Bump the dependencies group across 1 directory with 4 updates #825

dependabot · 2024-06-17T22:18:48Z

Bumps the dependencies group with 4 updates in the / directory: cryptography, bandit, boto3 and botocore.

Updates cryptography from 42.0.7 to 42.0.8

Changelog

Sourced from cryptography's changelog.

42.0.8 - 2024-06-04

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.2.

.. _v42-0-7:

Commits

761ef4b bump for 42.0.8 release (#11072)
See full diff in compare view

Updates bandit from 1.7.8 to 1.7.9

Release notes

Sourced from bandit's releases.

1.7.9

What's Changed

Bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in PyCQA/bandit#1117

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1119

New logo for Bandit based on raccoon by @ericwb in PyCQA/bandit#1121

Start testing on Python 3.13 by @ericwb in PyCQA/bandit#1122

Bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in PyCQA/bandit#1123

Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in PyCQA/bandit#1124

Bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in PyCQA/bandit#1125

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1126

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1127

Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in PyCQA/bandit#1130

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1131

Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in PyCQA/bandit#1132

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1133

Updates banner logo so it renders well in dark mode by @ericwb in PyCQA/bandit#1134

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1135

Add a sponsor section to README by @ericwb in PyCQA/bandit#1137

Ensure sarif extra is included as part of doc build by @ericwb in PyCQA/bandit#1139

Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in PyCQA/bandit#1142

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1143

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in PyCQA/bandit#1145

Guard against empty call argument list by @ericwb in PyCQA/bandit#1146

Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in PyCQA/bandit#1144

Support configfile in .bandit file by @bersbersbers in PyCQA/bandit#1052

New Contributors

@pre-commit-ci made their first contribution in PyCQA/bandit#1119

@bersbersbers made their first contribution in PyCQA/bandit#1052

Full Changelog: PyCQA/bandit@1.7.8...1.7.9

Commits

691f465 Support configfile in .bandit file (#1052)
f1a397e Bump docker/build-push-action from 5.3.0 to 5.4.0 (#1144)
049eba0 Guard against empty call argument list (#1146)
ad56c78 [pre-commit.ci] pre-commit autoupdate (#1145)
2dd4cb5 [pre-commit.ci] pre-commit autoupdate (#1143)
313cae7 Bump docker/login-action from 3.1.0 to 3.2.0 (#1142)
3fa1e25 Ensure sarif extra is included as part of doc build (#1139)
8b659fb Add a sponsor section to README (#1137)
30cada5 [pre-commit.ci] pre-commit autoupdate (#1135)
dbb4161 Updates banner logo so it renders well in dark mode (#1134)
Additional commits viewable in compare view

Updates boto3 from 1.34.118 to 1.34.128

Changelog

Sourced from boto3's changelog.

1.34.128

api-change:acm-pca: [botocore] Doc-only update that adds name constraints as an allowed extension for ImportCertificateAuthorityCertificate.

api-change:batch: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:codebuild: [botocore] AWS CodeBuild now supports global and organization GitHub webhooks

api-change:cognito-idp: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:ds: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:efs: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:glue: [botocore] This release introduces a new feature, Usage profiles. Usage profiles allow the AWS Glue admin to create different profiles for various classes of users within the account, enforcing limits and defaults for jobs and sessions.

api-change:mediaconvert: [botocore] This release includes support for creating I-frame only video segments for DASH trick play.

api-change:secretsmanager: [botocore] Doc only update for Secrets Manager

api-change:waf: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

1.34.127

api-change:datazone: [botocore] This release introduces a new default service blueprint for custom environment creation.

api-change:ec2: [botocore] Documentation updates for Amazon EC2.

api-change:macie2: [botocore] This release adds support for managing the status of automated sensitive data discovery for individual accounts in an organization, and determining whether individual S3 buckets are included in the scope of the analyses.

api-change:mediaconvert: [botocore] This release adds the ability to search for historical job records within the management console using a search box and/or via the SDK/CLI with partial string matching search on input file name.

api-change:route53domains: [botocore] Add v2 smoke tests and smithy smokeTests trait for SDK testing.

1.34.126

api-change:cloudhsmv2: [botocore] Added support for hsm type hsm2m.medium. Added supported for creating a cluster in FIPS or NON_FIPS mode.

api-change:glue: [botocore] This release adds support for configuration of evaluation method for composite rules in Glue Data Quality rulesets.

api-change:iotwireless: [botocore] Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer Metrics.

api-change:kms: [botocore] This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties.

api-change:mediapackagev2: [botocore] This release adds support for CMAF ingest (DASH-IF live media ingest protocol interface 1)

1.34.125

api-change:apptest: [botocore] AWS Mainframe Modernization Application Testing is an AWS Mainframe Modernization service feature that automates functional equivalence testing for mainframe application modernization and migration to AWS, and regression testing.

api-change:backupstorage: [botocore] The backupstorage client has been removed following the deprecation of the service.

api-change:ec2: [botocore] Tagging support for Traffic Mirroring FilterRule resource

api-change:osis: [botocore] SDK changes for self-managed vpc endpoint to OpenSearch ingestion pipelines.

api-change:redshift: [botocore] Updates to remove DC1 and DS2 node types.

api-change:secretsmanager: [botocore] Introducing RotationToken parameter for PutSecretValue API

api-change:securitylake: [botocore] This release updates request validation regex to account for non-commercial aws partitions.

api-change:sesv2: [botocore] This release adds support for Amazon EventBridge as an email sending events destination.

1.34.124

... (truncated)

Commits

11becdb Merge branch 'release-1.34.128'
dff2a1e Bumping version to 1.34.128
14cdd17 Add changelog entries from botocore
ccf92ad Merge branch 'release-1.34.127' into develop
6701fab Merge branch 'release-1.34.127'
153ade5 Bumping version to 1.34.127
40b402f Add changelog entries from botocore
a1deb11 Merge branch 'release-1.34.126' into develop
60dfa6f Merge branch 'release-1.34.126'
427029b Bumping version to 1.34.126
Additional commits viewable in compare view

Updates botocore from 1.34.118 to 1.34.128

Changelog

Sourced from botocore's changelog.

1.34.128

api-change:acm-pca: Doc-only update that adds name constraints as an allowed extension for ImportCertificateAuthorityCertificate.

api-change:batch: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:codebuild: AWS CodeBuild now supports global and organization GitHub webhooks

api-change:cognito-idp: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:ds: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:efs: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

api-change:glue: This release introduces a new feature, Usage profiles. Usage profiles allow the AWS Glue admin to create different profiles for various classes of users within the account, enforcing limits and defaults for jobs and sessions.

api-change:mediaconvert: This release includes support for creating I-frame only video segments for DASH trick play.

api-change:secretsmanager: Doc only update for Secrets Manager

api-change:waf: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

1.34.127

api-change:datazone: This release introduces a new default service blueprint for custom environment creation.

api-change:ec2: Documentation updates for Amazon EC2.

api-change:macie2: This release adds support for managing the status of automated sensitive data discovery for individual accounts in an organization, and determining whether individual S3 buckets are included in the scope of the analyses.

api-change:mediaconvert: This release adds the ability to search for historical job records within the management console using a search box and/or via the SDK/CLI with partial string matching search on input file name.

api-change:route53domains: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

1.34.126

api-change:cloudhsmv2: Added support for hsm type hsm2m.medium. Added supported for creating a cluster in FIPS or NON_FIPS mode.

api-change:glue: This release adds support for configuration of evaluation method for composite rules in Glue Data Quality rulesets.

api-change:iotwireless: Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer Metrics.

api-change:kms: This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties.

api-change:mediapackagev2: This release adds support for CMAF ingest (DASH-IF live media ingest protocol interface 1)

1.34.125

api-change:apptest: AWS Mainframe Modernization Application Testing is an AWS Mainframe Modernization service feature that automates functional equivalence testing for mainframe application modernization and migration to AWS, and regression testing.

api-change:backupstorage: The backupstorage client has been removed following the deprecation of the service.

api-change:ec2: Tagging support for Traffic Mirroring FilterRule resource

api-change:osis: SDK changes for self-managed vpc endpoint to OpenSearch ingestion pipelines.

api-change:redshift: Updates to remove DC1 and DS2 node types.

api-change:secretsmanager: Introducing RotationToken parameter for PutSecretValue API

api-change:securitylake: This release updates request validation regex to account for non-commercial aws partitions.

api-change:sesv2: This release adds support for Amazon EventBridge as an email sending events destination.

1.34.124

... (truncated)

Commits

0dba028 Merge branch 'release-1.34.128'
f9bf22e Bumping version to 1.34.128
1d23a8c Update to latest models
d563b7a Merge pull request #3207 from boto/dependabot/github_actions/codecov/codecov-...
3f497fd Bump codecov/codecov-action from 4.4.0 to 4.5.0
ce4c8e4 Merge branch 'release-1.34.127'
71d0c48 Merge branch 'release-1.34.127' into develop
3d139dd Bumping version to 1.34.127
761d3c2 Update to latest models
ef413e7 Merge branch 'release-1.34.126'
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 4 updates in the / directory: [cryptography](https://github.com/pyca/cryptography), [bandit](https://github.com/PyCQA/bandit), [boto3](https://github.com/boto/boto3) and [botocore](https://github.com/boto/botocore). Updates `cryptography` from 42.0.7 to 42.0.8 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@42.0.7...42.0.8) Updates `bandit` from 1.7.8 to 1.7.9 - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](PyCQA/bandit@1.7.8...1.7.9) Updates `boto3` from 1.34.118 to 1.34.128 - [Release notes](https://github.com/boto/boto3/releases) - [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst) - [Commits](boto/boto3@1.34.118...1.34.128) Updates `botocore` from 1.34.118 to 1.34.128 - [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst) - [Commits](boto/botocore@1.34.118...1.34.128) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: bandit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: boto3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: botocore dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 17, 2024

jku approved these changes Jun 18, 2024

View reviewed changes

jku merged commit 1188325 into main Jun 18, 2024
17 checks passed

dependabot bot deleted the dependabot/pip/dependencies-bdc6443c98 branch June 18, 2024 08:03

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group across 1 directory with 4 updates #825

Bump the dependencies group across 1 directory with 4 updates #825

dependabot bot commented on behalf of github Jun 17, 2024

Bump the dependencies group across 1 directory with 4 updates #825

Bump the dependencies group across 1 directory with 4 updates #825

Conversation

dependabot bot commented on behalf of github Jun 17, 2024

1.7.9

What's Changed

New Contributors

1.34.128

1.34.127

1.34.126

1.34.125

1.34.124

1.34.128

1.34.127

1.34.126

1.34.125

1.34.124