-
-
Notifications
You must be signed in to change notification settings - Fork 238
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure trufflehog does not auto-update itself #3430
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some security linters update their database, but I'm against updating the whole executable version when not requested... so good catch, thanks for your contribution :)
You're welcome :) Anyway, just for reference, here's a gist including a GitHub Action log excerpt showing that latest version of trufflehog (v3.70.0) was used instead of the one pinned in Megalinter 7.10.0 (v3.69.0): https://gist.github.com/wandering-tales/51311d13eccf03a3b27388069dbcd0a4 |
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | digest | `b4ffde6` -> `1d96c77` | | | | | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | digest | `5d5d22a` -> `6546280` | | | | | | [aws](https://registry.terraform.io/providers/hashicorp/aws) ([source](https://togithub.com/hashicorp/terraform-provider-aws)) | required_provider | minor | `5.45.0` -> `5.46.0` | [![age](https://developer.mend.io/api/mc/badges/age/terraform-provider/aws/5.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/terraform-provider/aws/5.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/terraform-provider/aws/5.45.0/5.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/terraform-provider/aws/5.45.0/5.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [boto3](https://togithub.com/boto/boto3) | | patch | `==1.34.84` -> `==1.34.91` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/boto3/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/boto3/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/boto3/1.34.84/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/boto3/1.34.84/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [botocore](https://togithub.com/boto/botocore) | | patch | `==1.34.84` -> `==1.34.91` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/botocore/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/botocore/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/botocore/1.34.84/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/botocore/1.34.84/1.34.91?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | checkmarx/kics | container | major | `v1.7.13-debian` -> `v2.0.0-debian` | [![age](https://developer.mend.io/api/mc/badges/age/docker/checkmarx%2fkics/v2.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/checkmarx%2fkics/v2.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/checkmarx%2fkics/v1.7.13/v2.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/checkmarx%2fkics/v1.7.13/v2.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [hashicorp/setup-terraform](https://togithub.com/hashicorp/setup-terraform) | action | minor | `v3.0.0` -> `v3.1.0` | [![age](https://developer.mend.io/api/mc/badges/age/github-tags/hashicorp%2fsetup-terraform/v3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/github-tags/hashicorp%2fsetup-terraform/v3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/github-tags/hashicorp%2fsetup-terraform/v3.0.0/v3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/hashicorp%2fsetup-terraform/v3.0.0/v3.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [oxsecurity/megalinter](https://togithub.com/oxsecurity/megalinter) | action | minor | `v7.10.0` -> `v7.11.1` | [![age](https://developer.mend.io/api/mc/badges/age/github-tags/oxsecurity%2fmegalinter/v7.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/github-tags/oxsecurity%2fmegalinter/v7.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/github-tags/oxsecurity%2fmegalinter/v7.10.0/v7.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/oxsecurity%2fmegalinter/v7.10.0/v7.11.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [random](https://registry.terraform.io/providers/hashicorp/random) ([source](https://togithub.com/hashicorp/terraform-provider-random)) | required_provider | patch | `3.6.0` -> `3.6.1` | [![age](https://developer.mend.io/api/mc/badges/age/terraform-provider/random/3.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/terraform-provider/random/3.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/terraform-provider/random/3.6.0/3.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/terraform-provider/random/3.6.0/3.6.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>hashicorp/terraform-provider-aws (aws)</summary> ### [`v5.46.0`](https://togithub.com/hashicorp/terraform-provider-aws/blob/HEAD/CHANGELOG.md#5460-April-18-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-aws/compare/v5.45.0...v5.46.0) NOTES: - provider: When using YAML or JSON documents, such as in `template_body` of `aws_cloudformation_stack`, CRLF was previously treated as different from LF but these are now treated as equivalent in many situations ([#​14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270)) FEATURES: - **New Resource:** `aws_eip_domain_name` ([#​36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) ENHANCEMENTS: - data-source/aws_alb: Add `client_keep_alive` argument ([#​36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - data-source/aws_eip: Add `ptr_record` attribute ([#​36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) - data-source/aws_iam_policy: Add `attachment_count` attribute ([#​36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759)) - data-source/aws_lb: Add `client_keep_alive` argument ([#​36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - data-source/aws_organizations_organization: Add `master_account_name` attribute ([#​36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797)) - data-source/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#​36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_alb: Add `client_keep_alive` argument ([#​36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - resource/aws_autoscaling_group: Add `alarm_specification` to the `instance_refresh.preferences` configuration block ([#​36954](https://togithub.com/hashicorp/terraform-provider-aws/issues/36954)) - resource/aws_cloudformation_stack_set: Add retry when creating to potentially help with eventual consistency problems ([#​36982](https://togithub.com/hashicorp/terraform-provider-aws/issues/36982)) - resource/aws_cloudfront_origin_access_control: Add `lambda` and `mediapackagev2` as valid values for `origin_access_control_origin_type` ([#​34362](https://togithub.com/hashicorp/terraform-provider-aws/issues/34362)) - resource/aws_cloudwatch_event_rule: Add `force_destroy` attribute ([#​34905](https://togithub.com/hashicorp/terraform-provider-aws/issues/34905)) - resource/aws_codebuild_project: Add GitLab and GitLab Self Managed support to the `report_build_status` and `build_status_config` arguments ([#​36942](https://togithub.com/hashicorp/terraform-provider-aws/issues/36942)) - resource/aws_default_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` as Computed attribute ([#​36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_dms_replication_task: Add `resource_identifier` argument ([#​36901](https://togithub.com/hashicorp/terraform-provider-aws/issues/36901)) - resource/aws_eip: Add `ptr_record` attribute ([#​36963](https://togithub.com/hashicorp/terraform-provider-aws/issues/36963)) - resource/aws_elasticache_serverless_cache: Add `minimum` attribute in `cache_usage_limits.data_storage` and `cache_usage_limits.ecpu_per_second` ([#​36766](https://togithub.com/hashicorp/terraform-provider-aws/issues/36766)) - resource/aws_fsx_openzfs_file_system: Add `endpoint_ip_address` attribute ([#​36767](https://togithub.com/hashicorp/terraform-provider-aws/issues/36767)) - resource/aws_iam_policy: Add `attachment_count` attribute ([#​36759](https://togithub.com/hashicorp/terraform-provider-aws/issues/36759)) - resource/aws_imagebuilder_image: Add `execution_role` and `workflow` arguments ([#​36953](https://togithub.com/hashicorp/terraform-provider-aws/issues/36953)) - resource/aws_lb: Add `client_keep_alive` argument ([#​36969](https://togithub.com/hashicorp/terraform-provider-aws/issues/36969)) - resource/aws_mwaa_environment: Add `database_vpc_endpoint_service` and `webserver_vpc_endpoint_service` attributes ([#​36903](https://togithub.com/hashicorp/terraform-provider-aws/issues/36903)) - resource/aws_organizations_organization: Add `master_account_name` attribute ([#​36797](https://togithub.com/hashicorp/terraform-provider-aws/issues/36797)) - resource/aws_transfer_connector: Add `security_policy_name` argument ([#​36893](https://togithub.com/hashicorp/terraform-provider-aws/issues/36893)) - resource/aws_vpc_dhcp_options: Add `ipv6_address_preferred_lease_time` attribute ([#​36934](https://togithub.com/hashicorp/terraform-provider-aws/issues/36934)) - resource/aws_vpc_ipam_pool: Add `cascade` argument ([#​36898](https://togithub.com/hashicorp/terraform-provider-aws/issues/36898)) BUG FIXES: - data-source/aws_iam_policy_document: When using multiple principals, sort them to avoid differences based only on order ([#​25967](https://togithub.com/hashicorp/terraform-provider-aws/issues/25967)) - resource/aws_appconfig_deployment: Fix `ConflictException` errors on resource Create ([#​36980](https://togithub.com/hashicorp/terraform-provider-aws/issues/36980)) - resource/aws_ce_anomaly_monitor: Change `monitor_dimension` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#​36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773)) - resource/aws_ce_anomaly_subscription: Change `account_id` to [ForceNew](https://developer.hashicorp.com/terraform/plugin/sdkv2/schemas/schema-behaviors#forcenew) ([#​36773](https://togithub.com/hashicorp/terraform-provider-aws/issues/36773)) - resource/aws_cloudformation_stack: CRLF line endings in `template_body` no longer cause erroneous diffs ([#​14270](https://togithub.com/hashicorp/terraform-provider-aws/issues/14270)) - resource/aws_db_proxy: Fix `interface conversion: interface {} is nil, not map[string]interface {}` panic when `auth` is empty (`{}`) ([#​36967](https://togithub.com/hashicorp/terraform-provider-aws/issues/36967)) - resource/aws_dms_replication_config: Adds validation to `replication_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#​36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_config: Suppresses differences in partial `replication_settings` JSON documents. ([#​36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Adds validation to `replication_task_settings` to disallow `Logging.CloudWatchLogGroup` and `Logging.CloudWatchLogStream`. ([#​36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Allows leaving `replication_task_settings` unset to use default settings. ([#​36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_dms_replication_task: Suppresses differences in partial `replication_task_settings` JSON documents. ([#​36936](https://togithub.com/hashicorp/terraform-provider-aws/issues/36936)) - resource/aws_fsx_windows_file_system: Fix error `BadRequest: AuditLogDestination must not be provided when auditing is disabled` when updating `audit_log_configuration.0.file_access_audit_log_level` and `audit_log_configuration.0.file_share_access_audit_log_level` to `"DISABLED"` ([#​36928](https://togithub.com/hashicorp/terraform-provider-aws/issues/36928)) - resource/aws_glue_job: Mark `number_of_workers` and `worker_type` as optional/computed, preventing persistent differences when `max_capacity` is set. ([#​36770](https://togithub.com/hashicorp/terraform-provider-aws/issues/36770)) - resource/aws_iam_user_login_profile: Fix forced re-creation when `password_reset_required` is `true` and initial password reset is completed ([#​36926](https://togithub.com/hashicorp/terraform-provider-aws/issues/36926)) - resource/aws_lightsail_distribution: Fix to properly set `certificate_name` on create and update ([#​36888](https://togithub.com/hashicorp/terraform-provider-aws/issues/36888)) - resource/aws_vpc_dhcp_options: Fix `NotFound` error handling on delete ([#​36933](https://togithub.com/hashicorp/terraform-provider-aws/issues/36933)) </details> <details> <summary>boto/boto3 (boto3)</summary> ### [`v1.34.91`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13491) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.90...1.34.91) \======= - api-change:`datasync`: \[`botocore`] This change allows users to disable and enable the schedules associated with their tasks. - api-change:`ec2`: \[`botocore`] Launching capability for customers to enable or disable automatic assignment of public IPv4 addresses to their network interface - api-change:`emr-containers`: \[`botocore`] EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs. - api-change:`entityresolution`: \[`botocore`] Support Batch Unique IDs Deletion. - api-change:`gamelift`: \[`botocore`] Amazon GameLift releases container fleets support for public preview. Deploy Linux-based containerized game server software for hosting on Amazon GameLift. - api-change:`ssm`: \[`botocore`] Add SSM DescribeInstanceProperties API to public AWS SDK. ### [`v1.34.90`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13490) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.89...1.34.90) \======= - api-change:`bedrock`: \[`botocore`] This release introduces Model Evaluation and Guardrails for Amazon Bedrock. - api-change:`bedrock-agent`: \[`botocore`] Introducing the ability to create multiple data sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to define the deletion behavior of the underlying vector store data. - api-change:`bedrock-agent-runtime`: \[`botocore`] This release introduces zero-setup file upload support for the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge Base. - api-change:`bedrock-runtime`: \[`botocore`] This release introduces Guardrails for Amazon Bedrock. - api-change:`ce`: \[`botocore`] Added additional metadata that might be applicable to your reservation recommendations. - api-change:`ec2`: \[`botocore`] This release introduces EC2 AMI Deregistration Protection, a new AMI property that can be enabled by customers to protect an AMI against an unintended deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API. - api-change:`pi`: \[`botocore`] Clarifies how aggregation works for GetResourceMetrics in the Performance Insights API. - api-change:`rds`: \[`botocore`] Fix the example ARN for ModifyActivityStreamRequest - api-change:`workspaces-web`: \[`botocore`] Added InstanceType and MaxConcurrentSessions parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key & Additional Encryption Context parameters on supported resources (Portal, BrowserSettings, UserSettings, IPAccessSettings) ### [`v1.34.89`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13489) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.88...1.34.89) \======= - api-change:`bedrock-agent`: \[`botocore`] Releasing the support for simplified configuration and return of control - api-change:`bedrock-agent-runtime`: \[`botocore`] Releasing the support for simplified configuration and return of control - api-change:`payment-cryptography`: \[`botocore`] Adding support to TR-31/TR-34 exports for optional headers, allowing customers to add additional metadata (such as key version and KSN) when exporting keys from the service. - api-change:`redshift-serverless`: \[`botocore`] Updates description of schedule field for scheduled actions. - api-change:`route53profiles`: \[`botocore`] Route 53 Profiles allows you to apply a central DNS configuration across many VPCs regardless of account. - api-change:`sagemaker`: \[`botocore`] This release adds support for Real-Time Collaboration and Shared Space for JupyterLab App on SageMaker Studio. - api-change:`servicediscovery`: \[`botocore`] This release adds examples to several Cloud Map actions. - api-change:`transfer`: \[`botocore`] Adding new API to support remote directory listing using SFTP connector ### [`v1.34.88`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13488) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.87...1.34.88) \======= - api-change:`glue`: \[`botocore`] Adding RowFilter in the response for GetUnfilteredTableMetadata API - api-change:`internetmonitor`: \[`botocore`] This update introduces the GetInternetEvent and ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch Internet Weather Map. - api-change:`personalize`: \[`botocore`] This releases auto training capability while creating a solution and automatically syncing latest solution versions when creating/updating a campaign ### [`v1.34.87`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13487) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.86...1.34.87) \======= - api-change:`drs`: \[`botocore`] Outpost ARN added to Source Server and Recovery Instance - api-change:`emr-serverless`: \[`botocore`] This release adds the capability to publish detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs. - api-change:`guardduty`: \[`botocore`] Added IPv6Address fields for local and remote IP addresses - api-change:`quicksight`: \[`botocore`] This release adds support for the Cross Sheet Filter and Control features, and support for warnings in asset imports for any permitted errors encountered during execution - api-change:`rolesanywhere`: \[`botocore`] This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates. - api-change:`sagemaker`: \[`botocore`] Removed deprecated enum values and updated API documentation. - api-change:`workspaces`: \[`botocore`] Adds new APIs for managing and sharing WorkSpaces BYOL configuration across accounts. ### [`v1.34.86`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13486) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.85...1.34.86) \======= - api-change:`ec2`: \[`botocore`] Documentation updates for Elastic Compute Cloud (EC2). - api-change:`qbusiness`: \[`botocore`] This release adds support for IAM Identity Center (IDC) as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q Business to identify how the Chat request should be handled. ### [`v1.34.85`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13485) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.84...1.34.85) \======= - api-change:`bedrock-agent`: \[`botocore`] For Create Agent API, the agentResourceRoleArn parameter is no longer required. - api-change:`emr-serverless`: \[`botocore`] This release adds support for shuffle optimized disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads. - api-change:`entityresolution`: \[`botocore`] Cross Account Resource Support . - api-change:`iotwireless`: \[`botocore`] Add PublicGateways in the GetWirelessStatistics call response, indicating the LoRaWAN public network accessed by the device. - api-change:`lakeformation`: \[`botocore`] This release adds Lake Formation managed RAM support for the 4 APIs - "DescribeLakeFormationIdentityCenterConfiguration", "CreateLakeFormationIdentityCenterConfiguration", "DescribeLakeFormationIdentityCenterConfiguration", and "DeleteLakeFormationIdentityCenterConfiguration" - api-change:`m2`: \[`botocore`] Adding new ListBatchJobRestartPoints API and support for restart batch job. - api-change:`mediapackagev2`: \[`botocore`] Dash v2 is a MediaPackage V2 feature to support egressing on DASH manifest format. - api-change:`outposts`: \[`botocore`] This release adds new APIs to allow customers to configure their Outpost capacity at order-time. - api-change:`wellarchitected`: \[`botocore`] AWS Well-Architected now has a Connector for Jira to allow customers to efficiently track workload risks and improvement efforts and create closed-loop mechanisms. - enhancement:AWSCRT: \[`botocore`] Update awscrt version to 0.20.9 </details> <details> <summary>boto/botocore (botocore)</summary> ### [`v1.34.91`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13491) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.90...1.34.91) \======= - api-change:`datasync`: This change allows users to disable and enable the schedules associated with their tasks. - api-change:`ec2`: Launching capability for customers to enable or disable automatic assignment of public IPv4 addresses to their network interface - api-change:`emr-containers`: EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs. - api-change:`entityresolution`: Support Batch Unique IDs Deletion. - api-change:`gamelift`: Amazon GameLift releases container fleets support for public preview. Deploy Linux-based containerized game server software for hosting on Amazon GameLift. - api-change:`ssm`: Add SSM DescribeInstanceProperties API to public AWS SDK. ### [`v1.34.90`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13490) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.89...1.34.90) \======= - api-change:`bedrock`: This release introduces Model Evaluation and Guardrails for Amazon Bedrock. - api-change:`bedrock-agent`: Introducing the ability to create multiple data sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to define the deletion behavior of the underlying vector store data. - api-change:`bedrock-agent-runtime`: This release introduces zero-setup file upload support for the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge Base. - api-change:`bedrock-runtime`: This release introduces Guardrails for Amazon Bedrock. - api-change:`ce`: Added additional metadata that might be applicable to your reservation recommendations. - api-change:`ec2`: This release introduces EC2 AMI Deregistration Protection, a new AMI property that can be enabled by customers to protect an AMI against an unintended deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API. - api-change:`pi`: Clarifies how aggregation works for GetResourceMetrics in the Performance Insights API. - api-change:`rds`: Fix the example ARN for ModifyActivityStreamRequest - api-change:`workspaces-web`: Added InstanceType and MaxConcurrentSessions parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key & Additional Encryption Context parameters on supported resources (Portal, BrowserSettings, UserSettings, IPAccessSettings) ### [`v1.34.89`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13489) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.88...1.34.89) \======= - api-change:`bedrock-agent`: Releasing the support for simplified configuration and return of control - api-change:`bedrock-agent-runtime`: Releasing the support for simplified configuration and return of control - api-change:`payment-cryptography`: Adding support to TR-31/TR-34 exports for optional headers, allowing customers to add additional metadata (such as key version and KSN) when exporting keys from the service. - api-change:`redshift-serverless`: Updates description of schedule field for scheduled actions. - api-change:`route53profiles`: Route 53 Profiles allows you to apply a central DNS configuration across many VPCs regardless of account. - api-change:`sagemaker`: This release adds support for Real-Time Collaboration and Shared Space for JupyterLab App on SageMaker Studio. - api-change:`servicediscovery`: This release adds examples to several Cloud Map actions. - api-change:`transfer`: Adding new API to support remote directory listing using SFTP connector ### [`v1.34.88`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13488) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.87...1.34.88) \======= - api-change:`glue`: Adding RowFilter in the response for GetUnfilteredTableMetadata API - api-change:`internetmonitor`: This update introduces the GetInternetEvent and ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch Internet Weather Map. - api-change:`personalize`: This releases auto training capability while creating a solution and automatically syncing latest solution versions when creating/updating a campaign ### [`v1.34.87`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13487) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.86...1.34.87) \======= - api-change:`drs`: Outpost ARN added to Source Server and Recovery Instance - api-change:`emr-serverless`: This release adds the capability to publish detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs. - api-change:`guardduty`: Added IPv6Address fields for local and remote IP addresses - api-change:`quicksight`: This release adds support for the Cross Sheet Filter and Control features, and support for warnings in asset imports for any permitted errors encountered during execution - api-change:`rolesanywhere`: This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates. - api-change:`sagemaker`: Removed deprecated enum values and updated API documentation. - api-change:`workspaces`: Adds new APIs for managing and sharing WorkSpaces BYOL configuration across accounts. ### [`v1.34.86`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13486) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.85...1.34.86) \======= - api-change:`ec2`: Documentation updates for Elastic Compute Cloud (EC2). - api-change:`qbusiness`: This release adds support for IAM Identity Center (IDC) as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q Business to identify how the Chat request should be handled. ### [`v1.34.85`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13485) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.84...1.34.85) \======= - api-change:`bedrock-agent`: For Create Agent API, the agentResourceRoleArn parameter is no longer required. - api-change:`emr-serverless`: This release adds support for shuffle optimized disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads. - api-change:`entityresolution`: Cross Account Resource Support . - api-change:`iotwireless`: Add PublicGateways in the GetWirelessStatistics call response, indicating the LoRaWAN public network accessed by the device. - api-change:`lakeformation`: This release adds Lake Formation managed RAM support for the 4 APIs - "DescribeLakeFormationIdentityCenterConfiguration", "CreateLakeFormationIdentityCenterConfiguration", "DescribeLakeFormationIdentityCenterConfiguration", and "DeleteLakeFormationIdentityCenterConfiguration" - api-change:`m2`: Adding new ListBatchJobRestartPoints API and support for restart batch job. - api-change:`mediapackagev2`: Dash v2 is a MediaPackage V2 feature to support egressing on DASH manifest format. - api-change:`outposts`: This release adds new APIs to allow customers to configure their Outpost capacity at order-time. - api-change:`wellarchitected`: AWS Well-Architected now has a Connector for Jira to allow customers to efficiently track workload risks and improvement efforts and create closed-loop mechanisms. - enhancement:AWSCRT: Update awscrt version to 0.20.9 </details> <details> <summary>hashicorp/setup-terraform (hashicorp/setup-terraform)</summary> ### [`v3.1.0`](https://togithub.com/hashicorp/setup-terraform/releases/tag/v3.1.0) [Compare Source](https://togithub.com/hashicorp/setup-terraform/compare/v3.0.0...v3.1.0) ENHANCEMENTS: - Automatically fallback to darwin/amd64 for Terraform versions before 1.0.2 as releases for darwin/arm64 are not available ([#​409](https://togithub.com/hashicorp/setup-terraform/issues/409)) </details> <details> <summary>oxsecurity/megalinter (oxsecurity/megalinter)</summary> ### [`v7.11.1`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7111---2024-04-23) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.11.0...v7.11.1) - Fixes - Implement fallback in case git diff does not work with merge-base - Linter versions upgrades - [stylelint](https://stylelint.io) from 16.3.1 to **16.4.0** ### [`v7.11.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7110---2024-04-23) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.10.0...v7.11.0) - Core - Allow to override the number of parallel cores used, with variable **PARALLEL_PROCESS_NUMBER**, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3428](https://togithub.com/oxsecurity/megalinter/pull/3428) - Upgrade base python image from 3.12.2-alpine3.19 to 3.12.3-alpine3.19 - Upgrade PHP 8.1 to 8.3 by [@​llaville](https://togithub.com/llaville) in [https://github.com/oxsecurity/megalinter/pull/3464](https://togithub.com/oxsecurity/megalinter/pull/3464) - Add descriptor pre / post commands, by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/3468](https://togithub.com/oxsecurity/megalinter/pull/3468) - Allow merge lists with **EXTENDS**, by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/3469](https://togithub.com/oxsecurity/megalinter/pull/3469) - Media - New linters - Add Kotlin detekt linter, by [@​enciyo](https://togithub.com/enciyo) in [https://github.com/oxsecurity/megalinter/pull/3408](https://togithub.com/oxsecurity/megalinter/pull/3408) - Reporters - Add ruff sarif support, by [@​Skitionek](https://togithub.com/Skitionek) in [https://github.com/oxsecurity/megalinter/pull/3486](https://togithub.com/oxsecurity/megalinter/pull/3486) - Fixes - Fix listing of modified files, by [@​vkucera](https://togithub.com/vkucera) in [#​3472](https://togithub.com/oxsecurity/megalinter/pull/3472). Fixes [#​2125](https://togithub.com/oxsecurity/megalinter/issues/2125). - Fix conflict between prettier and yamllint about spaces, by [@​apeyrat](https://togithub.com/apeyrat) in [https://github.com/oxsecurity/megalinter/pull/3426](https://togithub.com/oxsecurity/megalinter/pull/3426) - Ensure [trufflehog](https://togithub.com/trufflesecurity/trufflehog) does not auto-update itself, by [@​wandering-tales](https://togithub.com/wandering-tales) in [https://github.com/oxsecurity/megalinter/pull/3430](https://togithub.com/oxsecurity/megalinter/pull/3430) - Salesforce linters: use sf + default Flow Scanner rules, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3435](https://togithub.com/oxsecurity/megalinter/pull/3435) - Disable JSON_ESLINT_PLUGIN_JSONC until [ota-meshi/eslint-plugin-jsonc#328](https://togithub.com/ota-meshi/eslint-plugin-jsonc/issues/328) is fixed - Upgrade tar in mega-linter-runner - secretlint: remove default `.secretlintignore` that was never used but `.gitignore` is used instead. Fixes [#​3328](https://togithub.com/oxsecurity/megalinter/issues/3328) - Add jpeg, xlsx to .gitleaks.toml, by [@​rasa](https://togithub.com/rasa) in [https://github.com/oxsecurity/megalinter/pull/3434](https://togithub.com/oxsecurity/megalinter/pull/3434) - Fix Json Schema, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3470](https://togithub.com/oxsecurity/megalinter/pull/3470) - Remove `TEMPLATES/.secretlintignore`, by [@​pjungermann](https://togithub.com/pjungermann) in [https://github.com/oxsecurity/megalinter/pull/3476](https://togithub.com/oxsecurity/megalinter/pull/3476) - Doc - Update R2DevOps logo, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3436](https://togithub.com/oxsecurity/megalinter/pull/3436) - Update [Roslynator](https://togithub.com/dotnet/roslynator) repo url and logo, by [@​TommyE123](https://togithub.com/TommyE123) in [https://github.com/oxsecurity/megalinter/pull/3444](https://togithub.com/oxsecurity/megalinter/pull/3444) - Fix clang-format documentation links to point to the correct version. Fixes [#​3452](https://togithub.com/oxsecurity/megalinter/issues/3452), by [@​daltonv](https://togithub.com/daltonv) in [https://github.com/oxsecurity/megalinter/pull/3453](https://togithub.com/oxsecurity/megalinter/pull/3453) - Add copy to clipboard button in code block (documentation), by [@​nikkii86](https://togithub.com/nikkii86) in [https://github.com/oxsecurity/megalinter/pull/3491](https://togithub.com/oxsecurity/megalinter/pull/3491) - Flavors - Add C & C++ linters in Python flavor by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3456](https://togithub.com/oxsecurity/megalinter/pull/3456) - CI - Make SPELL_LYCHEE non blocking for internal CI jobs - Remove old unused automerge workflows by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/3432](https://togithub.com/oxsecurity/megalinter/pull/3432) - Add consistent python3/python handling at build.sh, by [@​pjungermann](https://togithub.com/pjungermann) in [https://github.com/oxsecurity/megalinter/pull/3475](https://togithub.com/oxsecurity/megalinter/pull/3475) - Linter versions upgrades - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.2.0 to **24.2.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.25.53 to **0.26.170** - [black](https://black.readthedocs.io/en/stable/) from 24.2.0 to **24.4.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.86.0 to **0.86.4** - [checkov](https://www.checkov.io/) from 3.2.34 to **3.2.74** - [checkstyle](https://checkstyle.org/) from 10.14.0 to **10.15.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.76 to **0.1.77** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2024.03.05 to **2024.03.13** - [csharpier](https://csharpier.com/) from 0.27.3 to **0.28.1** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.6.0 to **8.7.0** - [devskim](https://togithub.com/microsoft/DevSkim) from 1.0.32 to **1.0.33** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 8.0.102 to **8.0.104** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.13.0 to **2.15.1** - [golangci-lint](https://golangci-lint.run/) from 1.56.2 to **1.57.2** - [grype](https://togithub.com/anchore/grype) from 0.74.7 to **0.77.0** - [kics](https://www.kics.io) from 1.7.13 to **2.0.0** - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.18.0 to **2.22.0** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.11.2 to **3.12.1** - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 14.2.3 to **14.4.1** - [phpcs](https://togithub.com/PHPCSStandards/PHP_CodeSniffer) from 3.9.0 to **3.9.1** - [phpstan](https://phpstan.org/) from 1.10.60 to **1.10.67** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.48.0 to **0.49.6** - [psalm](https://psalm.dev) from Psalm.5.23.0@​ to **Psalm.5.23.1@​** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.353 to **1.1.359** - [roslynator](https://togithub.com/dotnet/Roslynator) from 0.8.3.0 to **0.8.6.0** - [rstcheck](https://togithub.com/myint/rstcheck) from 6.2.0 to **6.2.1** - [rubocop](https://rubocop.org/) from 1.62.0 to **1.63.3** - [ruff](https://togithub.com/astral-sh/ruff) from 0.3.2 to **0.4.1** - [secretlint](https://togithub.com/secretlint/secretlint) from 8.1.2 to **8.2.3** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.10.0 to **0.10.1** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.5.5 to **8.10.8** - [spectral](https://docs.stoplight.io/docs/spectral/674b27b261c3c-overview) from 6.11.0 to **6.11.1** - [sqlfluff](https://www.sqlfluff.com/) from 2.3.5 to **3.0.5** - [stylelint](https://stylelint.io) from 16.2.1 to **16.3.1** - [syft](https://togithub.com/anchore/syft) from 1.0.1 to **1.2.0** - [tekton-lint](https://togithub.com/IBM/tekton-lint) from 1.0.0 to **1.0.2** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.7.4 to **1.8.1** - [terragrunt](https://terragrunt.gruntwork.io) from 0.55.13 to **0.57.5** - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.49.1 to **0.50.2** - [trivy](https://aquasecurity.github.io/trivy/) from 0.49.1 to **0.50.2** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.69.0 to **3.73.0** - [vale](https://vale.sh/) from 3.2.2 to **3.4.0** </details> <details> <summary>hashicorp/terraform-provider-random (random)</summary> ### [`v3.6.1`](https://togithub.com/hashicorp/terraform-provider-random/blob/HEAD/CHANGELOG.md#361-April-16-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-random/compare/v3.6.0...v3.6.1) BUG FIXES: - all: Prevent `keepers` from triggering an in-place update following import ([#​385](https://togithub.com/hashicorp/terraform-provider-random/issues/385)) - resource/random_shuffle: Prevent inconsistent result after apply when result_count is set to 0 ([#​409](https://togithub.com/hashicorp/terraform-provider-random/issues/409)) - provider/random_password: Fix bug which causes panic when special, upper, lower and number/numeric are all false ([#​551](https://togithub.com/hashicorp/terraform-provider-random/issues/551)) - provider/random_string: Fix bug which causes panic when special, upper, lower and number/numeric are all false ([#​551](https://togithub.com/hashicorp/terraform-provider-random/issues/551)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cattle-ops/terraform-aws-gitlab-runner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
It looks like that the trufflehog linter auto-updates itself to the latest version when run. That makes the pinning of its version ineffective and causes builds to be non deterministic.
I have discovered such behavior by suddenly stumbling upon a false positive, probably due to a change introduced in the latest release v3.70.0.
Proposed Changes
Readiness Checklist
Author/Contributor
Reviewing Maintainer
breaking
if this is a large fundamental changeautomation
,bug
,documentation
,enhancement
,infrastructure
, orperformance