Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix up issues found running Bandit on itself #1093

Merged
merged 1 commit into from
Jan 14, 2024
Merged

Conversation

ericwb
Copy link
Member

@ericwb ericwb commented Jan 14, 2024

  • Used nosec for false various positives
  • Switched to usage of defusedxml
  • Fixed the empty try-except-pass to have code in the except block.

Fixes #948

* Used nosec for false various positives.
  1. xml.etree is used only for XML generation not parsing
  2. "0.0.0.0" is used in the plugin itself
  3. Various strings of temp directories are used in the plugin
     itself.
  4. The subprocess call does use user input, but only from
     the command line itself that is running baseline. Although
     maybe this could be argued as an issue though.
* Fixed the empty try-except-pass to have code in the except
  block.

Fixes PyCQA#948

Signed-off-by: Eric Brown <[email protected]>
@ericwb ericwb merged commit 7129108 into PyCQA:main Jan 14, 2024
13 checks passed
@ericwb ericwb deleted the reflection branch January 14, 2024 15:48
coilysiren referenced this pull request in HHS/simpler-grants-gov Feb 26, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [SQLAlchemy](https://www.sqlalchemy.org)
([changelog](https://docs.sqlalchemy.org/en/latest/changelog/)) |
`2.0.25` -> `2.0.27` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/SQLAlchemy/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/SQLAlchemy/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/SQLAlchemy/2.0.25/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/SQLAlchemy/2.0.25/2.0.27?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [bandit](https://bandit.readthedocs.io/)
([source](https://togithub.com/PyCQA/bandit),
[changelog](https://togithub.com/PyCQA/bandit/releases)) | `1.7.6` ->
`1.7.7` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/bandit/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/bandit/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/bandit/1.7.6/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/bandit/1.7.6/1.7.7?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [boto3](https://togithub.com/boto/boto3) | `1.34.23` -> `1.34.50` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/boto3/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/boto3/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/boto3/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/boto3/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [botocore](https://togithub.com/boto/botocore) | `1.34.23` ->
`1.34.50` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/botocore/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/botocore/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/botocore/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/botocore/1.34.23/1.34.50?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [coverage](https://togithub.com/nedbat/coveragepy) | `7.4.0` ->
`7.4.3` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/coverage/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/coverage/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/coverage/7.4.0/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/coverage/7.4.0/7.4.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [marshmallow](https://togithub.com/marshmallow-code/marshmallow)
([changelog](https://marshmallow.readthedocs.io/en/latest/changelog.html))
| `3.20.2` -> `3.21.0` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/marshmallow/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/marshmallow/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/marshmallow/3.20.2/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/marshmallow/3.20.2/3.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [moto](https://togithub.com/getmoto/moto)
([changelog](https://togithub.com/getmoto/moto/blob/master/CHANGELOG.md))
| `4.2.13` -> `4.2.14` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/moto/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/moto/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/moto/4.2.13/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/moto/4.2.13/4.2.14?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [psycopg](https://psycopg.org/psycopg3/)
([source](https://togithub.com/psycopg/psycopg),
[changelog](https://psycopg.org/psycopg3/docs/news.html)) | `3.1.17` ->
`3.1.18` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/psycopg/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/psycopg/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/psycopg/3.1.17/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/psycopg/3.1.17/3.1.18?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [pydantic](https://togithub.com/pydantic/pydantic)
([changelog](https://docs.pydantic.dev/latest/changelog/)) | `2.5.3` ->
`2.6.2` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pydantic/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pydantic/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pydantic/2.5.3/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pydantic/2.5.3/2.6.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [pydantic-settings](https://togithub.com/pydantic/pydantic-settings)
([changelog](https://togithub.com/pydantic/pydantic-settings/releases))
| `2.1.0` -> `2.2.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/pydantic-settings/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pydantic-settings/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pydantic-settings/2.1.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pydantic-settings/2.1.0/2.2.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [python-dotenv](https://togithub.com/theskumar/python-dotenv) |
`1.0.0` -> `1.0.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/python-dotenv/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/python-dotenv/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/python-dotenv/1.0.0/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/python-dotenv/1.0.0/1.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>PyCQA/bandit (bandit)</summary>

### [`v1.7.7`](https://togithub.com/PyCQA/bandit/releases/tag/1.7.7)

[Compare
Source](https://togithub.com/PyCQA/bandit/compare/1.7.6...1.7.7)

#### What's Changed

- Add the new release to bandit versions of bug template by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1075](https://togithub.com/PyCQA/bandit/pull/1075)
- Bump actions/setup-python from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/PyCQA/bandit/pull/1076](https://togithub.com/PyCQA/bandit/pull/1076)
- Handle variant in how policy is passed in paramiko by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1078](https://togithub.com/PyCQA/bandit/pull/1078)
- Flag str.replace as possible sql injection by
[@&#8203;costaparas](https://togithub.com/costaparas) in
[https://github.com/PyCQA/bandit/pull/1044](https://togithub.com/PyCQA/bandit/pull/1044)
- defusedxml: Show correct module name by
[@&#8203;kajinamit](https://togithub.com/kajinamit) in
[https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081)
- Add tidelift to the sponsor funding list by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1089](https://togithub.com/PyCQA/bandit/pull/1089)
- Create a security policy by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1091](https://togithub.com/PyCQA/bandit/pull/1091)
- Fix up issues found running Bandit on itself by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1093](https://togithub.com/PyCQA/bandit/pull/1093)
- Add random.randbytes to blacklist calls by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1096](https://togithub.com/PyCQA/bandit/pull/1096)
- Prepend ./ for files specified as CLI args by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1094](https://togithub.com/PyCQA/bandit/pull/1094)
- Rework GitPython dependency to be an extra for bandit-baseline by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1099](https://togithub.com/PyCQA/bandit/pull/1099)
- Bump actions/dependency-review-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/PyCQA/bandit/pull/1101](https://togithub.com/PyCQA/bandit/pull/1101)
- Introduce Official Bandit Images by
[@&#8203;lukehinds](https://togithub.com/lukehinds) in
[https://github.com/PyCQA/bandit/pull/1088](https://togithub.com/PyCQA/bandit/pull/1088)
- Remove markdown formatting in reStructuredText formatted README by
[@&#8203;ericwb](https://togithub.com/ericwb) in
[https://github.com/PyCQA/bandit/pull/1103](https://togithub.com/PyCQA/bandit/pull/1103)
- Downsize the org:repo name by
[@&#8203;lukehinds](https://togithub.com/lukehinds) in
[https://github.com/PyCQA/bandit/pull/1104](https://togithub.com/PyCQA/bandit/pull/1104)

#### New Contributors

- [@&#8203;kajinamit](https://togithub.com/kajinamit) made their first
contribution in
[https://github.com/PyCQA/bandit/pull/1081](https://togithub.com/PyCQA/bandit/pull/1081)

**Full Changelog**:
https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7

</details>

<details>
<summary>boto/boto3 (boto3)</summary>

###
[`v1.34.50`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13450)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.49...1.34.50)

\=======

- api-change:`apigateway`: \[`botocore`] Documentation updates for
Amazon API Gateway.
- api-change:`drs`: \[`botocore`] Added volume status to
DescribeSourceServer replicated volumes.
- api-change:`kafkaconnect`: \[`botocore`] Adds support for tagging,
with new TagResource, UntagResource and ListTagsForResource APIs to
manage tags and updates to existing APIs to allow tag on create. This
release also adds support for the new DeleteWorkerConfiguration API.
- api-change:`rds`: \[`botocore`] This release adds support for gp3 data
volumes for Multi-AZ DB Clusters.

###
[`v1.34.49`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13449)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.48...1.34.49)

\=======

- api-change:`appsync`: \[`botocore`] Documentation only updates for
AppSync
- api-change:`qldb`: \[`botocore`] Clarify possible values for KmsKeyArn
and EncryptionDescription.
- api-change:`rds`: \[`botocore`] Add pattern and length based
validations for DBShardGroupIdentifier
- api-change:`rum`: \[`botocore`] Doc-only update for new RUM metrics
that were added

###
[`v1.34.48`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13448)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.47...1.34.48)

\=======

- api-change:`internetmonitor`: \[`botocore`] This release adds IPv4
prefixes to health events
- api-change:`kinesisvideo`: \[`botocore`] Increasing NextToken
parameter length restriction for List APIs from 512 to 1024.

###
[`v1.34.47`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13447)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.46...1.34.47)

\=======

- api-change:`iotevents`: \[`botocore`] Increase the maximum length of
descriptions for Inputs, Detector Models, and Alarm Models
- api-change:`lookoutequipment`: \[`botocore`] This release adds a field
exposing model quality to read APIs for models. It also adds a model
quality field to the API response when creating an inference scheduler.
- api-change:`medialive`: \[`botocore`] MediaLive now supports the
ability to restart pipelines in a running channel.
- api-change:`ssm`: \[`botocore`] This release adds support for sharing
Systems Manager parameters with other AWS accounts.

###
[`v1.34.46`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13446)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.45...1.34.46)

\=======

- api-change:`dynamodb`: \[`botocore`] Publishing quick fix for doc only
update.
- api-change:`firehose`: \[`botocore`] This release updates a few
Firehose related APIs.
- api-change:`lambda`: \[`botocore`] Add .NET 8 (dotnet8) Runtime
support to AWS Lambda.

###
[`v1.34.45`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13445)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.44...1.34.45)

\=======

- api-change:`amplify`: \[`botocore`] This release contains API changes
that enable users to configure their Amplify domains with their own
custom SSL/TLS certificate.
- api-change:`chatbot`: \[`botocore`] This release adds support for AWS
Chatbot. You can now monitor, operate, and troubleshoot your AWS
resources with interactive ChatOps using the AWS SDK.
- api-change:`config`: \[`botocore`] Documentation updates for the AWS
Config CLI
- api-change:`ivs`: \[`botocore`] Changed description for latencyMode in
Create/UpdateChannel and Channel/ChannelSummary.
- api-change:`keyspaces`: \[`botocore`] Documentation updates for Amazon
Keyspaces
- api-change:`mediatailor`: \[`botocore`] MediaTailor: marking
#AdBreak.OffsetMillis as required.

###
[`v1.34.44`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13444)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.43...1.34.44)

\=======

- api-change:`connectparticipant`: \[`botocore`] Doc only update to
GetTranscript API reference guide to inform users about presence of
events in the chat transcript.
- api-change:`emr`: \[`botocore`] adds fine grained control over
Unhealthy Node Replacement to Amazon ElasticMapReduce
- api-change:`firehose`: \[`botocore`] This release adds support for
Data Message Extraction for decompressed CloudWatch logs, and to use a
custom file extension or time zone for S3 destinations.
- api-change:`lambda`: \[`botocore`] Documentation-only updates for
Lambda to clarify a number of existing actions and properties.
- api-change:`rds`: \[`botocore`] Doc only update for a valid option in
DB parameter group
- api-change:`sns`: \[`botocore`] This release marks phone numbers as
sensitive inputs.

###
[`v1.34.43`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13443)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.42...1.34.43)

\=======

- api-change:`artifact`: \[`botocore`] This is the initial SDK release
for AWS Artifact. AWS Artifact provides on-demand access to compliance
and third-party compliance reports. This release includes access to List
and Get reports, along with their metadata. This release also includes
access to AWS Artifact notifications settings.
- api-change:`codepipeline`: \[`botocore`] Add ability to override
timeout on action level.
- api-change:`detective`: \[`botocore`] Doc only updates for content
enhancement
- api-change:`guardduty`: \[`botocore`] Marked fields IpAddressV4,
PrivateIpAddress, Email as Sensitive.
- api-change:`healthlake`: \[`botocore`] This release adds a new
response parameter, JobProgressReport, to the DescribeFHIRImportJob and
ListFHIRImportJobs API operation. JobProgressReport provides details on
the progress of the import job on the server.
- api-change:`opensearch`: \[`botocore`] Adds additional supported
instance types.
- api-change:`polly`: \[`botocore`] Amazon Polly adds 1 new voice -
Burcu (tr-TR)
- api-change:`sagemaker`: \[`botocore`] This release adds a new API
UpdateClusterSoftware for SageMaker HyperPod. This API allows users to
patch HyperPod clusters with latest platform softwares.
- api-change:`secretsmanager`: \[`botocore`] Doc only update for Secrets
Manager
- api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules
client to latest version

###
[`v1.34.42`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13442)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.41...1.34.42)

\=======

- api-change:`controltower`: \[`botocore`] Adds support for new Baseline
and EnabledBaseline APIs for automating multi-account governance.
- api-change:`lookoutequipment`: \[`botocore`] This feature allows
customers to see pointwise model diagnostics results for their models.
- api-change:`qbusiness`: \[`botocore`] This release adds the
metadata-boosting feature, which allows customers to easily fine-tune
the underlying ranking of retrieved RAG passages in order to optimize
Q\&A answer relevance. It also adds new feedback reasons for the
PutFeedback API.

###
[`v1.34.41`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13441)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.40...1.34.41)

\=======

- bugfix:ContainerProvider: \[`botocore`] Properly refreshes token from
file from EKS in ContainerProvider
- api-change:`lightsail`: \[`botocore`] This release adds support to
upgrade the major version of a database.
- api-change:`marketplace-catalog`: \[`botocore`] AWS Marketplace
Catalog API now supports setting intent on requests
- api-change:`resource-explorer-2`: \[`botocore`] Resource Explorer now
uses newly supported IPv4 'amazonaws.com' endpoints by default.
- api-change:`securitylake`: \[`botocore`] Documentation updates for
Security Lake
- api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules
client to latest version

###
[`v1.34.40`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13440)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.39...1.34.40)

\=======

- api-change:`appsync`: \[`botocore`] Adds support for new options on
GraphqlAPIs, Resolvers and Data Sources for emitting Amazon CloudWatch
metrics for enhanced monitoring of AppSync APIs.
- api-change:`cloudwatch`: \[`botocore`] Update cloudwatch client to
latest version
- api-change:`neptune-graph`: \[`botocore`] Adding a new option
"parameters" for data plane api ExecuteQuery to support running
parameterized query via SDK.
- api-change:`route53domains`: \[`botocore`] This release adds bill
contact support for RegisterDomain, TransferDomain, UpdateDomainContact
and GetDomainDetail API.

###
[`v1.34.39`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13439)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.38...1.34.39)

\=======

-   api-change:`amp`: \[`botocore`] Overall documentation updates.
- api-change:`batch`: \[`botocore`] This feature allows Batch to support
configuration of repository credentials for jobs running on ECS
- api-change:`braket`: \[`botocore`] Creating a job will result in
DeviceOfflineException when using an offline device, and
DeviceRetiredException when using a retired device.
- api-change:`cost-optimization-hub`: \[`botocore`] Adding
includeMemberAccounts field to the response of ListEnrollmentStatuses
API.
- api-change:`ecs`: \[`botocore`] Documentation only update for Amazon
ECS.
- api-change:`iot`: \[`botocore`] This release allows AWS IoT Core users
to enable Online Certificate Status Protocol (OCSP) Stapling for TLS
X.509 Server Certificates when creating and updating AWS IoT Domain
Configurations with Custom Domain.
- api-change:`pricing`: \[`botocore`] Add Throttling Exception to all
APIs.

###
[`v1.34.38`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13438)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.37...1.34.38)

\=======

- api-change:`codepipeline`: \[`botocore`] Add ability to execute
pipelines with new parallel & queued execution modes and add support for
triggers with filtering on branches and file paths.
- api-change:`quicksight`: \[`botocore`] General Interactions for
Visuals; Waterfall Chart Color Configuration; Documentation Update
- api-change:`workspaces`: \[`botocore`] This release introduces
User-Decoupling feature. This feature allows Workspaces Core customers
to provision workspaces without providing users. CreateWorkspaces and
DescribeWorkspaces APIs will now take a new optional parameter
"WorkspaceName".

###
[`v1.34.37`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13437)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.36...1.34.37)

\=======

- api-change:`datasync`: \[`botocore`] AWS DataSync now supports
manifests for specifying files or objects to transfer.
- api-change:`lexv2-models`: \[`botocore`] Update lexv2-models client to
latest version
- api-change:`redshift`: \[`botocore`] LisRecommendations API to fetch
Amazon Redshift Advisor recommendations.

###
[`v1.34.36`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13436)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.35...1.34.36)

\=======

- api-change:`appsync`: \[`botocore`] Support for environment variables
in AppSync GraphQL APIs
- api-change:`ecs`: \[`botocore`] This release is a documentation only
update to address customer issues.
- api-change:`es`: \[`botocore`] This release adds clear visibility to
the customers on the changes that they make on the domain.
- api-change:`logs`: \[`botocore`] This release adds a new field,
logGroupArn, to the response of the logs:DescribeLogGroups action.
- api-change:`opensearch`: \[`botocore`] This release adds clear
visibility to the customers on the changes that they make on the domain.
- api-change:`wafv2`: \[`botocore`] You can now delete an API key that
you've created for use with your CAPTCHA JavaScript integration API.

###
[`v1.34.35`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13435)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.34...1.34.35)

\=======

- api-change:`glue`: \[`botocore`] Introduce Catalog Encryption Role
within Glue Data Catalog Settings. Introduce SASL/PLAIN as an
authentication method for Glue Kafka connections
- api-change:`workspaces`: \[`botocore`] Added definitions of various
WorkSpace states

###
[`v1.34.34`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13434)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.33...1.34.34)

\=======

- api-change:`dynamodb`: \[`botocore`] Any number of users can execute
up to 50 concurrent restores (any type of restore) in a given account.
- api-change:`sagemaker`: \[`botocore`] Amazon SageMaker Canvas adds
GenerativeAiSettings support for CanvasAppSettings.
- api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules
client to latest version

###
[`v1.34.33`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13433)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.32...1.34.33)

\=======

- api-change:`cognito-idp`: \[`botocore`] Added CreateIdentityProvider
and UpdateIdentityProvider details for new SAML IdP features
- api-change:`ivs`: \[`botocore`] This release introduces a new resource
Playback Restriction Policy which can be used to geo-restrict or
domain-restrict channel stream playback when associated with a channel.
New APIs to support this resource were introduced in the form of
Create/Delete/Get/Update/List.
- api-change:`managedblockchain-query`: \[`botocore`] This release adds
support for transactions that have not reached finality. It also removes
support for the status property from the response of the GetTransaction
operation. You can use the confirmationStatus and executionStatus
properties to determine the status of the transaction.
- api-change:`mediaconvert`: \[`botocore`] This release includes support
for broadcast-mixed audio description tracks.
- api-change:`neptune-graph`: \[`botocore`] Adding new APIs in SDK for
Amazon Neptune Analytics. These APIs include operations to execute,
cancel, list queries and get the graph summary.

###
[`v1.34.32`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13432)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.31...1.34.32)

\=======

- api-change:`cloudformation`: \[`botocore`] CloudFormation IaC
generator allows you to scan existing resources in your account and
select resources to generate a template for a new or existing
CloudFormation stack.
- api-change:`elbv2`: \[`botocore`] Update elbv2 client to latest
version
- api-change:`glue`: \[`botocore`] Update page size limits for
GetJobRuns and GetTriggers APIs.
- api-change:`ssm`: \[`botocore`] This release adds an optional Duration
parameter to StateManager Associations. This allows customers to specify
how long an apply-only-on-cron association execution should run. Once
the specified Duration is out all the ongoing cancellable commands or
automations are cancelled.

###
[`v1.34.31`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13431)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.30...1.34.31)

\=======

- api-change:`datazone`: \[`botocore`] Add new skipDeletionCheck to
DeleteDomain. Add new skipDeletionCheck to DeleteProject which also
automatically deletes dependent objects
- api-change:`route53`: \[`botocore`] Update the SDKs for text changes
in the APIs.

###
[`v1.34.30`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13430)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.29...1.34.30)

\=======

- api-change:`autoscaling`: \[`botocore`] EC2 Auto Scaling customers who
use attribute based instance-type selection can now intuitively define
their Spot instances price protection limit as a percentage of the
lowest priced On-Demand instance type.
- api-change:`comprehend`: \[`botocore`] Comprehend PII analysis now
supports Spanish input documents.
- api-change:`ec2`: \[`botocore`] EC2 Fleet customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
- api-change:`mwaa`: \[`botocore`] This release adds MAINTENANCE
environment status for Amazon MWAA environments.
- api-change:`rds`: \[`botocore`] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API
methods. This provides enhanced error handling, ensuring a more robust
experience.
- api-change:`snowball`: \[`botocore`] Modified description of
createaddress to include direction to add path when providing a JSON
file.

###
[`v1.34.29`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13429)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.28...1.34.29)

\=======

- api-change:`connect`: \[`botocore`] Update list and string length
limits for predefined attributes.
- api-change:`inspector2`: \[`botocore`] This release adds ECR container
image scanning based on their lastRecordedPullTime.
- api-change:`sagemaker`: \[`botocore`] Amazon SageMaker Automatic Model
Tuning now provides an API to programmatically delete tuning jobs.

###
[`v1.34.28`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13428)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.27...1.34.28)

\=======

- api-change:`acm-pca`: \[`botocore`] AWS Private CA now supports an
option to omit the CDP extension from issued certificates, when CRL
revocation is enabled.
- api-change:`lightsail`: \[`botocore`] This release adds support for
IPv6-only instance plans.

###
[`v1.34.27`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13427)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.26...1.34.27)

\=======

- api-change:`ec2`: \[`botocore`] Introduced a new clientToken request
parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken
parameter allows idempotent operations on the APIs.
- api-change:`ecs`: \[`botocore`] Documentation updates for Amazon ECS.
- api-change:`outposts`: \[`botocore`] DeviceSerialNumber parameter is
now optional in StartConnection API
- api-change:`rds`: \[`botocore`] This release adds support for Aurora
Limitless Database.
- api-change:`storagegateway`: \[`botocore`] Add DeprecationDate and
SoftwareVersion to response of ListGateways.

###
[`v1.34.26`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13426)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.25...1.34.26)

\=======

- api-change:`inspector2`: \[`botocore`] This release adds support for
CIS scans on EC2 instances.

###
[`v1.34.25`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13425)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.24...1.34.25)

\=======

- enhancement:documentation: \[`botocore`] Updates the GitHub issue
creation link in our README

###
[`v1.34.24`](https://togithub.com/boto/boto3/blob/HEAD/CHANGELOG.rst#13424)

[Compare
Source](https://togithub.com/boto/boto3/compare/1.34.23...1.34.24)

\=======

- api-change:`appconfigdata`: \[`botocore`] Fix FIPS Endpoints in
aws-us-gov.
- api-change:`cloud9`: \[`botocore`] Doc-only update around removing AL1
from list of available AMIs for Cloud9
- api-change:`cloudfront-keyvaluestore`: \[`botocore`] This release
improves upon the DescribeKeyValueStore API by returning two additional
fields, Status of the KeyValueStore and the FailureReason in case of
failures during creation of KeyValueStore.
- api-change:`connectcases`: \[`botocore`] This release adds the ability
to view audit history on a case and introduces a new parameter,
performedBy, for CreateCase and UpdateCase API's.
- api-change:`ec2`: \[`botocore`] Documentation updates for Amazon EC2.
- api-change:`ecs`: \[`botocore`] This release adds support for
Transport Layer Security (TLS) and Configurable Timeout to ECS Service
Connect. TLS facilitates privacy and data security for inter-service
communications, while Configurable Timeout allows customized per-request
timeout and idle timeout for Service Connect services.
- api-change:`finspace`: \[`botocore`] Allow customer to set zip default
through command line arguments.
- api-change:`organizations`: \[`botocore`] Doc only update for quota
increase change
- api-change:`rds`: \[`botocore`] Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
- api-change:`endpoint-rules`: \[`botocore`] Update endpoint-rules
client to latest version

</details>

<details>
<summary>boto/botocore (botocore)</summary>

###
[`v1.34.50`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13450)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.49...1.34.50)

\=======

- api-change:`apigateway`: Documentation updates for Amazon API Gateway.
- api-change:`drs`: Added volume status to DescribeSourceServer
replicated volumes.
- api-change:`kafkaconnect`: Adds support for tagging, with new
TagResource, UntagResource and ListTagsForResource APIs to manage tags
and updates to existing APIs to allow tag on create. This release also
adds support for the new DeleteWorkerConfiguration API.
- api-change:`rds`: This release adds support for gp3 data volumes for
Multi-AZ DB Clusters.

###
[`v1.34.49`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13449)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.48...1.34.49)

\=======

-   api-change:`appsync`: Documentation only updates for AppSync
- api-change:`qldb`: Clarify possible values for KmsKeyArn and
EncryptionDescription.
- api-change:`rds`: Add pattern and length based validations for
DBShardGroupIdentifier
- api-change:`rum`: Doc-only update for new RUM metrics that were added

###
[`v1.34.48`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13448)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.47...1.34.48)

\=======

- api-change:`internetmonitor`: This release adds IPv4 prefixes to
health events
- api-change:`kinesisvideo`: Increasing NextToken parameter length
restriction for List APIs from 512 to 1024.

###
[`v1.34.47`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13447)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.46...1.34.47)

\=======

- api-change:`iotevents`: Increase the maximum length of descriptions
for Inputs, Detector Models, and Alarm Models
- api-change:`lookoutequipment`: This release adds a field exposing
model quality to read APIs for models. It also adds a model quality
field to the API response when creating an inference scheduler.
- api-change:`medialive`: MediaLive now supports the ability to restart
pipelines in a running channel.
- api-change:`ssm`: This release adds support for sharing Systems
Manager parameters with other AWS accounts.

###
[`v1.34.46`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13446)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.45...1.34.46)

\=======

-   api-change:`dynamodb`: Publishing quick fix for doc only update.
- api-change:`firehose`: This release updates a few Firehose related
APIs.
- api-change:`lambda`: Add .NET 8 (dotnet8) Runtime support to AWS
Lambda.

###
[`v1.34.45`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13445)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.44...1.34.45)

\=======

- api-change:`amplify`: This release contains API changes that enable
users to configure their Amplify domains with their own custom SSL/TLS
certificate.
- api-change:`chatbot`: This release adds support for AWS Chatbot. You
can now monitor, operate, and troubleshoot your AWS resources with
interactive ChatOps using the AWS SDK.
-   api-change:`config`: Documentation updates for the AWS Config CLI
- api-change:`ivs`: Changed description for latencyMode in
Create/UpdateChannel and Channel/ChannelSummary.
-   api-change:`keyspaces`: Documentation updates for Amazon Keyspaces
- api-change:`mediatailor`: MediaTailor: marking #AdBreak.OffsetMillis
as required.

###
[`v1.34.44`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13444)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.43...1.34.44)

\=======

- api-change:`connectparticipant`: Doc only update to GetTranscript API
reference guide to inform users about presence of events in the chat
transcript.
- api-change:`emr`: adds fine grained control over Unhealthy Node
Replacement to Amazon ElasticMapReduce
- api-change:`firehose`: This release adds support for Data Message
Extraction for decompressed CloudWatch logs, and to use a custom file
extension or time zone for S3 destinations.
- api-change:`lambda`: Documentation-only updates for Lambda to clarify
a number of existing actions and properties.
- api-change:`rds`: Doc only update for a valid option in DB parameter
group
- api-change:`sns`: This release marks phone numbers as sensitive
inputs.

###
[`v1.34.43`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13443)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.42...1.34.43)

\=======

- api-change:`artifact`: This is the initial SDK release for AWS
Artifact. AWS Artifact provides on-demand access to compliance and
third-party compliance reports. This release includes access to List and
Get reports, along with their metadata. This release also includes
access to AWS Artifact notifications settings.
- api-change:`codepipeline`: Add ability to override timeout on action
level.
-   api-change:`detective`: Doc only updates for content enhancement
- api-change:`guardduty`: Marked fields IpAddressV4, PrivateIpAddress,
Email as Sensitive.
- api-change:`healthlake`: This release adds a new response parameter,
JobProgressReport, to the DescribeFHIRImportJob and ListFHIRImportJobs
API operation. JobProgressReport provides details on the progress of the
import job on the server.
-   api-change:`opensearch`: Adds additional supported instance types.
-   api-change:`polly`: Amazon Polly adds 1 new voice - Burcu (tr-TR)
- api-change:`sagemaker`: This release adds a new API
UpdateClusterSoftware for SageMaker HyperPod. This API allows users to
patch HyperPod clusters with latest platform softwares.
-   api-change:`secretsmanager`: Doc only update for Secrets Manager
- api-change:`endpoint-rules`: Update endpoint-rules client to latest
version

###
[`v1.34.42`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13442)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.41...1.34.42)

\=======

- api-change:`controltower`: Adds support for new Baseline and
EnabledBaseline APIs for automating multi-account governance.
- api-change:`lookoutequipment`: This feature allows customers to see
pointwise model diagnostics results for their models.
- api-change:`qbusiness`: This release adds the metadata-boosting
feature, which allows customers to easily fine-tune the underlying
ranking of retrieved RAG passages in order to optimize Q\&A answer
relevance. It also adds new feedback reasons for the PutFeedback API.

###
[`v1.34.41`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13441)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.40...1.34.41)

\=======

- bugfix:ContainerProvider: Properly refreshes token from file from EKS
in ContainerProvider
- api-change:`lightsail`: This release adds support to upgrade the major
version of a database.
- api-change:`marketplace-catalog`: AWS Marketplace Catalog API now
supports setting intent on requests
- api-change:`resource-explorer-2`: Resource Explorer now uses newly
supported IPv4 'amazonaws.com' endpoints by default.
-   api-change:`securitylake`: Documentation updates for Security Lake
- api-change:`endpoint-rules`: Update endpoint-rules client to latest
version

###
[`v1.34.40`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13440)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.39...1.34.40)

\=======

- api-change:`appsync`: Adds support for new options on GraphqlAPIs,
Resolvers and Data Sources for emitting Amazon CloudWatch metrics for
enhanced monitoring of AppSync APIs.
-   api-change:`cloudwatch`: Update cloudwatch client to latest version
- api-change:`neptune-graph`: Adding a new option "parameters" for data
plane api ExecuteQuery to support running parameterized query via SDK.
- api-change:`route53domains`: This release adds bill contact support
for RegisterDomain, TransferDomain, UpdateDomainContact and
GetDomainDetail API.

###
[`v1.34.39`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13439)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.38...1.34.39)

\=======

-   api-change:`amp`: Overall documentation updates.
- api-change:`batch`: This feature allows Batch to support configuration
of repository credentials for jobs running on ECS
- api-change:`braket`: Creating a job will result in
DeviceOfflineException when using an offline device, and
DeviceRetiredException when using a retired device.
- api-change:`cost-optimization-hub`: Adding includeMemberAccounts field
to the response of ListEnrollmentStatuses API.
-   api-change:`ecs`: Documentation only update for Amazon ECS.
- api-change:`iot`: This release allows AWS IoT Core users to enable
Online Certificate Status Protocol (OCSP) Stapling for TLS X.509 Server
Certificates when creating and updating AWS IoT Domain Configurations
with Custom Domain.
-   api-change:`pricing`: Add Throttling Exception to all APIs.

###
[`v1.34.38`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13438)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.37...1.34.38)

\=======

- api-change:`codepipeline`: Add ability to execute pipelines with new
parallel & queued execution modes and add support for triggers with
filtering on branches and file paths.
- api-change:`quicksight`: General Interactions for Visuals; Waterfall
Chart Color Configuration; Documentation Update
- api-change:`workspaces`: This release introduces User-Decoupling
feature. This feature allows Workspaces Core customers to provision
workspaces without providing users. CreateWorkspaces and
DescribeWorkspaces APIs will now take a new optional parameter
"WorkspaceName".

###
[`v1.34.37`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13437)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.36...1.34.37)

\=======

- api-change:`datasync`: AWS DataSync now supports manifests for
specifying files or objects to transfer.
- api-change:`lexv2-models`: Update lexv2-models client to latest
version
- api-change:`redshift`: LisRecommendations API to fetch Amazon Redshift
Advisor recommendations.

###
[`v1.34.36`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13436)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.35...1.34.36)

\=======

- api-change:`appsync`: Support for environment variables in AppSync
GraphQL APIs
- api-change:`ecs`: This release is a documentation only update to
address customer issues.
- api-change:`es`: This release adds clear visibility to the customers
on the changes that they make on the domain.
- api-change:`logs`: This release adds a new field, logGroupArn, to the
response of the logs:DescribeLogGroups action.
- api-change:`opensearch`: This release adds clear visibility to the
customers on the changes that they make on the domain.
- api-change:`wafv2`: You can now delete an API key that you've created
for use with your CAPTCHA JavaScript integration API.

###
[`v1.34.35`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13435)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.34...1.34.35)

\=======

- api-change:`glue`: Introduce Catalog Encryption Role within Glue Data
Catalog Settings. Introduce SASL/PLAIN as an authentication method for
Glue Kafka connections
- api-change:`workspaces`: Added definitions of various WorkSpace states

###
[`v1.34.34`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13434)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.33...1.34.34)

\=======

- api-change:`dynamodb`: Any number of users can execute up to 50
concurrent restores (any type of restore) in a given account.
- api-change:`sagemaker`: Amazon SageMaker Canvas adds
GenerativeAiSettings support for CanvasAppSettings.
- api-change:`endpoint-rules`: Update endpoint-rules client to latest
version

###
[`v1.34.33`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13433)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.32...1.34.33)

\=======

- api-change:`cognito-idp`: Added CreateIdentityProvider and
UpdateIdentityProvider details for new SAML IdP features
- api-change:`ivs`: This release introduces a new resource Playback
Restriction Policy which can be used to geo-restrict or domain-restrict
channel stream playback when associated with a channel. New APIs to
support this resource were introduced in the form of
Create/Delete/Get/Update/List.
- api-change:`managedblockchain-query`: This release adds support for
transactions that have not reached finality. It also removes support for
the status property from the response of the GetTransaction operation.
You can use the confirmationStatus and executionStatus properties to
determine the status of the transaction.
- api-change:`mediaconvert`: This release includes support for
broadcast-mixed audio description tracks.
- api-change:`neptune-graph`: Adding new APIs in SDK for Amazon Neptune
Analytics. These APIs include operations to execute, cancel, list
queries and get the graph summary.

###
[`v1.34.32`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13432)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.31...1.34.32)

\=======

- api-change:`cloudformation`: CloudFormation IaC generator allows you
to scan existing resources in your account and select resources to
generate a template for a new or existing CloudFormation stack.
-   api-change:`elbv2`: Update elbv2 client to latest version
- api-change:`glue`: Update page size limits for GetJobRuns and
GetTriggers APIs.
- api-change:`ssm`: This release adds an optional Duration parameter to
StateManager Associations. This allows customers to specify how long an
apply-only-on-cron association execution should run. Once the specified
Duration is out all the ongoing cancellable commands or automations are
cancelled.

###
[`v1.34.31`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13431)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.30...1.34.31)

\=======

- api-change:`datazone`: Add new skipDeletionCheck to DeleteDomain. Add
new skipDeletionCheck to DeleteProject which also automatically deletes
dependent objects
-   api-change:`route53`: Update the SDKs for text changes in the APIs.

###
[`v1.34.30`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13430)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.29...1.34.30)

\=======

- api-change:`autoscaling`: EC2 Auto Scaling customers who use attribute
based instance-type selection can now intuitively define their Spot
instances price protection limit as a percentage of the lowest priced
On-Demand instance type.
- api-change:`comprehend`: Comprehend PII analysis now supports Spanish
input documents.
- api-change:`ec2`: EC2 Fleet customers who use attribute based
instance-type selection can now intuitively define their Spot instances
price protection limit as a percentage of the lowest priced On-Demand
instance type.
- api-change:`mwaa`: This release adds MAINTENANCE environment status
for Amazon MWAA environments.
- api-change:`rds`: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS
RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API
methods. This provides enhanced error handling, ensuring a more robust
experience.
- api-change:`snowball`: Modified description of createaddress to
include direction to add path when providing a JSON file.

###
[`v1.34.29`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13429)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.28...1.34.29)

\=======

- api-change:`connect`: Update list and string length limits for
predefined attributes.
- api-change:`inspector2`: This release adds ECR container image
scanning based on their lastRecordedPullTime.
- api-change:`sagemaker`: Amazon SageMaker Automatic Model Tuning now
provides an API to programmatically delete tuning jobs.

###
[`v1.34.28`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13428)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.27...1.34.28)

\=======

- api-change:`acm-pca`: AWS Private CA now supports an option to omit
the CDP extension from issued certificates, when CRL revocation is
enabled.
- api-change:`lightsail`: This release adds support for IPv6-only
instance plans.

###
[`v1.34.27`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13427)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.26...1.34.27)

\=======

- api-change:`ec2`: Introduced a new clientToken request parameter on
CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter
allows idempotent operations on the APIs.
-   api-change:`ecs`: Documentation updates for Amazon ECS.
- api-change:`outposts`: DeviceSerialNumber parameter is now optional in
StartConnection API
- api-change:`rds`: This release adds support for Aurora Limitless
Database.
- api-change:`storagegateway`: Add DeprecationDate and SoftwareVersion
to response of ListGateways.

###
[`v1.34.26`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13426)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.25...1.34.26)

\=======

- api-change:`inspector2`: This release adds support for CIS scans on
EC2 instances.

###
[`v1.34.25`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13425)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.24...1.34.25)

\=======

- enhancement:documentation: Updates the GitHub issue creation link in
our README

###
[`v1.34.24`](https://togithub.com/boto/botocore/blob/HEAD/CHANGELOG.rst#13424)

[Compare
Source](https://togithub.com/boto/botocore/compare/1.34.23...1.34.24)

\=======

-   api-change:`appconfigdata`: Fix FIPS Endpoints in aws-us-gov.
- api-change:`cloud9`: Doc-only update around removing AL1 from list of
available AMIs for Cloud9
- api-change:`cloudfront-keyvaluestore`: This release improves upon the
DescribeKeyValueStore API by returning two additional fields, Status of
the KeyValueStore and the FailureReason in case of failures during
creation of KeyValueStore.
- api-change:`connectcases`: This release adds the ability to view audit
history on a case and introduces a new parameter, performedBy, for
CreateCase and UpdateCase API's.
-   api-change:`ec2`: Documentation updates for Amazon EC2.
- api-change:`ecs`: This release adds support for Transport Layer
Security (TLS) and Configurable Timeout to ECS Service Connect. TLS
facilitates privacy and data security for inter-service communications,
while Configurable Timeout allows customized per-request timeout and
idle timeout for Service Connect services.
- api-change:`finspace`: Allow customer to set zip default through
command line arguments.
- api-change:`organizations`: Doc only update for quota increase change
- api-change:`rds`: Introduced support for the
InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API
method. This provides enhanced error handling, ensuring a more robust
experience when creating database clusters with insufficient instance
capacity.
- api-change:`endpoint-rules`: Update endpoint-rules client to latest
version

</details>

<details>
<summary>nedbat/coveragepy (coverage)</summary>

###
[`v7.4.3`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-743--2024-02-23)

[Compare
Source](https://togithub.com/nedbat/coveragepy/compare/7.4.2...7.4.3)

- Fix: in some cases, coverage could fail with a RuntimeError: "Set
changed
    size during iteration." This is now fixed, closing `issue 1733`\_.

.. \_issue
1733:[https://github.com/nedbat/coveragepy/issues/1733](https://togithub.com/nedbat/coveragepy/issues/1733)3

.. \_changes\_7-4-2:

###
[`v7.4.2`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-742--2024-02-20)

[Compare
Source](https://togithub.com/nedbat/coveragepy/compare/7.4.1...7.4.2)

- Fix: setting `COVERAGE_CORE=sysmon` no longer errors on 3.11 and
lower,
thanks `Hugo van Kemenade <pull 1747_>`\_. It now issues a warning that
sys.monitoring is not available and falls back to the default core
instead.

.. \_pull
1747:[https://github.com/nedbat/coveragepy/pull/1747](https://togithub.com/nedbat/coveragepy/pull/1747)7

.. \_changes\_7-4-1:

###
[`v7.4.1`](https://togithub.com/nedbat/coveragepy/blob/HEAD/CHANGES.rst#Version-741--2024-01-26)

[Compare
Source](https://togithub.com/nedbat/coveragepy/compare/7.4.0...7.4.1)

-   Python 3.13.0a3 is supported.

- Fix: the JSON report now includes an explicit format version number,
closing
    `issue 1732`\_.

.. \_issue
1732:[https://github.com/nedbat/coveragepy/issues/1732](https://togithub.com/nedbat/coveragepy/issues/1732)2

.. \_changes\_7-4-0:

</details>

<details>
<summary>marshmallow-code/marshmallow (marshmallow)</summary>

###
[`v3.21.0`](https://togithub.com/marshmallow-code/marshmallow/compare/3.20.2...3.21.0)

[Compare
Source](https://togithub.com/marshmallow-code/marshmallow/compare/3.20.2...3.21.0)

</details>

<details>
<summary>getmoto/moto (moto)</summary>

###
[`v4.2.14`](https://togithub.com/getmoto/moto/blob/HEAD/CHANGELOG.md#4214)

[Compare
Source](https://togithub.com/getmoto/moto/compare/4.2.13...4.2.14)

Docker Digest for 4.2.14:
*sha256:2fa10aa48e32f85c63c62a7d437b8a4b320a56a8494bc25d45ced370bc159c23*

    New Services:
        * Backup:
            * create_backup_plan()
            * create_backup_vault()
            * get_backup_plan()
            * describe_backup_vault()
            * delete_backup_plan()
            * list_backup_plans()
            * list_backup_vaults()
            * list_tags()
            * tag_resource()
            * untag_resource()

    New Methods:
        * RDS:
            * describe_db_cluster_snapshot_attributes()
            * describe_db_snapshot_attributes()
            * modify_db_cluster_snapshot_attribute()
            * modify_db_snapshot_attribute()
            * restore_db_instance_to_point_in_time()

        * SageMaker:
            * create_feature_group()

        * SageMakerRuntime:
            * invoke_endpoint_async()

    Miscellaneous:
        * Cognito: The ID-token now contains custom attributes
        * DynamoDB: query() now returns the correct ScannedCount
        * EC2: Security Group Rules now have tag support 
* LakeFormation: grant_permissions() now has better support for known
principal-resource pairs
* SNS: set_subscription_attributes() can now unset the FilterPolicy

</details>

<details>
<summary>psycopg/psycopg (psycopg)</summary>

###
[`v3.1.18`](https://togithub.com/psycopg/psycopg/compare/3.1.17...3.1.18)

[Compare
Source](https://togithub.com/psycopg/psycopg/compare/3.1.17...3.1.18)

</details>

<details>
<summary>pydantic/pydantic (pydantic)</summary>

###
[`v2.6.2`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v262-2024-02-23)

[Compare
Source](https://togithub.com/pydantic/pydantic/compare/v2.6.1...v2.6.2)

[GitHub
release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.2)

##### What's Changed

##### Packaging

- Upgrade to `pydantic-core` 2.16.3 by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8879](https://togithub.com/pydantic/pydantic/pull/8879)

##### Fixes

- 'YYYY-MM-DD' date string coerced to datetime shouldn't infer timezone
by [@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[pydantic/pydantic-core#1193](https://togithub.com/pydantic/pydantic-core/pull/1193)

###
[`v2.6.1`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v261-2024-02-05)

[Compare
Source](https://togithub.com/pydantic/pydantic/compare/v2.6.0...v2.6.1)

[GitHub
release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.1)

##### What's Changed

##### Packaging

- Upgrade to `pydantic-core` 2.16.2 by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8717](https://togithub.com/pydantic/pydantic/pull/8717)

##### Fixes

- Fix bug with `mypy` plugin and `no_strict_optional = True` by
[@&#8203;dmontagu](https://togithub.com/dmontagu) in
[#&#8203;8666](https://togithub.com/pydantic/pydantic/pull/8666)
- Fix `ByteSize` error `type` change by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8681](https://togithub.com/pydantic/pydantic/pull/8681)
- Fix inheriting `Field` annotations in dataclasses by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8679](https://togithub.com/pydantic/pydantic/pull/8679)
- Fix regression in core schema generation for indirect definition
references by [@&#8203;dmontagu](https://togithub.com/dmontagu) in
[#&#8203;8702](https://togithub.com/pydantic/pydantic/pull/8702)
- Fix unsupported types bug with `PlainValidator` by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8710](https://togithub.com/pydantic/pydantic/pull/8710)
- Reverting problematic fix from 2.6 release, fixing schema building bug
by [@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[#&#8203;8718](https://togithub.com/pydantic/pydantic/pull/8718)
- Fix warning for tuple of wrong size in `Union` by
[@&#8203;davidhewitt](https://togithub.com/davidhewitt) in
[pydantic/pydantic-core#1174](https://togithub.com/pydantic/pydantic-core/pull/1174)
- Fix `computed_field` JSON serializer `exclude_none` behavior by
[@&#8203;sydney-runkle](https://togithub.com/sydney-runkle) in
[pydantic/pydantic-core#1187](https://togithub.com/pydantic/pydantic-core/pull/1187)

###
[`v2.6.0`](https://togithub.com/pydantic/pydantic/blob/HEAD/HISTORY.md#v260-2024-01-23)

[Compare
Source](https://togithub.com/pydantic/pydantic/compare/v2.5.3...v2.6.0)

[GitHub
release](https://togithub.com/pydantic/pydantic/releases/tag/v2.6.0)

The code released in v2.6.0 is practically identical to that of
v2.6.0b1.

##### What's Changed

##### Packaging

- Check for `email-validator` version >= 2.0 by
[@&#8203;commonism](https://togithub.com/commonism) in
[#&#8203;6033](https://togithub.com/pydantic/pydantic/pull/6033)
- Upgrade \`ruff\`\` target version to Python 3.8 by
[@&#8203;Elkiwa](https://togithub.com/Elkiwa) in
[#&#8203;8341](https://togithub.com/pydantic/pydantic/pull/8341)
-   Update to `pydantic-extra-types==2.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on the 2nd and 4th day instance on
sunday after 9pm" in timezone America/New_York, Automerge - At any time
(no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/HHS/simpler-grants-gov).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Bandit should deprecate xml.etree use
2 participants