chore(deps): update stable

This PR contains the following updates:

Package	Update	Change
anchore/grype	patch	`0.74.6` -> `0.74.7`
anchore/syft	patch	`0.105.0` -> `0.105.1`
awscli	patch	`2.15.21` -> `2.15.23`
dagger/dagger	patch	`0.9.10` -> `0.9.11`
defenseunicorns/uds-cli	patch	`0.9.0` -> `0.9.2`
defenseunicorns/zarf	patch	`0.32.3` -> `0.32.4`
helm	patch	`3.14.1` -> `3.14.2`
https://github.com/bridgecrewio/checkov.git	patch	`3.2.21` -> `3.2.26`
mikefarah/yq	minor	`4.41.1` -> `4.42.1`
opentofu	patch	`1.6.1` -> `1.6.2`
opentofu/opentofu	patch	`1.6.1` -> `1.6.2`
pre-commit	patch	`3.6.1` -> `3.6.2`
yq	minor	`4.41.1` -> `4.42.1`

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

anchore/grype (anchore/grype)

### [`v0.74.7`](https://togithub.com/anchore/grype/releases/tag/v0.74.7) [Compare Source](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7) ##### Bug Fixes - return exit codes from install script \[[#1725](https://togithub.com/anchore/grype/pull/1725) [@hacst](https://togithub.com/hacst)] - GitHub code scanning alerts missing information \[[#1715](https://togithub.com/anchore/grype/issues/1715) [#1720](https://togithub.com/anchore/grype/pull/1720) [@kzantow](https://togithub.com/kzantow)] ##### Additional Changes - update Syft to v0.105.1 \[[#1728](https://togithub.com/anchore/grype/pull/1728)] **[(Full Changelog)](https://togithub.com/anchore/grype/compare/v0.74.6...v0.74.7)**

anchore/syft (anchore/syft)

### [`v0.105.1`](https://togithub.com/anchore/syft/releases/tag/v0.105.1) [Compare Source](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1) ##### Bug Fixes - return error codes from install script \[[#2664](https://togithub.com/anchore/syft/pull/2664) [@hacst](https://togithub.com/hacst)] - SPDX tag value version selector \[[#2665](https://togithub.com/anchore/syft/pull/2665) [@kzantow](https://togithub.com/kzantow)] ##### Additional Changes - Add syft version used to SBOM tool info by default \[[#2647](https://togithub.com/anchore/syft/pull/2647) [@wagoodman](https://togithub.com/wagoodman)] **[(Full Changelog)](https://togithub.com/anchore/syft/compare/v0.105.0...v0.105.1)**

aws/aws-cli (awscli)

### [`v2.15.23`](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23) [Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.22...2.15.23) ### [`v2.15.22`](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22) [Compare Source](https://togithub.com/aws/aws-cli/compare/2.15.21...2.15.22)

dagger/dagger (dagger/dagger)

### [`v0.9.11`](https://togithub.com/dagger/dagger/blob/HEAD/CHANGELOG.md#v0911---2024-02-20) [Compare Source](https://togithub.com/dagger/dagger/compare/sdk/typescript/v0.9.10...v0.9.11) ##### Fixed - Improve docker error logging by [@jedevc](https://togithub.com/jedevc) in [https://github.com/dagger/dagger/pull/6676](https://togithub.com/dagger/dagger/pull/6676) ##### What to do next? - Read the [documentation](https://docs.dagger.io) - Join our [Discord server](https://discord.gg/dagger-io) - Follow us on [Twitter](https://twitter.com/dagger_io)

defenseunicorns/uds-cli (defenseunicorns/uds-cli)

### [`v0.9.2`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.2) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2) ##### What's Changed - fix(deps): update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/450](https://togithub.com/defenseunicorns/uds-cli/pull/450) - fix: relative paths for bundle create by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/453](https://togithub.com/defenseunicorns/uds-cli/pull/453) **Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.1...v0.9.2 ### [`v0.9.1`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.9.1) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1) ##### What's Changed - fix(deps): update module github.com/opencontainers/image-spec to v1.1.0 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/432](https://togithub.com/defenseunicorns/uds-cli/pull/432) - fix(deps): update module helm.sh/helm/v3 to v3.14.1 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/429](https://togithub.com/defenseunicorns/uds-cli/pull/429) - chore(deps): update github/codeql-action action to v3.24.3 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/421](https://togithub.com/defenseunicorns/uds-cli/pull/421) - fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/defenseunicorns/uds-cli/commit/ec58324) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/420](https://togithub.com/defenseunicorns/uds-cli/pull/420) - fix: add support for zarf dev lint by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/uds-cli/pull/436](https://togithub.com/defenseunicorns/uds-cli/pull/436) - fix: case sensitivity in override vars by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/433](https://togithub.com/defenseunicorns/uds-cli/pull/433) - feat: alias vendored zarf to z by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/424](https://togithub.com/defenseunicorns/uds-cli/pull/424) - fix: use tmpdir if provided by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/431](https://togithub.com/defenseunicorns/uds-cli/pull/431) - feat: import all vars exported from package by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/428](https://togithub.com/defenseunicorns/uds-cli/pull/428) - fix: gosec lint issues for the pkg by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) - chore: ensure PR workflows can't write to GHCR by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/446](https://togithub.com/defenseunicorns/uds-cli/pull/446) - chore: addresses github linter findings by [@UncleGedd](https://togithub.com/UncleGedd) in [https://github.com/defenseunicorns/uds-cli/pull/447](https://togithub.com/defenseunicorns/uds-cli/pull/447) - feat: imported vars as override values by [@decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/uds-cli/pull/423](https://togithub.com/defenseunicorns/uds-cli/pull/423) - chore(deps): update github/codeql-action action to v3.24.4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/uds-cli/pull/451](https://togithub.com/defenseunicorns/uds-cli/pull/451) ##### New Contributors - [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/uds-cli/pull/444](https://togithub.com/defenseunicorns/uds-cli/pull/444) **Full Changelog**: https://github.com/defenseunicorns/uds-cli/compare/v0.9.0...v0.9.1

defenseunicorns/zarf (defenseunicorns/zarf)

### [`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4) #### What's Changed #### Fixes - Improve `cmd` failure messaging when no timeout or retries are given by [@docandrew](https://togithub.com/docandrew) in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - Revert init package storageclass checks for git server and seed registry by [@lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311) - Fix multi-part tarballs being mismatched sizes by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314) - Change text template detection to check first *and* last 512 bytes by [@WeaponX314](https://togithub.com/WeaponX314) in [https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310) - Improve `zarf tools registry prune` messaging by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323) - Add http request header timeout to mitigate stalling image push by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319) - Allow host+subpath as the source registry for registry-override by [@waveywaves](https://togithub.com/waveywaves) in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) #### Dependencies - Update github.com/anchore/clio digest to [`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294), [https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297) and [https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300) - **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307) and [https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329) - Update actions/checkout action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317) - Update actions/dependency-review-action action to v4 by [@renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318) #### Docs - Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024 goals by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305) #### Development - Included Dependency Review action for PR reviews by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - Resolve CodeQL linting issues across Zarf by [@Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322) #### New Contributors - [@docandrew](https://togithub.com/docandrew) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301) - [@naveensrinivasan](https://togithub.com/naveensrinivasan) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298) - [@waveywaves](https://togithub.com/waveywaves) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4

helm/helm (helm)

### [`v3.14.2`](https://togithub.com/helm/helm/releases/tag/v3.14.2): Helm v3.14.2 [Compare Source](https://togithub.com/helm/helm/compare/v3.14.1...v3.14.2) Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release. A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. Jakub Ciolek with AlphaSense discovered the vulnerability. #### Installation and Upgrading Download Helm v3.14.2. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-amd64.tar.gz.sha256sum) / 64c633ae194bde77b7e7b7936a2814a7417817dc8b7bb7d270bd24a7a17b8d12) - [MacOS arm64](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-darwin-arm64.tar.gz.sha256sum) / ff502fd39b06497fa3d5a51ec2ced02b9fcfdb0e9a948d315fb1b2f13ddc39fb) - [Linux amd64](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz.sha256sum) / 0885a501d586c1e949e9b113bf3fb3290b0bbf74db9444a1d8c2723a143006a5) - [Linux arm](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm.tar.gz.sha256sum) / b70fb6fa2cdf0a5c782320c9d7e7b155fcaec260169218c98316bb3cf0d431d9) - [Linux arm64](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-arm64.tar.gz.sha256sum) / c65d6a9557bb359abc2c0d26670de850b52327dc3976ad6f9e14c298ea3e1b61) - [Linux i386](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-386.tar.gz.sha256sum) / 0e08cd56cc952ab4646c57c5ec7cde2412c39373aec3df659a14597dd9874461) - [Linux ppc64le](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-ppc64le.tar.gz.sha256sum) / f3bc8582ff151e619cd285d9cdf9fef1c5733ee5522d8bed2ef680ef07f87223) - [Linux s390x](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-s390x.tar.gz.sha256sum) / 7bda34aa26638e5116b31385f3b781172572175bf4c1ae00c87d8b154458ed94) - [Linux riscv64](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.2-linux-riscv64.tar.gz.sha256sum) / f6278facd3e2e6af52a5f6d038f2149428d115ba2b4523edbe5889d1170e9203) - [Windows amd64](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.14.2-windows-amd64.zip.sha256sum) / aa094e435da74ad574f96924c37ecd0c75f0be707ac604ef97ed6021d6bc0784) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@mattfarina](https://togithub.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.14.3 will contain only bug fixes and be released on March 13, 2024. - 3.15.0 is the next feature release and will be on May 08, 2024.

bridgecrewio/checkov (https://github.com/bridgecrewio/checkov.git)

### [`v3.2.26`](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.25...3.2.26) ### [`v3.2.25`](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.24...3.2.25) ### [`v3.2.24`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.24) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.23...3.2.24) #### Feature - **cloudformation:** add CFN policies for MSK - [#6021](https://togithub.com/bridgecrewio/checkov/pull/6021) ### [`v3.2.23`](https://togithub.com/bridgecrewio/checkov/releases/tag/3.2.23) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.22...3.2.23) #### Bug Fix - **terraform:** support vertex reference based on foreach key - [#6039](https://togithub.com/bridgecrewio/checkov/pull/6039) ### [`v3.2.22`](https://togithub.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#3222---2024-02-18) [Compare Source](https://togithub.com/bridgecrewio/checkov/compare/3.2.21...3.2.22) ##### Bug Fix - **terraform:** CKV_AWS\_308 - checked if caching was enabled and only then check for encryption of cache - [#6034](https://togithub.com/bridgecrewio/checkov/pull/6034)

mikefarah/yq (mikefarah/yq)

### [`v4.42.1`](https://togithub.com/mikefarah/yq/releases/tag/v4.42.1) [Compare Source](https://togithub.com/mikefarah/yq/compare/v4.41.1...v4.42.1) - Can execute yq expression files directly with shebang [#1851](https://togithub.com/mikefarah/yq/issues/1851) - Added --csv-separator flag [#1950](https://togithub.com/mikefarah/yq/issues/1950) - Added --properties-separator option - thanks [@learnitall](https://togithub.com/learnitall) [#1864](https://togithub.com/mikefarah/yq/issues/1864) - Added --properties-array-brackets flag for properties encoder [#1933](https://togithub.com/mikefarah/yq/issues/1933) - Shell completion improvements - thanks [@scop](https://togithub.com/scop) [#1911](https://togithub.com/mikefarah/yq/issues/1911) - Bumped dependencies

opentofu/opentofu (opentofu)

### [`v1.6.2`](https://togithub.com/opentofu/opentofu/releases/tag/v1.6.2) [Compare Source](https://togithub.com/opentofu/opentofu/compare/v1.6.1...v1.6.2) OpenTofu 1.6.2 is now out! The main improvement is a [bug fix related to passing outputs from one test as inputs to another when using `tofu test`](https://togithub.com/opentofu/opentofu/pull/1254). Other than that, continuing the work from the previous release, there are [further fixes to unit tests](https://togithub.com/opentofu/opentofu/pull/1214), to make them consistently work across architectures. If you'd like to read about all the changes introduced, check out the detailed [changelog](https://togithub.com/opentofu/opentofu/blob/v1.6/CHANGELOG.md#162).

pre-commit/pre-commit (pre-commit)

### [`v3.6.2`](https://togithub.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#362---2024-02-18) [Compare Source](https://togithub.com/pre-commit/pre-commit/compare/v3.6.1...v3.6.2) \================== ##### Fixes - Fix building golang hooks during `git commit --all`. - [#3130](https://togithub.com/pre-commit/pre-commit/issues/3130) PR by [@asottile](https://togithub.com/asottile). - [#2722](https://togithub.com/pre-commit/pre-commit/issues/2722) issue by [@pestanko](https://togithub.com/pestanko) and [@matthewhughes934](https://togithub.com/matthewhughes934).

Configuration

📅 Schedule: Branch creation - "after 9am and before 5pm every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

defenseunicorns / build-harness

chore(deps): update stable #205

Release Notes

Configuration