Renovate Update Patch & Minor Updates

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending	Age	Adoption	Passing	Confidence
aws (source)	required_provider	minor	~> 5.16.0 -> ~> 5.17.0
boto3		patch	==1.28.43 -> ==1.28.48	1.28.49
cypress-real-events	devDependencies	patch	1.10.1 -> 1.10.3
esbuild	dependencies	patch	0.19.2 -> 0.19.3
github.com/aws/aws-sdk-go-v2/service/eventbridge	require	minor	v1.21.0 -> v1.22.0
go.opentelemetry.io/contrib/detectors/aws/ecs	require	minor	v1.18.0 -> v1.19.0
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws	require	minor	v0.43.0 -> v0.44.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	require	minor	v0.43.0 -> v0.44.0
go.opentelemetry.io/contrib/propagators/aws	require	minor	v1.18.0 -> v1.19.0
go.opentelemetry.io/otel	require	minor	v1.17.0 -> v1.18.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	require	minor	v1.17.0 -> v1.18.0
go.opentelemetry.io/otel/sdk	require	minor	v1.17.0 -> v1.18.0
go.opentelemetry.io/otel/trace	require	minor	v1.17.0 -> v1.18.0
google.golang.org/grpc	require	patch	v1.58.0 -> v1.58.1
sass	dependencies	minor	1.66.1 -> 1.67.0

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v5.17.0

Compare Source

NOTES:

• data-source/aws_s3_object: Migration to AWS SDK for Go v2 means that the edge case of specifying a single / as the value for key is no longer supported (#​33358)

FEATURES:

• New Resource: aws_shield_application_layer_automatic_response (#​33432)
• New Resource: aws_verifiedaccess_instance (#​33459)

ENHANCEMENTS:

• data-source/aws_s3_object: Add checksum_mode argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• data-source/aws_s3control_multi_region_access_point: Add details.region.bucket_account_id attribute (#​33416)
• resource/aws_s3_object: Add checksum_algorithm argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• resource/aws_s3_object_copy: Add checksum_algorithm argument and checksum_crc32, checksum_crc32c, checksum_sha1 and checksum_sha256 attributes (#​33358)
• resource/aws_s3control_multi_region_access_point: Add details.region.bucket_account_id argument to support cross-account Multi-Region Access Points (#​33416)
• resource/aws_s3control_multi_region_access_point: Add details.region.region attribute (#​33416)
• resource/aws_schemas_schema: Add JSONSchemaDraft4 schema type support (#​35971)
• resource/aws_transfer_connector: Add sftp_config argument and make as2_config optional (#​32741)
• resource/aws_wafv2_web_acl: Retry resource Update on WAFOptimisticLockException errors (#​33432)

BUG FIXES:

• resource/aws_dms_replication_task: Fix error when replication_task_settings is nil (#​33456)
• resource/aws_elasticache_cluster: Fix regression for redis engine types caused by the new transit_encryption_enabled argument (#​33451)
• resource/aws_neptune_cluster: Fix ignored kms_key_arn on restore from DB cluster snapshot (#​33413)
• resource/aws_servicecatalog_product: Allow import on provisioning_artifact_parameters attribute (#​33448)
• resource/aws_subnet: Fix destroy error when there is a lingering ENI for DMS (#​33375)

v5.16.2

Compare Source

FEATURES:

• New Data Source: aws_cognito_identity_pool (#​33053)
• New Resource: aws_verifiedaccess_trust_provider (#​33195)

ENHANCEMENTS:

• resource/aws_autoscaling_group: Change the default values of instance_refresh.preferences.scale_in_protected_instances and instance_refresh.preferences.standby_instances from Wait to the Amazon EC2 Auto Scaling console recommended value of Ignore (#​33382)
• resource/aws_s3control_object_lambda_access_point: Add alias attribute (#​33388)

BUG FIXES:

• resource/aws_autoscaling_group: Fix ValidationError errors when starting Auto Scaling group instance refresh (#​33382)
• resource/aws_iot_topic_rule: Fix InvalidParameter errors on Update with Kafka destinations (#​33360)
• resource/aws_lightsail_certificate: Fix validation of name (#​33405)
• resource/aws_lightsail_database: Fix validation of name (#​33405)
• resource/aws_lightsail_disk: Fix validation of name (#​33405)
• resource/aws_lightsail_instance: Fix validation of name (#​33405)
• resource/aws_lightsail_lb: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_attachment: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_certificate: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_certificate_attachment: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_https_redirection_policy: Fix validation of lb_name (#​33405)
• resource/aws_lightsail_lb_stickiness_policy: Fix validation of lb_name (#​33405)

v5.16.1

Compare Source

BUG FIXES:

• data-source/aws_efs_file_system: Fix Search returned 0 results errors when there are more than 101 file systems in the configured Region (#​33336)
• resource/aws_db_instance_automated_backups_replication: Fix unexpected state errors on resource Create (#​33369)
• resource/aws_glue_catalog_table: Fix removal of metadata_location and table_type parameters when updating Iceberg tables (#​33374)
• resource/aws_service_discovery_instance: Fix validation error "expected to match regular expression" (#​33371)

boto/boto3 (boto3)

v1.28.48

Compare Source

=======

• api-change:appstream: [botocore] This release introduces multi-session fleets, allowing customers to provision more than one user session on a single fleet instance.
• api-change:cloudformation: [botocore] Documentation updates for AWS CloudFormation
• api-change:entityresolution: [botocore] Changed "ResolutionTechniques" and "MappedInputFields" in workflow and schema mapping operations to be required fields.
• api-change:lookoutequipment: [botocore] This release adds APIs for the new scheduled retraining feature.

v1.28.47

Compare Source

=======

• api-change:cloud9: [botocore] Update to include information on Ubuntu 18 deprecation.
• api-change:drs: [botocore] Updated existing APIs and added new ones to support using AWS Elastic Disaster Recovery post-launch actions. Added support for new regions.
• api-change:firehose: [botocore] DocumentIdOptions has been added for the Amazon OpenSearch destination.
• api-change:guardduty: [botocore] Add managementType field to ListCoverage API response.
• api-change:internetmonitor: [botocore] This release updates the Amazon CloudWatch Internet Monitor API domain name.
• api-change:ivs-realtime: [botocore] Doc only update that changes description for ParticipantToken.
• api-change:simspaceweaver: [botocore] Edited the introductory text for the API reference.
• api-change:xray: [botocore] Add StartTime field in GetTraceSummaries API response for each TraceSummary.

v1.28.46

Compare Source

=======

• api-change:ec2: [botocore] This release adds support for restricting public sharing of AMIs through AMI Block Public Access
• api-change:events: [botocore] Update events client to latest version
• api-change:kendra: [botocore] Amazon Kendra now supports confidence score buckets for retrieved passage results using the Retrieve API.

v1.28.45

Compare Source

=======

• api-change:ecr: [botocore] This release will have ValidationException be thrown from ECR LifecyclePolicy APIs in regions LifecyclePolicy is not supported, this includes existing Amazon Dedicated Cloud (ADC) regions. This release will also change Tag: TagValue and Tag: TagKey to required.
• api-change:medialive: [botocore] AWS Elemental Link now supports attaching a Link UHD device to a MediaConnect flow.
• api-change:quicksight: [botocore] This release launches new updates to QuickSight KPI visuals - support for sparklines, new templated layout and new targets for conditional formatting rules.

v1.28.44

Compare Source

=======

• api-change:fsx: [botocore] Amazon FSx documentation fixes
• api-change:sagemaker: [botocore] Autopilot APIs will now support holiday featurization for Timeseries models. The models will now hold holiday metadata and should be able to accommodate holiday effect during inference.
• api-change:sso-admin: [botocore] Content updates to IAM Identity Center API for China Regions.
• api-change:workspaces: [botocore] A new field "ErrorDetails" will be added to the output of "DescribeWorkspaceImages" API call. This field provides in-depth details about the error occurred during image import process. These details include the possible causes of the errors and troubleshooting information.

dmtrKovalenko/cypress-real-events (cypress-real-events)

v1.10.3

Compare Source

Changes

• Cypress 13 support

v1.10.2

Compare Source

evanw/esbuild (esbuild)

v0.19.3

Compare Source

• Fix list-style-type with the local-css loader (#​3325)

  The local-css loader incorrectly treated all identifiers provided to list-style-type as a custom local identifier. That included identifiers such as none which have special meaning in CSS, and which should not be treated as custom local identifiers. This release fixes this bug:

  /* Original code */
  ul { list-style-type: none }
  
  /* Old output (with --loader=local-css) */
  ul {
    list-style-type: stdin_none;
  }
  
  /* New output (with --loader=local-css) */
  ul {
    list-style-type: none;
  }

  Note that this bug only affected code using the local-css loader. It did not affect code using the css loader.

• Avoid inserting temporary variables before use strict (#​3322)

  This release fixes a bug where esbuild could incorrectly insert automatically-generated temporary variables before use strict directives:

  // Original code
  function foo() {
    'use strict'
    a.b?.c()
  }
  
  // Old output (with --target=es6)
  function foo() {
    var _a;
    "use strict";
    (_a = a.b) == null ? void 0 : _a.c();
  }
  
  // New output (with --target=es6)
  function foo() {
    "use strict";
    var _a;
    (_a = a.b) == null ? void 0 : _a.c();
  }

• Adjust TypeScript enum output to better approximate tsc (#​3329)

  TypeScript enum values can be either number literals or string literals. Numbers create a bidirectional mapping between the name and the value but strings only create a unidirectional mapping from the name to the value. When the enum value is neither a number literal nor a string literal, TypeScript and esbuild both default to treating it as a number:

  // Original TypeScript code
  declare const foo: any
  enum Foo {
    NUMBER = 1,
    STRING = 'a',
    OTHER = foo,
  }
  
  // Compiled JavaScript code (from "tsc")
  var Foo;
  (function (Foo) {
    Foo[Foo["NUMBER"] = 1] = "NUMBER";
    Foo["STRING"] = "a";
    Foo[Foo["OTHER"] = foo] = "OTHER";
  })(Foo || (Foo = {}));

  However, TypeScript does constant folding slightly differently than esbuild. For example, it may consider template literals to be string literals in some cases:

  // Original TypeScript code
  declare const foo = 'foo'
  enum Foo {
    PRESENT = `${foo}`,
    MISSING = `${bar}`,
  }
  
  // Compiled JavaScript code (from "tsc")
  var Foo;
  (function (Foo) {
    Foo["PRESENT"] = "foo";
    Foo[Foo["MISSING"] = `${bar}`] = "MISSING";
  })(Foo || (Foo = {}));

  The template literal initializer for PRESENT is treated as a string while the template literal initializer for MISSING is treated as a number. Previously esbuild treated both of these cases as a number but starting with this release, esbuild will now treat both of these cases as a string. This doesn't exactly match the behavior of tsc but in the case where the behavior diverges tsc reports a compile error, so this seems like acceptible behavior for esbuild. Note that handling these cases completely correctly would require esbuild to parse type declarations (see the declare keyword), which esbuild deliberately doesn't do.

• Ignore case in CSS in more places (#​3316)

  This release makes esbuild's CSS support more case-agnostic, which better matches how browsers work. For example:

  /* Original code */
  @​KeyFrames Foo { From { OpaCity: 0 } To { OpaCity: 1 } }
  body { CoLoR: YeLLoW }
  
  /* Old output (with --minify) */
  @​KeyFrames Foo{From {OpaCity: 0} To {OpaCity: 1}}body{CoLoR:YeLLoW}
  
  /* New output (with --minify) */
  @​KeyFrames Foo{0%{OpaCity:0}To{OpaCity:1}}body{CoLoR:#ff0}

  Please never actually write code like this.

• Improve the error message for null entries in exports (#​3377)

  Package authors can disable package export paths with the exports map in package.json. With this release, esbuild now has a clearer error message that points to the null token in package.json itself instead of to the surrounding context. Here is an example of the new error message:

  ✘ [ERROR] Could not resolve "msw/browser"
  
      lib/msw-config.ts:2:28:
        2 │ import { setupWorker } from 'msw/browser';
          ╵                             ~~~~~~~~~~~~~
  
    The path "./browser" cannot be imported from package "msw" because it was explicitly disabled by
    the package author here:
  
      node_modules/msw/package.json:17:14:
        17 │       "node": null,
           ╵               ~~~~
  
    You can mark the path "msw/browser" as external to exclude it from the bundle, which will remove
    this error and leave the unresolved path in the bundle.
  

• Parse and print the with keyword in import statements

  JavaScript was going to have a feature called "import assertions" that adds an assert keyword to import statements. It looked like this:

  import stuff from './stuff.json' assert { type: 'json' }

  The feature provided a way to assert that the imported file is of a certain type (but was not allowed to affect how the import is interpreted, even though that's how everyone expected it to behave). The feature was fully specified and then actually implemented and shipped in Chrome before the people behind the feature realized that they should allow it to affect how the import is interpreted after all. So import assertions are no longer going to be added to the language.

  Instead, the current proposal is to add a feature called "import attributes" instead that adds a with keyword to import statements. It looks like this:

  import stuff from './stuff.json' with { type: 'json' }

  This feature provides a way to affect how the import is interpreted. With this release, esbuild now has preliminary support for parsing and printing this new with keyword. The with keyword is not yet interpreted by esbuild, however, so bundling code with it will generate a build error. All this release does is allow you to use esbuild to process code containing it (such as removing types from TypeScript code). Note that this syntax is not yet a part of JavaScript and may be removed or altered in the future if the specification changes (which it already has once, as described above). If that happens, esbuild reserves the right to remove or alter its support for this syntax too.

open-telemetry/opentelemetry-go-contrib (go.opentelemetry.io/contrib/detectors/aws/ecs)

v1.19.0: /v0.44.0/v0.13.0

Compare Source

Added

• Add gcp.gce.instance.name and gcp.gce.instance.hostname resource attributes to go.opentelemetry.io/contrib/detectors/gcp. (#​4263)

Changed

• The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ec2 have been upgraded to v1.21.0. (#​4265)
• The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ecs have been upgraded to v1.21.0. (#​4265)
• The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/eks have been upgraded to v1.21.0. (#​4265)
• The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/lambda have been upgraded to v1.21.0. (#​4265)
• The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda have been upgraded to v1.21.0. (#​4265)
  • The faas.execution attribute is now faas.invocation_id.
  • The faas.id attribute is now aws.lambda.invoked_arn.
• The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws have been upgraded to v1.21.0. (#​4265)
• The http.request.method attribute will only allow known HTTP methods from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#​4277)

Removed

• The high cardinality attributes net.sock.peer.addr, net.sock.peer.port, http.user_agent, enduser.id, and http.client_ip were removed from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#​4277)
• The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego module is removed. (#​4295)
• The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit module is removed. (#​4295)
• The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama module is removed. (#​4295)
• The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache module is removed. (#​4295)
• The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql module is removed. (#​4295)

New Contributors

• @​utsushiiro made their first contribution in https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4260
• @​RangelReale made their first contribution in https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4230

Full Changelog: open-telemetry/opentelemetry-go-contrib@v1.18.0...v1.19.0

open-telemetry/opentelemetry-go (go.opentelemetry.io/otel)

v1.18.0: /v0.41.0/v0.0.6

Compare Source

This release drops the compatibility guarantee of Go 1.19.

Added

• Add WithProducer option in go.opentelemetry.op/otel/exporters/prometheus to restore the ability to register producers on the prometheus exporter's manual reader. (#​4473)
• Add IgnoreValue option in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest to allow ignoring values when comparing metrics. (#​4447)

Deprecated

• The NewMetricExporter in go.opentelemetry.io/otel/bridge/opencensus was deprecated in v0.35.0 (#​3541).
  The deprecation notice format for the function has been corrected to trigger Go documentation and build tooling. (#​4470)

Removed

• Removed the deprecated go.opentelemetry.io/otel/exporters/jaeger package. (#​4467)
• Removed the deprecated go.opentelemetry.io/otel/example/jaeger package. (#​4467)
• Removed the deprecated go.opentelemetry.io/otel/sdk/metric/aggregation package. (#​4468)
• Removed the deprecated internal packages in go.opentelemetry.io/otel/exporters/otlp and its sub-packages. (#​4469)
• Dropped guaranteed support for versions of Go less than 1.20. (#​4481)

New Contributors

• @​pkbhowmick made their first contribution in https://github.com/open-telemetry/opentelemetry-go/pull/4462
• @​RangelReale made their first contribution in https://github.com/open-telemetry/opentelemetry-go/pull/4447

Full Changelog: open-telemetry/opentelemetry-go@v1.17.0...v1.18.0

grpc/grpc-go (google.golang.org/grpc)

v1.58.1: Release 1.58.1

Compare Source

Bug Fixes

• grpc: fix a bug that was decrementing active RPC count too early for streaming RPCs; leading to channel moving to IDLE even though it had open streams
• grpc: fix a bug where transports were not being closed upon channel entering IDLE

sass/dart-sass (sass)

v1.67.0

Compare Source

• All functions defined in CSS Values and Units 4 are now once again parsed as
  calculation objects: round(), mod(), rem(), sin(), cos(), tan(),
  asin(), acos(), atan(), atan2(), pow(), sqrt(), hypot(),
  log(), exp(), abs(), and sign().

  Unlike in 1.65.0, function calls are not locked into being parsed as
  calculations or plain Sass functions at parse-time. This means that
  user-defined functions will take precedence over CSS calculations of the same
  name. Although the function names calc() and clamp() are still forbidden,
  users may continue to freely define functions whose names overlap with other
  CSS calculations (including abs(), min(), max(), and round() whose
  names overlap with global Sass functions).

• Breaking change: As a consequence of the change in calculation parsing
  described above, calculation functions containing interpolation are now parsed
  more strictly than before. However, almost all interpolations that would
  have produced valid CSS will continue to work. The only exception is
  #{$variable}% which is not valid in Sass and is no longer valid in
  calculations. Instead of this, either use $variable directly and ensure it
  already has the % unit, or write ($variable * 1%).

• Potentially breaking bug fix: The importer used to load a given file is no
  longer used to load absolute URLs that appear in that file. This was
  unintented behavior that contradicted the Sass specification. Absolute URLs
  will now correctly be loaded only from the global importer list. This applies
  to the modern JS API, the Dart API, and the embedded protocol.

Embedded Sass

• Substantially improve the embedded compiler's performance when compiling many
  files or files that require many importer or function call round-trips with
  the embedded host.

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov]

Codecov Report

Patch has no changes to coverable lines.

📢 Thoughts on this report? Let us know!.

[github-actions]

PR Environment Terraform Plan Summary

Plan: 95 to add, 0 to change, 0 to destroy