build(deps): bump the low-risk group with 7 updates

[dependabot]

Bumps the low-risk group with 7 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.41.4	1.41.5
github.com/aws/aws-sdk-go-v2/config	1.32.12	1.32.13
github.com/aws/aws-sdk-go-v2/service/secretsmanager	1.41.4	1.41.5
github.com/aws/aws-sdk-go-v2/service/ssm	1.68.3	1.68.4
github.com/googleapis/gax-go/v2	2.19.0	2.20.0
github.com/hashicorp/vault/api	1.22.0	1.23.0
github.com/hashicorp/vault/api/auth/aws	0.11.0	0.12.0

Updates github.com/aws/aws-sdk-go-v2 from 1.41.4 to 1.41.5

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.12 to 1.32.13

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.41.4 to 1.41.5

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ssm from 1.68.3 to 1.68.4

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/googleapis/gax-go/v2 from 2.19.0 to 2.20.0

Release notes

Sourced from github.com/googleapis/gax-go/v2's releases.

v2: v2.20.0

v2.20.0 (2026-03-25)

Features

• hook metric recording into gax.Invoke (#494) (1f3e9aef)

• add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487) (defdded3)

Commits

• 25485ab chore: create a release (#495)
• 1f3e9ae feat: hook metric recording into gax.Invoke (#494)
• defdded feat(v2): add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487)
• 399c197 chore(all): update all (#492)
• c64aabe chore(all): update module google.golang.org/grpc to v1.79.3 [SECURITY] (#490)
• See full diff in compare view

Updates github.com/hashicorp/vault/api from 1.22.0 to 1.23.0

Commits

• d430306 Merge remote-tracking branch 'remotes/from/ce/main'
• a3bc0a3 (enos): Add LDAP secrets engine blackbox tests to Plugin Scenario (#13072) (#...
• f8df539 Merge remote-tracking branch 'remotes/from/ce/main'
• 2b0ec25 VAULT-43444 Addressed races in tests (#13278) (#13285)
• a097d1f Merge remote-tracking branch 'remotes/from/ce/main'
• 7e587fd Update vault-plugin-auth-kubernetes to v0.24.1 (#13259) (#13287)
• 1331818 UI: Fix namespace search showing empty state when namespaces exist (#13257) (...
• 7b12feb Merge remote-tracking branch 'remotes/from/ce/main'
• 7d4395c Update vault-plugin-auth-jwt to v0.26.1 (#13242) (#13283)
• 6d4b615 adds flag to fix chrome in ci (#13279) (#13282)
• Additional commits viewable in compare view

Updates github.com/hashicorp/vault/api/auth/aws from 0.11.0 to 0.12.0

Changelog

Sourced from github.com/hashicorp/vault/api/auth/aws's changelog.

0.11.6 (December 14th, 2018)

This release contains the three security fixes from 1.0.0 and 1.0.1 and the following bug fixes from 1.0.0/1.0.1:

• namespaces: Correctly reload the proper mount when tuning or reloading the mount [GH-5937]
• replication/perfstandby: Fix audit table upgrade on standbys [GH-5811]
• replication/perfstandby: Fix redirect on approle update [GH-5820]
• secrets/kv: Fix issue where storage version would get incorrectly downgraded [GH-5809]

It is otherwise identical to 0.11.5.

0.11.5 (November 13th, 2018)

BUG FIXES:

• agent: Fix issue when specifying two file sinks [GH-5610]
• auth/userpass: Fix minor timing issue that could leak the presence of a username [GH-5614]
• autounseal/alicloud: Fix issue interacting with the API (Enterprise)
• autounseal/azure: Fix key version tracking (Enterprise)
• cli: Fix panic that could occur if parameters were not provided [GH-5603]
• core: Fix buggy behavior if trying to remount into a namespace
• identity: Fix duplication of entity alias entity during alias transfer between entities [GH-5733]
• namespaces: Fix tuning of auth mounts in a namespace
• ui: Fix bug where editing secrets as JSON doesn't save properly [GH-5660]
• ui: Fix issue where IE 11 didn't render the UI and also had a broken form when trying to use tool/hash [GH-5714]

0.11.4 (October 23rd, 2018)

CHANGES:

• core: HA lock file is no longer copied during operator migrate [GH-5503]. We've categorized this as a change, but generally this can be considered just a bug fix, and no action is needed.

FEATURES:

• Transit Key Trimming: Keys in transit secret engine can now be trimmed to remove older unused key versions
• Web UI support for KV Version 2: Browse, delete, undelete and destroy individual secret versions in the UI
• Azure Existing Service Principal Support: Credentials can now be generated against an existing service principal

IMPROVEMENTS:

... (truncated)

Commits

• b01edee sdk: prepare for release (#26348)
• e5fc112 Fix TestProxy_Cache_EventSystemUpdatesCacheKVV2 (#26352)
• c96c1ef Don't wrap error from filter field validation (#26362)
• 3dc16db VAULT-24798: audit - improve error messages (#26312)
• 82eda87 UI: Test reorganization (#26340)
• 71758f4 terraform: pin to 1.7.5 until 1.8.0 crash is resolved (#26356)
• f2b5290 ldap/auth: add tests for login regressions (#26327)
• 0445e62 add new helper and apply to menu auth label (#26181)
• f6c71dd docs: add known issue resolved version (#26288)
• ba6a9c2 Docs: WAF: initial cloud access management content (#26321)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Assignees

The following users could not be added as assignees: elvenspellmaker. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud