chore(deps): update stable

[renovate]

This PR contains the following updates:

Package	Update	Change
anchore/syft	minor	1.5.0 -> 1.6.0
awscli	minor	2.15.60 -> 2.16.4
dagger/dagger	patch	0.11.5 -> 0.11.6
ghcr.io/defenseunicorns/build-harness/build-harness	patch	2.0.23 -> 2.0.24
golang	patch	1.22.3 -> 1.22.4
golangci-lint	patch	1.59.0 -> 1.59.1
https://github.com/bridgecrewio/checkov.git	patch	3.2.116 -> 3.2.133
opentofu	patch	1.7.1 -> 1.7.2
opentofu/opentofu	patch	1.7.1 -> 1.7.2
terraform-docs	minor	0.17.0 -> 0.18.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

anchore/syft (anchore/syft)

v1.6.0

Compare Source

Added Features

• Add relationships for go binary packages [#​2912 @​wagoodman]
• Add classifier for util-linux [#​2933 @​LaurentGoderre]
• Lua: Add support for more advanced syntax [#​2908 @​LaurentGoderre]
• add license field to ELF binary package metadata [#​2890 @​brian-ebarb]
• install.sh: check checksums file's signature [#​2884 #​2941 @​wagoodman]
• Detect ELF package notes from fedora binaries [#​2713 #​2939 @​wagoodman]

Bug Fixes

• Use redhat as namespace for redhat rpms [#​2914 @​ralphbean]
• Close sqlite driver after testing sqlite availability [#​2922 @​ttc0419]
• syft does not find anything in archives if /tmp is a tmpfs [#​2894 #​2918 @​willmurphyscode]
• Scanning a git repository folder present in /tmp produce an empty sbom [#​2847 #​2918 @​willmurphyscode]

Additional Changes

• update unit tests to use pinned patch version [#​2932 @​spiffcs]
• fix comments and spelling [#​2920 @​dufucun]

(Full Changelog)

aws/aws-cli (awscli)

v2.16.4

Compare Source

v2.16.3

Compare Source

v2.16.2

Compare Source

v2.16.1

Compare Source

v2.16.0

Compare Source

v2.15.62

Compare Source

v2.15.61

Compare Source

dagger/dagger (dagger/dagger)

v0.11.6

Compare Source

Added

• Add withName method to File by @​TomChv in https://github.com/dagger/dagger/pull/7491

Fixed

• cli: don't validate flags when requesting --help by @​helderco in https://github.com/dagger/dagger/pull/7417
• fix container init being wrong platform in arm image by @​sipsma in https://github.com/dagger/dagger/pull/7497
• fix container DNS resolution when host has no search domains by @​sipsma in https://github.com/dagger/dagger/pull/7501
• honor system proxy config during git operations by @​sipsma in https://github.com/dagger/dagger/pull/7504
• fix windows-style paths used as file+directory arg values in dagger call by @​sipsma in https://github.com/dagger/dagger/pull/7506

What to do next?

• Read the documentation
• Join our Discord server
• Follow us on Twitter

defenseunicorns/build-harness (ghcr.io/defenseunicorns/build-harness/build-harness)

v2.0.24

Compare Source

Miscellaneous Chores

• deps: update stable (#​296) (0ad4d65)
• deps: update stable (#​298) (6872c28)
• deps: update stable (#​299) (b79590e)

golang/go (golang)

v1.22.4

Compare Source

golangci/golangci-lint (golangci-lint)

v1.59.1

Compare Source

1. Updated linters
   • go-errorlint: from 1.5.1 to 1.5.2
   • gomnd: deprecated configuration compatibility
   • intrange: add style preset
   • misspell: from 0.5.1 to 0.6.0
   • sloglint: from 0.7.0 to 0.7.1
   • testifylint: from 1.3.0 to 1.3.1
   • unparam: bump to HEAD
   • usestdlibvars: from 1.25.0 to 1.26.0
2. Fixes
   • SARIF: init empty result slice
   • SARIF: issue column >= 1
3. Documentation
   • update revive configuration

bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)

v3.2.133

Compare Source

v3.2.132

Compare Source

v3.2.131

Compare Source

v3.2.130

Compare Source

v3.2.129

Compare Source

v3.2.128

Compare Source

Feature

• azure: drop support for dotnet v7.0 - #​6383
• general: Image Referencer should not run for CI workflow files - #​6386
• secrets: Add _prioritise_secrets by 3 levels of severity - #​6390
• terraform: add 5 policies - #​6401
• terraform: add 6 policies - #​6396
• terraform: add fix for ckv_aws_300 - #​6404
• terraform: add fix for not contains solver - #​6389

Bug Fix

• ansible: filter conf if its int or float - #​6409
• general: add try except gihub_action read file - #​6411
• general: bitbucket integration test failure - #​6407
• general: CKV2_AZURE_50 generates false positive azurerm_storage_account violations - #​6391
• sast: add log for sast on windows - #​6397

v3.2.127

Compare Source

v3.2.126

Compare Source

v3.2.125

Compare Source

Feature

• arm: Add check for AzureML workspace not configured with private endpoint - #​6387

v3.2.124

Compare Source

Feature

• azure: Add policy to ensure proper AzureML Workspace network access - #​6362
• azure: Ensure Azure Storage Account storing Machine Learning workspace high business impact data is not publicly accessible - #​6368

v3.2.123

Compare Source

v3.2.122

Compare Source

Feature

• arm: AppServicePythonVersion - 82 check the 'python version' is the latest, if used to run the web app - #​6282

v3.2.121

Compare Source

Feature

• terraform: AWS SageMaker notebook instance KMS Key - #​6374
• terraform: CognitiveServicesConfigureIdentity - new check - #​6378
• terraform: Ensure that Cognitive Services accounts enable local authentication - new check - #​6377

v3.2.120

Compare Source

v3.2.119

Compare Source

Feature

• arm: add FunctionAppsEnableAuthentication - Checking if a certain field exists - #​6250
• terraform: Add more conditions to CKV_AWS_70 - #​6371
• terraform: Added the CKV2_AWS_68 Check for TF and CFN - #​6369

Bug Fix

• ansible: set task as ansible vertices config - #​6376
• terraform: for_each/count attribute wasn't rendering if referencing a dynamic variable of a higher level module - #​6372

v3.2.118

Compare Source

v3.2.117

Compare Source

opentofu/opentofu (opentofu)

v1.7.2

Compare Source

We're proud to announce that OpenTofu 1.7.2 is now officially out 🎉

This is a bugfix release and we encourage all OpenTofu 1.7.1 users to upgrade.

What’s New?

• Fixed - authorization header is not included for HTTP backends (https://github.com/opentofu/opentofu/pull/1656)
• Fixed bug in import 'to' parsing in JSON configurations (https://github.com/opentofu/opentofu/pull/1665)
• Fix bug where provider functions were unusable in variables and outputs (https://github.com/opentofu/opentofu/pull/1689)

For all the features, see the detailed changelog.

You can find the full diff here.

terraform-docs/terraform-docs (terraform-docs)

v0.18.0

Compare Source

Notable Updates

The most notable changes in this release are:

• Resources can get ignored using terraform-docs-ignore comment:

  All types of resources can be ignored from the generated output by prepending them
  with a comment terraform-docs-ignore.

  ##################################################################

All of the following will be ignored from the generated output

##################################################################

terraform-docs-ignore

resource "foo_resource" "foo" {}

This resource is going to get ignored from generated

output by using the following known comment.

terraform-docs-ignore

The ignore keyword also doesn't have to be the first,

last, or the only thing in a leading comment

resource "bar_resource" "bar" {}

terraform-docs-ignore

data "foo_data_resource" "foo" {}

terraform-docs-ignore

data "bar_data_resource" "bar" {}

// terraform-docs-ignore
module "foo" {
source = "foo"
version = "x.x.x"
}

terraform-docs-ignore

variable "foo" {
default = "foo"
}

// terraform-docs-ignore
output "foo" {
value = "foo"
}

- Skip root module documentation while executing recursively:

The main module document is generated by default, but should the main module document be
excluded from document generation, `--recursive-include-main=false` can be used or alternatively
in the `.terraform-docs.yml`:

```yml
recursive:
  enabled: true
  path: modules
  include-main: false

Changelog

Features

• 943489c Ignore inputs with terraform-docs-ignore comment
• 8f74fd4 feat: ignore outputs, providers, resources with comments
• d0862bd Update Dockerfile FROM command to use non-ambiguous container sources
• 59eb90f Make main module doc optional when in recursive generation

Bug Fixes

• 656f6a6 Fix output values with null
• d5a55ae more fixes of binary name with missing s
• 1b2dbab more fixes of binary name with missing s
• 29e186a Fixed binary name in description output

Chores

• 5e77bcc Bump actions/checkout from 3 to 4
• 21313cf Bump actions/setup-go from 3 to 5
• 89b52d5 Bump alpine from 3.18.5 to 3.19.0
• 01435d7 Bump alpine from 3.19.0 to 3.19.1
• b87d0e0 Bump alpine from 3.19.1 to 3.20.0 in /scripts/release
• 50a8858 Bump codecov/codecov-action from 1 to 3
• e729518 Bump codecov/codecov-action from 3 to 4
• 70ed14e Bump dawidd6/action-homebrew-bump-formula from 3.10.1 to 3.11.0
• 73ae81c Bump dawidd6/action-homebrew-bump-formula from 3.8.0 to 3.10.1
• 127dba6 Bump docker/login-action from 1 to 3
• 4dc7807 Bump github/codeql-action from 1 to 3
• 7a00604 Bump golang from 1.21.5-alpine to 1.22.1-alpine
• a321c28 Bump golang to 1.22.1
• d6331c1 Bump golang.org/x/net from 0.19.0 to 0.23.0
• 5a70c7a Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
• ff0ce44 Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
• ca3eea1 Bump goreleaser/goreleaser-action from 2 to 5
• 38fc0e6 Bump softprops/action-gh-release from 1 to 2
• f92cf6f Bump version to v0.18.0-alpha
• 6041ae9 Change dependabot cadence to daily
• 159bc83 Create dependabot file
• e5a9ee0 --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-patch ...
• 75e05c0 --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ...
• 228c7a7 Release version v0.18.0
• 656aa7c Update go crypto lib to v0.17.0
• 2b71b4d chore: add release-cut workflow
• d5e48a5 chore: add scripts/release/ folder to dependabot
• fde40b1 chore: bump alpine to 3.20.0
• b79a7c4 chore: bump golang to 1.22.3
• 288faea chore: update dependencies
• 740e0a8 go get -u github.com/hashicorp/hcl/v2, update to v0.20.1 to support provider functions

Docker images

• docker pull quay.io/terraform-docs/terraform-docs:latest
• docker pull quay.io/terraform-docs/terraform-docs:0.18.0

Contributors

Very special thanks to the contributors.

• @​blakegong
• @​brittandeyoung
• @​honghee99
• @​kampka
• @​EppO
• @​goruha
• @​idelsink
• @​khos2ow
• @​lb1a
• @​tf-docs-bot

---

Configuration

📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.