renovate[bot]
commented
5 months ago ℹ Artifact update notice
File name: go.mod
In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):
- 17 additional dependencies were updated
- The
godirective was updated for compatibility reasons
Details:
| Package | Change |
|---|---|
go |
1.22.1 -> 1.23.0 |
cloud.google.com/go/compute/metadata |
v0.2.3 -> v0.3.0 |
github.com/davecgh/go-spew |
v1.1.1 -> v1.1.2-0.20180830191138-d8f796af33cc |
github.com/go-logr/logr |
v1.4.1 -> v1.4.2 |
github.com/google/uuid |
v1.5.0 -> v1.6.0 |
github.com/imdario/mergo |
v0.3.11 -> v0.3.16 |
github.com/moby/spdystream |
v0.2.0 -> v0.4.0 |
github.com/pmezard/go-difflib |
v1.0.0 -> v1.0.1-0.20181226105442-5d4384ee4fb2 |
golang.org/x/crypto |
v0.18.0 -> v0.24.0 |
golang.org/x/oauth2 |
v0.16.0 -> v0.21.0 |
golang.org/x/sync |
v0.6.0 -> v0.7.0 |
golang.org/x/sys |
v0.16.0 -> v0.21.0 |
golang.org/x/term |
v0.16.0 -> v0.21.0 |
golang.org/x/text |
v0.14.0 -> v0.16.0 |
google.golang.org/protobuf |
v1.33.0 -> v1.34.2 |
k8s.io/klog/v2 |
v2.110.1 -> v2.130.1 |
k8s.io/kube-openapi |
v0.0.0-20240105020646-a37d4de58910 -> v0.0.0-20240228011516-70dd3763d340 |
k8s.io/utils |
v0.0.0-20240102154912-e7106e64919e -> v0.0.0-20240711033017-18e509b52bc8 |
ntwkninja
This PR contains the following updates:
v1.91.0->v1.92.12.4.2->2.5.02.0.9->2.0.34v1.51.6->v1.55.5v0.0.5->v0.0.6v0.0.13->v0.0.17v0.0.17->v0.0.23v0.0.3->v0.0.7v0.1.7->v0.1.11v0.46.13->v0.47.0v1.7.3->v1.7.5v0.20.0->v0.23.0v0.29.3->v0.31.0v0.29.3->v0.31.0v0.29.3->v0.31.037.410.2->38.29.0v0.6.18->v0.6.22~> 2.0->~> 3.0Note: The
pre-commitmanager in Renovate is not supported by thepre-commitmaintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.GitHub Vulnerability Alerts
CVE-2024-3817
When go-getter is performing a Git operation, go-getter will try to clone the given repository. If a Git reference is not passed along with the Git url, go-getter will then try to check the remote repository’s HEAD reference of its default branch by passing arguments to the Git binary on the host it is executing on.
An attacker may format a Git URL in order to inject additional Git arguments to the Git call.
Consumers of the go-getter library should evaluate the risk associated with these issues in the context of their go-getter usage and upgrade go-getter to 1.7.4 or later.
CVE-2024-6257
HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. When go-getter is performing a Git operation, go-getter will try to clone the given repository in a specified destination. Cloning initializes a git config to the provided destination and if the repository needs to get updated go-getter will pull the new changes .
An attacker may alter the Git config after the cloning step to set an arbitrary Git configuration to achieve code execution.
Argument injection when fetching remote default Git branches in github.com/hashicorp/go-getter
CVE-2024-3817 / GHSA-q64h-39hv-4cf7 / GO-2024-2800
More information
#### Details When go-getter is performing a Git operation, go-getter will try to clone the given repository. If a Git reference is not passed along with the Git url, go-getter will then try to check the remote repository's HEAD reference of its default branch by passing arguments to the Git binary on the host it is executing on. An attacker may format a Git URL in order to inject additional Git arguments to the Git call. #### Severity Unknown #### References - [https://github.com/advisories/GHSA-q64h-39hv-4cf7](https://togithub.com/advisories/GHSA-q64h-39hv-4cf7) - [https://github.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9](https://togithub.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9) - [https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040](https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2024-2800) and the [Go Vulnerability Database](https://togithub.com/golang/vulndb) ([CC-BY 4.0](https://togithub.com/golang/vulndb#license)).HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches
CVE-2024-3817 / GHSA-q64h-39hv-4cf7 / GO-2024-2800
More information
#### Details When go-getter is performing a Git operation, go-getter will try to clone the given repository. If a Git reference is not passed along with the Git url, go-getter will then try to check the remote repository’s HEAD reference of its default branch by passing arguments to the Git binary on the host it is executing on. An attacker may format a Git URL in order to inject additional Git arguments to the Git call. Consumers of the go-getter library should evaluate the risk associated with these issues in the context of their go-getter usage and upgrade go-getter to 1.7.4 or later. #### Severity - CVSS Score: 9.8 / 10 (Critical) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-3817](https://nvd.nist.gov/vuln/detail/CVE-2024-3817) - [https://github.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9](https://togithub.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9) - [https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040](https://discuss.hashicorp.com/t/hcsec-2024-09-hashicorp-go-getter-vulnerable-to-argument-injection-when-fetching-remote-default-git-branches/66040) - [https://github.com/hashicorp/go-getter](https://togithub.com/hashicorp/go-getter) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-q64h-39hv-4cf7) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
CVE-2024-6257 / GHSA-xfhp-jf8p-mh5w / GO-2024-2948
More information
#### Details HashiCorp’s go-getter library can be coerced into executing Git update on an existing maliciously modified Git Configuration, potentially leading to arbitrary code execution. When go-getter is performing a Git operation, go-getter will try to clone the given repository in a specified destination. Cloning initializes a git config to the provided destination and if the repository needs to get updated go-getter will pull the new changes . An attacker may alter the Git config after the cloning step to set an arbitrary Git configuration to achieve code execution. #### Severity - CVSS Score: 8.4 / 10 (High) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2024-6257](https://nvd.nist.gov/vuln/detail/CVE-2024-6257) - [https://github.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9](https://togithub.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9) - [https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081](https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081) - [https://github.com/advisories/GHSA-xfhp-jf8p-mh5w](https://togithub.com/advisories/GHSA-xfhp-jf8p-mh5w) - [https://github.com/hashicorp/go-getter](https://togithub.com/hashicorp/go-getter) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-xfhp-jf8p-mh5w) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).Code Execution on Git update in github.com/hashicorp/go-getter
CVE-2024-6257 / GHSA-xfhp-jf8p-mh5w / GO-2024-2948
More information
#### Details A crafted request can execute Git update on an existing maliciously modified Git Configuration. This can potentially lead to arbitrary code execution. When performing a Git operation, the library will try to clone the given repository to a specified destination. Cloning initializes a git config in the provided destination. An attacker may alter the Git config after the cloning step to set an arbitrary Git configuration to achieve code execution. #### Severity Unknown #### References - [https://github.com/advisories/GHSA-xfhp-jf8p-mh5w](https://togithub.com/advisories/GHSA-xfhp-jf8p-mh5w) - [https://github.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9](https://togithub.com/hashicorp/go-getter/commit/268c11cae8cf0d9374783e06572679796abe9ce9) - [https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081](https://discuss.hashicorp.com/t/hcsec-2024-13-hashicorp-go-getter-vulnerable-to-code-execution-on-git-update-via-git-config-manipulation/68081) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2024-2948) and the [Go Vulnerability Database](https://togithub.com/golang/vulndb) ([CC-BY 4.0](https://togithub.com/golang/vulndb#license)).CVE-2023-45288
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
HTTP/2 CONTINUATION flood in net/http
BIT-golang-2023-45288 / CVE-2023-45288 / GHSA-4v7x-pqxf-cx7m / GO-2024-2687
More information
#### Details An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. #### Severity Unknown #### References - [https://go.dev/issue/65051](https://go.dev/issue/65051) - [https://go.dev/cl/576155](https://go.dev/cl/576155) - [https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M](https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M) This data is provided by [OSV](https://osv.dev/vulnerability/GO-2024-2687) and the [Go Vulnerability Database](https://togithub.com/golang/vulndb) ([CC-BY 4.0](https://togithub.com/golang/vulndb#license)).net/http, x/net/http2: close connections when receiving too many headers
BIT-golang-2023-45288 / CVE-2023-45288 / GHSA-4v7x-pqxf-cx7m / GO-2024-2687
More information
#### Details An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection. #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288) - [https://go.dev/cl/576155](https://go.dev/cl/576155) - [https://go.dev/issue/65051](https://go.dev/issue/65051) - [https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M](https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M) - [https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT) - [https://nowotarski.info/http2-continuation-flood-technical-details](https://nowotarski.info/http2-continuation-flood-technical-details) - [https://pkg.go.dev/vuln/GO-2024-2687](https://pkg.go.dev/vuln/GO-2024-2687) - [https://security.netapp.com/advisory/ntap-20240419-0009](https://security.netapp.com/advisory/ntap-20240419-0009) - [http://www.openwall.com/lists/oss-security/2024/04/03/16](http://www.openwall.com/lists/oss-security/2024/04/03/16) - [http://www.openwall.com/lists/oss-security/2024/04/05/4](http://www.openwall.com/lists/oss-security/2024/04/05/4) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-4v7x-pqxf-cx7m) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).Release Notes
antonbabenko/pre-commit-terraform (antonbabenko/pre-commit-terraform)
### [`v1.92.1`](https://togithub.com/antonbabenko/pre-commit-terraform/releases/tag/v1.92.1) [Compare Source](https://togithub.com/antonbabenko/pre-commit-terraform/compare/v1.92.0...v1.92.1) ##### Bug Fixes - **`terraform_docs`:** Suppress "terraform command not found" error message in case binary does not exist ([#693](https://togithub.com/antonbabenko/pre-commit-terraform/issues/693)) ([6ff3572](https://togithub.com/antonbabenko/pre-commit-terraform/commit/6ff3572afb0a70c6fe4c6a0524d1f332a4f8fb6c)) ### [`v1.92.0`](https://togithub.com/antonbabenko/pre-commit-terraform/releases/tag/v1.92.0) [Compare Source](https://togithub.com/antonbabenko/pre-commit-terraform/compare/v1.91.0...v1.92.0) ##### Features - Add `terragrunt_validate_inputs` hook to check unused and undefined inputs ([#677](https://togithub.com/antonbabenko/pre-commit-terraform/issues/677)) ([a139b71](https://togithub.com/antonbabenko/pre-commit-terraform/commit/a139b71bc722ac1d2d5ed89caeb74d66a882bb94))hashicorp/terraform-provider-archive (archive)
### [`v2.5.0`](https://togithub.com/hashicorp/terraform-provider-archive/blob/HEAD/CHANGELOG.md#250-July-31-2024) [Compare Source](https://togithub.com/hashicorp/terraform-provider-archive/compare/v2.4.2...v2.5.0) ENHANCEMENTS: - data-source/archive_file: Add glob pattern matching support to the `excludes` attribute. ([#354](https://togithub.com/hashicorp/terraform-provider-archive/issues/354)) - resource/archive_file: Add glob pattern matching support to the `excludes` attribute. ([#354](https://togithub.com/hashicorp/terraform-provider-archive/issues/354))defenseunicorns/build-harness (defenseunicorns/build-harness)
### [`v2.0.34`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2034-2024-07-25) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.33...2.0.34) ##### Miscellaneous Chores - **deps:** update dependency awscli to v2.17.17 ([#334](https://togithub.com/defenseunicorns/build-harness/issues/334)) ([c6b1058](https://togithub.com/defenseunicorns/build-harness/commit/c6b105884604f2ea79ac449ddec73af6fe31bfa4)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.203 ([#332](https://togithub.com/defenseunicorns/build-harness/issues/332)) ([4a3cc54](https://togithub.com/defenseunicorns/build-harness/commit/4a3cc54f1add8c0467b6f7e74194bf3c8139e34a)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.206 ([#336](https://togithub.com/defenseunicorns/build-harness/issues/336)) ([d4eeef6](https://togithub.com/defenseunicorns/build-harness/commit/d4eeef6a9ebca50e7ff9dbd43a131c8c6d76ffa8)) - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.33 ([#330](https://togithub.com/defenseunicorns/build-harness/issues/330)) ([f360b19](https://togithub.com/defenseunicorns/build-harness/commit/f360b19626271ea9e02bccb41ae569788da8e442)) - **deps:** update stable to v3.2.204 ([#333](https://togithub.com/defenseunicorns/build-harness/issues/333)) ([e26c6e6](https://togithub.com/defenseunicorns/build-harness/commit/e26c6e67f4570f2f450abdc30f48cc83a517f81c)) - **deps:** update stable to v3.2.205 ([#335](https://togithub.com/defenseunicorns/build-harness/issues/335)) ([89be82f](https://togithub.com/defenseunicorns/build-harness/commit/89be82fc97113c1009a232b2dfe861548f62cce4)) ### [`v2.0.33`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2033-2024-07-23) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.32...2.0.33) ##### Miscellaneous Chores - **deps:** update stable ([#328](https://togithub.com/defenseunicorns/build-harness/issues/328)) ([4a59b8d](https://togithub.com/defenseunicorns/build-harness/commit/4a59b8d5a24277d39fbebf2b51952cd7f855721e)) ### [`v2.0.32`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2032-2024-07-23) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.31...2.0.32) ##### Miscellaneous Chores - **deps:** update stable ([#324](https://togithub.com/defenseunicorns/build-harness/issues/324)) ([273f1a5](https://togithub.com/defenseunicorns/build-harness/commit/273f1a54d8e4590ac5f45440748944f87d6d424a)) - **deps:** update stable ([#327](https://togithub.com/defenseunicorns/build-harness/issues/327)) ([4b6ed85](https://togithub.com/defenseunicorns/build-harness/commit/4b6ed8525294063aabec719c7539e0167e3d534b)) - **deps:** update stable to v3.2.200 ([#326](https://togithub.com/defenseunicorns/build-harness/issues/326)) ([8122c53](https://togithub.com/defenseunicorns/build-harness/commit/8122c530a98de288a5c61b5dbb9bdcaebeb88db2)) ### [`v2.0.31`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2031-2024-07-22) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.30...2.0.31) ##### Miscellaneous Chores - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.195 ([#319](https://togithub.com/defenseunicorns/build-harness/issues/319)) ([e110f9a](https://togithub.com/defenseunicorns/build-harness/commit/e110f9a1652a126b83e94061abf576206ed95c3f)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.198 ([#322](https://togithub.com/defenseunicorns/build-harness/issues/322)) ([7ed270b](https://togithub.com/defenseunicorns/build-harness/commit/7ed270b61d2776a55aaa67fadfe60e1ba5b603b8)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.199 ([#323](https://togithub.com/defenseunicorns/build-harness/issues/323)) ([54562cb](https://togithub.com/defenseunicorns/build-harness/commit/54562cb3f6f4f27d24768cb3379917b37023d284)) - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.30 ([#317](https://togithub.com/defenseunicorns/build-harness/issues/317)) ([bfcba95](https://togithub.com/defenseunicorns/build-harness/commit/bfcba956b86155af05c53114e1f4a31c818ee983)) - **deps:** update stable to v3.2.196 ([#320](https://togithub.com/defenseunicorns/build-harness/issues/320)) ([7fc9c2d](https://togithub.com/defenseunicorns/build-harness/commit/7fc9c2d38bc070b448ba85c2e54aaf94c9bf1e72)) - **deps:** update stable to v3.2.197 ([#321](https://togithub.com/defenseunicorns/build-harness/issues/321)) ([bae46e9](https://togithub.com/defenseunicorns/build-harness/commit/bae46e923ed11c65b549545bb97b8ea263573242)) ### [`v2.0.30`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2030-2024-07-19) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.29...2.0.30) ##### Miscellaneous Chores - **deps:** update stable ([#315](https://togithub.com/defenseunicorns/build-harness/issues/315)) ([fa77e25](https://togithub.com/defenseunicorns/build-harness/commit/fa77e259f285e7bd00aca34208e90d45c7e2eeea)) ### [`v2.0.29`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2029-2024-07-08) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.28...2.0.29) ##### Miscellaneous Chores - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.28 ([#311](https://togithub.com/defenseunicorns/build-harness/issues/311)) ([7072a89](https://togithub.com/defenseunicorns/build-harness/commit/7072a89269248d2d03c7c4f4539cc34ba5b7031a)) - **deps:** update stable ([#314](https://togithub.com/defenseunicorns/build-harness/issues/314)) ([822d0f1](https://togithub.com/defenseunicorns/build-harness/commit/822d0f170df681cf76d6f378ecbf410577fd1574)) - **deps:** update stable to v3.2.148 ([#313](https://togithub.com/defenseunicorns/build-harness/issues/313)) ([37fbf71](https://togithub.com/defenseunicorns/build-harness/commit/37fbf71900dc6be0f5c9771e0cfea7fdd48664c4)) ### [`v2.0.28`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2028-2024-06-26) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.27...2.0.28) ##### Miscellaneous Chores - **deps:** update dependency awscli to v2.17.3 ([#309](https://togithub.com/defenseunicorns/build-harness/issues/309)) ([0b8a629](https://togithub.com/defenseunicorns/build-harness/commit/0b8a629874d6519631297c4fc5518802e13afd34)) - **deps:** update stable ([#308](https://togithub.com/defenseunicorns/build-harness/issues/308)) ([20e18ec](https://togithub.com/defenseunicorns/build-harness/commit/20e18ec9f2b82d3d3e58ae755d961e6bcc64d312)) ### [`v2.0.27`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2027-2024-06-25) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.26...2.0.27) ##### Miscellaneous Chores - **deps:** update docker/build-push-action action to v6 ([#305](https://togithub.com/defenseunicorns/build-harness/issues/305)) ([b2ce4d3](https://togithub.com/defenseunicorns/build-harness/commit/b2ce4d3d4c60c676ecc4bbf5595b9f21809cafd0)) - **deps:** update stable ([#307](https://togithub.com/defenseunicorns/build-harness/issues/307)) ([90efa78](https://togithub.com/defenseunicorns/build-harness/commit/90efa787c462696dcca100025d54b04babec81e6)) ### [`v2.0.26`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2026-2024-06-10) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.25...2.0.26) ##### Miscellaneous Chores - **deps:** update dependency defenseunicorns/uds-cli to v0.11.1 ([#304](https://togithub.com/defenseunicorns/build-harness/issues/304)) ([e50f574](https://togithub.com/defenseunicorns/build-harness/commit/e50f574ee34345a176c99919c79a401ce17469cd)) - remove the schedule from the renovate config ([#302](https://togithub.com/defenseunicorns/build-harness/issues/302)) ([f183cad](https://togithub.com/defenseunicorns/build-harness/commit/f183cadd2ace8b60882a4c731132f81c3d941d10)) ### [`v2.0.25`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2025-2024-06-10) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.24...2.0.25) ##### Miscellaneous Chores - **deps:** update stable ([#300](https://togithub.com/defenseunicorns/build-harness/issues/300)) ([c99d743](https://togithub.com/defenseunicorns/build-harness/commit/c99d743028564621d530e3f620c70b12a6d46bf9)) ### [`v2.0.24`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2024-2024-05-30) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.23...2.0.24) ##### Miscellaneous Chores - **deps:** update stable ([#296](https://togithub.com/defenseunicorns/build-harness/issues/296)) ([0ad4d65](https://togithub.com/defenseunicorns/build-harness/commit/0ad4d655435e591ecc028f2d3dd4ed21e851eb8d)) - **deps:** update stable ([#298](https://togithub.com/defenseunicorns/build-harness/issues/298)) ([6872c28](https://togithub.com/defenseunicorns/build-harness/commit/6872c284831872165198c39bd404eb3bdcfaa9f5)) - **deps:** update stable ([#299](https://togithub.com/defenseunicorns/build-harness/issues/299)) ([b79590e](https://togithub.com/defenseunicorns/build-harness/commit/b79590eb3ae678dcbc5e8fefd44fc55d638ebca5)) ### [`v2.0.23`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2023-2024-05-29) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.22...2.0.23) ##### Miscellaneous Chores - **deps:** update stable ([#294](https://togithub.com/defenseunicorns/build-harness/issues/294)) ([99da23f](https://togithub.com/defenseunicorns/build-harness/commit/99da23f3494526c2ced634ec0b54ceeb11483df1)) ### [`v2.0.22`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2022-2024-05-21) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.21...2.0.22) ##### Miscellaneous Chores - **deps:** update stable ([#292](https://togithub.com/defenseunicorns/build-harness/issues/292)) ([3703f78](https://togithub.com/defenseunicorns/build-harness/commit/3703f7885ca7de3e6838b35d35d79f728ca93cba)) ### [`v2.0.21`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2021-2024-05-20) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.20...2.0.21) ##### Miscellaneous Chores - **deps:** update dependency awscli to v2.15.46 ([#283](https://togithub.com/defenseunicorns/build-harness/issues/283)) ([978f86a](https://togithub.com/defenseunicorns/build-harness/commit/978f86aa73d465b319484ab25ac028771cd12b03)) - **deps:** update dependency awscli to v2.15.49 ([#288](https://togithub.com/defenseunicorns/build-harness/issues/288)) ([a793b97](https://togithub.com/defenseunicorns/build-harness/commit/a793b9744bac5b7ece659dc6b907721f41d97747)) - **deps:** update dependency golang to v1.22.3 ([#280](https://togithub.com/defenseunicorns/build-harness/issues/280)) ([0304ea4](https://togithub.com/defenseunicorns/build-harness/commit/0304ea4b708b069fa31dfedfb62fd332d660cb42)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.82 ([#278](https://togithub.com/defenseunicorns/build-harness/issues/278)) ([4530c5d](https://togithub.com/defenseunicorns/build-harness/commit/4530c5df585519be0d65de97f7b7d216925ad15c)) - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.20 ([#275](https://togithub.com/defenseunicorns/build-harness/issues/275)) ([8e80b88](https://togithub.com/defenseunicorns/build-harness/commit/8e80b88e6f6556abadfd86e3751376b95eda838f)) - **deps:** update stable ([#277](https://togithub.com/defenseunicorns/build-harness/issues/277)) ([e587ad8](https://togithub.com/defenseunicorns/build-harness/commit/e587ad8ff6e0583e1d220d3468c45d3749a8e9ed)) - **deps:** update stable ([#279](https://togithub.com/defenseunicorns/build-harness/issues/279)) ([67e394b](https://togithub.com/defenseunicorns/build-harness/commit/67e394b730ae51564b7a81fbf4af0419bf8bb86c)) - **deps:** update stable ([#282](https://togithub.com/defenseunicorns/build-harness/issues/282)) ([9977e69](https://togithub.com/defenseunicorns/build-harness/commit/9977e691d22cb8e1c1906746c72cbb510854b0c2)) - **deps:** update stable ([#284](https://togithub.com/defenseunicorns/build-harness/issues/284)) ([c6925d8](https://togithub.com/defenseunicorns/build-harness/commit/c6925d81c6e4d0e13629f7dee4f34dc192f4cfe9)) - **deps:** update stable ([#285](https://togithub.com/defenseunicorns/build-harness/issues/285)) ([5adc940](https://togithub.com/defenseunicorns/build-harness/commit/5adc940f63ad342cded0b07184cc4d711451f90c)) - **deps:** update stable ([#286](https://togithub.com/defenseunicorns/build-harness/issues/286)) ([2d64c70](https://togithub.com/defenseunicorns/build-harness/commit/2d64c70569a725dfbcde7b4e21ad1b14f62acc63)) - **deps:** update stable ([#287](https://togithub.com/defenseunicorns/build-harness/issues/287)) ([f1bb644](https://togithub.com/defenseunicorns/build-harness/commit/f1bb6448a7d29d8240a76957a0c58491e1f3df39)) - **deps:** update stable ([#289](https://togithub.com/defenseunicorns/build-harness/issues/289)) ([ccd3c35](https://togithub.com/defenseunicorns/build-harness/commit/ccd3c3540afc3c8e59012bdc6373c653ea7bd2c0)) - **deps:** update stable ([#290](https://togithub.com/defenseunicorns/build-harness/issues/290)) ([f04093b](https://togithub.com/defenseunicorns/build-harness/commit/f04093bc066d6442986a85449bcdaae671a257f9)) - **deps:** update stable ([#291](https://togithub.com/defenseunicorns/build-harness/issues/291)) ([3eaeddb](https://togithub.com/defenseunicorns/build-harness/commit/3eaeddb7c5d615005ed1d292151980be260c5332)) - **deps:** update stable to v3.2.84 ([#281](https://togithub.com/defenseunicorns/build-harness/issues/281)) ([dc09483](https://togithub.com/defenseunicorns/build-harness/commit/dc09483f8e78d64f0d8e38cd31a3cbda0f883b1c)) ### [`v2.0.20`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2020-2024-05-02) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.19...2.0.20) ##### Miscellaneous Chores - **deps:** update stable ([#273](https://togithub.com/defenseunicorns/build-harness/issues/273)) ([da0dbb3](https://togithub.com/defenseunicorns/build-harness/commit/da0dbb32e31af293da3397a397415147037790d7)) ### [`v2.0.19`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2019-2024-05-01) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.18...2.0.19) ##### Miscellaneous Chores - **deps:** update stable ([#271](https://togithub.com/defenseunicorns/build-harness/issues/271)) ([91310d0](https://togithub.com/defenseunicorns/build-harness/commit/91310d06c9a353431eaf422b133d2c2ee1d45012)) ### [`v2.0.18`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2018-2024-05-01) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.17...2.0.18) ##### Miscellaneous Chores - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.17 ([#268](https://togithub.com/defenseunicorns/build-harness/issues/268)) ([1bbaf14](https://togithub.com/defenseunicorns/build-harness/commit/1bbaf14b9bd520ed6e9d57411cd58281310363b2)) - **deps:** update stable to v1.7.0 ([#270](https://togithub.com/defenseunicorns/build-harness/issues/270)) ([f476bc6](https://togithub.com/defenseunicorns/build-harness/commit/f476bc62d25a3d7890316c1c7b2ea4520846c3f7)) ### [`v2.0.17`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2017-2024-04-29) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.16...2.0.17) ##### Miscellaneous Chores - **deps:** update stable ([#266](https://togithub.com/defenseunicorns/build-harness/issues/266)) ([1675d13](https://togithub.com/defenseunicorns/build-harness/commit/1675d137e9beb74554ae63f81b7db9696983db83)) ### [`v2.0.16`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2016-2024-04-26) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.15...2.0.16) ##### Miscellaneous Chores - **deps:** update dependency anchore/syft to v1.3.0 ([#265](https://togithub.com/defenseunicorns/build-harness/issues/265)) ([5ddf4f6](https://togithub.com/defenseunicorns/build-harness/commit/5ddf4f63e6098e2b663e77d209057c7800461da7)) - **deps:** update dependency awscli to v2.15.41 ([#263](https://togithub.com/defenseunicorns/build-harness/issues/263)) ([d41e5f0](https://togithub.com/defenseunicorns/build-harness/commit/d41e5f02cc5b7073c20722019d4c583e548b165a)) - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.15 ([#261](https://togithub.com/defenseunicorns/build-harness/issues/261)) ([d7098af](https://togithub.com/defenseunicorns/build-harness/commit/d7098afaa09aaebfb2cf7ad4f1f3efe24ac540bd)) - **deps:** update stable ([#264](https://togithub.com/defenseunicorns/build-harness/issues/264)) ([b10e011](https://togithub.com/defenseunicorns/build-harness/commit/b10e01186f273397032cf9acada936627bb3c250)) ### [`v2.0.15`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2015-2024-04-23) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.14...2.0.15) ##### Miscellaneous Chores - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.14 ([#258](https://togithub.com/defenseunicorns/build-harness/issues/258)) ([9e7e6f3](https://togithub.com/defenseunicorns/build-harness/commit/9e7e6f36b6b081c40695f12ab0c5772a60acc43f)) - **deps:** update stable ([#260](https://togithub.com/defenseunicorns/build-harness/issues/260)) ([9965dce](https://togithub.com/defenseunicorns/build-harness/commit/9965dce3815db507fa131cceffb04866ae4a7456)) ### [`v2.0.14`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2014-2024-04-17) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.13...2.0.14) ##### Miscellaneous Chores - **deps:** update ghcr.io/defenseunicorns/build-harness/build-harness docker tag to v2.0.13 ([#255](https://togithub.com/defenseunicorns/build-harness/issues/255)) ([d3f43ce](https://togithub.com/defenseunicorns/build-harness/commit/d3f43ceddc8bfdb551b55ac88f59f95e63e71d2b)) - **deps:** update stable ([#257](https://togithub.com/defenseunicorns/build-harness/issues/257)) ([341206a](https://togithub.com/defenseunicorns/build-harness/commit/341206a1a5c59077eca8e52e7ee9d91890e25ee8)) ### [`v2.0.13`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2013-2024-03-28) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.12...2.0.13) ##### Miscellaneous Chores - **deps:** update dependency awscli to v2.15.33 ([#253](https://togithub.com/defenseunicorns/build-harness/issues/253)) ([db63581](https://togithub.com/defenseunicorns/build-harness/commit/db63581a9bb68ebf8087569ea4aff51b8cfe780b)) - **deps:** update dependency https://github.com/bridgecrewio/checkov.git to v3.2.49 ([#254](https://togithub.com/defenseunicorns/build-harness/issues/254)) ([c89dd25](https://togithub.com/defenseunicorns/build-harness/commit/c89dd2581cdd900a104dab62153688290e070c6f)) - **deps:** update stable ([#250](https://togithub.com/defenseunicorns/build-harness/issues/250)) ([ebd2a24](https://togithub.com/defenseunicorns/build-harness/commit/ebd2a243bbb7aa688ecaf122670831f71ed03f8c)) - **deps:** update tj-actions/changed-files action to v44 ([#251](https://togithub.com/defenseunicorns/build-harness/issues/251)) ([58ddcb3](https://togithub.com/defenseunicorns/build-harness/commit/58ddcb38085c38853a592ace4d622065ff81f4a8)) ### [`v2.0.12`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2012-2024-03-26) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.11...2.0.12) ##### Miscellaneous Chores - **deps:** update dependency anchore/syft to v1.1.0 ([#246](https://togithub.com/defenseunicorns/build-harness/issues/246)) ([92aa56c](https://togithub.com/defenseunicorns/build-harness/commit/92aa56c8e2255bac4e8a638ba4e28e0e71d0592f)) - **deps:** update dependency dagger/dagger to v0.10.3 ([#249](https://togithub.com/defenseunicorns/build-harness/issues/249)) ([77dec4e](https://togithub.com/defenseunicorns/build-harness/commit/77dec4e4cf530e2c829d94b459f50b23a35dbd7b)) - **deps:** update stable ([#248](https://togithub.com/defenseunicorns/build-harness/issues/248)) ([4e9af59](https://togithub.com/defenseunicorns/build-harness/commit/4e9af5933461f72495c9b3df99361adc8a43ba30)) ### [`v2.0.11`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2011-2024-03-25) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.10...2.0.11) ##### Miscellaneous Chores - **deps:** update stable ([#244](https://togithub.com/defenseunicorns/build-harness/issues/244)) ([af84516](https://togithub.com/defenseunicorns/build-harness/commit/af845160625ddf96fc1e0c8276134c507bbc7a9d)) ### [`v2.0.10`](https://togithub.com/defenseunicorns/build-harness/blob/HEAD/CHANGELOG.md#2010-2024-03-25) [Compare Source](https://togithub.com/defenseunicorns/build-harness/compare/2.0.9...2.0.10) ##### Miscellaneous Chores - **deps:** update stable ([#242](https://togithub.com/defenseunicorns/build-harness/issues/242)) ([6da311c](https://togithub.com/defenseunicorns/build-harness/commit/6da311c2aa72f66f613b031c5b5ec968cf769623))aws/aws-sdk-go (github.com/aws/aws-sdk-go)
### [`v1.55.5`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1555-2024-07-30) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.55.4...v1.55.5) \=== ##### Service Client Updates - `service/appstream`: Updates service API and documentation - Added support for Red Hat Enterprise Linux 8 on Amazon AppStream 2.0 - `service/autoscaling`: Updates service API and documentation - Increase the length limit for VPCZoneIdentifier from 2047 to 5000 - `service/codepipeline`: Updates service API, documentation, and paginators - AWS CodePipeline V2 type pipelines now support stage level conditions to enable development teams to safely release changes that meet quality and compliance requirements. - `service/elasticache`: Updates service documentation - Doc only update for changes to deletion API. - `service/elasticloadbalancing`: Updates service API - `service/eventbridge`: Updates service API - `service/logs`: Updates service API - Add v2 smoke tests and smithy smokeTests trait for SDK testing. - `service/models.lex.v2`: Updates service API and documentation - `service/rolesanywhere`: Updates service API and documentation - `service/tnb`: Updates service API and documentation - `service/workspaces`: Updates service documentation - Removing multi-session as it isn't supported for pools ### [`v1.55.4`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1554-2024-07-29) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.55.3...v1.55.4) \=== ##### Service Client Updates - `service/elasticache`: Updates service documentation - Renaming full service name as it appears in developer documentation. - `service/memorydb`: Updates service API and documentation ### [`v1.55.3`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1553-2024-07-25) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.55.2...v1.55.3) \=== ##### Service Client Updates - `service/application-autoscaling`: Updates service API - `service/application-signals`: Updates service API and documentation - `service/bedrock-runtime`: Updates service API and documentation - `service/codecommit`: Updates service API and documentation - CreateRepository API now throws OperationNotAllowedException when the account has been restricted from creating a repository. - `service/datazone`: Updates service API and documentation - `service/ec2`: Updates service API and documentation - EC2 Fleet now supports using custom identifiers to reference Amazon Machine Images (AMI) in launch requests that are configured to choose from a diversified list of instance types. - `service/ecr`: Updates service API, documentation, paginators, and examples - API and documentation updates for Amazon ECR, adding support for creating, updating, describing and deleting ECR Repository Creation Template. - `service/eks`: Updates service API and documentation - `service/elasticloadbalancingv2`: Updates service API, documentation, and examples - `service/network-firewall`: Updates service API and documentation - `service/outposts`: Updates service API and documentation - `service/states`: Updates service API and documentation - This release adds support to customer managed KMS key encryption in AWS Step Functions. ##### SDK Bugs - Remove broken integration test. - Remove integration test broken by cloudsearch service. ### [`v1.55.2`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1552-2024-07-24) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.55.1...v1.55.2) \=== ##### Service Client Updates - `service/cleanrooms`: Updates service API and documentation - `service/dynamodb`: Updates service API, documentation, waiters, paginators, and examples - DynamoDB doc only update for July - `service/iotsitewise`: Updates service API and documentation - `service/mediapackagev2`: Updates service API - `service/medical-imaging`: Updates service API and documentation - `service/pinpoint-sms-voice-v2`: Updates service API and documentation ##### SDK Bugs - Add missing bool error matching. - This enables waiters defined to match on presence/absence of errors. ### [`v1.55.1`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1551-2024-07-23) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.55.0...v1.55.1) \=== ##### Service Client Updates - `service/appsync`: Updates service API and paginators - `service/cleanrooms`: Updates service API, documentation, and paginators - `service/cleanroomsml`: Updates service API, documentation, and waiters - `service/connect`: Updates service API and documentation - `service/connect-contact-lens`: Updates service API and documentation - `service/datazone`: Updates service API and documentation - `service/entityresolution`: Updates service API and documentation ### [`v1.55Configuration
📅 Schedule: Branch creation - "after 4am and before 10am on Monday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.