Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the updates group in /steps/list with 5 updates #3

Closed
wants to merge 1 commit into from
Closed

Bump the updates group in /steps/list with 5 updates #3

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 15, 2024
edited
Loading

Bumps the updates group in /steps/list with 5 updates:

Package From To
boto3 1.28.66 1.34.64
black 23.10.0 24.3.0
pyhamcrest 2.0.4 2.1.0
pytest 7.4.2 8.1.1
moto 4.2.7.dev9 5.0.4.dev16

Updates boto3 from 1.28.66 to 1.34.64

Changelog

Sourced from boto3's changelog.

1.34.64

  • api-change:backup: [botocore] This release introduces a boolean attribute ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This attribute can be used to filter out the recovery points protected by AWSBackup.
  • api-change:codebuild: [botocore] AWS CodeBuild now supports overflow behavior on Reserved Capacity.
  • api-change:connect: [botocore] This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.
  • api-change:ec2: [botocore] Add media accelerator and neuron device information on the describe instance types API.
  • api-change:kinesisanalyticsv2: [botocore] Support for Flink 1.18 in Managed Service for Apache Flink
  • api-change:s3: [botocore] Documentation updates for Amazon S3.
  • api-change:sagemaker: [botocore] Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker documentation.
  • api-change:workspaces-thin-client: [botocore] Removed unused parameter kmsKeyArn from UpdateDeviceRequest

1.34.63

  • api-change:amplify: [botocore] Documentation updates for Amplify. Identifies the APIs available only to apps created using Amplify Gen 1.
  • api-change:ec2-instance-connect: [botocore] This release includes a new exception type "SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API.
  • api-change:elbv2: [botocore] This release allows you to configure HTTP client keep-alive duration for communication between clients and Application Load Balancers.
  • api-change:fis: [botocore] This release adds support for previewing target resources before running a FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to API responses.
  • api-change:iot-roborunner: [botocore] The iot-roborunner client has been removed following the deprecation of the service.
  • api-change:rds: [botocore] Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2.
  • api-change:secretsmanager: [botocore] Doc only update for Secrets Manager
  • api-change:timestream-influxdb: [botocore] This is the initial SDK release for Amazon Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time time-series applications using open source APIs.
  • enhancement:urllib3: [botocore] Added support for urllib3 2.2.1+ in Python 3.10+

1.34.62

  • api-change:ivs-realtime: [botocore] adds support for multiple new composition layout configuration options (grid, pip)
  • api-change:kinesisanalyticsv2: [botocore] Support new RuntimeEnvironmentUpdate parameter within UpdateApplication API allowing callers to change the Flink version upon which their application runs.
  • api-change:s3: [botocore] This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

1.34.61

  • api-change:cloudformation: [botocore] CloudFormation documentation update for March, 2024
  • api-change:connect: [botocore] This release increases MaxResults limit to 500 in request for SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect.
  • api-change:ec2: [botocore] Documentation updates for Amazon EC2.
  • api-change:kafka: [botocore] Added support for specifying the starting position of topic replication in MSK-Replicator.
  • api-change:ssm: [botocore] March 2024 doc-only updates for Systems Manager.

1.34.60

  • api-change:codestar-connections: [botocore] Added a sync configuration enum to disable publishing of deployment status to source providers (PublishDeploymentStatus). Added a sync configuration enum (TriggerStackUpdateOn) to only trigger changes.
  • api-change:elasticache: [botocore] Revisions to API text that are now to be carried over to SDK text, changing usages of "SFO" in code examples to "us-west-1", and some other typos.

... (truncated)

Commits
  • f4491f1 Merge branch 'release-1.34.64'
  • a3306a7 Bumping version to 1.34.64
  • c4b5971 Add changelog entries from botocore
  • e2d520c Merge branch 'release-1.34.63'
  • 675cded Merge branch 'release-1.34.63' into develop
  • d1aefcd Bumping version to 1.34.63
  • e627bf6 Add changelog entries from botocore
  • 23c0741 Fix boto3 resource reference docs (#4050)
  • 49d87f3 Merge branch 'release-1.34.62'
  • 453b615 Merge branch 'release-1.34.62' into develop
  • Additional commits viewable in compare view

Updates black from 23.10.0 to 24.3.0

Release notes

Sourced from black's releases.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

  • Don't move comments along with delimiters, which could cause crashes (#4248)
  • Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
  • Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

  • Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

  • Note what happens when --check is used with --quiet (#4236)

24.2.0

Stable style

  • Fixed a bug where comments where mistakenly removed along with redundant parentheses (#4218)

Preview style

  • Move the hug_parens_with_braces_and_square_brackets feature to the unstable style due to an outstanding crash and proposed formatting tweaks (#4198)
  • Fixed a bug where base expressions caused inconsistent formatting of ** in tenary expression (#4154)
  • Checking for newline before adding one on docstring that is almost at the line limit (#4185)
  • Remove redundant parentheses in case statement if guards (#4214).

Configuration

... (truncated)

Changelog

Sourced from black's changelog.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

  • Don't move comments along with delimiters, which could cause crashes (#4248)
  • Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
  • Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

  • Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

  • Note what happens when --check is used with --quiet (#4236)

24.2.0

Stable style

  • Fixed a bug where comments where mistakenly removed along with redundant parentheses (#4218)

Preview style

  • Move the hug_parens_with_braces_and_square_brackets feature to the unstable style due to an outstanding crash and proposed formatting tweaks (#4198)
  • Fixed a bug where base expressions caused inconsistent formatting of ** in tenary expression (#4154)
  • Checking for newline before adding one on docstring that is almost at the line limit (#4185)
  • Remove redundant parentheses in case statement if guards (#4214).

... (truncated)

Commits

Updates pyhamcrest from 2.0.4 to 2.1.0

Release notes

Sourced from pyhamcrest's releases.

Adding features for async futures

What's Changed

New Contributors

Full Changelog: hamcrest/PyHamcrest@V2.0.4...V2.1.0

Changelog

Sourced from pyhamcrest's changelog.

Hamcrest 2.1.0 (2023-10-22)

Features

  • Add a matcher for exceptions in asyncio future ([#171](https://github.com/hamcrest/PyHamcrest/issues/171) <https://github.com/hamcrest/PyHamcrest/issues/171>_)

Bugfixes

  • Use the correct generic type in the internal describe_keyvalue method ([#182](https://github.com/hamcrest/PyHamcrest/issues/182) <https://github.com/hamcrest/PyHamcrest/issues/182>_)
Commits
  • dede7a3 release: fixed the github action downloader
  • e692b82 Changelog for 2.1.0
  • 0a80f23 Add a changelog file for the async features change
  • 03910ba Fix version file template
  • 8f160f8 Merge pull request #239 from robyoung/refactor-docs-to-promote-user-functions
  • 2eddd43 Cross link from matcher library docs to internals
  • 3f4cfb9 Add section for matcher internals
  • ecdf5d8 Refactor the docs to promote user functions
  • 58254ca Merge pull request #238 from brunns/python-3.12-rc
  • 4a1b61f Test with release candidate of Python 3.21
  • Additional commits viewable in compare view

Updates pytest from 7.4.2 to 8.1.1

Release notes

Sourced from pytest's releases.

8.1.1

pytest 8.1.1 (2024-03-08)

::: {.note} ::: {.title} Note :::

This release is not a usual bug fix release -- it contains features and improvements, being a follow up to 8.1.0, which has been yanked from PyPI. :::

Features

  • #11475: Added the new consider_namespace_packages{.interpreted-text role="confval"} configuration option, defaulting to False.

    If set to True, pytest will attempt to identify modules that are part of namespace packages when importing modules.

  • #11653: Added the new verbosity_test_cases{.interpreted-text role="confval"} configuration option for fine-grained control of test execution verbosity. See Fine-grained verbosity <pytest.fine_grained_verbosity>{.interpreted-text role="ref"} for more details.

Improvements

  • #10865: pytest.warns{.interpreted-text role="func"} now validates that warnings.warn{.interpreted-text role="func"} was called with a [str]{.title-ref} or a [Warning]{.title-ref}. Currently in Python it is possible to use other types, however this causes an exception when warnings.filterwarnings{.interpreted-text role="func"} is used to filter those warnings (see [CPython #103577](python/cpython#103577) for a discussion). While this can be considered a bug in CPython, we decided to put guards in pytest as the error message produced without this check in place is confusing.

  • #11311: When using --override-ini for paths in invocations without a configuration file defined, the current working directory is used as the relative directory.

    Previoulsy this would raise an AssertionError{.interpreted-text role="class"}.

  • #11475: --import-mode=importlib <import-mode-importlib>{.interpreted-text role="ref"} now tries to import modules using the standard import mechanism (but still without changing :pysys.path{.interpreted-text role="data"}), falling back to importing modules directly only if that fails.

    This means that installed packages will be imported under their canonical name if possible first, for example app.core.models, instead of having the module name always be derived from their path (for example .env310.lib.site_packages.app.core.models).

  • #11801: Added the iter_parents() <_pytest.nodes.Node.iter_parents>{.interpreted-text role="func"} helper method on nodes. It is similar to listchain <_pytest.nodes.Node.listchain>{.interpreted-text role="func"}, but goes from bottom to top, and returns an iterator, not a list.

  • #11850: Added support for sys.last_exc{.interpreted-text role="data"} for post-mortem debugging on Python>=3.12.

  • #11962: In case no other suitable candidates for configuration file are found, a pyproject.toml (even without a [tool.pytest.ini_options] table) will be considered as the configuration file and define the rootdir.

  • #11978: Add --log-file-mode option to the logging plugin, enabling appending to log-files. This option accepts either "w" or "a" and defaults to "w".

    Previously, the mode was hard-coded to be "w" which truncates the file before logging.

... (truncated)

Commits
  • 81653ee Adjust changelog manually for 8.1.1
  • e60b4b9 Prepare release version 8.1.1
  • 15fbe57 [8.1.x] Revert legacy path removals (#12093)
  • 86c3aab [8.1.x] Do not import duplicated modules with --importmode=importlib (#12077)
  • 5b82b0c [8.1.x] Yank version 8.1.0 (#12076)
  • 0a53681 Merge pull request #12054 from pytest-dev/release-8.1.0
  • b9a167f Prepare release version 8.1.0
  • 00043f7 Merge pull request #12038 from bluetech/fixtures-rm-arg2index
  • f4e1025 Merge pull request #12048 from bluetech/fixture-teardown-excgroup
  • 43492f5 Merge pull request #12051 from jakkdl/test_debugging_pythonbreakpoint
  • Additional commits viewable in compare view

Updates moto from 4.2.7.dev9 to 5.0.4.dev16

Changelog

Sourced from moto's changelog.

Moto Changelog

5.0.3

Docker Digest for 5.0.3: sha256:032d8ead42f289d9700e9bc844c6d264575ad11b3f6c22cc76d65ff638c8c7bd

General:
    * New configuration options for:
      - Passing URL's through the proxy
      - Configuring DOcker-less services in ServerMode
      See http://docs.getmoto.org/en/latest/docs/configuration/index.html

New Services:
* Route53Domains:
* delete_domain()
* list_domains()
* list_operations()
* register_domain()
* update_domain_nameservers()


New Methods:
* CostExplorer:
* get_cost_and_usage()


* ECR:
    * get_registry_scanning_configuration()



Miscellaneous:
* ApiGateway: update_usage_plan() now supports adding apiStages
* Athena: get_query_execution() now returns exact OutputLocation file
* Autoscaling: describe_auto_scaling_groups() now supports the filters-argument
* CloudFront: create_distribution() now supports CustomHeaders
* CloudFront: update_distribution() now handles updates to DistributionConfig correctly
* CloudFormation - Now supports creation and deletion of AWS::EMR::Cluster
* CloudFormation - Now supports creation and deletion of AWS::EMR::SecurityConfiguration
* CloudFormation - Now supports creation and deletion of AWS::EFS::AccessPoint
* CloudFormation - Now supports creation and deletion of AWS::EFS::FileSystem
* CloudFormation - Now supports creation and deletion of AWS::EMR::InstanceGroupConfig
* CloudFormation - Now supports deletion of AWS::Logs::LogGroup
* CloudFormation: delete_stack() now handles resource dependencies better
* CloudWatch: put_metric_data() now supports large (compressed) requests
* CognitoIDP: admin_initiate_auth() and respond_to_auth_challenge() now support SMS_MFA
* DynamoDB: transact_write_items() now raises ValidationException when putting and deleting the same item
* EC2: authorize_security_group_egress/_ingress now support the TagSpecifications-argument
* EC2: describe_security_group_rules() now supports Tag-filters
* S3: EventBridge notifications are now supported for ObjectCreated:POST/COPY/MULTIPART_UPLOAD and ObjectDeleted
* SNS: subscribe() now adds support the $or, equals-ignore-case and suffix features in a FilterPolicy
* SQS: send_message() should respect DelaySeconds of 0

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the updates group in /steps/list with 5 updates
74d4c8a 
Bumps the updates group in /steps/list with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.28.66` | `1.34.64` |
| [black](https://github.com/psf/black) | `23.10.0` | `24.3.0` |
| [pyhamcrest](https://github.com/hamcrest/PyHamcrest) | `2.0.4` | `2.1.0` |
| [pytest](https://github.com/pytest-dev/pytest) | `7.4.2` | `8.1.1` |
| [moto](https://github.com/getmoto/moto) | `4.2.7.dev9` | `5.0.4.dev16` |


Updates `boto3` from 1.28.66 to 1.34.64
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](boto/boto3@1.28.66...1.34.64)

Updates `black` from 23.10.0 to 24.3.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@23.10.0...24.3.0)

Updates `pyhamcrest` from 2.0.4 to 2.1.0
- [Release notes](https://github.com/hamcrest/PyHamcrest/releases)
- [Changelog](https://github.com/hamcrest/PyHamcrest/blob/main/CHANGELOG.rst)
- [Commits](hamcrest/PyHamcrest@V2.0.4...V2.1.0)

Updates `pytest` from 7.4.2 to 8.1.1
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@7.4.2...8.1.1)

Updates `moto` from 4.2.7.dev9 to 5.0.4.dev16
- [Release notes](https://github.com/getmoto/moto/releases)
- [Changelog](https://github.com/getmoto/moto/blob/master/CHANGELOG.md)
- [Commits](https://github.com/getmoto/moto/commits)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: updates
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: updates
- dependency-name: pyhamcrest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: updates
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: updates
- dependency-name: moto
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Mar 15, 2024

The following labels could not be found: security, dependencies.

@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Mar 17, 2024

Looks like these dependencies are up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Mar 17, 2024
@dependabot dependabot bot deleted the dependabot/pip/steps/list/updates-1ea6fc6c65 branch March 17, 2024 00:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants