chore(deps): bump msgraph-sdk to 1.55.0 and azure-mgmt-resource to 24.0.0, remove marshmallow

[josema-xyz]

Description

• Bump msgraph-sdk from 1.23.0 to 1.55.0
• Bump azure-mgmt-resource from 23.3.0 to 24.0.0.
• Remove explicit marshmallow dev pin, as only was a transitive dependency of safety

Steps to review

Run tests.

Checklist

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the README.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? No.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[Copilot]

Pull request overview

Upgrades the Microsoft Graph Python SDK dependency used by the Prowler SDK, updating the project’s dependency pins and lockfile to keep installs reproducible, and recording the change in the SDK changelog.

Changes:

• Bump msgraph-sdk from 1.23.0 to 1.55.0 in pyproject.toml
• Regenerate poetry.lock to reflect the updated dependency graph
• Add a changelog entry documenting the dependency bump

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.

File	Description
pyproject.toml	Updates the pinned msgraph-sdk version to 1.55.0.
poetry.lock	Updates the resolved msgraph-sdk package/version and lock metadata.
prowler/CHANGELOG.md	Documents the dependency bump under a new 5.25.0 UNRELEASED section.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

🔒 Container Security Scan

Image: prowler:60eca81
Last scan: 2026-04-16 12:02:35 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	4
Total	4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.50%. Comparing base (12bf3d5) to head (f2a799b).
⚠️ Report is 10 commits behind head on master.

❗ There is a different number of reports uploaded between BASE (12bf3d5) and HEAD (f2a799b). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (12bf3d5)	HEAD (f2a799b)
api	1	0

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #10733      +/-   ##
==========================================
- Coverage   93.52%   84.50%   -9.02%     
==========================================
  Files         227     1704    +1477     
  Lines       31978    54758   +22780     
==========================================
+ Hits        29907    46274   +16367     
- Misses       2071     8484    +6413     

Flag	Coverage Δ
api	?
prowler-py3.10-aws	90.49% <ø> (?)
prowler-py3.10-azure	89.66% <ø> (?)
prowler-py3.10-config	84.50% <ø> (?)
prowler-py3.10-gcp	90.00% <ø> (?)
prowler-py3.10-github	89.25% <ø> (?)
prowler-py3.10-googleworkspace	87.20% <ø> (?)
prowler-py3.10-iac	88.81% <ø> (?)
prowler-py3.10-kubernetes	89.64% <ø> (?)
prowler-py3.10-lib	84.52% <ø> (?)
prowler-py3.10-m365	89.06% <ø> (?)
prowler-py3.10-mongodbatlas	88.72% <ø> (?)
prowler-py3.10-nhn	89.20% <ø> (?)
prowler-py3.10-openstack	87.14% <ø> (?)
prowler-py3.10-oraclecloud	86.88% <ø> (?)
prowler-py3.10-vercel	87.02% <ø> (?)
prowler-py3.11-aws	90.49% <ø> (?)
prowler-py3.11-azure	89.66% <ø> (?)
prowler-py3.11-config	84.45% <ø> (?)
prowler-py3.11-gcp	89.99% <ø> (?)
prowler-py3.11-github	89.24% <ø> (?)
prowler-py3.11-googleworkspace	87.14% <ø> (?)
prowler-py3.11-iac	88.74% <ø> (?)
prowler-py3.11-kubernetes	89.63% <ø> (?)
prowler-py3.11-lib	84.46% <ø> (?)
prowler-py3.11-m365	88.99% <ø> (?)
prowler-py3.11-mongodbatlas	88.65% <ø> (?)
prowler-py3.11-nhn	89.19% <ø> (?)
prowler-py3.11-openstack	87.08% <ø> (?)
prowler-py3.11-oraclecloud	86.82% <ø> (?)
prowler-py3.11-vercel	86.96% <ø> (?)
prowler-py3.12-aws	90.49% <ø> (?)
prowler-py3.12-azure	89.66% <ø> (?)
prowler-py3.12-config	84.50% <ø> (?)
prowler-py3.12-gcp	90.00% <ø> (?)
prowler-py3.12-github	89.25% <ø> (?)
prowler-py3.12-googleworkspace	87.20% <ø> (?)
prowler-py3.12-iac	88.81% <ø> (?)
prowler-py3.12-kubernetes	89.64% <ø> (?)
prowler-py3.12-lib	84.52% <ø> (?)
prowler-py3.12-m365	89.06% <ø> (?)
prowler-py3.12-mongodbatlas	88.72% <ø> (?)
prowler-py3.12-nhn	89.20% <ø> (?)
prowler-py3.12-openstack	87.14% <ø> (?)
prowler-py3.12-oraclecloud	86.88% <ø> (?)
prowler-py3.12-vercel	87.02% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	84.50% <100.00%> (∅)
api	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[prowler-bot]

💚 All backports created successfully

Status	Branch	Result
✅	v5.24

Questions ?

Please refer to the Backport tool documentation and see the Github Action logs for details