Update dependency open-policy-agent/opa to v1.5.1

[renovate]

This PR contains the following updates:

Package	Update	Change
open-policy-agent/opa	minor	v1.4.2 -> v1.5.1

---

Release Notes

open-policy-agent/opa (open-policy-agent/opa)

v1.5.1

Compare Source

This is a bug fix release addressing a regression to the walk built-in function, introduced in v1.5.0. See #​7656 (authored by @​anderseknert reported by @​robmyersrobmyers)

v1.5.0

Compare Source

This release contains a mix of new features, performance improvements, and bugfixes. Among others:

• Support for AWS SSO credentials provider
• Support for signing client assertions with Azure Keyvault
• Faster object.get, walk and builtin-function evaluation
• Improved guardrails in the parser
• Improvements to decision logging

Modernized OPA Website (#​7037)

The OPA website has been modernized with a new design and improved user experience.

The new site is based on Docusaurus and React which makes it easier to build live functionality and add non-documentation resources. This lays the groundwork for even more improvements in the future!

Documentation for older OPA versions are still available in the version archive.

Authored by @​charlieegan3

Runtime, Tooling, SDK

• ast: Only use JSON-escaped literal when needed in ref to string convertion (#​7550) reported and authored by @​xubinzheng
• ast: Parser recursion depth guard (#​7568) authored by @​thevilledev
• ast: Retaining SomeDecl Location field when compiler resolves refs (#​7543) authored by @​johanfylling
• bundle: Setting default rego-version in bundle API (#​7588) authored by @​johanfylling reported by @​xubinzheng
• perf: Improved "baseline" metrics of opa bench for trivial queries (#​7580) authored by @​anderseknert
• plugins/decision: Don't drop adaptive uncompressed size limit on upload (#​7562) authored by @​sspaink
• plugins/decision: Set config boundaries to upload_size_limit_bytes (#​7563) (authored by @​sspaink)
• plugins/rest: Add support for AWS SSO credentials provider (#​7527) authored by @​efiShtain
• plugins/rest: Support signing of client assertions with Azure Keyvault (#​7462) reported and authored by @​Od1nB
• plugins/status: Support graceful shutdown timeout (#​7576) authored by @​sspaink
• rego: Don't generate JSON values for wildcard/generated keys in result set (#​7567) authored by @​anderseknert
• runtime: Don't override user set version commit and timestamp (#​7471) reported by @​kastl-ars authored by @​sspaink

Planner, Topdown and Rego

• planner: Deal with var-for-function replacement in indirect calls (#​5311) authored by @​srenatus
• topdown: Faster object.get built-in function (#​7593) authored by @​anderseknert
• topdown: Faster walk built-in function (#​7612) authored by @​anderseknert
• topdown: Improved default rule value inlining ( (#​1418) authored by @​johanfylling
• topdown: Improved GraphQL error handling (#​7622) reported and authored by @​robmyersrobmyers

Docs, Website, Ecosystem

• docs: Fix helm-kubernetes-quickstart bundle (#​7606) reported and authored by @​nejec
• docs: Add Swift-OPA to the Ecosystem Page (#​7610) authored by @​charlieegan3
• docs: Add Tutorial Redirects ([#​7603]https://github.com/open-policy-agent/opa/issues/7603) reported by @​nataraj24 authored by @​charlieegan3
• Fix links in README (#​7633) authored by @​ffjlabo

Miscellaneous

• github_actions: Adding monthly check for broken hyperlinks (#​7537) authored by @​sspaink
• perf: Extended interning (#​7636) authored by @​anderseknert
• perf: Ref.String() shortcut on single var term ref (#​7595) authored by @​anderseknert
• refactor: Don't return error from opaTest (#​7560) authored by @​sspaink
• refactor: Remove internal/gqlparser and use upstream dependency instead. (#​7520) authored by @​robmyersrobmyers
• test: Fix flaky TestContextErrorHandling (#​7587) authored by @​sspaink
• Apply modernize linter fixes (#​7599) authored by @​anderseknert
• Use any in place of interface{} (#​7566) authored by @​anderseknert
• Dependency updates; notably:
  • build: bump go from 1.24.0 to 1.24.3
  • build(deps): bump containerd to v2.1.1 (#​7627) authored by @​johanfylling reported by @​robmyersrobmyers
  • build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
  • build(deps): bump github.com/prometheus/client_golang from 1.21.1 to 1.22.0
  • build(deps): bump github.com/prometheus/client_model from 0.6.1 to 0.6.2
  • build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0
  • build(deps): bump google.golang.org/grpc from 1.71.1 to 1.72.0

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.