0.57.0 -> v0.58.0					require	minor
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda/xrayconfig	v0.57.0 -> v0.58.0					require	minor
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws	v0.57.0 -> v0.58.0					require	minor
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.57.0 -> v0.58.0					require	minor
go.opentelemetry.io/contrib/propagators/aws	v1.32.0 -> v1.33.0					require	minor
go.opentelemetry.io/otel	v1.32.0 -> v1.33.0					require	minor
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	v1.32.0 -> v1.33.0					require	minor
go.opentelemetry.io/otel/sdk	v1.32.0 -> v1.33.0					require	minor
go.opentelemetry.io/otel/trace	v1.32.0 -> v1.33.0					require	minor
golang	1.23.3-alpine -> 1.23.4-alpine					stage	patch
golang	1.23.3-alpine -> 1.23.4-alpine					final	patch
hashicorp/terraform	1.10.1 -> 1.10.3					required_version	patch
outofcoffee/imposter	4.2.4 -> 4.3.0					final	minor
pagerduty (source)	3.18.1 -> 3.18.2					required_provider	patch	3.18.3
sass	1.82.0 -> 1.83.0					dependencies	minor
stop-only	3.4.1 -> 3.4.2					devDependencies	patch

---

Release Notes

ministryofjustice/moj-frontend (@​ministryofjustice/frontend)

v3.3.0

Compare Source

Features

• tabbed-view-documents: tabbed view documentation (#​989) (5cc6185)

3.2.2 (2024-12-18)

Bug Fixes

• include compiled css and js in the package (#​1028) (c4f2d6f), closes #​1024

3.2.1 (2024-12-12)

Bug Fixes

• header: remove incorrectly applied filters to the header fallback crown image (#​997) (616280e)

v3.2.2

Compare Source

Bug Fixes

• include compiled css and js in the package (#​1028) (c4f2d6f), closes #​1024

v3.2.1

Compare Source

Bug Fixes

• header: remove incorrectly applied filters to the header fallback crown image (#​997) (616280e)

v3.2.0

Compare Source

Features

• Add interruption card (#​988) (506bf09), closes #​930 #​956

actions/setup-go (actions/setup-go)

v5.2.0

Compare Source

What's Changed

• Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @​Shegox in https://github.com/actions/setup-go/pull/496

New Contributors

• @​Shegox made their first contribution in https://github.com/actions/setup-go/pull/496

Full Changelog: actions/setup-go@v5...v5.2.0

actions/upload-artifact (actions/upload-artifact)

v4.5.0

Compare Source

hashicorp/terraform-provider-aws (aws)

v5.82.2

Compare Source

BUG FIXES:

• data-source/aws_lb_listener: Add mutual_authentication.advertise_trust_store_ca_names attribute. This fixes a regression introduced in v5.82.0 causing setting mutual_authentication: Invalid address to set: []string{"mutual_authentication", "0", "advertise_trust_store_ca_names"} errors (#​40658)

v5.82.1

Compare Source

ENHANCEMENTS:

• resource/aws_autoscaling_group: Add availability_zone_distribution argument (#​40634)

BUG FIXES:

• data-source/aws_iam_policy_document: Reverts plan-time validation for statement sid (#​40639)

v5.82.0

Compare Source

NOTES:

• resource/aws_resourcegroups_resource: The format of the read-only id attribute has changed to prevent inconsistent parsing which resulted in provider crashes under certain conditions. The new format is a comma-delimited string combining group_arn and resource_arn in their entirety. Configuarations relying on the previous format may need to be updated to continue functioning correctly. (#​40579)

FEATURES:

• New Data Source: aws_servicecatalogappregistry_attribute_group_associations (#​38306)
• New Resource: aws_api_gateway_domain_name_access_association (#​40566)
• New Resource: aws_cloudfront_vpc_origin (#​40239)
• New Resource: aws_memorydb_multi_region_cluster (#​40376)
• New Resource: aws_networkmanager_dx_gateway_attachment (#​40546)
• New Resource: aws_rds_cluster_snapshot_copy (#​40398)

ENHANCEMENTS:

• data-source/aws_dx_gateway: Add arn attribute (#​40546)
• data-source/aws_iam_policy_document: Add plan-time validation that the statement sid is valid, including on alphanumeric characters (#​40562)
• data-source/aws_vpc_endpoint: Add service_region attribute (#​40583)
• resource/aws_bedrockagent_agent: Add agent_collaboration attribute to configure agent collaboration role (#​40543)
• resource/aws_cloudfront_distribution: Add origin.vpc_origin_config argument (#​40239)
• resource/aws_db_parameter_group: Support import of name_prefix argument (#​40622)
• resource/aws_dx_gateway: Add arn attribute (#​40546)
• resource/aws_fsx_lustre_file_system: Add efa_enabled argument (#​40381)
• resource/aws_lb_listener: Add advertise_trust_store_ca_names attribute to the mutual_authentication configuration block (#​40550)
• resource/aws_memorydb_cluster: Add multi_region_cluster_name argument (#​40376)
• resource/aws_networkmanager_attachment_accepter: Add edge_locations attribute (#​40546)
• resource/aws_resourcegroups_resource: Add import support (#​40579)
• resource/aws_vpc_endpoint: Add service_region argument (#​40583)

BUG FIXES:

• data-source/aws_acmpca_certificate_authority: Ignore AccessDeniedException: ... is not authorized to perform: acm-pca:GetCertificateAuthorityCsr on resource: ... errors for RAM-shared CAs (#​39952)
• data-source/aws_licensemanager_received_license: Fix setting entitlements: Invalid address to set: []string{"entitlements", "0", "overage"} errors (#​40621)
• resource/aws_amplify_domain_association: No longer ignores changes to certificate_settings when updating. (#​40589)
• resource/aws_amplify_domain_association: Prevent "unexpected state" error when setting certificate_settings.type to CUSTOM. (#​40589)
• resource/aws_amplify_domain_association: Prevent ValidationException when setting certificate_settings.type to AMPLIFY_MANAGED. (#​40589)
• resource/aws_amplify_domain_association: Prevent permanent diff when certificate_settings not set. (#​40589)
• resource/aws_amplify_domain_association: Prevents panic in some circumstances when certificate_settings is not set during update. (#​40589)
• resource/aws_api_gateway_domain_name: Correct arn for private custom domain names (#​40566)
• resource/aws_codeconnections_host: Mark vpc_configuration.tls_certificate as Optional (#​40574)
• resource/aws_elasticache_replication_group: Prevent perpetual diff which triggers resource replacement on at_rest_encryption_enabled when engine is valkey. (#​40514)
• resource/aws_lakeformation_permissions: Add support for IAMPrincipals principal group (#​38600)
• resource/aws_lakeformation_permissions: Fix refreshing state so order is not considered in permissions and permissions_with_grant_option attributes (#​38047)
• resource/aws_lakeformation_resource_lf_tag: Fix panic when resource tries to destroy a LFTag reference that does not exist (#​40584)
• resource/aws_lambda_invocation: Set new computed value for result attribute when changing input attribute, for lifecycle scope "CRUD" (#​34263)
• resource/aws_medialive_channel: Added missing teletext_destination_settings. (#​33797)
• resource/aws_rds_cluster: Fix issue with waiter when modifying allocated_storage (#​40601)
• resource/aws_resourcegroups_resource: Fix crash when parsing certain ARN formats (#​40579)
• resource/aws_s3_bucket: Destroying a bucket with force_destroy = true can now delete objects with non-XML-safe keys (#​40537)
• resource/aws_s3_directory_bucket: Destroying a directory bucket with force_destroy = true can now delete objects with non-XML-safe keys (#​40537)
• resource/aws_secretsmanager_secret_rotation: Fix bug where automatically_after_days was not being set properly when schedule_expression had been set previously (#​34295)
• resource/aws_secretsmanager_secret_rotation: Retry rotation in case it has not yet propagated when previously an error would occur: InvalidRequestException: A previous rotation isn't complete. That rotation will be reattempted. (#​34295)
• resource/aws_sqs_queue_redrive_allow_policy: Fix perpetual redrive_allow_policy diffs (#​40604)

v5.81.0

Compare Source

FEATURES:

• New Data Source: aws_servicecatalogappregistry_attribute_group (#​38188)
• New Ephemeral Resource: aws_ssm_parameter (#​40313)
• New Resource: aws_bedrock_inference_profile (#​40294)
• New Resource: aws_cloudwatch_log_anomaly_detector (#​40437)
• New Resource: aws_ecr_account_setting (#​40219)
• New Resource: aws_msk_single_scram_secret_association (#​37056)
• New Resource: aws_servicecatalogappregistry_attribute_group (#​38183)
• New Resource: aws_servicecatalogappregistry_attribute_group_association (#​38290)

ENHANCEMENTS:

• data-source/aws_api_gateway_domain_name: Add policy and domain_name_id attributes (#​40364)
• data-source/aws_servicecatalogappregistry_application: Add tags attribute (#​38243)
• data-source/aws_sesv2_configuration_set: Add delivery_options.max_delivery_seconds and tracking_options.https_policy attributes (#​40194)
• resource/aws_api_gateway_base_path_mapping: Add domain_name_id argument (#​40447)
• resource/aws_api_gateway_domain_name: Add policy argument and domain_name_id attribute (#​40364)
• resource/aws_api_gateway_domain_name: Support PRIVATE as a valid value for endpoint_configuration.types argument, enabling custom domain name support for private REST API endpoints (#​40364)
• resource/aws_ebs_snapshot_copy: Add completion_duration_minutes argument (#​40336)
• resource/aws_glue_catalog_table_optimizer: Add configuration.retention_configuration and configuration.orphan_file_deletion_configuration attributes. (#​40199)
• resource/aws_instance: Add enable_primary_ipv6 argument to add support for enabling primary IPv6 addresses on EC2 instances (#​36425)
• resource/aws_kinesis_stream: Add plan-time validation that shard_count would not exceed the AWS account's shard quota when the data stream capacity mode is PROVISIONED, preventing the provider from retrying for 1 hour in the case that the quota is exceeded. This functionality requires the kinesis:DescribeLimits IAM permission (#​40499)
• resource/aws_kinesis_stream: Add plan-time validation that creation of an on-demand stream would not exceed the AWS account's data stream quota, preventing the provider from retrying for 1 hour in the case that the quota is exceeded. This functionality requires the kinesis:DescribeLimits IAM permission (#​40499)
• resource/aws_msk_replicator: Add topic_replication.topic_name_configuration argument (#​40101)
• resource/aws_network_interface: Add enable_primary_ipv6 argument to add support for enabling primary IPv6 addresses for network interfaces (#​36425)
• resource/aws_networkfirewall_firewall_policy: Add stateful_engine_options.flow_timeouts argument (#​39996)
• resource/aws_rds_cluster: Add serverlessv2_scaling_configuration.seconds_until_auto_pause argument (#​40441)
• resource/aws_rds_global_cluster: Add tags argument and tags_all attribute (#​40470)
• resource/aws_sagemaker_notebook_instance: Support notebook-al2-v3 value for platform_identifier (#​40484)
• resource/aws_servicecatalogappregistry_application: Add tags argument and tags_all attribute (#​38243)
• resource/aws_sesv2_configuration_set: Add delivery_options.max_delivery_seconds and tracking_options.https_policy arguments (#​40194)

BUG FIXES:

• data-source/aws_kinesis_stream: Fix InvalidArgumentException: NextToken and StreamName cannot be provided together errors when the data stream has more than 1000 shards (#​40499)
• resource/aws_ce_cost_category: Change rule from TypeSet to TypeList as order is significant (#​40521)
• resource/aws_fsx_windows_file_system: Fix plan-time validation of throughput_capacity validation to allow values up to 12228 (#​40468)
• resource/aws_networkfirewall_logging_configuration: Correctly manage all configured logging_configuration.log_destination_configs (#​40092)
• resource/aws_rds_cluster: Fix InvalidDBClusterStateFault errors when deleting clusters that are members of a global cluster (#​40333)
• resource/aws_rds_cluster: Fix InvalidParameterValue: Serverless v2 maximum capacity 0.0 isn't valid. The maximum capacity must be at least 1.0. errors when removing serverlessv2_scaling_configuration in an update (#​40511)
• resource/aws_rds_cluster: Respect storage_type when restoring from S3 (#​40471)
• resource/aws_rds_cluster: Respect storage_type when restoring from snapshot (#​40471)
• resource/aws_rds_cluster: Respect storage_type when restoring to a point in time (#​40471)
• resource/aws_rds_global_cluster: Mark database_name as Computed. This prevents resource recreation when the source cluster specifies a database_name (#​40469)

codecov/codecov-action (codecov/codecov-action)

v5.1.2

Compare Source

What's Changed

• fix: update statment by @​thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1726
• fix: update action script by @​thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1725
• fix: prevent oidc on tokenless due to permissioning by @​thomasrockhu-codecov in https://github.com/codecov/codecov-action/pull/1724
• chore(release): wrapper-0.0.31 by @​app/codecov-releaser-app in https://github.com/codecov/codecov-action/pull/1723
• Put quotes around ${{ inputs.token }} in action.yml by @​jwodder in https://github.com/codecov/codecov-action/pull/1721
• build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @​app/dependabot in [https://github.com/build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 codecov/codecov-action#1722](https://redirect.github.com/codecov/codecov-acti

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.97%. Comparing base (32d8084) to head (7aa1e75).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1686   +/-   ##
=======================================
  Coverage   94.97%   94.97%           
=======================================
  Files         285      285           
  Lines       16145    16145           
=======================================
  Hits        15334    15334           
  Misses        641      641           
  Partials      170      170           

Flag	Coverage Δ
unittests	94.97% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 21 additional dependencies were updated

Details:

Package	Change
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.16.21 -> v1.16.22
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.3.25 -> v1.3.26
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.6.25 -> v2.6.26
github.com/aws/aws-sdk-go-v2/internal/v4a	v1.3.25 -> v1.3.26
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams	v1.24.8 -> v1.24.10
github.com/aws/aws-sdk-go-v2/service/internal/checksum	v1.4.6 -> v1.4.7
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery	v1.10.6 -> v1.10.7
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.12.6 -> v1.12.7
github.com/aws/aws-sdk-go-v2/service/internal/s3shared	v1.18.6 -> v1.18.7
github.com/aws/aws-sdk-go-v2/service/sso	v1.24.7 -> v1.24.8
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.28.6 -> v1.28.7
github.com/aws/aws-sdk-go-v2/service/sts	v1.33.2 -> v1.33.3
github.com/grpc-ecosystem/grpc-gateway/v2	v2.23.0 -> v2.24.0
go.opentelemetry.io/contrib/detectors/aws/lambda	v0.57.0 -> v0.58.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace	v1.32.0 -> v1.33.0
go.opentelemetry.io/otel/metric	v1.32.0 -> v1.33.0
go.opentelemetry.io/proto/otlp	v1.3.1 -> v1.4.0
google.golang.org/genproto/googleapis/api	v0.0.0-20241104194629-dd2ea8efbc28 -> v0.0.0-20241209162323-e6fa225c2576
google.golang.org/genproto/googleapis/rpc	v0.0.0-20241104194629-dd2ea8efbc28 -> v0.0.0-20241209162323-e6fa225c2576
google.golang.org/grpc	v1.68.0 -> v1.68.1
google.golang.org/protobuf	v1.35.1 -> v1.35.2