⬆️(dependencies) update python dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
boto3	==1.26.137 -> ==1.26.146
cryptography (changelog)	==40.0.2 -> ==41.0.1
ipython (source)	==8.13.2 -> ==8.14.0
playwright (changelog)	==1.33.0 -> ==1.34.0
pytest-cov (changelog)	==4.0.0 -> ==4.1.0
requests (source, changelog)	==2.30.0 -> ==2.31.0
sentry-sdk (changelog)	==1.23.1 -> ==1.25.0

---

Release Notes

boto/boto3

v1.26.146

Compare Source

========

• api-change:athena: [botocore] This release introduces the DeleteCapacityReservation API and the ability to manage capacity reservations using CloudFormation
• api-change:cloudtrail: [botocore] This feature allows users to start and stop event ingestion on a CloudTrail Lake event data store.
• api-change:sagemaker: [botocore] This release adds Selective Execution feature that allows SageMaker Pipelines users to run selected steps in a pipeline.
• api-change:wafv2: [botocore] Added APIs to describe managed products. The APIs retrieve information about rule groups that are managed by AWS and by AWS Marketplace sellers.

v1.26.145

Compare Source

========

• api-change:alexaforbusiness: [botocore] Alexa for Business has been deprecated and is no longer supported.
• api-change:appflow: [botocore] Added ability to select DataTransferApiType for DescribeConnector and CreateFlow requests when using Async supported connectors. Added supportedDataTransferType to DescribeConnector/DescribeConnectors/ListConnector response.
• api-change:customer-profiles: [botocore] This release introduces calculated attribute related APIs.
• api-change:ivs: [botocore] API Update for IVS Advanced Channel type
• api-change:sagemaker: [botocore] Amazon Sagemaker Autopilot adds support for Parquet file input to NLP text classification jobs.
• api-change:wafv2: [botocore] Corrected the information for the header order FieldToMatch setting

v1.26.144

Compare Source

========

• api-change:config: [botocore] Resource Types Exclusion feature launch by AWS Config
• api-change:frauddetector: [botocore] This release enables publishing event predictions from Amazon Fraud Detector (AFD) to Amazon EventBridge. For example, after getting predictions from AFD, Amazon EventBridge rules can be configured to trigger notification through an SNS topic, send a message with SES, or trigger Lambda workflows.
• api-change:healthlake: [botocore] This release adds a new request parameter to the CreateFHIRDatastore API operation. IdentityProviderConfiguration specifies how you want to authenticate incoming requests to your Healthlake Data Store.
• api-change:m2: [botocore] Adds an optional create-only 'roleArn' property to Application resources. Enables PS and PO data set org types.
• api-change:rds: [botocore] This release adds support for changing the engine for Oracle using the ModifyDbInstance API
• api-change:servicecatalog: [botocore] Documentation updates for ServiceCatalog.
• api-change:workspaces-web: [botocore] WorkSpaces Web now allows you to control which IP addresses your WorkSpaces Web portal may be accessed from.

v1.26.143

Compare Source

========

• api-change:chime-sdk-voice: [botocore] Added optional CallLeg field to StartSpeakerSearchTask API request
• api-change:glue: [botocore] Added Runtime parameter to allow selection of Ray Runtime
• api-change:groundstation: [botocore] Updating description of GetMinuteUsage to be clearer.
• api-change:iotfleetwise: [botocore] Campaigns now support selecting Timestream or S3 as the data destination, Signal catalogs now support "Deprecation" keyword released in VSS v2.1 and "Comment" keyword released in VSS v3.0
• api-change:location: [botocore] This release adds API support for political views for the maps service APIs: CreateMap, UpdateMap, DescribeMap.
• api-change:memorydb: [botocore] Amazon MemoryDB for Redis now supports AWS Identity and Access Management authentication access to Redis clusters starting with redis-engine version 7.0
• api-change:personalize: [botocore] This release provides support for the exclusion of certain columns for training when creating a solution and creating or updating a recommender with Amazon Personalize.
• api-change:polly: [botocore] Amazon Polly adds 2 new voices - Sofie (da-DK) and Niamh (en-IE)
• api-change:securityhub: [botocore] Added new resource detail objects to ASFF, including resources for AwsGuardDutyDetector, AwsAmazonMqBroker, AwsEventSchemasRegistry, AwsAppSyncGraphQlApi and AwsStepFunctionStateMachine.
• api-change:wafv2: [botocore] This SDK release provides customers the ability to use Header Order as a field to match.

v1.26.142

Compare Source

========

• bugfix:Polly: [botocore] Remove Content-Type header from synthesize_speech URL presigning.
• api-change:connect: [botocore] Documentation update for a new Initiation Method value in DescribeContact API
• api-change:iotwireless: [botocore] Add Multicast Group support in Network Analyzer Configuration.
• api-change:sagemaker: [botocore] Added ml.p4d and ml.inf1 as supported instance type families for SageMaker Notebook Instances.

v1.26.141

Compare Source

========

• api-change:application-autoscaling: [botocore] With this release, ElastiCache customers will be able to use predefined metricType "ElastiCacheDatabaseCapacityUsageCountedForEvictPercentage" for their ElastiCache instances.
• api-change:codepipeline: [botocore] Add PollingDisabledAt time information in PipelineMetadata object of GetPipeline API.
• api-change:gamelift: [botocore] GameLift FleetIQ users can now filter game server claim requests to exclude servers on instances that are draining.
• api-change:glue: [botocore] Added ability to create data quality rulesets for shared, cross-account Glue Data Catalog tables. Added support for dataset comparison rules through a new parameter called AdditionalDataSources. Enhanced the data quality results with a map containing profiled metric values.
• api-change:migration-hub-refactor-spaces: [botocore] This SDK update allows for path parameter syntax to be passed to the CreateRoute API. Path parameter syntax require parameters to be enclosed in {} characters. This update also includes a new AppendSourcePath field which lets users forward the source path to the Service URL endpoint.
• api-change:sagemaker: [botocore] Amazon SageMaker Automatic Model Tuning now supports enabling Autotune for tuning jobs which can choose tuning job configurations.

v1.26.140

Compare Source

========

• api-change:appsync: [botocore] This release introduces AppSync Merged APIs, which provide the ability to compose multiple source APIs into a single federated/merged API.
• api-change:connect: [botocore] Amazon Connect Evaluation Capabilities: validation improvements
• api-change:cur: [botocore] Add support for split cost allocation data on a report.
• api-change:sagemaker: [botocore] SageMaker now provides an instantaneous deployment recommendation through the DescribeModel API

v1.26.139

Compare Source

========

• api-change:fms: [botocore] Fixes issue that could cause calls to GetAdminScope and ListAdminAccountsForOrganization to return a 500 Internal Server error.
• api-change:sagemaker: [botocore] Added ModelNameEquals, ModelPackageVersionArnEquals in request and ModelName, SamplePayloadUrl, ModelPackageVersionArn in response of ListInferenceRecommendationsJobs API. Added Invocation timestamps in response of DescribeInferenceRecommendationsJob API & ListInferenceRecommendationsJobSteps API.
• api-change:translate: [botocore] Added support for calling TranslateDocument API.

v1.26.138

Compare Source

========

• api-change:backup: [botocore] Added support for tags on restore.
• api-change:pinpoint: [botocore] Amazon Pinpoint is deprecating the tags parameter in the UpdateSegment, UpdateCampaign, UpdateEmailTemplate, UpdateSmsTemplate, UpdatePushTemplate, UpdateInAppTemplate and UpdateVoiceTemplate. Amazon Pinpoint will end support tags parameter by May 22, 2023.
• api-change:quicksight: [botocore] Add support for Asset Bundle, Geospatial Heatmaps.

pyca/cryptography

v41.0.1

Compare Source

v41.0.0

Compare Source

ipython/ipython

v8.14.0

Compare Source

Microsoft/playwright-python

v1.34.0

Compare Source

Highlights

• New Locator.and_ to create a locator that matches both locators.

  button = page.get_by_role("button").and_(page.get_by_title("Subscribe"))

• Its now possible to set a global expect timeout and change the 5 second default:

  from playwright.sync_api import expect
  
  expect.set_options(timeout=10_000)

• New events BrowserContext.on("console") and BrowserContext.on("dialog") to subscribe to any dialogs
  and console messages from any page from the given browser context. Use the new properties ConsoleMessage.page
  and Dialog.page to pin-point event source.

Browser Versions

• Chromium 114.0.5735.26
• Mozilla Firefox 113.0
• WebKit 16.4

This version was also tested against the following stable channels:

• Google Chrome 113
• Microsoft Edge 113

pytest-dev/pytest-cov

v4.1.0

Compare Source

• Updated CI with new Pythons and dependencies.
• Removed rsyncdir support. This makes pytest-cov compatible with xdist 3.0.
  Contributed by Sorin Sbarnea in #&#8203;558 <https://github.com/pytest-dev/pytest-cov/pull/558>_.
• Optimized summary generation to not be performed if no reporting is active (for example,
  when --cov-report='' is used without --cov-fail-under).
  Contributed by Jonathan Stewmon in #&#8203;589 <https://github.com/pytest-dev/pytest-cov/pull/589>_.
• Added support for JSON reporting.
  Contributed by Matthew Gamble in #&#8203;582 <https://github.com/pytest-dev/pytest-cov/pull/582>_.
• Refactored code to use f-strings.
  Contributed by Mark Mayo in #&#8203;572 <https://github.com/pytest-dev/pytest-cov/pull/572>_.
• Fixed a skip in the test suite for some old xdist.
  Contributed by a bunch of people in #&#8203;565 <https://github.com/pytest-dev/pytest-cov/pull/565>_.

psf/requests

v2.31.0

Compare Source

Security

• Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
  forwarding of Proxy-Authorization headers to destination servers when
  following HTTPS redirects.

  When proxies are defined with user info (https://user:pass@proxy:8080), Requests
  will construct a Proxy-Authorization header that is attached to the request to
  authenticate with the proxy.

  In cases where Requests receives a redirect response, it previously reattached
  the Proxy-Authorization header incorrectly, resulting in the value being
  sent through the tunneled connection to the destination server. Users who rely on
  defining their proxy credentials in the URL are strongly encouraged to upgrade
  to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
  credentials once the change has been fully deployed.

  Users who do not use a proxy or do not supply their proxy credentials through
  the user information portion of their proxy URL are not subject to this
  vulnerability.

  Full details can be read in our Github Security Advisory
  and CVE-2023-32681.

getsentry/sentry-python

v1.25.0

Compare Source

Various fixes & improvements

• Support urllib3>=2.0.0 (#​2148) by @​asottile-sentry

  We're now supporting urllib3's new major version, 2.0.0. If you encounter issues (e.g. some of your dependencies not supporting the new urllib3 version yet) you might consider pinning the urllib3 version to <2.0.0 manually in your project. Check out the the urllib3 migration guide for details.

• Auto-retry tests on failure (#​2134) by @​sentrivana

• Correct importlib.metadata check in test_modules (#​2149) by @​asottile-sentry

• Fix distribution name normalization (PEP-0503) (#​2144) by @​rominf

• Fix functions_to_trace typing (#​2141) by @​rcmarron

v1.24.0

Compare Source

Various fixes & improvements

• New: Celery Beat exclude tasks option (#​2130) by @​antonpirker

  You can exclude Celery Beat tasks from being auto-instrumented. To do this, add a list of tasks you want to exclude as option exclude_beat_tasks when creating CeleryIntegration. The list can contain simple strings with the full task name, as specified in the Celery Beat schedule, or regular expressions to match multiple tasks.

  For more information, see the documentation for Crons for more information.

  Usage:

      exclude_beat_tasks = [
          "some-task-a",
          "payment-check-.*",
      ]
      sentry_sdk.init(
          dsn='___PUBLIC_DSN___',
          integrations=[
              CeleryIntegration(
                  monitor_beat_tasks=True,
                  exclude_beat_tasks=exclude_beat_tasks,
              ),
          ],
      )

  In this example the task some-task-a and all tasks with a name starting with payment-check- will be ignored.

• New: Add support for ExceptionGroups (#​2025) by @​antonpirker

  Note: If running Self-Hosted Sentry, you should wait to adopt this SDK update until after updating to the 23.6.0 (est. June 2023) release of Sentry. Updating early will not break anything, but you will not get the full benefit of the Exception Groups improvements to issue grouping that were added to the Sentry backend.

• Prefer importlib.metadata over pkg_resources if available (#​2081) by @​sentrivana

• Work with a copy of request, vars in the event (#​2125) by @​sentrivana

• Pinned version of dependency that broke the build (#​2133) by @​antonpirker

---

Configuration

📅 Schedule: Branch creation - "before 7am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[kernicPanel]

@lunika requests is still broken with urllib3 >= 2.0.0 psf/requests#6432