-
-
Notifications
You must be signed in to change notification settings - Fork 616
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rework GitPython dependency to be an extra for bandit-baseline #1099
Conversation
bandit/cli/baseline.py
Outdated
@@ -198,23 +201,27 @@ def initialize(): | |||
report_fname = f"{report_basename}.{output_format}" | |||
|
|||
# #################### Check Requirements ################################# | |||
try: | |||
repo = git.Repo(os.getcwd()) | |||
if git is not None: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please, let's do something different here:
if git is None:
valid = False
LOG.error("GitPython not available to generate baseline file, run 'pip install --force-reinstall bandit[baseline]'")
return
try:
repo = git.Repo(os.getcwd())
except ...
...
...
doc/source/start.rst
Outdated
|
||
.. code-block:: console | ||
|
||
pip install bandit[GitPython] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't properly object before to the usage of toml
as the extra name, that should have been pyproject
. But I don't think bleeding implementation details of functionality behind extras is the right decision either. This should be bandit[baseline]
or bandit[baseline-deps]
setup.cfg
Outdated
@@ -38,7 +38,7 @@ toml = | |||
|
|||
[entry_points] | |||
console_scripts = | |||
bandit = bandit.cli.main:main |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not how you add a new extra. L33 above starts the extras section. After L37 I would add
baseline =
GitPython>=3.1.30
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense. I was reading the docs which stated the extra in the [] had to be a package. But I assume that extras acts as an alias of sorts.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes the extra name can be anything. See the old security extra for requests
test-requirements.txt
Outdated
@@ -10,3 +10,4 @@ testtools>=2.3.0 # MIT | |||
tomli>=1.1.0;python_version<"3.11" # MIT | |||
beautifulsoup4>=4.8.0 # MIT | |||
pylint==1.9.4 # GPLv2 | |||
GitPython # BSD License (3 clause) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know why we have tomli and GitPython here but not pyyaml. (I'm guessing PyYAML is transitively installed elsewhere.)
I would rather replace those with:
-e .[yaml,toml,baseline]
As that will install whatever the dependencies are for the extras in our metadata, not just what we remembered to add here.
35ab510
to
fe81ced
Compare
The only piece of code that requires GitPython is bandit-baseline. There tends to be an abundance of CVEs in the GitPython library due to its dependency on Git. By making GitPython optional via an extra, users who mostly use just the bandit command line and not bandit-baseline can benefit. However, this will require different install if a user wants to use bandit-baseline. This is now noted in the Getting Started doc, but you simply do: pip install bandit[GitPython] FYI, this option was suggested in PR PyCQA#976. PyCQA#976 Signed-off-by: Eric Brown <eric_wade_brown@yahoo.com>
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [SQLAlchemy](https://www.sqlalchemy.org) ([changelog](https://docs.sqlalchemy.org/en/latest/changelog/)) | `2.0.25` -> `2.0.27` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/SQLAlchemy/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/SQLAlchemy/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/SQLAlchemy/2.0.25/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/SQLAlchemy/2.0.25/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [bandit](https://bandit.readthedocs.io/) ([source](https://togithub.com/PyCQA/bandit), [changelog](https://togithub.com/PyCQA/bandit/releases)) | `1.7.6` -> `1.7.7` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/bandit/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/bandit/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/bandit/1.7.6/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/bandit/1.7.6/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [boto3](https://togithub.com/boto/boto3) | `1.34.23` -> `1.34.50` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/boto3/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/boto3/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/boto3/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/boto3/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [botocore](https://togithub.com/boto/botocore) | `1.34.23` -> `1.34.50` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/botocore/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/botocore/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/botocore/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/botocore/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [coverage](https://togithub.com/nedbat/coveragepy) | `7.4.0` -> `7.4.3` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/coverage/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/coverage/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/coverage/7.4.0/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/coverage/7.4.0/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [marshmallow](https://togithub.com/marshmallow-code/marshmallow) ([changelog](https://marshmallow.readthedocs.io/en/latest/changelog.html)) | `3.20.2` -> `3.21.0` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/marshmallow/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/marshmallow/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/marshmallow/3.20.2/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/marshmallow/3.20.2/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [moto](https://togithub.com/getmoto/moto) ([changelog](https://togithub.com/getmoto/moto/blob/master/CHANGELOG.md)) | `4.2.13` -> `4.2.14` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/moto/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/moto/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/moto/4.2.13/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/moto/4.2.13/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [psycopg](https://psycopg.org/psycopg3/) ([source](https://togithub.com/psycopg/psycopg), [changelog](https://psycopg.org/psycopg3/docs/news.html)) | `3.1.17` -> `3.1.18` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/psycopg/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/psycopg/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/psycopg/3.1.17/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/psycopg/3.1.17/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [pydantic](https://togithub.com/pydantic/pydantic) ([changelog](https://docs.pydantic.dev/latest/changelog/)) | `2.5.3` -> `2.6.2` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/pydantic/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pydantic/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pydantic/2.5.3/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pydantic/2.5.3/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [pydantic-settings](https://togithub.com/pydantic/pydantic-settings) ([changelog](https://togithub.com/pydantic/pydantic-settings/releases)) | `2.1.0` -> `2.2.1` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/pydantic-settings/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pydantic-settings/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pydantic-settings/2.1.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pydantic-settings/2.1.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [python-dotenv](https://togithub.com/theskumar/python-dotenv) | `1.0.0` -> `1.0.1` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/python-dotenv/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/python-dotenv/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/python-dotenv/1.0.0/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/python-dotenv/1.0.0/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>PyCQA/bandit (bandit)</summary> ### [`v1.7.7`](https://togithub.com/PyCQA/bandit/releases/tag/1.7.7) [Compare Source](https://togithub.com/PyCQA/bandit/compare/1.7.6...1.7.7) #### What's Changed - Add the new release to bandit versions of bug template by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1075](https://togithub.com/PyCQA/bandit/pull/1075) - Bump actions/setup-python from 4 to 5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1076](https://togithub.com/PyCQA/bandit/pull/1076) - Handle variant in how policy is passed in paramiko by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1078](https://togithub.com/PyCQA/bandit/pull/1078) - Flag str.replace as possible sql injection by [@​costaparas](https://togithub.com/costaparas) in [https://github.com/PyCQA/bandit/pull/1044](https://togithub.com/PyCQA/bandit/pull/1044) - defusedxml: Show correct module name by [@​kajinamit](https://togithub.com/kajinamit) in [https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081) - Add tidelift to the sponsor funding list by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1089](https://togithub.com/PyCQA/bandit/pull/1089) - Create a security policy by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1091](https://togithub.com/PyCQA/bandit/pull/1091) - Fix up issues found running Bandit on itself by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1093](https://togithub.com/PyCQA/bandit/pull/1093) - Add random.randbytes to blacklist calls by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1096](https://togithub.com/PyCQA/bandit/pull/1096) - Prepend ./ for files specified as CLI args by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1094](https://togithub.com/PyCQA/bandit/pull/1094) - Rework GitPython dependency to be an extra for bandit-baseline by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1099](https://togithub.com/PyCQA/bandit/pull/1099) - Bump actions/dependency-review-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1101](https://togithub.com/PyCQA/bandit/pull/1101) - Introduce Official Bandit Images by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1088](https://togithub.com/PyCQA/bandit/pull/1088) - Remove markdown formatting in reStructuredText formatted README by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1103](https://togithub.com/PyCQA/bandit/pull/1103) - Downsize the org:repo name by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1104](https://togithub.com/PyCQA/bandit/pull/1104) #### New Contributors - [@​kajinamit](https://togithub.com/kajinamit) made their first contribution in [https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7 </details> <details> <summary>boto/boto3 (boto3)</summary> ### [`v1.34.50`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13450) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.49...1.34.50) \======= - api-change:`apigateway`: \[`botocore`] Documentation updates for Amazon API Gateway. - api-change:`drs`: \[`botocore`] Added volume status to DescribeSourceServer replicated volumes. - api-change:`kafkaconnect`: \[`botocore`] Adds support for tagging, with new TagResource, UntagResource and ListTagsForResource APIs to manage tags and updates to existing APIs to allow tag on create. This release also adds support for the new DeleteWorkerConfiguration API. - api-change:`rds`: \[`botocore`] This release adds support for gp3 data volumes for Multi-AZ DB Clusters. ### [`v1.34.49`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13449) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.48...1.34.49) \======= - api-change:`appsync`: \[`botocore`] Documentation only updates for AppSync - api-change:`qldb`: \[`botocore`] Clarify possible values for KmsKeyArn and EncryptionDescription. - api-change:`rds`: \[`botocore`] Add pattern and length based validations for DBShardGroupIdentifier - api-change:`rum`: \[`botocore`] Doc-only update for new RUM metrics that were added ### [`v1.34.48`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13448) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.47...1.34.48) \======= - api-change:`internetmonitor`: \[`botocore`] This release adds IPv4 prefixes to health events - api-change:`kinesisvideo`: \[`botocore`] Increasing NextToken parameter length restriction for List APIs from 512 to 1024. ### [`v1.34.47`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13447) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.46...1.34.47) \======= - api-change:`iotevents`: \[`botocore`] Increase the maximum length of descriptions for Inputs, Detector Models, and Alarm Models - api-change:`lookoutequipment`: \[`botocore`] This release adds a field exposing model quality to read APIs for models. It also adds a model quality field to the API response when creating an inference scheduler. - api-change:`medialive`: \[`botocore`] MediaLive now supports the ability to restart pipelines in a running channel. - api-change:`ssm`: \[`botocore`] This release adds support for sharing Systems Manager parameters with other AWS accounts. ### [`v1.34.46`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13446) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.45...1.34.46) \======= - api-change:`dynamodb`: \[`botocore`] Publishing quick fix for doc only update. - api-change:`firehose`: \[`botocore`] This release updates a few Firehose related APIs. - api-change:`lambda`: \[`botocore`] Add .NET 8 (dotnet8) Runtime support to AWS Lambda. ### [`v1.34.45`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13445) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.44...1.34.45) \======= - api-change:`amplify`: \[`botocore`] This release contains API changes that enable users to configure their Amplify domains with their own custom SSL/TLS certificate. - api-change:`chatbot`: \[`botocore`] This release adds support for AWS Chatbot. You can now monitor, operate, and troubleshoot your AWS resources with interactive ChatOps using the AWS SDK. - api-change:`config`: \[`botocore`] Documentation updates for the AWS Config CLI - api-change:`ivs`: \[`botocore`] Changed description for latencyMode in Create/UpdateChannel and Channel/ChannelSummary. - api-change:`keyspaces`: \[`botocore`] Documentation updates for Amazon Keyspaces - api-change:`mediatailor`: \[`botocore`] MediaTailor: marking #AdBreak.OffsetMillis as required. ### [`v1.34.44`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13444) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.43...1.34.44) \======= - api-change:`connectparticipant`: \[`botocore`] Doc only update to GetTranscript API reference guide to inform users about presence of events in the chat transcript. - api-change:`emr`: \[`botocore`] adds fine grained control over Unhealthy Node Replacement to Amazon ElasticMapReduce - api-change:`firehose`: \[`botocore`] This release adds support for Data Message Extraction for decompressed CloudWatch logs, and to use a custom file extension or time zone for S3 destinations. - api-change:`lambda`: \[`botocore`] Documentation-only updates for Lambda to clarify a number of existing actions and properties. - api-change:`rds`: \[`botocore`] Doc only update for a valid option in DB parameter group - api-change:`sns`: \[`botocore`] This release marks phone numbers as sensitive inputs. ### [`v1.34.43`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13443) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.42...1.34.43) \======= - api-change:`artifact`: \[`botocore`] This is the initial SDK release for AWS Artifact. AWS Artifact provides on-demand access to compliance and third-party compliance reports. This release includes access to List and Get reports, along with their metadata. This release also includes access to AWS Artifact notifications settings. - api-change:`codepipeline`: \[`botocore`] Add ability to override timeout on action level. - api-change:`detective`: \[`botocore`] Doc only updates for content enhancement - api-change:`guardduty`: \[`botocore`] Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive. - api-change:`healthlake`: \[`botocore`] This release adds a new response parameter, JobProgressReport, to the DescribeFHIRImportJob and ListFHIRImportJobs API operation. JobProgressReport provides details on the progress of the import job on the server. - api-change:`opensearch`: \[`botocore`] Adds additional supported instance types. - api-change:`polly`: \[`botocore`] Amazon Polly adds 1 new voice - Burcu (tr-TR) - api-change:`sagemaker`: \[`botocore`] This release adds a new API UpdateClusterSoftware for SageMaker HyperPod. This API allows users to patch HyperPod clusters with latest platform softwares. - api-change:`secretsmanager`: \[`botocore`] Doc only update for Secrets Manager - api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules client to latest version ### [`v1.34.42`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13442) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.41...1.34.42) \======= - api-change:`controltower`: \[`botocore`] Adds support for new Baseline and EnabledBaseline APIs for automating multi-account governance. - api-change:`lookoutequipment`: \[`botocore`] This feature allows customers to see pointwise model diagnostics results for their models. - api-change:`qbusiness`: \[`botocore`] This release adds the metadata-boosting feature, which allows customers to easily fine-tune the underlying ranking of retrieved RAG passages in order to optimize Q\&A answer relevance. It also adds new feedback reasons for the PutFeedback API. ### [`v1.34.41`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13441) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.40...1.34.41) \======= - bugfix:ContainerProvider: \[`botocore`] Properly refreshes token from file from EKS in ContainerProvider - api-change:`lightsail`: \[`botocore`] This release adds support to upgrade the major version of a database. - api-change:`marketplace-catalog`: \[`botocore`] AWS Marketplace Catalog API now supports setting intent on requests - api-change:`resource-explorer-2`: \[`botocore`] Resource Explorer now uses newly supported IPv4 'amazonaws.com' endpoints by default. - api-change:`securitylake`: \[`botocore`] Documentation updates for Security Lake - api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules client to latest version ### [`v1.34.40`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13440) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.39...1.34.40) \======= - api-change:`appsync`: \[`botocore`] Adds support for new options on GraphqlAPIs, Resolvers and Data Sources for emitting Amazon CloudWatch metrics for enhanced monitoring of AppSync APIs. - api-change:`cloudwatch`: \[`botocore`] Update cloudwatch client to latest version - api-change:`neptune-graph`: \[`botocore`] Adding a new option "parameters" for data plane api ExecuteQuery to support running parameterized query via SDK. - api-change:`route53domains`: \[`botocore`] This release adds bill contact support for RegisterDomain, TransferDomain, UpdateDomainContact and GetDomainDetail API. ### [`v1.34.39`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13439) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.38...1.34.39) \======= - api-change:`amp`: \[`botocore`] Overall documentation updates. - api-change:`batch`: \[`botocore`] This feature allows Batch to support configuration of repository credentials for jobs running on ECS - api-change:`braket`: \[`botocore`] Creating a job will result in DeviceOfflineException when using an offline device, and DeviceRetiredException when using a retired device. - api-change:`cost-optimization-hub`: \[`botocore`] Adding includeMemberAccounts field to the response of ListEnrollmentStatuses API. - api-change:`ecs`: \[`botocore`] Documentation only update for Amazon ECS. - api-change:`iot`: \[`botocore`] This release allows AWS IoT Core users to enable Online Certificate Status Protocol (OCSP) Stapling for TLS X.509 Server Certificates when creating and updating AWS IoT Domain Configurations with Custom Domain. - api-change:`pricing`: \[`botocore`] Add Throttling Exception to all APIs. ### [`v1.34.38`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13438) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.37...1.34.38) \======= - api-change:`codepipeline`: \[`botocore`] Add ability to execute pipelines with new parallel & queued execution modes and add support for triggers with filtering on branches and file paths. - api-change:`quicksight`: \[`botocore`] General Interactions for Visuals; Waterfall Chart Color Configuration; Documentation Update - api-change:`workspaces`: \[`botocore`] This release introduces User-Decoupling feature. This feature allows Workspaces Core customers to provision workspaces without providing users. CreateWorkspaces and DescribeWorkspaces APIs will now take a new optional parameter "WorkspaceName". ### [`v1.34.37`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13437) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.36...1.34.37) \======= - api-change:`datasync`: \[`botocore`] AWS DataSync now supports manifests for specifying files or objects to transfer. - api-change:`lexv2-models`: \[`botocore`] Update lexv2-models client to latest version - api-change:`redshift`: \[`botocore`] LisRecommendations API to fetch Amazon Redshift Advisor recommendations. ### [`v1.34.36`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13436) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.35...1.34.36) \======= - api-change:`appsync`: \[`botocore`] Support for environment variables in AppSync GraphQL APIs - api-change:`ecs`: \[`botocore`] This release is a documentation only update to address customer issues. - api-change:`es`: \[`botocore`] This release adds clear visibility to the customers on the changes that they make on the domain. - api-change:`logs`: \[`botocore`] This release adds a new field, logGroupArn, to the response of the logs:DescribeLogGroups action. - api-change:`opensearch`: \[`botocore`] This release adds clear visibility to the customers on the changes that they make on the domain. - api-change:`wafv2`: \[`botocore`] You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API. ### [`v1.34.35`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13435) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.34...1.34.35) \======= - api-change:`glue`: \[`botocore`] Introduce Catalog Encryption Role within Glue Data Catalog Settings. Introduce SASL/PLAIN as an authentication method for Glue Kafka connections - api-change:`workspaces`: \[`botocore`] Added definitions of various WorkSpace states ### [`v1.34.34`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13434) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.33...1.34.34) \======= - api-change:`dynamodb`: \[`botocore`] Any number of users can execute up to 50 concurrent restores (any type of restore) in a given account. - api-change:`sagemaker`: \[`botocore`] Amazon SageMaker Canvas adds GenerativeAiSettings support for CanvasAppSettings. - api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules client to latest version ### [`v1.34.33`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13433) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.32...1.34.33) \======= - api-change:`cognito-idp`: \[`botocore`] Added CreateIdentityProvider and UpdateIdentityProvider details for new SAML IdP features - api-change:`ivs`: \[`botocore`] This release introduces a new resource Playback Restriction Policy which can be used to geo-restrict or domain-restrict channel stream playback when associated with a channel. New APIs to support this resource were introduced in the form of Create/Delete/Get/Update/List. - api-change:`managedblockchain-query`: \[`botocore`] This release adds support for transactions that have not reached finality. It also removes support for the status property from the response of the GetTransaction operation. You can use the confirmationStatus and executionStatus properties to determine the status of the transaction. - api-change:`mediaconvert`: \[`botocore`] This release includes support for broadcast-mixed audio description tracks. - api-change:`neptune-graph`: \[`botocore`] Adding new APIs in SDK for Amazon Neptune Analytics. These APIs include operations to execute, cancel, list queries and get the graph summary. ### [`v1.34.32`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13432) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.31...1.34.32) \======= - api-change:`cloudformation`: \[`botocore`] CloudFormation IaC generator allows you to scan existing resources in your account and select resources to generate a template for a new or existing CloudFormation stack. - api-change:`elbv2`: \[`botocore`] Update elbv2 client to latest version - api-change:`glue`: \[`botocore`] Update page size limits for GetJobRuns and GetTriggers APIs. - api-change:`ssm`: \[`botocore`] This release adds an optional Duration parameter to StateManager Associations. This allows customers to specify how long an apply-only-on-cron association execution should run. Once the specified Duration is out all the ongoing cancellable commands or automations are cancelled. ### [`v1.34.31`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13431) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.30...1.34.31) \======= - api-change:`datazone`: \[`botocore`] Add new skipDeletionCheck to DeleteDomain. Add new skipDeletionCheck to DeleteProject which also automatically deletes dependent objects - api-change:`route53`: \[`botocore`] Update the SDKs for text changes in the APIs. ### [`v1.34.30`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13430) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.29...1.34.30) \======= - api-change:`autoscaling`: \[`botocore`] EC2 Auto Scaling customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. - api-change:`comprehend`: \[`botocore`] Comprehend PII analysis now supports Spanish input documents. - api-change:`ec2`: \[`botocore`] EC2 Fleet customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. - api-change:`mwaa`: \[`botocore`] This release adds MAINTENANCE environment status for Amazon MWAA environments. - api-change:`rds`: \[`botocore`] Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods. This provides enhanced error handling, ensuring a more robust experience. - api-change:`snowball`: \[`botocore`] Modified description of createaddress to include direction to add path when providing a JSON file. ### [`v1.34.29`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13429) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.28...1.34.29) \======= - api-change:`connect`: \[`botocore`] Update list and string length limits for predefined attributes. - api-change:`inspector2`: \[`botocore`] This release adds ECR container image scanning based on their lastRecordedPullTime. - api-change:`sagemaker`: \[`botocore`] Amazon SageMaker Automatic Model Tuning now provides an API to programmatically delete tuning jobs. ### [`v1.34.28`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13428) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.27...1.34.28) \======= - api-change:`acm-pca`: \[`botocore`] AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled. - api-change:`lightsail`: \[`botocore`] This release adds support for IPv6-only instance plans. ### [`v1.34.27`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13427) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.26...1.34.27) \======= - api-change:`ec2`: \[`botocore`] Introduced a new clientToken request parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter allows idempotent operations on the APIs. - api-change:`ecs`: \[`botocore`] Documentation updates for Amazon ECS. - api-change:`outposts`: \[`botocore`] DeviceSerialNumber parameter is now optional in StartConnection API - api-change:`rds`: \[`botocore`] This release adds support for Aurora Limitless Database. - api-change:`storagegateway`: \[`botocore`] Add DeprecationDate and SoftwareVersion to response of ListGateways. ### [`v1.34.26`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13426) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.25...1.34.26) \======= - api-change:`inspector2`: \[`botocore`] This release adds support for CIS scans on EC2 instances. ### [`v1.34.25`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13425) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.24...1.34.25) \======= - enhancement:documentation: \[`botocore`] Updates the GitHub issue creation link in our README ### [`v1.34.24`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13424) [Compare Source](https://togithub.com/boto/boto3/compare/1.34.23...1.34.24) \======= - api-change:`appconfigdata`: \[`botocore`] Fix FIPS Endpoints in aws-us-gov. - api-change:`cloud9`: \[`botocore`] Doc-only update around removing AL1 from list of available AMIs for Cloud9 - api-change:`cloudfront-keyvaluestore`: \[`botocore`] This release improves upon the DescribeKeyValueStore API by returning two additional fields, Status of the KeyValueStore and the FailureReason in case of failures during creation of KeyValueStore. - api-change:`connectcases`: \[`botocore`] This release adds the ability to view audit history on a case and introduces a new parameter, performedBy, for CreateCase and UpdateCase API's. - api-change:`ec2`: \[`botocore`] Documentation updates for Amazon EC2. - api-change:`ecs`: \[`botocore`] This release adds support for Transport Layer Security (TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates privacy and data security for inter-service communications, while Configurable Timeout allows customized per-request timeout and idle timeout for Service Connect services. - api-change:`finspace`: \[`botocore`] Allow customer to set zip default through command line arguments. - api-change:`organizations`: \[`botocore`] Doc only update for quota increase change - api-change:`rds`: \[`botocore`] Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API method. This provides enhanced error handling, ensuring a more robust experience when creating database clusters with insufficient instance capacity. - api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules client to latest version </details> <details> <summary>boto/botocore (botocore)</summary> ### [`v1.34.50`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13450) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.49...1.34.50) \======= - api-change:`apigateway`: Documentation updates for Amazon API Gateway. - api-change:`drs`: Added volume status to DescribeSourceServer replicated volumes. - api-change:`kafkaconnect`: Adds support for tagging, with new TagResource, UntagResource and ListTagsForResource APIs to manage tags and updates to existing APIs to allow tag on create. This release also adds support for the new DeleteWorkerConfiguration API. - api-change:`rds`: This release adds support for gp3 data volumes for Multi-AZ DB Clusters. ### [`v1.34.49`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13449) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.48...1.34.49) \======= - api-change:`appsync`: Documentation only updates for AppSync - api-change:`qldb`: Clarify possible values for KmsKeyArn and EncryptionDescription. - api-change:`rds`: Add pattern and length based validations for DBShardGroupIdentifier - api-change:`rum`: Doc-only update for new RUM metrics that were added ### [`v1.34.48`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13448) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.47...1.34.48) \======= - api-change:`internetmonitor`: This release adds IPv4 prefixes to health events - api-change:`kinesisvideo`: Increasing NextToken parameter length restriction for List APIs from 512 to 1024. ### [`v1.34.47`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13447) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.46...1.34.47) \======= - api-change:`iotevents`: Increase the maximum length of descriptions for Inputs, Detector Models, and Alarm Models - api-change:`lookoutequipment`: This release adds a field exposing model quality to read APIs for models. It also adds a model quality field to the API response when creating an inference scheduler. - api-change:`medialive`: MediaLive now supports the ability to restart pipelines in a running channel. - api-change:`ssm`: This release adds support for sharing Systems Manager parameters with other AWS accounts. ### [`v1.34.46`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13446) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.45...1.34.46) \======= - api-change:`dynamodb`: Publishing quick fix for doc only update. - api-change:`firehose`: This release updates a few Firehose related APIs. - api-change:`lambda`: Add .NET 8 (dotnet8) Runtime support to AWS Lambda. ### [`v1.34.45`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13445) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.44...1.34.45) \======= - api-change:`amplify`: This release contains API changes that enable users to configure their Amplify domains with their own custom SSL/TLS certificate. - api-change:`chatbot`: This release adds support for AWS Chatbot. You can now monitor, operate, and troubleshoot your AWS resources with interactive ChatOps using the AWS SDK. - api-change:`config`: Documentation updates for the AWS Config CLI - api-change:`ivs`: Changed description for latencyMode in Create/UpdateChannel and Channel/ChannelSummary. - api-change:`keyspaces`: Documentation updates for Amazon Keyspaces - api-change:`mediatailor`: MediaTailor: marking #AdBreak.OffsetMillis as required. ### [`v1.34.44`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13444) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.43...1.34.44) \======= - api-change:`connectparticipant`: Doc only update to GetTranscript API reference guide to inform users about presence of events in the chat transcript. - api-change:`emr`: adds fine grained control over Unhealthy Node Replacement to Amazon ElasticMapReduce - api-change:`firehose`: This release adds support for Data Message Extraction for decompressed CloudWatch logs, and to use a custom file extension or time zone for S3 destinations. - api-change:`lambda`: Documentation-only updates for Lambda to clarify a number of existing actions and properties. - api-change:`rds`: Doc only update for a valid option in DB parameter group - api-change:`sns`: This release marks phone numbers as sensitive inputs. ### [`v1.34.43`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13443) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.42...1.34.43) \======= - api-change:`artifact`: This is the initial SDK release for AWS Artifact. AWS Artifact provides on-demand access to compliance and third-party compliance reports. This release includes access to List and Get reports, along with their metadata. This release also includes access to AWS Artifact notifications settings. - api-change:`codepipeline`: Add ability to override timeout on action level. - api-change:`detective`: Doc only updates for content enhancement - api-change:`guardduty`: Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive. - api-change:`healthlake`: This release adds a new response parameter, JobProgressReport, to the DescribeFHIRImportJob and ListFHIRImportJobs API operation. JobProgressReport provides details on the progress of the import job on the server. - api-change:`opensearch`: Adds additional supported instance types. - api-change:`polly`: Amazon Polly adds 1 new voice - Burcu (tr-TR) - api-change:`sagemaker`: This release adds a new API UpdateClusterSoftware for SageMaker HyperPod. This API allows users to patch HyperPod clusters with latest platform softwares. - api-change:`secretsmanager`: Doc only update for Secrets Manager - api-change:`endpoint-rules`: Update endpoint-rules client to latest version ### [`v1.34.42`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13442) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.41...1.34.42) \======= - api-change:`controltower`: Adds support for new Baseline and EnabledBaseline APIs for automating multi-account governance. - api-change:`lookoutequipment`: This feature allows customers to see pointwise model diagnostics results for their models. - api-change:`qbusiness`: This release adds the metadata-boosting feature, which allows customers to easily fine-tune the underlying ranking of retrieved RAG passages in order to optimize Q\&A answer relevance. It also adds new feedback reasons for the PutFeedback API. ### [`v1.34.41`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13441) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.40...1.34.41) \======= - bugfix:ContainerProvider: Properly refreshes token from file from EKS in ContainerProvider - api-change:`lightsail`: This release adds support to upgrade the major version of a database. - api-change:`marketplace-catalog`: AWS Marketplace Catalog API now supports setting intent on requests - api-change:`resource-explorer-2`: Resource Explorer now uses newly supported IPv4 'amazonaws.com' endpoints by default. - api-change:`securitylake`: Documentation updates for Security Lake - api-change:`endpoint-rules`: Update endpoint-rules client to latest version ### [`v1.34.40`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13440) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.39...1.34.40) \======= - api-change:`appsync`: Adds support for new options on GraphqlAPIs, Resolvers and Data Sources for emitting Amazon CloudWatch metrics for enhanced monitoring of AppSync APIs. - api-change:`cloudwatch`: Update cloudwatch client to latest version - api-change:`neptune-graph`: Adding a new option "parameters" for data plane api ExecuteQuery to support running parameterized query via SDK. - api-change:`route53domains`: This release adds bill contact support for RegisterDomain, TransferDomain, UpdateDomainContact and GetDomainDetail API. ### [`v1.34.39`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13439) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.38...1.34.39) \======= - api-change:`amp`: Overall documentation updates. - api-change:`batch`: This feature allows Batch to support configuration of repository credentials for jobs running on ECS - api-change:`braket`: Creating a job will result in DeviceOfflineException when using an offline device, and DeviceRetiredException when using a retired device. - api-change:`cost-optimization-hub`: Adding includeMemberAccounts field to the response of ListEnrollmentStatuses API. - api-change:`ecs`: Documentation only update for Amazon ECS. - api-change:`iot`: This release allows AWS IoT Core users to enable Online Certificate Status Protocol (OCSP) Stapling for TLS X.509 Server Certificates when creating and updating AWS IoT Domain Configurations with Custom Domain. - api-change:`pricing`: Add Throttling Exception to all APIs. ### [`v1.34.38`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13438) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.37...1.34.38) \======= - api-change:`codepipeline`: Add ability to execute pipelines with new parallel & queued execution modes and add support for triggers with filtering on branches and file paths. - api-change:`quicksight`: General Interactions for Visuals; Waterfall Chart Color Configuration; Documentation Update - api-change:`workspaces`: This release introduces User-Decoupling feature. This feature allows Workspaces Core customers to provision workspaces without providing users. CreateWorkspaces and DescribeWorkspaces APIs will now take a new optional parameter "WorkspaceName". ### [`v1.34.37`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13437) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.36...1.34.37) \======= - api-change:`datasync`: AWS DataSync now supports manifests for specifying files or objects to transfer. - api-change:`lexv2-models`: Update lexv2-models client to latest version - api-change:`redshift`: LisRecommendations API to fetch Amazon Redshift Advisor recommendations. ### [`v1.34.36`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13436) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.35...1.34.36) \======= - api-change:`appsync`: Support for environment variables in AppSync GraphQL APIs - api-change:`ecs`: This release is a documentation only update to address customer issues. - api-change:`es`: This release adds clear visibility to the customers on the changes that they make on the domain. - api-change:`logs`: This release adds a new field, logGroupArn, to the response of the logs:DescribeLogGroups action. - api-change:`opensearch`: This release adds clear visibility to the customers on the changes that they make on the domain. - api-change:`wafv2`: You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API. ### [`v1.34.35`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13435) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.34...1.34.35) \======= - api-change:`glue`: Introduce Catalog Encryption Role within Glue Data Catalog Settings. Introduce SASL/PLAIN as an authentication method for Glue Kafka connections - api-change:`workspaces`: Added definitions of various WorkSpace states ### [`v1.34.34`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13434) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.33...1.34.34) \======= - api-change:`dynamodb`: Any number of users can execute up to 50 concurrent restores (any type of restore) in a given account. - api-change:`sagemaker`: Amazon SageMaker Canvas adds GenerativeAiSettings support for CanvasAppSettings. - api-change:`endpoint-rules`: Update endpoint-rules client to latest version ### [`v1.34.33`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13433) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.32...1.34.33) \======= - api-change:`cognito-idp`: Added CreateIdentityProvider and UpdateIdentityProvider details for new SAML IdP features - api-change:`ivs`: This release introduces a new resource Playback Restriction Policy which can be used to geo-restrict or domain-restrict channel stream playback when associated with a channel. New APIs to support this resource were introduced in the form of Create/Delete/Get/Update/List. - api-change:`managedblockchain-query`: This release adds support for transactions that have not reached finality. It also removes support for the status property from the response of the GetTransaction operation. You can use the confirmationStatus and executionStatus properties to determine the status of the transaction. - api-change:`mediaconvert`: This release includes support for broadcast-mixed audio description tracks. - api-change:`neptune-graph`: Adding new APIs in SDK for Amazon Neptune Analytics. These APIs include operations to execute, cancel, list queries and get the graph summary. ### [`v1.34.32`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13432) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.31...1.34.32) \======= - api-change:`cloudformation`: CloudFormation IaC generator allows you to scan existing resources in your account and select resources to generate a template for a new or existing CloudFormation stack. - api-change:`elbv2`: Update elbv2 client to latest version - api-change:`glue`: Update page size limits for GetJobRuns and GetTriggers APIs. - api-change:`ssm`: This release adds an optional Duration parameter to StateManager Associations. This allows customers to specify how long an apply-only-on-cron association execution should run. Once the specified Duration is out all the ongoing cancellable commands or automations are cancelled. ### [`v1.34.31`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13431) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.30...1.34.31) \======= - api-change:`datazone`: Add new skipDeletionCheck to DeleteDomain. Add new skipDeletionCheck to DeleteProject which also automatically deletes dependent objects - api-change:`route53`: Update the SDKs for text changes in the APIs. ### [`v1.34.30`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13430) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.29...1.34.30) \======= - api-change:`autoscaling`: EC2 Auto Scaling customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. - api-change:`comprehend`: Comprehend PII analysis now supports Spanish input documents. - api-change:`ec2`: EC2 Fleet customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. - api-change:`mwaa`: This release adds MAINTENANCE environment status for Amazon MWAA environments. - api-change:`rds`: Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods. This provides enhanced error handling, ensuring a more robust experience. - api-change:`snowball`: Modified description of createaddress to include direction to add path when providing a JSON file. ### [`v1.34.29`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13429) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.28...1.34.29) \======= - api-change:`connect`: Update list and string length limits for predefined attributes. - api-change:`inspector2`: This release adds ECR container image scanning based on their lastRecordedPullTime. - api-change:`sagemaker`: Amazon SageMaker Automatic Model Tuning now provides an API to programmatically delete tuning jobs. ### [`v1.34.28`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13428) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.27...1.34.28) \======= - api-change:`acm-pca`: AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled. - api-change:`lightsail`: This release adds support for IPv6-only instance plans. ### [`v1.34.27`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13427) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.26...1.34.27) \======= - api-change:`ec2`: Introduced a new clientToken request parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter allows idempotent operations on the APIs. - api-change:`ecs`: Documentation updates for Amazon ECS. - api-change:`outposts`: DeviceSerialNumber parameter is now optional in StartConnection API - api-change:`rds`: This release adds support for Aurora Limitless Database. - api-change:`storagegateway`: Add DeprecationDate and SoftwareVersion to response of ListGateways. ### [`v1.34.26`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13426) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.25...1.34.26) \======= - api-change:`inspector2`: This release adds support for CIS scans on EC2 instances. ### [`v1.34.25`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13425) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.24...1.34.25) \======= - enhancement:documentation: Updates the GitHub issue creation link in our README ### [`v1.34.24`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13424) [Compare Source](https://togithub.com/boto/botocore/compare/1.34.23...1.34.24) \======= - api-change:`appconfigdata`: Fix FIPS Endpoints in aws-us-gov. - api-change:`cloud9`: Doc-only update around removing AL1 from list of available AMIs for Cloud9 - api-change:`cloudfront-keyvaluestore`: This release improves upon the DescribeKeyValueStore API by returning two additional fields, Status of the KeyValueStore and the FailureReason in case of failures during creation of KeyValueStore. - api-change:`connectcases`: This release adds the ability to view audit history on a case and introduces a new parameter, performedBy, for CreateCase and UpdateCase API's. - api-change:`ec2`: Documentation updates for Amazon EC2. - api-change:`ecs`: This release adds support for Transport Layer Security (TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates privacy and data security for inter-service communications, while Configurable Timeout allows customized per-request timeout and idle timeout for Service Connect services. - api-change:`finspace`: Allow customer to set zip default through command line arguments. - api-change:`organizations`: Doc only update for quota increase change - api-change:`rds`: Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API method. This provides enhanced error handling, ensuring a more robust experience when creating database clusters with insufficient instance capacity. - api-change:`endpoint-rules`: Update endpoint-rules client to latest version </details> <details> <summary>nedbat/coveragepy (coverage)</summary> ### [`v7.4.3`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-743--2024-02-23) [Compare Source](https://togithub.com/nedbat/coveragepy/compare/7.4.2...7.4.3) - Fix: in some cases, coverage could fail with a RuntimeError: "Set changed size during iteration." This is now fixed, closing `issue 1733`\_. .. \_issue 1733:[https://github.com/nedbat/coveragepy/issues/1733](https://togithub.com/nedbat/coveragepy/issues/1733)3 .. \_changes\_7-4-2: ### [`v7.4.2`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-742--2024-02-20) [Compare Source](https://togithub.com/nedbat/coveragepy/compare/7.4.1...7.4.2) - Fix: setting `COVERAGE_CORE=sysmon` no longer errors on 3.11 and lower, thanks `Hugo van Kemenade <pull 1747_>`\_. It now issues a warning that sys.monitoring is not available and falls back to the default core instead. .. \_pull 1747:[https://github.com/nedbat/coveragepy/pull/1747](https://togithub.com/nedbat/coveragepy/pull/1747)7 .. \_changes\_7-4-1: ### [`v7.4.1`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-741--2024-01-26) [Compare Source](https://togithub.com/nedbat/coveragepy/compare/7.4.0...7.4.1) - Python 3.13.0a3 is supported. - Fix: the JSON report now includes an explicit format version number, closing `issue 1732`\_. .. \_issue 1732:[https://github.com/nedbat/coveragepy/issues/1732](https://togithub.com/nedbat/coveragepy/issues/1732)2 .. \_changes\_7-4-0: </details> <details> <summary>marshmallow-code/marshmallow (marshmallow)</summary> ### [`v3.21.0`](https://togithub.com/marshmallow-code/marshmallow/compare/3.20.2...3.21.0) [Compare Source](https://togithub.com/marshmallow-code/marshmallow/compare/3.20.2...3.21.0) </details> <details> <summary>getmoto/moto (moto)</summary> ### [`v4.2.14`](https://togithub.com/getmoto/moto/blob/HEAD/CHANGELOG.md#4214) [Compare Source](https://togithub.com/getmoto/moto/compare/4.2.13...4.2.14) Docker Digest for 4.2.14: *sha256:2fa10aa48e32f85c63c62a7d437b8a4b320a56a8494bc25d45ced370bc159c23* New Services: * Backup: * create_backup_plan() * create_backup_vault() * get_backup_plan() * describe_backup_vault() * delete_backup_plan() * list_backup_plans() * list_backup_vaults() * list_tags() * tag_resource() * untag_resource() New Methods: * RDS: * describe_db_cluster_snapshot_attributes() * describe_db_snapshot_attributes() * modify_db_cluster_snapshot_attribute() * modify_db_snapshot_attribute() * restore_db_instance_to_point_in_time() * SageMaker: * create_feature_group() * SageMakerRuntime: * invoke_endpoint_async() Miscellaneous: * Cognito: The ID-token now contains custom attributes * DynamoDB: query() now returns the correct ScannedCount * EC2: Security Group Rules now have tag support * LakeFormation: grant_permissions() now has better support for known principal-resource pairs * SNS: set_subscription_attributes() can now unset the FilterPolicy </details> <details> <summary>psycopg/psycopg (psycopg)</summary> ### [`v3.1.18`](https://togithub.com/psycopg/psycopg/compare/3.1.17...3.1.18) [Compare Source](https://togithub.com/psycopg/psycopg/compare/3.1.17...3.1.18) </details> <details> <summary>pydantic/pydantic (pydantic)</summary> ### [`v2.6.2`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v262-2024-02-23) [Compare Source](https://togithub.com/pydantic/pydantic/compare/v2.6.1...v2.6.2) [GitHub release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.2) ##### What's Changed ##### Packaging - Upgrade to `pydantic-core` 2.16.3 by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8879](https://togithub.com/pydantic/pydantic/pull/8879) ##### Fixes - 'YYYY-MM-DD' date string coerced to datetime shouldn't infer timezone by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [pydantic/pydantic-core#1193](https://togithub.com/pydantic/pydantic-core/pull/1193) ### [`v2.6.1`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v261-2024-02-05) [Compare Source](https://togithub.com/pydantic/pydantic/compare/v2.6.0...v2.6.1) [GitHub release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.1) ##### What's Changed ##### Packaging - Upgrade to `pydantic-core` 2.16.2 by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8717](https://togithub.com/pydantic/pydantic/pull/8717) ##### Fixes - Fix bug with `mypy` plugin and `no_strict_optional = True` by [@​dmontagu](https://togithub.com/dmontagu) in [#​8666](https://togithub.com/pydantic/pydantic/pull/8666) - Fix `ByteSize` error `type` change by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8681](https://togithub.com/pydantic/pydantic/pull/8681) - Fix inheriting `Field` annotations in dataclasses by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8679](https://togithub.com/pydantic/pydantic/pull/8679) - Fix regression in core schema generation for indirect definition references by [@​dmontagu](https://togithub.com/dmontagu) in [#​8702](https://togithub.com/pydantic/pydantic/pull/8702) - Fix unsupported types bug with `PlainValidator` by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8710](https://togithub.com/pydantic/pydantic/pull/8710) - Reverting problematic fix from 2.6 release, fixing schema building bug by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [#​8718](https://togithub.com/pydantic/pydantic/pull/8718) - Fix warning for tuple of wrong size in `Union` by [@​davidhewitt](https://togithub.com/davidhewitt) in [pydantic/pydantic-core#1174](https://togithub.com/pydantic/pydantic-core/pull/1174) - Fix `computed_field` JSON serializer `exclude_none` behavior by [@​sydney-runkle](https://togithub.com/sydney-runkle) in [pydantic/pydantic-core#1187](https://togithub.com/pydantic/pydantic-core/pull/1187) ### [`v2.6.0`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v260-2024-01-23) [Compare Source](https://togithub.com/pydantic/pydantic/compare/v2.5.3...v2.6.0) [GitHub release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.0) The code released in v2.6.0 is practically identical to that of v2.6.0b1. ##### What's Changed ##### Packaging - Check for `email-validator` version >= 2.0 by [@​commonism](https://togithub.com/commonism) in [#​6033](https://togithub.com/pydantic/pydantic/pull/6033) - Upgrade \`ruff\`\` target version to Python 3.8 by [@​Elkiwa](https://togithub.com/Elkiwa) in [#​8341](https://togithub.com/pydantic/pydantic/pull/8341) - Update to `pydantic-extra-types==2. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on the 2nd and 4th day instance on sunday after 9pm" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/HHS/simpler-grants-gov). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
The only piece of code that requires GitPython is bandit-baseline. There tends to be an abundance of CVEs in the GitPython library due to its dependency on Git. By making GitPython optional via an extra, users who mostly use just the bandit command line and not bandit-baseline can benefit.
However, this will require different install if a user wants to use bandit-baseline. This is now noted in the Getting Started doc, but you simply do:
pip install bandit[GitPython]
FYI, this option was suggested in PR #976.