Bump runatlantis/atlantis from v0.24.3 to v0.38.0 in /milmove-atlantis

[dependabot]

Bumps runatlantis/atlantis from v0.24.3 to v0.38.0.

Release notes

Sourced from runatlantis/atlantis's releases.

v0.38.0

🎉 Atlantis v0.38.0 Release Notes

✨ New Features

• Pending Apply Status for GitLab - Added --pending-apply-status flag to set commit status to pending when planned Terraform changes haven't been applied yet, preventing premature MR merges (#5926) by @​rjmsilveira

🐛 Bug Fixes

• GitHub Mergeability Check - Fixed mergeability determination from GitHub workflow check suites (#5885) by @​nitrocode
• Custom Policy Sets Security - Prevented any users from approving custom policy sets - strengthened policy enforcement (#5915) by @​nicolasvan
• GitLab Pipeline Race Condition - Resolved issue where GitLab pipelines could get stuck in running state blocking automerge (#5986) by @​MihailoPlavsic34
• Nil Pointer in Version Command - Fixed nil pointer dereference in atlantis version command (#5971)
• Policy Checks Rego Errors - Policy checks now properly fail when Rego syntax errors occur (#5980)
• Metric Scope Leak - Fixed metric scope closure after tests finish (#5889)
• Base Branch Handling - Resolved issues when changing base branch during repository reclone (#6005) by @​nitrocode
• Remote Name Conflict - Fixed usage of reserved name head for source remote (#6010) by @​nitrocode
• Conftest Version in Docker - Added DEFAULT_CONFTEST_VERSION environment variable to Dockerfile so it's available at runtime (#5997)

🔒 Security Updates

• Updated golang.org/x/crypto to v0.43.0 and v0.45.0 (#5956, #5974)
• Bumped vite from 5.4.20 to 5.4.21 (#5905)

📦 Dependency Updates

Package	Version
Go	v1.25.4
OpenTofu	v1.10.7
Vue	v3.5.24
ngrok	3.33.1
glob	latest
markdownlint-cli	latest
actions/checkout	34e1148
actions/dependency-review-action	v4.8.2
github/codeql-action	f94c9be

📚 Documentation & Improvements

• 📖 Consolidated release documentation (#5946)
• 💡 Improved working directory lock error messaging (#5960)
• ⚖️ Added license references to files that were missing them (#5977)
• 🧪 Cleaned up invalid policy owner tests (#5963)
• 🐳 Pinned testing environment Docker images (#6013)

👥 Contributors

Thanks to all contributors who made this release possible:

... (truncated)

Commits

• 3bc7af9 chore(deps): update actions/checkout digest to 34e1148 in .github/workflows/w...
• 30d6c83 chore(deps): pin ghcr.io/runatlantis/testing-env docker tag to 10f7921 in .gi...
• 0427eed fix: Prevent any users from approving custom policy sets - fix tests, handle ...
• 01ab5b1 fix: Do not use name head for source remote (#6010)
• 51d0c95 fix: Handle changing base branch in reclone (#6005)
• 9328a78 fix: add env variable DEFAULT_CONFTEST_VERSION to dockerfile so it's availabl...
• bc4dc25 fix: resolve issue #5944 (#5986)
• 82be69c chore: Add license references to files that don't have them (#5977)
• 83d8263 fix: determine mergeability of GitHub workflows from check suite (#5885)
• cfe9263 fix: Close metric scope after tests finish (#5889)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #497.