build(deps-dev): bump moto from 5.1.11 to 5.1.21

[dependabot]

Bumps moto from 5.1.11 to 5.1.21.

Changelog

Sourced from moto's changelog.

5.1.21

Docker Digest for 5.1.21: sha256:93ad54da7badce7f9c13e5e6439c93564c764663c42872d2c39f718aa484047a

General:
    * Moto now supports the new AWS partition for the EU sovereign cloud ('eusc-de-east-1')
New Services:
* Account:
* delete_alternate_contact()
* get_alternate_contact()
* put_alternate_contact()
* Connect:
    * associate_analytics_data_set()
    * create_instance()
    * delete_instance()
    * describe_instance()
    * disassociate_analytics_data_set()
    * list_analytics_data_associations()
    * list_instances()
    * list_tags_for_resource()
    * tag_resource()
    * untag_resource()

New Methods:
* Backup:
* create_report_plan()
* delete_backup_vault()
* delete_backup_vault_lock_configuration()
* describe_backup_vault()
* describe_report_plan()
* list_report_plans()
* put_backup_vault_lock_configuration()
* EKS:
    * update_nodegroup_config()


Route53Resolver:

get_resolver_query_log_config_association()
list_resolver_query_log_configs()
list_resolver_query_log_config_associations()



SecurityHub:

get_master_account()





Miscellaneous:
* DynamoDB now supports multi-attribute composite key support for GSIs
* ELBv2: Internal load balancers can now be dualstack
* IAM: Policy validation now correctly validates Boolean conditions and NULL-resources

... (truncated)

Commits

• a91f0c0 Pre-Release: Up Version Number
• 57f8d2b Prep release 5.1.21 (#9723)
• 4b24808 chore: update EC2 Instance Types (#9720)
• 716d32e Backup: Implement ReportPlans + Terraform support (#9722)
• e5e9815 [DynamoDB] Add multi-attribute composite key support for GSIs (#9710)
• c6bece7 chore: update SSM default parameters (#9721)
• 29777b9 chore: update EC2 Instance Offerings (#9718)
• 3d28939 chore: update EMR Instance Types (#9717)
• ea2cbf6 S3: fix Terraform error when creating Lifecycle Configuration (#9719)
• da325fe S3: get_public_access_block() - Return correct 404 body (#9716)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

⚠️ Changes detected in the following folders without a corresponding update to the CHANGELOG.md:

• prowler (root dependency files changed)

Please add an entry to the corresponding CHANGELOG.md file to maintain a clear history of changes.

[github-actions]

🔒 Container Security Scan

Image: prowler:802b97f
Last scan: 2026-03-18 09:11:21 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	3
Total	3

3 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy