Upgrade: Bump the dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the dependencies group with 11 updates in the / directory:

Package	From	To
aiohttp	3.9.5	3.10.5
attrs	23.2.0	24.2.0
boto3	1.34.137	1.35.10
botocore	1.34.137	1.35.10
certifi	2024.6.2	2024.8.30
idna	3.7	3.8
marshmallow	3.21.3	3.22.0
pyyaml	6.0.1	6.0.2
sentry-sdk	2.7.1	2.13.0
urllib3	1.26.19	1.26.20
yarl	1.9.4	1.9.6

Updates aiohttp from 3.9.5 to 3.10.5

Release notes

Sourced from aiohttp's releases.

3.10.5

Bug fixes

• Fixed :meth:aiohttp.ClientResponse.json() not setting status when :exc:aiohttp.ContentTypeError is raised -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8742.

Miscellaneous internal changes

• Improved performance of the WebSocket reader -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8736, #8747.

---

3.10.4

Bug fixes

• Fixed decoding base64 chunk in BodyPartReader -- by :user:hyzyla.

  Related issues and pull requests on GitHub: #3867.

• Fixed a race closing the server-side WebSocket where the close code would not reach the client -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8680.

• Fixed unconsumed exceptions raised by the WebSocket heartbeat -- by :user:bdraco.

  If the heartbeat ping raised an exception, it would not be consumed and would be logged as an warning.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.5 (2024-08-19)

Bug fixes

• Fixed :meth:aiohttp.ClientResponse.json() not setting status when :exc:aiohttp.ContentTypeError is raised -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8742.

Miscellaneous internal changes

• Improved performance of the WebSocket reader -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8736, :issue:8747.

---

3.10.4 (2024-08-17)

Bug fixes

• Fixed decoding base64 chunk in BodyPartReader -- by :user:hyzyla.

  Related issues and pull requests on GitHub: :issue:3867.

• Fixed a race closing the server-side WebSocket where the close code would not reach the client -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8680.

... (truncated)

Commits

• ec453ba Release 3.10.5 (#8754)
• 5953df1 [PR #8749/5e30b49 backport][3.10] Bump cffi to 1.17.0 (#8752)
• 83bd239 [PR #8747/e97b17a6 backport][3.10] Make MESSAGE_TYPES_WITH_CONTENT a frozense...
• c7ff47b [PR #8742/b4f9cb35 backport][3.10] Fix status not being set when ClientRespon...
• fbfedd6 [PR #8736/1b88af2 backport][3.10] Improve performance of WebSocketReader (#8743)
• dba2605 [3.10] Bump pypa/cibuildwheel to v2.20.0 (#8740)
• 92dc91b Bump version to 3.10.5.dev0
• 8dcd3a4 Release 3.10.4 (Attempt 2) (#8732)
• f4d4f2a Release 3.10.4 (#8731)
• 0f1a008 [PR #8685/e7c02ca4 backport][3.10] Fix exceptions from WebSocket ping task no...
• Additional commits viewable in compare view

Updates attrs from 23.2.0 to 24.2.0

Commits

• See full diff in compare view

Updates boto3 from 1.34.137 to 1.35.10

Commits

• 85cba10 Merge branch 'release-1.35.10'
• 7264985 Bumping version to 1.35.10
• 4e8bc10 Add changelog entries from botocore
• 6f961e2 Merge branch 'release-1.35.9'
• 25ebb36 Merge branch 'release-1.35.9' into develop
• ed635b5 Bumping version to 1.35.9
• 3a06379 Add changelog entries from botocore
• 0733f58 Merge branch 'release-1.35.8'
• 1cbfeec Merge branch 'release-1.35.8' into develop
• 79f7f2c Bumping version to 1.35.8
• Additional commits viewable in compare view

Updates botocore from 1.34.137 to 1.35.10

Changelog

Sourced from botocore's changelog.

1.35.10

• api-change:backup: The latest update introduces two new attributes, VaultType and VaultState, to the DescribeBackupVault and ListBackupVaults APIs. The VaultState attribute reflects the current status of the vault, while the VaultType attribute indicates the specific category of the vault.
• api-change:datazone: Amazon DataZone now adds new governance capabilities of Domain Units for organization within your Data Domains, and Authorization Policies for tighter controls.
• api-change:logs: This release introduces a new optional parameter: Entity, in PutLogEvents request
• api-change:redshift-data: The release include the new Redshift DataAPI feature for session use, customer execute query with --session-keep-alive-seconds parameter and can submit follow-up queries to same sessions with returnedsession-id

1.35.9

• api-change:bedrock-agent-runtime: Lifting the maximum length on Bedrock KnowledgeBase RetrievalFilter array
• api-change:bedrock-runtime: Add support for imported-model in invokeModel and InvokeModelWithResponseStream.
• api-change:personalize: This releases ability to update automatic training scheduler for customer solutions
• api-change:quicksight: Increased Character Limit for Dataset Calculation Field expressions
• api-change:stepfunctions: This release adds support for static analysis to ValidateStateMachineDefinition API, which can now return optional WARNING diagnostics for semantic errors on the definition of an Amazon States Language (ASL) state machine.
• api-change:wafv2: The minimum request rate for a rate-based rule is now 10. Before this, it was 100.

1.35.8

• api-change:appconfig: This release adds support for deletion protection, which is a safety guardrail to prevent the unintentional deletion of a recently used AWS AppConfig Configuration Profile or Environment. This also includes a change to increase the maximum length of the Name parameter in UpdateConfigurationProfile.
• api-change:datazone: Update regex to include dot character to be consistent with IAM role creation in the authorized principal field for create and update subscription target.
• api-change:devicefarm: This release removed support for Calabash, UI Automation, Built-in Explorer, remote access record, remote access replay, and web performance profile framework in ScheduleRun API.
• api-change:ec2: Amazon VPC IP Address Manager (IPAM) now allows customers to provision IPv4 CIDR blocks and allocate Elastic IP Addresses directly from IPAM pools with public IPv4 space
• api-change:internetmonitor: Adds new querying types to show overall traffic suggestion information for monitors
• api-change:pcs: Introducing AWS Parallel Computing Service (AWS PCS), a new service makes it easy to setup and manage high performance computing (HPC) clusters, and build scientific and engineering models at virtually any scale on AWS.
• api-change:workspaces: Documentation-only update that clarifies the StartWorkspaces and StopWorkspaces actions, and a few other minor edits.

1.35.7

• api-change:bedrock: Amazon Bedrock SDK updates for Inference Profile.
• api-change:bedrock-runtime: Amazon Bedrock SDK updates for Inference Profile.
• api-change:chatbot: Update documentation to be consistent with the API docs
• api-change:omics: Adds data provenance to import jobs from read sets and references
• api-change:polly: Amazon Polly adds 2 new voices: Jitka (cs-CZ) and Sabrina (de-CH).

1.35.6

• api-change:iotsitewise: AWS IoT SiteWise now supports versioning for asset models. It enables users to retrieve active version of their asset model and perform asset model writes with optimistic lock.
• api-change:workspaces: This release adds support for creating and managing directories that use AWS IAM Identity Center as user identity source. Such directories can be used to create non-Active Directory domain joined WorkSpaces Personal.Updated RegisterWorkspaceDirectory and DescribeWorkspaceDirectories APIs.

1.35.5

... (truncated)

Commits

• 6e846e8 Merge branch 'release-1.35.10'
• 6cb9ba2 Bumping version to 1.35.10
• 8c5e3e5 Update endpoints model
• 5b5356f Update to latest models
• 3428c19 Merge branch 'release-1.35.9' into develop
• 606af07 Merge branch 'release-1.35.9'
• 764d893 Bumping version to 1.35.9
• 9a37f04 Update to latest models
• c294152 Merge branch 'release-1.35.8' into develop
• fbd8b1e Merge branch 'release-1.35.8'
• Additional commits viewable in compare view

Updates certifi from 2024.6.2 to 2024.8.30

Commits

• 325c2fd 2024.08.30 (#304)
• d66bf5f Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#302)
• 2150f23 Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#301)
• fc9b771 Bump actions/setup-python from 5.1.0 to 5.1.1 (#300)
• 965b239 Bump actions/download-artifact from 4.1.7 to 4.1.8 (#297)
• c1f50cc Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#296)
• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• See full diff in compare view

Updates idna from 3.7 to 3.8

Release notes

Sourced from idna's releases.

v3.8

What's Changed

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.8 (2024-08-23) ++++++++++++++++

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits

• 784c6f4 Release v3.8
• 28c7c9e Typo fix
• a2b41c3 Pin remainder of Github Actions flagged in code scanning
• 1f613c5 More Github Action dependency pinning
• a87e2b6 Update OSSF scorecard to latest version
• 12d4dd1 Merge pull request #182 from kjd/github-pypi-actions
• e1a1541 Pin Github Actions dependencies
• c109d3a Merge branch 'master' into github-pypi-actions
• f8a8de4 Do not try to build/send packages to TestPyPI for now
• 613bdde Update regexp to move global flag to start of expression
• Additional commits viewable in compare view

Updates marshmallow from 3.21.3 to 3.22.0

Changelog

Sourced from marshmallow's changelog.

3.22.0 (2024-08-20)

---

Features:

• Add many Meta option to Schema so it expects a collection by default (:issue:2270). Thanks :user:himalczyk for reporting and :user:deckar01 for the PR.
• Refactor hooks (:pr:2279). Thanks :user:deckar01 for the PR.

Commits

• fbad345 Bump version and update changelog
• 78cbc09 Merge pull request #2271 from deckar01/2270-meta-many
• 7609530 Merge pull request #2279 from deckar01/simplify-hooks
• bbbd7af Reduce pre-commit.ci updates to monthly (#2300)
• 1d21132 [pre-commit.ci] pre-commit autoupdate
• 8ceb4b3 [pre-commit.ci] pre-commit autoupdate (#2298)
• ac13e0d Add sponsors to docs
• 7ebdc7b Fix logo image for pypi rendering
• 7c2f1ca Add Route4Me as sponsor
• 01f8432 Bump alabaster from 0.7.16 to 1.0.0 (#2292)
• Additional commits viewable in compare view

Updates pyyaml from 6.0.1 to 6.0.2

Release notes

Sourced from pyyaml's releases.

6.0.2

What's Changed

• Support for Cython 3.x and Python 3.13.

Full Changelog: yaml/pyyaml@6.0.1...6.0.2

6.0.2rc1

• Support for extension build with Cython 3.x
• Support for Python 3.13
• Added PyPI wheels for musllinux on aarch64

Changelog

Sourced from pyyaml's changelog.

6.0.2 (2024-08-06)

• yaml/pyyaml#808 -- Support for Cython 3.x and Python 3.13

Commits

• 41309b0 Release 6.0.2 (#819)
• dd9f0e1 6.0.2rc1 (#809)
• f5527a2 disable CI trigger on PR edits
• b4d80a7 Python 3.12 + musllinux_1_1_x86_64 wheel support
• See full diff in compare view

Updates sentry-sdk from 2.7.1 to 2.13.0

Release notes

Sourced from sentry-sdk's releases.

2.13.0

Various fixes & improvements

• New integration: Ray (#2400) (#2444) by @​glowskir

  Usage: (add the RayIntegration to your sentry_sdk.init() call and make sure it is called in the worker processes)

  import ray
  import sentry_sdk
  from sentry_sdk.integrations.ray import RayIntegration
  def init_sentry():
  sentry_sdk.init(
  dsn="...",
  traces_sample_rate=1.0,
  integrations=[RayIntegration()],
  )
  init_sentry()
  ray.init(
  runtime_env=dict(worker_process_setup_hook=init_sentry),
  )

  For more information, see the documentation for the Ray integration.

• New integration: Litestar (#2413) (#3358) by @​KellyWalker

  Usage: (add the LitestarIntegration to your sentry_sdk.init())

  from litestar import Litestar, get
  import sentry_sdk
  from sentry_sdk.integrations.litestar import LitestarIntegration
  sentry_sdk.init(
  dsn="...",
  traces_sample_rate=1.0,
  integrations=[LitestarIntegration()],
  )
  @​get("/")
  async def index() -> str:
  return "Hello, world!"
  app = Litestar(...)

  For more information, see the documentation for the Litestar integration.

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.13.0

Various fixes & improvements

• New integration: Ray (#2400) (#2444) by @​glowskir

  Usage: (add the RayIntegration to your sentry_sdk.init() call and make sure it is called in the worker processes)

  import ray
  import sentry_sdk
  from sentry_sdk.integrations.ray import RayIntegration
  def init_sentry():
  sentry_sdk.init(
  dsn="...",
  traces_sample_rate=1.0,
  integrations=[RayIntegration()],
  )
  init_sentry()
  ray.init(
  runtime_env=dict(worker_process_setup_hook=init_sentry),
  )

  For more information, see the documentation for the Ray integration.

• New integration: Litestar (#2413) (#3358) by @​KellyWalker

  Usage: (add the LitestarIntegration to your sentry_sdk.init())

  from litestar import Litestar, get
  import sentry_sdk
  from sentry_sdk.integrations.litestar import LitestarIntegration
  sentry_sdk.init(
  dsn="...",
  traces_sample_rate=1.0,
  integrations=[LitestarIntegration()],
  )
  @​get("/")
  async def index() -> str:
  return "Hello, world!"
  app = Litestar(...)

  For more information, see the documentation for the Litestar integration.

... (truncated)

Commits

• 570307c Updated changelog
• 4c1ea7a release: 2.13.0
• 17a6cf0 feat: Add ray integration support (#2400) (#2444)
• 4858996 Expose custom_repr function that precedes safe_repr invocation in serializer ...
• 275c63e ref(sessions): Deprecate hub-based sessions.py logic (#3419)
• 6a4e729 ref(sessions): Deprecate is_auto_session_tracking_enabled (#3428)
• a6cb9b1 Add note to generated yaml files (#3423)
• 19c4069 test(sessions): Remove unnecessary line (#3418)
• da0392f Dramatiq integration from @​jacobsvante (#3397)
• 7d46709 Serialize vars early to avoid living references (#3409)
• Additional commits viewable in compare view

Updates urllib3 from 1.26.19 to 1.26.20

Release notes

Sourced from urllib3's releases.

1.26.20

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

• Fixed a crash where certain standard library hash functions were absent in FIPS-compliant environments. (#3432)
• Replaced deprecated dash-separated setuptools entries in setup.cfg. (#3461)
• Took into account macOS setting ECONNRESET instead of EPROTOTYPE in its newer versions. (#3416)
• Backported changes to our tests and CI configuration from v2.x to support testing with CPython 3.12 and 3.13. (#3436)

Full Changelog: urllib3/urllib3@1.26.19...1.26.20

Changelog

Sourced from urllib3's changelog.

1.26.20 (2024-08-29)

• Fixed a crash where certain standard library hash functions were absent in FIPS-compliant environments. ([#3432](https://github.com/urllib3/urllib3/issues/3432) <https://github.com/urllib3/urllib3/issues/3432>__)
• Replaced deprecated dash-separated setuptools entries in setup.cfg. ([#3461](https://github.com/urllib3/urllib3/issues/3461) <https://github.com/urllib3/urllib3/pull/3461>__)
• Took into account macOS setting ECONNRESET instead of EPROTOTYPE in its newer versions. ([#3416](https://github.com/urllib3/urllib3/issues/3416) <https://github.com/urllib3/urllib3/pull/3416>__)
• Backported changes to our tests and CI configuration from v2.x to support testing with CPython 3.12 and 3.13. ([#3436](https://github.com/urllib3/urllib3/issues/3436) <https://github.com/urllib3/urllib3/pull/3436>__)

Commits

• 6f2ad7c Release 1.26.20
• 7f925b0 Backport changes to the publish workflow
• 3d9b2d3 Replace deprecated dash-separated setuptools entries in setup.cfg (#3461)
• e9ac9bc Upgrade actions (#3437)
• 0b42b01 Do not limit runs with 3.13 to Ubuntu
• d135b54 Backport a part of 5d93c9c6c01efc469200044027c21c6e661f2a99
• 8c13ec8 Backport test_eintr_zero_timeout fix
• df09e8c Move verbosity flag to noxfile
• ac96f20 Test test_requesting_large_resources_via_ssl separately
• 3f1806c Try using same PyPy 3.9 version as in main to fix timeouts
• Additional commits viewable in compare view

Updates yarl from 1.9.4 to 1.9.6

Release notes

Sourced from yarl's releases.

1.9.6

Bug fixes

• Reverted :rfc:3986 compatible :meth:URL.join() <yarl.URL.join> honoring empty segments which was introduced in #1039.

  This change introduced a regression handling query string parameters with joined URLs. The change was reverted to maintain compatibility with the previous behavior.

  Related issues and pull requests on GitHub: #1067.

---

1.9.5

Bug fixes

• Joining URLs with empty segments has been changed to match :rfc:3986.

  Previously empty segments would be removed from path, breaking use-cases such as

  .. code-block:: python

  URL("https://web.archive.org/web/") / "https://github.com/"

  Now :meth:/ operation <yarl.URL.__truediv__> and :meth:URL.joinpath() <yarl.URL.joinpath> keep empty segments, but do not introduce new empty segments. e.g.

  .. code-block:: python

  URL("https://example.org/") / ""

  does not introduce an empty segment.

  -- by :user:commonism and :user:youtux

  Related issues and pull requests on GitHub: #1026.

• The default protocol ports of well-known URI schemes are now taken into account during the normalization of the URL string representation in accordance with :rfc:3986#section-3.2.3.

  Specified ports are removed from the :class:str representation of a :class:~yarl.URL if the port matches the scheme's default port -- by :user:commonism.

... (truncated)

Changelog

Sourced from yarl's changelog.

1.9.6

(2024-08-30)

Bug fixes

• Reverted :rfc:3986 compatible :meth:URL.join() <yarl.URL.join> honoring empty segments which was introduced in :issue:1039.

  This change introduced a regression handling query string parameters with joined URLs. The change was reverted to maintain compatibility with the previous behavior.

  Related issues and pull requests on GitHub: :issue:1067.

---

1.9.5

(2024-08-30)

Bug fixes

• Joining URLs with empty segments has been changed to match :rfc:3986.

  Previously empty segments would be removed from path, breaking use-cases such as

  .. code-block:: python

  URL("https://web.archive.org/web/") / "https://github.com/"

  Now :meth:/ operation <yarl.URL.__truediv__> and :meth:URL.joinpath() <yarl.URL.joinpath> keep empty segments, but do not introduce new empty segments. e.g.

  .. code-block:: python

  URL("https://example.org/") / ""

  does not introduce an empty segment.

  -- by :user:commonism and :user:youtux

... (truncated)

Commits

• d223009 Release 1.9.6
• e175d74 Revert "RFC3986 compatible URL.join honoring empty segments (#1039)" (#1067)
• 9407fcd Increment version to 1.9.6.dev0 (#1061)
• 10635f8 Release 1.9.5 (attempt 2)
• 1624f72 Fix get-releasenote parsing the changelog (#1063)
• ac71fe5 Release 1.9.5 (#1060)
• f6e2c95 Remove unused type ignores and casts (#1031)
• f40adb0 Bump black from 24.4.2 to 24.8.0 (#1059)
• 822097a Make scheme a cached property as well (#1058)
• e3dd736 RFC3986 compatible URL.join honoring empty segments (#1039)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
urllib3	[>= 2.a, < 3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.