fix(api-go): update module github.com/open-policy-agent/opa to v0.62.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/open-policy-agent/opa	v0.61.0 -> v0.62.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

open-policy-agent/opa (github.com/open-policy-agent/opa)

v0.62.1

Compare Source

This is a security fix release for the fixes published in Go 1.22.1.

OPA servers using --authentication=tls would be affected: crafted malicious client certificates could cause a panic in the server.

Also, crafted server certificates could panic OPA's HTTP clients, in bundle plugin, status and decision logs; and http.send calls that verify TLS.

This is CVE-2024-24783 (https://pkg.go.dev/vuln/GO-2024-2598).

Note that there are other security fixes in this Golang release, but whether or not OPA is affected is harder to assess. An update is advised.

Miscellaneous

• Add Trino to OPA ecosystem (authored by @​mosabua)
• update: ADOPTERS.md (#​6608) (authored by @​fredmaggiowski)

v0.62.0

Compare Source

NOTES:

• The minimum version of Go required to build the OPA module is 1.20

This release contains a mix of improvements and bugfixes.

Runtime, Tooling, SDK

• cmd: Add environment variable backups for command-line flags (#​6508) authored by @​colinjlacy
• download/oci: Add missing WithBundleParserOpts method to OCI downloader (#​6571) authored by @​slonka
• logging: avoid %!F(MISSING) in logs by skipping calls to the {Debug,Info,Warn,Error}f functions when there are no arguments (#​6555) authored by @​srenatus

Topdown and Rego

• ast+cmd: Allow bundle to contain calls to unknown Rego functions when inspected (#​6591) authored by @​johanfylling
• topdown/http: Respect raise_error flag during input validation (#​6553) authored by @​ashutosh-narkar

Docs + Website + Ecosystem

• Add OpaDotNet to ecosystem projects (#​6554) authored by @​me-viper
• Add updated logos for Permit.io and OPAL (#​6562) authored by @​danielbass37
• docs: Update description of the url path usage when accessing values inside object and array documents for v1/data GET and POST (#​6567) authored by @​ashutosh-narkar
• docs: Use application/yaml instead of application/x-yaml as the former is now a recognized content type (#​6565) authored by @​anderseknert

Miscellaneous

• Add Elastic to ADOPTERS.md (#​6568) authored by @​orouz
• Dependency updates; notably:
  • bump golang 1.21.5 -> 1.22 (#​6595) authored by @​srenatus
  • bump google.golang.org/grpc from 1.61.0 to 1.62.0
  • bump golang.org/x/net from 0.19.0 to 0.21.0
  • bump github.com/containerd/containerd from 1.7.12 to 1.7.13
  • bump aquasecurity/trivy-action from 0.16.1 to 0.17.0
  • bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0
  • bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc6

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[github-actions]

🎉 This PR is included in version 1.107.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀