Renovate Update Patch & Minor Updates

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
alpine	final	patch	3.18.3 -> 3.18.4
aws (source)	required_provider	minor	~> 5.17.0 -> ~> 5.19.0
aws-rum-web	dependencies	patch	1.14.0 -> 1.14.1
boto3		patch	==1.28.52 -> ==1.28.57
cypress	devDependencies	minor	13.2.0 -> 13.3.0
esbuild	dependencies	patch	0.19.3 -> 0.19.4
github.com/aws/aws-sdk-go-v2/config	require	patch	v1.18.41 -> v1.18.42
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue	require	patch	v1.10.39 -> v1.10.40
github.com/aws/aws-sdk-go-v2/service/dynamodb	require	minor	v1.21.5 -> v1.22.0
github.com/aws/aws-sdk-go-v2/service/s3	require	minor	v1.39.0 -> v1.40.0
go.opentelemetry.io/contrib/detectors/aws/ecs	require	minor	v1.19.0 -> v1.20.0
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws	require	minor	v0.44.0 -> v0.45.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	require	minor	v0.44.0 -> v0.45.0
go.opentelemetry.io/contrib/propagators/aws	require	minor	v1.19.0 -> v1.20.0
go.opentelemetry.io/otel	require	minor	v1.18.0 -> v1.19.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	require	minor	v1.18.0 -> v1.19.0
go.opentelemetry.io/otel/sdk	require	minor	v1.18.0 -> v1.19.0
go.opentelemetry.io/otel/trace	require	minor	v1.18.0 -> v1.19.0

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

hashicorp/terraform-provider-aws (aws)

v5.19.0

Compare Source

BREAKING CHANGES:

• data-source/aws_s3_bucket_object: Following migration to AWS SDK for Go v2, the metadata attribute's keys are always returned in lowercase (#​33660)
• data-source/aws_s3_object: Following migration to AWS SDK for Go v2, the metadata attribute's keys are always returned in lowercase (#​33660)

NOTES:

• data-source/aws_s3_bucket_object: The metadata attribute's keys are now always returned in lowercase. Please modify configurations as necessary (#​33660)
• data-source/aws_s3_object: The metadata attribute's keys are now always returned in lowercase. Please modify configurations as necessary (#​33660)
• resource/aws_iam_*: This release introduces additional validation of IAM policy JSON arguments to detect duplicate keys. Previously, arguments with duplicated keys resulted in all but one of the key values being overwritten. Since this results in unexpected IAM policies being submitted to AWS, we have updated the validation logic to error in these cases. This may cause existing IAM policy arguments to fail validation, however, those policies are likely not what was originally intended. (#​33570)

FEATURES:

• New Resource: aws_cleanrooms_configured_table (#​33602)
• New Resource: aws_dms_replication_config (#​32908)
• New Resource: aws_lexv2models_bot (#​33475)
• New Resource: aws_rds_custom_db_engine_version (#​33285)

ENHANCEMENTS:

• resource/aws_cloud9_environment_ec2: Add ubuntu-22.04-x86_64 and resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64 as valid values for image_id (#​33662)
• resource/aws_fsx_ontap_volume: Add bypass_snaplock_enterprise_retention argument and snaplock_configuration configuration block to support SnapLock (#​32530)
• resource/aws_fsx_ontap_volume: Add copy_tags_to_backups and snapshot_policy arguments (#​32530)
• resource/aws_fsx_openzfs_volume: Add delete_volume_options argument (#​32530)
• resource/aws_lightsail_bucket: Add force_delete argument (#​33586)
• resource/aws_opensearch_outbound_connection: Add connection_properties, connection_mode and accept_connection arguments (#​32990)
• resource/aws_wafv2_rule_group: Add rate_based_statement.custom_key configuration block (#​33594)
• resource/aws_wafv2_web_acl: Add rate_based_statement.custom_key configuration block (#​33594)

BUG FIXES:

• resource/aws_batch_job_queue: Correctly validates elements of compute_environments as ARNs (#​33577)
• resource/aws_cloudfront_continuous_deployment_policy: Fix IllegalUpdate errors when updating a staging aws_cloudfront_distribution that is part of continuous deployment (#​33578)
• resource/aws_cloudfront_distribution: Fix IllegalUpdate errors when updating a staging distribution associated with an aws_cloudfront_continuous_deployment_policy (#​33578)
• resource/aws_cloudfront_distribution: Fix PreconditionFailed errors when destroying a distribution associated with an aws_cloudfront_continuous_deployment_policy (#​33578)
• resource/aws_cloudfront_distribution: Fix StagingDistributionInUse errors when destroying a distribution associated with an aws_cloudfront_continuous_deployment_policy (#​33578)
• resource/aws_datasync_location_fsx_ontap_file_system: Correct handling of protocol.smb.domain, protocol.smb.user and protocol.smb.password (#​33641)
• resource/aws_glacier_vault_lock: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_iam_group_policy: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_iam_policy: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_iam_role: Fail validation if duplicated keys are found in assume_role_policy (#​33570)
• resource/aws_iam_role_policy: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_iam_user_policy: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_mediastore_container_policy: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_s3_bucket_policy: Fix intermittent couldn't find resource errors on resource Create (#​33537)
• resource/aws_ssoadmin_permission_set_inline_policy: Fail validation if duplicated keys are found in inline_policy (#​33570)
• resource/aws_transfer_access: Fail validation if duplicated keys are found in policy (#​33570)
• resource/aws_transfer_user: Fail validation if duplicated keys are found in policy (#​33570)

v5.18.1

Compare Source

NOTES:

• documentation: Duplicate CDKTF guides with differing file extensions have been removed to resolve failures in the provider release workflow. (#​33630)

v5.18.0

Compare Source

FEATURES:

• New Data Source: aws_fsx_ontap_file_system (#​32503)
• New Data Source: aws_fsx_ontap_storage_virtual_machine (#​32621)
• New Data Source: aws_fsx_ontap_storage_virtual_machines (#​32624)
• New Data Source: aws_organizations_organizational_unit (#​33408)
• New Resource: aws_opensearch_package (#​33227)
• New Resource: aws_opensearch_package_association (#​33227)

ENHANCEMENTS:

• resource/aws_fsx_ontap_storage_virtual_machine: Remove ForceNew from active_directory_configuration.self_managed_active_directory_configuration.domain_name, active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group and active_directory_configuration.self_managed_active_directory_configuration.organizational_unit_distinguished_name allowing an SVM to join AD after creation (#​33466)

BUG FIXES:

• data-source/aws_sesv2_email_identity: Mark dkim_signing_attributes.domain_signing_private_key as sensitive (#​33477)
• resource/aws_db_instance: Fix so that storage_throughput can be changed when iops and allocated_storage are not changed (#​33529)
• resource/aws_db_option_group: Avoid erroneous differences being reported when an option port and/or version is not set (#​33511)
• resource/aws_fsx_ontap_storage_virtual_machine: Avoid recreating resource when active_directory_configuration.self_managed_active_directory_configuration.file_system_administrators_group is configured (#​33466)
• resource/aws_fsx_ontap_storage_virtual_machine: Change file_system_id to ForceNew (#​32621)
• resource/aws_s3_bucket_accelerate_configuration: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_s3_bucket_policy: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_s3_bucket_versioning: Retry resource Delete on OperationAborted: A conflicting conditional operation is currently in progress against this resource errors (#​33531)
• resource/aws_sesv2_email_identity: Mark dkim_signing_attributes.domain_signing_private_key as sensitive (#​33477)

aws-observability/aws-rum-web (aws-rum-web)

v1.14.1: Release 1.14.1

Compare Source

See CHANGELOG for details.

boto/boto3 (boto3)

v1.28.57

Compare Source

=======

• api-change:bedrock-runtime: [botocore] Run Inference: Added support to run the inference on models. Includes set of APIs for running inference in streaming and non-streaming mode.
• api-change:bedrock: [botocore] Model Invocation logging added to enable or disable logs in customer account. Model listing and description support added. Provisioned Throughput feature added. Custom model support added for creating custom models. Also includes list, and delete functions for custom model.
• api-change:budgets: [botocore] Update DescribeBudgets and DescribeBudgetNotificationsForAccount MaxResults limit to 1000.
• api-change:ec2: [botocore] Adds support for Customer Managed Key encryption for Amazon Verified Access resources
• api-change:iotfleetwise: [botocore] AWS IoT FleetWise now supports encryption through a customer managed AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs were added.
• api-change:sagemaker-featurestore-runtime: [botocore] Feature Store supports read/write of records with collection type features.
• api-change:sagemaker: [botocore] Online store feature groups supports Standard and InMemory tier storage types for low latency storage for real-time data retrieval. The InMemory tier supports collection types List, Set, and Vector.
• api-change:wafv2: [botocore] Correct and improve the documentation for the FieldToMatch option JA3 fingerprint.

v1.28.56

Compare Source

=======

• api-change:cognito-idp: [botocore] The UserPoolType Status field is no longer used.
• api-change:firehose: [botocore] Features : Adding support for new data ingestion source to Kinesis Firehose - AWS Managed Services Kafka.
• api-change:iot: [botocore] Added support for IoT Rules Engine Kafka Action Headers
• api-change:textract: [botocore] This release adds new feature - Layout to Analyze Document API which can automatically extract layout elements such as titles, paragraphs, headers, section headers, lists, page numbers, footers, table areas, key-value areas and figure areas and order the elements as a human would read.

v1.28.55

Compare Source

=======

• api-change:appintegrations: [botocore] The Amazon AppIntegrations service adds a set of APIs (in preview) to manage third party applications to be used in Amazon Connect agent workspace.
• api-change:apprunner: [botocore] This release allows an App Runner customer to specify a custom source directory to run the build & start command. This change allows App Runner to support monorepo based repositories
• api-change:codedeploy: [botocore] CodeDeploy now supports In-place and Blue/Green EC2 deployments with multiple Classic Load Balancers and multiple Target Groups.
• api-change:connect: [botocore] This release updates a set of Amazon Connect APIs that provides the ability to integrate third party applications in the Amazon Connect agent workspace.
• api-change:dynamodb: [botocore] Amazon DynamoDB now supports Incremental Export as an enhancement to the existing Export Table
• api-change:ec2: [botocore] The release includes AWS verified access to support FIPs compliance in North America regions
• api-change:lakeformation: [botocore] This release adds three new API support "CreateLakeFormationOptIn", "DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also updates the corresponding documentation.
• api-change:pinpoint: [botocore] Update documentation for RemoveAttributes to more accurately reflect its behavior when attributes are deleted.
• api-change:s3: [botocore] This release adds a new field COMPLETED to the ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects using the AWS SDK.

v1.28.54

Compare Source

=======

• api-change:amplifyuibuilder: [botocore] Support for generating code that is compatible with future versions of amplify project dependencies.
• api-change:chime-sdk-media-pipelines: [botocore] Adds support for sending WebRTC audio to Amazon Kineses Video Streams.
• api-change:emr-serverless: [botocore] This release adds support for application-wide default job configurations.
• api-change:finspace-data: [botocore] Adding sensitive trait to attributes. Change max SessionDuration from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain consistency between APIs.
• api-change:quicksight: [botocore] Added ability to tag users upon creation.
• api-change:ssm: [botocore] This release updates the enum values for ResourceType in SSM DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.
• api-change:wafv2: [botocore] You can now perform an exact match against the web request's JA3 fingerprint.

v1.28.53

Compare Source

=======

• api-change:braket: [botocore] This release adds support to view the device queue depth (the number of queued quantum tasks and hybrid jobs on a device) and queue position for a quantum task and hybrid job.
• api-change:dms: [botocore] new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and Redshift
• api-change:ec2: [botocore] EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini computers featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and uniquely enabled by the AWS Nitro System through high-speed Thunderbolt connections.
• api-change:efs: [botocore] Update efs client to latest version
• api-change:guardduty: [botocore] Add EKS_CLUSTER_NAME to filter and sort key.
• api-change:mediaconvert: [botocore] This release supports the creation of of audio-only tracks in CMAF output groups.

cypress-io/cypress (cypress)

v13.3.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#13-3-0

evanw/esbuild (esbuild)

v0.19.4

Compare Source

• Fix printing of JavaScript decorators in tricky cases (#​3396)

  This release fixes some bugs where esbuild's pretty-printing of JavaScript decorators could incorrectly produced code with a syntax error. The problem happened because esbuild sometimes substitutes identifiers for other expressions in the pretty-printer itself, but the decision about whether to wrap the expression or not didn't account for this. Here are some examples:

  // Original code
  import { constant } from './constants.js'
  import { imported } from 'external'
  import { undef } from './empty.js'
  class Foo {
    @​constant()
    @​imported()
    @​undef()
    foo
  }
  
  // Old output (with --bundle --format=cjs --packages=external --minify-syntax)
  var import_external = require("external");
  var Foo = class {
    @​123()
    @​(0, import_external.imported)()
    @​(void 0)()
    foo;
  };
  
  // New output (with --bundle --format=cjs --packages=external --minify-syntax)
  var import_external = require("external");
  var Foo = class {
    @​(123())
    @​((0, import_external.imported)())
    @​((void 0)())
    foo;
  };

• Allow pre-release versions to be passed to target (#​3388)

  People want to be able to pass version numbers for unreleased versions of node (which have extra stuff after the version numbers) to esbuild's target setting and have esbuild do something reasonable with them. These version strings are of course not present in esbuild's internal feature compatibility table because an unreleased version has not been released yet (by definition). With this release, esbuild will now attempt to accept these version strings passed to target and do something reasonable with them.

open-telemetry/opentelemetry-go-contrib (go.opentelemetry.io/contrib/detectors/aws/ecs)

v1.20.0: /v0.45.0/v0.14.0

Compare Source

Added

• Set the description for the rpc.server.duration metric in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#​4302)
• Add NewServerHandler and NewClientHandler that return a grpc.StatsHandler used for gRPC instrumentation in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#​3002)
• Add new Prometheus bridge module in go.opentelemetry.io/contrib/bridges/prometheus. (#​4227)

Changed

• Upgrade dependencies of OpenTelemetry Go to use the new v1.19.0/v0.42.0/v0.0.7 release.
• Use grpc.StatsHandler for gRPC instrumentation in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/example. (#​4325)

New Contributors

• @​puckpuck made their first contribution in https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4302

Full Changelog: open-telemetry/opentelemetry-go-contrib@v1.19.0...v1.20.0

open-telemetry/opentelemetry-go (go.opentelemetry.io/otel)

v1.19.0: /v0.42.0/v0.0.7

Compare Source

This release contains the first stable release of the OpenTelemetry Go metric SDK. Our project stability guarantees now apply to the go.opentelemetry.io/otel/sdk/metric package. See our versioning policy for more information about these stability guarantees.

Added

• Add the "Roll the dice" getting started application example in go.opentelemetry.io/otel/example/dice. (#​4539)
• The WithWriter and WithPrettyPrint options to go.opentelemetry.io/otel/exporters/stdout/stdoutmetric to set a custom io.Writer, and allow displaying the output in human-readable JSON. (#​4507)

Changed

• Allow '/' characters in metric instrument names. (#​4501)
• The exporter in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric does not prettify its output by default anymore. (#​4507)
• Upgrade gopkg.io/yaml from v2 to v3 in go.opentelemetry.io/otel/schema. (#​4535)

Fixed

• In go.opentelemetry.op/otel/exporters/prometheus, don't try to create the Prometheus metric on every Collect if we know the scope is invalid. (#​4499)

Removed

• Remove "go.opentelemetry.io/otel/bridge/opencensus".NewMetricExporter, which is replaced by NewMetricProducer. (#​4566)

Full Changelog: open-telemetry/opentelemetry-go@v1.18.0...v1.19.0

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov]

Codecov Report

All modified lines are covered by tests ✅

📢 Thoughts on this report? Let us know!.

[github-actions]

PR Environment Terraform Plan Summary

Plan: 1 to add, 4 to change, 1 to destroy