chore(deps): update all patch dependencies

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
awscli (source, changelog)	`==1.33.18` -> `==1.33.22`
boto3	`==1.34.136` -> `==1.34.140`
botocore	`==1.34.136` -> `==1.34.140`
checkov	`==3.2.163` -> `==3.2.177`
slack-bolt	`==1.19.0` -> `==1.19.1`

Review

[ ] Updates have been tested and work
[ ] If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

aws/aws-cli (awscli)

### [`v1.33.22`](https://togithub.com/aws/aws-cli/blob/HEAD/CHANGELOG.rst#13322) [Compare Source](https://togithub.com/aws/aws-cli/compare/1.33.21...1.33.22) \======= - api-change:`acm`: Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description. - api-change:`ecr`: This release for Amazon ECR makes change to bring the SDK into sync with the API. - api-change:`payment-cryptography-data`: Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`qbusiness`: Add personalization to Q Applications. Customers can enable or disable personalization when creating or updating a Q application with the personalization configuration. ### [`v1.33.21`](https://togithub.com/aws/aws-cli/blob/HEAD/CHANGELOG.rst#13321) [Compare Source](https://togithub.com/aws/aws-cli/compare/1.33.20...1.33.21) \======= - api-change:`application-autoscaling`: Doc only update for Application Auto Scaling that fixes resource name. - api-change:`directconnect`: This update includes documentation for support of new native 400 GBps ports for Direct Connect. - api-change:`organizations`: Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service. - api-change:`rekognition`: This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs. - api-change:`workspaces`: Fix create workspace bundle RootStorage/UserStorage to accept non null values ### [`v1.33.20`](https://togithub.com/aws/aws-cli/blob/HEAD/CHANGELOG.rst#13320) [Compare Source](https://togithub.com/aws/aws-cli/compare/1.33.19...1.33.20) \======= - api-change:`ec2`: Documentation updates for Elastic Compute Cloud (EC2). - api-change:`fms`: Increases Customer API's ManagedServiceData length - api-change:`s3`: Added response overrides to Head Object requests. ### [`v1.33.19`](https://togithub.com/aws/aws-cli/blob/HEAD/CHANGELOG.rst#13319) [Compare Source](https://togithub.com/aws/aws-cli/compare/1.33.18...1.33.19) \======= - api-change:`apigateway`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`cognito-identity`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`connect`: Authentication profiles are Amazon Connect resources (in gated preview) that allow you to configure authentication settings for users in your contact center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and UpdateAuthenticationProfile APIs. - api-change:`docdb`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`eks`: Updates EKS managed node groups to support EC2 Capacity Blocks for ML - api-change:`payment-cryptography`: Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`payment-cryptography-data`: Adding support for dynamic keys for encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys directly in dataplane operations without the need to first import them into the service. - api-change:`stepfunctions`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`swf`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`wafv2`: JSON body inspection: Update documentation to clarify that JSON parsing doesn't include full validation.

boto/boto3 (boto3)

### [`v1.34.140`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#134140) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.139...1.34.140) \======== - api-change:`acm`: \[`botocore`] Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description. - api-change:`ecr`: \[`botocore`] This release for Amazon ECR makes change to bring the SDK into sync with the API. - api-change:`payment-cryptography-data`: \[`botocore`] Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`qbusiness`: \[`botocore`] Add personalization to Q Applications. Customers can enable or disable personalization when creating or updating a Q application with the personalization configuration. ### [`v1.34.139`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#134139) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.138...1.34.139) \======== - api-change:`application-autoscaling`: \[`botocore`] Doc only update for Application Auto Scaling that fixes resource name. - api-change:`directconnect`: \[`botocore`] This update includes documentation for support of new native 400 GBps ports for Direct Connect. - api-change:`organizations`: \[`botocore`] Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service. - api-change:`rekognition`: \[`botocore`] This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs. - api-change:`workspaces`: \[`botocore`] Fix create workspace bundle RootStorage/UserStorage to accept non null values ### [`v1.34.138`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#134138) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.137...1.34.138) \======== - api-change:`ec2`: \[`botocore`] Documentation updates for Elastic Compute Cloud (EC2). - api-change:`fms`: \[`botocore`] Increases Customer API's ManagedServiceData length - api-change:`s3`: \[`botocore`] Added response overrides to Head Object requests. ### [`v1.34.137`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#134137) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.136...1.34.137) \======== - api-change:`apigateway`: \[`botocore`] Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`cognito-identity`: \[`botocore`] Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`connect`: \[`botocore`] Authentication profiles are Amazon Connect resources (in gated preview) that allow you to configure authentication settings for users in your contact center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and UpdateAuthenticationProfile APIs. - api-change:`docdb`: \[`botocore`] Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`eks`: \[`botocore`] Updates EKS managed node groups to support EC2 Capacity Blocks for ML - api-change:`payment-cryptography`: \[`botocore`] Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`payment-cryptography-data`: \[`botocore`] Adding support for dynamic keys for encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys directly in dataplane operations without the need to first import them into the service. - api-change:`stepfunctions`: \[`botocore`] Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`swf`: \[`botocore`] Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`wafv2`: \[`botocore`] JSON body inspection: Update documentation to clarify that JSON parsing doesn't include full validation.

boto/botocore (botocore)

### [`v1.34.140`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#134140) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.139...1.34.140) \======== - api-change:`acm`: Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description. - api-change:`ecr`: This release for Amazon ECR makes change to bring the SDK into sync with the API. - api-change:`payment-cryptography-data`: Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`qbusiness`: Add personalization to Q Applications. Customers can enable or disable personalization when creating or updating a Q application with the personalization configuration. ### [`v1.34.139`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#134139) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.138...1.34.139) \======== - api-change:`application-autoscaling`: Doc only update for Application Auto Scaling that fixes resource name. - api-change:`directconnect`: This update includes documentation for support of new native 400 GBps ports for Direct Connect. - api-change:`organizations`: Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service. - api-change:`rekognition`: This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs. - api-change:`workspaces`: Fix create workspace bundle RootStorage/UserStorage to accept non null values ### [`v1.34.138`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#134138) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.137...1.34.138) \======== - api-change:`ec2`: Documentation updates for Elastic Compute Cloud (EC2). - api-change:`fms`: Increases Customer API's ManagedServiceData length - api-change:`s3`: Added response overrides to Head Object requests. ### [`v1.34.137`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#134137) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.136...1.34.137) \======== - api-change:`apigateway`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`cognito-identity`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`connect`: Authentication profiles are Amazon Connect resources (in gated preview) that allow you to configure authentication settings for users in your contact center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and UpdateAuthenticationProfile APIs. - api-change:`docdb`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`eks`: Updates EKS managed node groups to support EC2 Capacity Blocks for ML - api-change:`payment-cryptography`: Added further restrictions on logging of potentially sensitive inputs and outputs. - api-change:`payment-cryptography-data`: Adding support for dynamic keys for encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys directly in dataplane operations without the need to first import them into the service. - api-change:`stepfunctions`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`swf`: Add v2 smoke tests and smithy smokeTests trait for SDK testing. - api-change:`wafv2`: JSON body inspection: Update documentation to clarify that JSON parsing doesn't include full validation.

bridgecrewio/checkov (checkov)

### [`v3.2.177`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.177) ##### Bug Fix - **sast:** fix cdk policies - [#6552](https://togithub.com/bridgecrewio/checkov/pull/6552) ### [`v3.2.176`](https://togithub.com/bridgecrewio/checkov/compare/3.2.175...3.2.176) ### [`v3.2.175`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.175) #### Feature - **arm:** AzureSearchSQLQueryUpdates - [#6543](https://togithub.com/bridgecrewio/checkov/pull/6543) ### [`v3.2.174`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.174) #### Feature - **arm:** add CKV_AZURE\_172 to ensure autorotation of Secrets Store CSI Driver secrets for AKS clusters - [#6533](https://togithub.com/bridgecrewio/checkov/pull/6533) - **arm:** add CKV_AZURE\_173 to ensure that API management uses at least TLS 1.2 - [#6478](https://togithub.com/bridgecrewio/checkov/pull/6478) - **arm:** AppServicePlanZoneRedundant - [#6472](https://togithub.com/bridgecrewio/checkov/pull/6472) - **arm:** AzureSearchSLAIndex - [#6530](https://togithub.com/bridgecrewio/checkov/pull/6530) - **arm:** SQLDatabaseZoneRedundant - [#6515](https://togithub.com/bridgecrewio/checkov/pull/6515) - **azure:** add new policies for Azure Synapse - [#6520](https://togithub.com/bridgecrewio/checkov/pull/6520) - **general:** update detect secrets package - [#6535](https://togithub.com/bridgecrewio/checkov/pull/6535) ### [`v3.2.173`](https://togithub.com/bridgecrewio/checkov/compare/3.2.172...3.2.173) ### [`v3.2.172`](https://togithub.com/bridgecrewio/checkov/compare/3.2.171...3.2.172) ### [`v3.2.171`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.171) #### Feature - **arm:** add CKV_AZURE\_171 to ensure that AKS cluster upgrade channel is chosen - [#6532](https://togithub.com/bridgecrewio/checkov/pull/6532) - **arm:** add CKV_AZURE\_175 to ensure that Web PubSub uses a SKU with an SLA - [#6523](https://togithub.com/bridgecrewio/checkov/pull/6523) - **arm:** add CKV_AZURE\_178 to ensure that linux VM enables SSH with keys for secure communication - [#6486](https://togithub.com/bridgecrewio/checkov/pull/6486) - **arm:** add CKV_AZURE\_85 to ensure that Azure Defender is set to On for Kubernetes - [#6279](https://togithub.com/bridgecrewio/checkov/pull/6279) - **arm:** CKV_AZURE\_99 to Ensure Cosmos DB accounts have restricted access - [#6498](https://togithub.com/bridgecrewio/checkov/pull/6498) - **arm:** DataFactoryNoPublicNetworkAccess - [#6479](https://togithub.com/bridgecrewio/checkov/pull/6479) - **arm:** DataLakeStoreEncryption - [#6516](https://togithub.com/bridgecrewio/checkov/pull/6516) - **arm:** EventHubNamespaceMinTLS12 - [#6485](https://togithub.com/bridgecrewio/checkov/pull/6485) #### Bug Fix - **openapi:** \[CKV_OPENAPI\_3] Prevent false-positive when checking for http+!basic - [#6406](https://togithub.com/bridgecrewio/checkov/pull/6406) - **terraform_json:** support locals block in CDKTF output - [#6452](https://togithub.com/bridgecrewio/checkov/pull/6452) - **terraform:** Deprecate CKV2\_AWS\_67 - [#6529](https://togithub.com/bridgecrewio/checkov/pull/6529) ### [`v3.2.170`](https://togithub.com/bridgecrewio/checkov/compare/3.2.169...3.2.170) ### [`v3.2.169`](https://togithub.com/bridgecrewio/checkov/compare/3.2.168...3.2.169) ### [`v3.2.168`](https://togithub.com/bridgecrewio/checkov/compare/3.2.167...3.2.168) ### [`v3.2.167`](https://togithub.com/bridgecrewio/checkov/compare/3.2.166...3.2.167) ### [`v3.2.166`](https://togithub.com/bridgecrewio/checkov/compare/3.2.164...3.2.166) ### [`v3.2.165`](https://togithub.com/bridgecrewio/checkov/compare/3.2.164...3.2.165) ### [`v3.2.164`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.164) #### Documentation - **general:** Add Python note - [#6521](https://togithub.com/bridgecrewio/checkov/pull/6521)

slackapi/bolt-python (slack-bolt)

### [`v1.19.1`](https://togithub.com/slackapi/bolt-python/releases/tag/v1.19.1): version 1.19.1 [Compare Source](https://togithub.com/slackapi/bolt-python/compare/v1.19.0...v1.19.1) ##### Changes - [#1104](https://togithub.com/slackapi/bolt-python/issues/1104) Add bot|user_scopes to context.authorize_result set by SingleTeamAuthorization - Thanks [@seratch](https://togithub.com/seratch) ##### References - Release Milestone: https://github.com/slackapi/bolt-python/milestone/84?closed=1 - All Diff: https://github.com/slackapi/bolt-python/compare/v1.19.0...v1.19.1

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

cds-snc / sre-bot