diff --git a/.github/workflows/_docker_build_scan_push.yml b/.github/workflows/_docker_build_scan_push.yml index 1edea61a..17bbcf7b 100644 --- a/.github/workflows/_docker_build_scan_push.yml +++ b/.github/workflows/_docker_build_scan_push.yml @@ -92,7 +92,7 @@ jobs: provenance: false - name: Trivy scan - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.22.0 with: image-ref: '${{ steps.docker_tags.outputs.semver_tag }}' severity: 'HIGH,CRITICAL' diff --git a/.github/workflows/analysis-codeql.yml b/.github/workflows/analysis-codeql.yml index 7f33085a..945dc7e7 100644 --- a/.github/workflows/analysis-codeql.yml +++ b/.github/workflows/analysis-codeql.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3.25.3 + uses: github/codeql-action/init@v3.25.10 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -53,7 +53,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3.25.3 + uses: github/codeql-action/autobuild@v3.25.10 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -67,4 +67,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.25.3 \ No newline at end of file + uses: github/codeql-action/analyze@v3.25.10 \ No newline at end of file diff --git a/.github/workflows/analysis-tfsec-to-github-security.yml b/.github/workflows/analysis-tfsec-to-github-security.yml index 9f240812..717e0fa3 100644 --- a/.github/workflows/analysis-tfsec-to-github-security.yml +++ b/.github/workflows/analysis-tfsec-to-github-security.yml @@ -32,6 +32,6 @@ jobs: with: sarif_file: tfsec.sarif - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v3.25.3 + uses: github/codeql-action/upload-sarif@v3.25.10 with: sarif_file: tfsec.sarif \ No newline at end of file diff --git a/docs/support_scripts/load_testing/go.mod b/docs/support_scripts/load_testing/go.mod index 8afd3100..ddfddcf7 100644 --- a/docs/support_scripts/load_testing/go.mod +++ b/docs/support_scripts/load_testing/go.mod @@ -2,6 +2,6 @@ module load_testing go 1.20 -require github.com/aws/aws-sdk-go v1.52.2 +require github.com/aws/aws-sdk-go v1.54.2 require github.com/jmespath/go-jmespath v0.4.0 // indirect diff --git a/docs/support_scripts/load_testing/go.sum b/docs/support_scripts/load_testing/go.sum index e4567b2c..a69b6fa9 100644 --- a/docs/support_scripts/load_testing/go.sum +++ b/docs/support_scripts/load_testing/go.sum @@ -2,6 +2,8 @@ github.com/aws/aws-sdk-go v1.44.281 h1:z/ptheJvINaIAsKXthxONM+toTKw2pxyk700Hfm6y github.com/aws/aws-sdk-go v1.44.281/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.52.2 h1:l4g9wBXRBlvCtScvv4iLZCzLCtR7BFJcXOnOGQ20orw= github.com/aws/aws-sdk-go v1.52.2/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.54.2 h1:Wo6AVWcleNHrYa48YzfYz60hzxGRqsJrK5s/qePe+3I= +github.com/aws/aws-sdk-go v1.54.2/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= diff --git a/docs/support_scripts/requests/go.mod b/docs/support_scripts/requests/go.mod index 7bfc5699..cad71530 100644 --- a/docs/support_scripts/requests/go.mod +++ b/docs/support_scripts/requests/go.mod @@ -2,6 +2,6 @@ module api_request go 1.20 -require github.com/aws/aws-sdk-go v1.52.2 +require github.com/aws/aws-sdk-go v1.54.2 require github.com/jmespath/go-jmespath v0.4.0 // indirect diff --git a/docs/support_scripts/requests/go.sum b/docs/support_scripts/requests/go.sum index 66934d1b..8b779199 100644 --- a/docs/support_scripts/requests/go.sum +++ b/docs/support_scripts/requests/go.sum @@ -2,6 +2,8 @@ github.com/aws/aws-sdk-go v1.44.284 h1:Oc5Kubi43/VCkerlt3ZU3KpBju6BpNkoG3s7E8vj/ github.com/aws/aws-sdk-go v1.44.284/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go v1.52.2 h1:l4g9wBXRBlvCtScvv4iLZCzLCtR7BFJcXOnOGQ20orw= github.com/aws/aws-sdk-go v1.52.2/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.54.2 h1:Wo6AVWcleNHrYa48YzfYz60hzxGRqsJrK5s/qePe+3I= +github.com/aws/aws-sdk-go v1.54.2/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= diff --git a/integration_tests/v1/requirements.txt b/integration_tests/v1/requirements.txt index b150b29c..5fbbd337 100644 --- a/integration_tests/v1/requirements.txt +++ b/integration_tests/v1/requirements.txt @@ -1,10 +1,10 @@ -pytest==8.2.0 +pytest==8.2.2 pytest-env==1.1.3 pytest-xdist==3.6.1 pytest-html==4.1.1 requests_aws4auth==1.2.3 -boto3==1.34.98 +boto3==1.34.127 jsonschema==4.22.0 -fakeredis==2.22.0 +fakeredis==2.23.2 flask==3.0.3 -coverage==7.5.0 \ No newline at end of file +coverage==7.5.3 \ No newline at end of file diff --git a/lambda_functions/v1/requirements/dev-requirements.txt b/lambda_functions/v1/requirements/dev-requirements.txt index aed6c25a..e3b4a652 100644 --- a/lambda_functions/v1/requirements/dev-requirements.txt +++ b/lambda_functions/v1/requirements/dev-requirements.txt @@ -1,16 +1,16 @@ -connexion==3.0.6 -fakeredis==2.22.0 -flake8==7.0.0 +connexion==3.1.0 +fakeredis==2.23.2 +flake8==7.1.0 flake8-quotes==3.4.0 -hypothesis==6.100.2 -moto==5.0.6 -pytest==8.2.0 +hypothesis==6.103.2 +moto==5.0.9 +pytest==8.2.2 pytest-cov==5.0.0 pytest-env==1.1.3 pytest-html==4.1.1 -tenacity==8.2.3 -validators==0.28.1 +tenacity==8.4.1 +validators==0.28.3 yarl==1.9.4 importlib-metadata==7.1.0 opg-sirius-service==2.1.1 -typing-extensions==4.11.0 \ No newline at end of file +typing-extensions==4.12.2 \ No newline at end of file diff --git a/lambda_functions/v1/requirements/pact-requirements.txt b/lambda_functions/v1/requirements/pact-requirements.txt index 7914e7df..b6ee87ce 100644 --- a/lambda_functions/v1/requirements/pact-requirements.txt +++ b/lambda_functions/v1/requirements/pact-requirements.txt @@ -1,3 +1,3 @@ -connexion==3.0.6 +connexion==3.1.0 swagger-ui-bundle requests diff --git a/lambda_functions/v1/requirements/requirements.txt b/lambda_functions/v1/requirements/requirements.txt index e2057ad9..0f1053b2 100644 --- a/lambda_functions/v1/requirements/requirements.txt +++ b/lambda_functions/v1/requirements/requirements.txt @@ -2,8 +2,8 @@ Flask==3.0.3 markupsafe==2.1.5 localstack-client==2.5 -redis==5.0.4 -requests==2.31.0 +redis==5.0.6 +requests==2.32.2 Werkzeug==3.0.3 -requests-aws4auth==1.0.1 +requests-aws4auth==1.2.3 opg-sirius-service==2.1.1 diff --git a/mock_sirius_backend/requirements.txt b/mock_sirius_backend/requirements.txt index 15b44b36..05021196 100644 --- a/mock_sirius_backend/requirements.txt +++ b/mock_sirius_backend/requirements.txt @@ -1,4 +1,4 @@ -connexion==3.0.6 +connexion==3.1.0 Flask==3.0.3 markupsafe==2.1.5 requests diff --git a/terraform/environment/.terraform.lock.hcl b/terraform/environment/.terraform.lock.hcl index e2f854ff..4e274d21 100644 --- a/terraform/environment/.terraform.lock.hcl +++ b/terraform/environment/.terraform.lock.hcl @@ -2,38 +2,38 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.53.0" + version = "5.54.1" constraints = "~> 5.0, >= 5.32.0" hashes = [ - "h1:3SWhL6t4zG6rqOjfI3rpenZc/fi7ZkS/5ZcCU5U+RWo=", - "h1:6u5Z28ArVnKsadP+ZRQYWPM4kNtTF7OZv7ZLzT2LBDc=", - "h1:GFUbSPgNRaKbMr9vRkGxQFGMMn0eL6btojppsDKGQWw=", - "h1:GjLFRg981kjEbsgu59rtqKFduYmh6LYyNTjkI06F2nc=", - "h1:JdKy+/hyc91nHvVZggxlaFVYOkaLxSmR86MkRUpgX30=", - "h1:KepZKzU16NeLHg0AiMDQbllfRuP0MfENjHME3jQeAw8=", - "h1:SGunNgU7s19em6yPbvOSrBB1/gDDQMO/qC6tIKVgeTU=", - "h1:TUSwJfsylmTH3L0Ax14mtMFnOQo9uoZEBO5eQoThK3c=", - "h1:YCupEeam12IXAPo9j2wvnfJTqFFuaHjyzTgSj3GlOeg=", - "h1:ghFa3wkDimz5fJraMTdx+9rsiEYNg2nU7iBT7VTuWJE=", - "h1:hk2SENJibzbcl0m/axOVb4TqSxmh6tPQ7UcrkXAQohM=", - "h1:ucNFgeMRknvGjwQrVf6FzR9I5kYpFxEl3F0MeVgloBw=", - "h1:yIDopRNeRAXg1UZpPlO6GNofDyzqSPkl/+Eoc3pKW4Q=", - "h1:zDAuX1IRNCyU/CSzF7xdw1aD7a140A5qsjgoVjoRLkk=", - "zh:2adad39412111d19a5195474d6b95577fc25ccf06d88a90019bee0efba33a1e3", - "zh:51226453a14f95b0d1163cfecafc9cf1a92ce5f66e42e6b4065d83a813836a2c", - "zh:62450fadb56db9c18d50bb8b7728a3d009be608d7ee0d4fe95c85ccb521dff83", - "zh:6f3ad977a9cc4800847c136690b1c0a0fd8437705062163d29dc4e9429598950", - "zh:71ca0a16b735b8d34b7127dd7d1e1e5d1eaac9c9f792e08abde291b5beb947d5", - "zh:7ae9cf4838eea80288305be0a3e69b39ffff86ede7b4319be421f06d32d04fb6", - "zh:93abc2db5ad995cfee014eb7446abc7caedc427e141d375a11993e6e199076b5", - "zh:9560b3424d97da804e98ee86b474b7370afefa09baf350cae7f33afb3f1aa209", + "h1:+aq386lQCaPX7wR6EPf3PPZvCiI6dRwnjb1wR6lNa8E=", + "h1:/9X2RvntgJ1nmSakhVHzYoFJ42qaTRUZJDiHyXzfQH0=", + "h1:0g9/1oMy5DIRjaR1u7+JWdkdWi0+bQvyxhU24n78syE=", + "h1:I0GcDd++Dr4Jf9w5c1G9P4KvwnTKO1pT6uxEbNoPb2I=", + "h1:Qy0TH573CcOgK8lVyXnk0lcMAV5N2oaj8fY/Cg9KYZ0=", + "h1:SOdZNOAcBvbrkV6V1S7UiGh9K//O66qfyXpHgyXeBeI=", + "h1:Y7F2a3rTMZbdumJb7BqYc2bvIHrXewjTX64FlGD8l1U=", + "h1:f65yf5H0S70fYCKGHhoWpMLOgGnqhLgS/5m1QKH0W/w=", + "h1:gW63frJVH2dXIphEJwIsNXHFPoBqPSWHlFgujeUAwWA=", + "h1:h6AA+TgBpDNQXFcLi4xKYiDbn94Dfhz7lt8Q8x8CEI8=", + "h1:tncEcRhyO4ari29TUFd4runtRLmTyJJzw2SFvCwZJss=", + "h1:vijdPzzKMynQCe4KEUkr4hO3eL/mbJRcL7erOUkESb4=", + "h1:yvViDeIGutuQTMa/ef1rTCF/1z2R3LUvyGjZacFwcTw=", + "h1:zuJgqzeQt3JI/JWcxFpk2eTtXeh7Xk/f/yZJCpkBhhg=", + "zh:37c09b9a0a0a2f7854fe52c6adb15f71593810b458a8283ed71d68036af7ba3a", + "zh:42fe11d87723d4e43b9c6224ae6bacdcb53faee8abc58f0fc625a161d1f71cb1", + "zh:57c6dfc46f28c9c2737559bd84acbc05aeae90431e731bb72a0024028a2d2412", + "zh:5ba9665a4ca0e182effd75575b19a4d47383ec02662024b9fe26f78286c36619", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9eb57a9b649c217ac4eeb27af2a1935c18bd9bc8fb1be07434e7de74729eff46", - "zh:b5f32dcbe71ea22c2090eeeaec9af3e098d7b8c3e4491f34ffdfdc6f1c1abf81", - "zh:c9fbd5417f266c773055178e87bb4091df7f0542b72bf5ad0a4ae27045a2b7ca", - "zh:d518b3c52c8a9f79769dbe1b3683d25b4cdc8bfc77a3b3cd9c85f74e6c7383e1", - "zh:db741be21f32404bb87d73d25b1b7fd9b813b00aeb20a130ed8806d44dc26680", - "zh:ed1a8bb4d08653d87265ae534d6fc33bbdabae1608692a1ee364fce03548d36c", + "zh:b55980be0237644123a02a30b56d4cc03863ef29036c47d6e8ab5429ab45adf5", + "zh:b81e7664f10855a3a6fc234a18b4c4f1456273126a40c41516f2061696fb9870", + "zh:bd09736ffafd92af104c3c34b5add138ae8db4402eb687863ce472ca7e5ff2e2", + "zh:cc2eb1c62fba2a11d1f239e650cc2ae94bcab01c907384dcf2e213a6ee1bd5b2", + "zh:e5dc40205d9cf6f353c0ca532ae29afc6c83928bc9bcca47d74b640d3bb5a38c", + "zh:ebf1acdcd13f10db1b9c85050ddaadc70ab269c47c5a240753362446442d8371", + "zh:f2fc28a4ad94af5e6144a7309286505e3eb7a94d9dc106722b506c372ff7f591", + "zh:f49445e8435944df122aa89853260a2716ba8b73d6a6a70cae1661554926d5a2", + "zh:fc3b5046e60ae7cab20715be23de8436eb12736136fd6d0f0cc1549ebda6cc73", + "zh:fdb98a53500e245a3b5bec077b994da6959dba8fc4eb7534528658d820e06bd5", ] } diff --git a/terraform/environment/lambda.tf b/terraform/environment/lambda.tf index 084abd29..e7c01c14 100644 --- a/terraform/environment/lambda.tf +++ b/terraform/environment/lambda.tf @@ -3,7 +3,7 @@ data "aws_secretsmanager_secret" "jwt_secret_key" { } module "lambda_lpa_v1" { - source = "github.com/terraform-aws-modules/terraform-aws-lambda.git?ref=v7.4.0" + source = "github.com/terraform-aws-modules/terraform-aws-lambda.git?ref=v7.6.0" function_name = "lpa-${local.environment}-v1" handler = "app.lpa.lambda_handler"