fix(deps): update all non-major dependencies (!62) · Merge requests · Information Services / DevOps / Shared user notification service / User Notify Python library

This MR contains the following updates:

Package	Change	Type	Update
boto3	`1.42.34` → `1.42.35`	project.dependencies	patch
coverage	`7.11.0` → `7.13.2`	dev	minor
google-auth	`2.47.0` → `2.48.0`	project.dependencies	minor
moto (changelog)	`5.1.16` → `5.1.20`	dev	patch
poetry (changelog)	`2.2.1` → `2.3.1`		minor
pre-commit/mirrors-mypy	`v1.18.2` → `v1.19.1`	repository	minor
tox (changelog)	`4.32.0` → `4.34.1`		minor
tox (changelog)	`4.32.0` → `4.34.1`	dev	minor
uis/devops/continuous-delivery/ci-templates	`v7.20.2` → `v7.25.16`	repository	minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

boto/boto3 (boto3)

`v1.42.35`

Compare Source

=======

api-change:connectcases: [botocore] Amazon Connect now enables you to use tag-based access controls to define who can access specific cases. You can associate tags with case templates and configure security profiles to determine which users can access cases with those tags.
api-change:ec2: [botocore] DescribeInstanceTypes API response now includes an additionalFlexibleNetworkInterfaces field, the number of interfaces attachable to an instance when using flexible Elastic Network Adapter (ENA) queues in addition to the base number specified by maximumNetworkInterfaces.
api-change:evidently: [botocore] Deprecate all Evidently API for AWS CloudWatch Evidently deprecation
api-change:groundstation: [botocore] Adds support for AWS Ground Station Telemetry.

coveragepy/coveragepy (coverage)

`v7.13.2`

Compare Source

Fix: when Python is installed via symlinks, for example with Homebrew, the standard library files could be incorrectly included in coverage reports. This is now fixed, closing issue 2115_.
Fix: if a data file is created with no read permissions, the combine step would fail completely. Now a warning is issued and the file is skipped. Closes issue 2117_.

.. _issue 2115: #2115 .. _issue 2117: #2117

.. _changes_7-13-1:

`v7.13.1`

Compare Source

Added: the JSON report now includes a "start_line" key for function and class regions, indicating the first line of the region in the source. Closes issue 2110_.
Added: The debug data command now takes file names as arguments on the command line, so you can inspect specific data files without needing to set the COVERAGE_FILE environment variable.
Fix: the JSON report used to report module docstrings as executed lines, which no other report did, as described in issue 2105_. This is now fixed, thanks to Jianrong Zhao.
Fix: coverage.py uses a more disciplined approach to detecting where third-party code is installed, and avoids measuring it. This shouldn't change any behavior. If you find that it does, please get in touch.
Performance: data files that will be combined now record their hash as part of the file name. This lets us skip duplicate data more quickly, speeding the combining step.
Docs: added a section explaining more about what is considered a missing branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.
Tests: the test suite misunderstood what core was being tested if COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: #1597 .. _pull 2092: #2092 .. _issue 2105: #2105 .. _issue 2109: #2109 .. _issue 2110: #2110

.. _changes_7-13-0:

`v7.13.0`

Compare Source

Feature: coverage.py now supports :file:.coveragerc.toml configuration files. These files use TOML syntax and take priority over :file:pyproject.toml but lower priority than :file:.coveragerc files. Closes issue 1643_ thanks to Olena Yefymenko <pull 1952_>_.
Fix: we now include a permanent .pth file which is installed with the code, fixing issue 2084. In 7.12.1b1 this was done incorrectly: it didn't work when using the source wheel (py3-none-any). This is now fixed. Thanks, Henry Schreiner <pull 2100_>.
Deprecated: when coverage.py is installed, it creates three command entry points: coverage, coverage3, and coverage-3.10 (if installed for Python 3.10). The second and third of these are not needed and will eventually be removed. They still work for now, but print a message about their deprecation.

.. _issue 1643: #1643 .. _pull 1952: #1952 .. _pull 2100: #2100

.. _changes_7-12-1b1:

`v7.12.0`

Compare Source

The HTML report now shows separate coverage totals for statements and branches, as well as the usual combined coverage percentage. Thanks to Ryuta Otsuka for the discussion <issue 2081_>_ and the implementation <pull 2085_>_.
The JSON report now includes separate coverage totals for statements and branches, thanks to Ryuta Otsuka <pull 2090_>_.
Fix: except* clauses were not handled properly under the "sysmon" measurement core, causing KeyError exceptions as described in issue 2086_. This is now fixed.
Fix: we now defend against aggressive mocking of open() that could cause errors inside coverage.py. An example of a failure is in issue 2083_.
Fix: in unusual cases where a test suite intentionally exhausts the system's file descriptors to test handling errors in open(), coverage.py would fail when trying to open source files, as described in issue 2091_. This is now fixed.
A small tweak to the HTML report: file paths now use thin spaces around slashes to make them easier to read.

.. _issue 2081: #2081 .. _issue 2083: #2083 .. _pull 2085: #2085 .. _issue 2086: #2086 .. _pull 2090: #2090 .. _issue 2091: #2091

.. _changes_7-11-3:

`v7.11.3`

Compare Source

Fix: the 7.11.1 changes meant that conflicts between a requested measurement core and other settings would raise an error. This was a breaking change from previous behavior, as reported in issue 2076_ and issue 2078_.

The previous behavior has been restored: when the requested core conflicts with other settings, another core is used instead, and a warning is issued.
For contributors: the repo has moved from Ned's nedbat GitHub account_ to the coveragepy GitHub organization_. The default branch has changed from master to main.

.. _issue 2076: #2076 .. _issue 2078: #2078 .. _nedbat GitHub account: https://github.com/nedbat .. _coveragepy GitHub organization: https://github.com/coveragepy

.. _changes_7-11-2:

`v7.11.2`

Compare Source

Fix: using the "sysmon" measurement core in 7.11.1, if Python code was claimed to come from a non-Python file, a NotPython exception could be raised. This could happen for example with Jinja templates compiled to Python, as reported in issue 2077_. This is now fixed.
Doc: corrected the first entry in the 7.11.1 changelog.

.. _issue 2077: #2077

.. _changes_7-11-1:

`v7.11.1`

Compare Source

Fix: some chanages to details of how the measurement core is chosen, and how conflicting settings are handled. The "sysmon" core cannot be used with some conurrency settings, with dynamic context, and in Python 3.12/3.13, with branch measurement.
- If the core is not specified and defaults to "sysmon" (Python 3.14+), but other settings conflict with sysmon, then the "ctrace" core will be used instead with no warning. For concurrency conflicts, this used to produce an error, as described in issue 2064_.
- If the "sysmon" core is explicitly requested in your configuration, but other settings conflict, an error is now raised. This used to produce a warning.
Fix: some multi-line case clauses or for loops (and probably other constructs) could cause incorrect claims of missing branches with the sys.monitoring core, as described in issue 2070_. This is now fixed.
Fix: when running in pytest under coverage, a breakpoint() would stop in the wrong frame, one level down from where it should, as described in issue 1420_. This was due to a coverage change in v6.4.1 that seemed to give a slight performance improvement, but I couldn't reproduce the performance gain, so it's been reverted, fixing the debugger problem.
A new debug option --debug=core shows which core is in use and why.
Split sqlite debugging information out of the sys :ref:coverage debug <cmd_debug> and :ref:cmd_run_debug options since it's bulky and not very useful.
Updated the :ref:howitworks page to better describe the three different measurement cores.

.. _issue 1420: #1420 .. _issue 2064: #2064 .. _issue 2070: #2070

.. _changes_7-11-0:

googleapis/google-auth-library-python (google-auth)

`v2.48.0`

Compare Source

Features

add cryptography as required dependency (#1929) (52558ae2881b1e6555f6f5c0d76365c15807ead9)
Support the mTLS IAM domain for Certificate based Access (#1938) (8dcf91a1b05c85fbbd0bcee78d66e498099102ab)
add configurable GCE Metadata Server retries (#1488) (454b441b478ec62bbf1a6ad5bceb6c7cbbfd0c37)
honor NO_GCE_CHECK environment variable (#1610) (383c9827536d9376e8248370ce4c2b83e468d027)

Bug Fixes

resolve circular imports (#1942) (25c1b064545702cbef087cfcd15fbbb6ef1af74f)
removes content-header from AWS IMDS get request (#1934) (97bfea9e02ede953fc8ee154e0deed3a3cfc6dcc)
detect correct auth when ADC env var is set but empty (#1374) (bfc07e1050bd0aa86fa3b08cdf70c9b68b5fe6a2)
replace deprecated utcfromtimestamp (#1799) (e431f20cf73ccac71926a23ec454468cea92e053)
Use user_verification=preferred for ReAuth WebAuthn challenge (#1798) (3f88a24089c4ee6822d510de0db210b54260d873)

getmoto/moto (moto)

`v5.1.20`

Compare Source

Docker Digest for 5.1.20: sha256:d2711655244df58411ce0be34236c95736390db17886370d21e12ae2b1e36f79

New Methods:
    * EC2:
        * create_subnet_cidr_reservation()
        * delete_subnet_cidr_reservation()
        * get_instance_uefi_data() (Just a stub, no actual data is returned)
        * get_subnet_cidr_reservations()

    * IOT:
        * list_thing_principals_v2()

    * ResourceGroups:
        * cancel_tag_sync_task()
        * get_tag_sync_task()
        * list_tag_sync_tasks()
        * start_tag_sync_task()

    * Route53Resolver:
        * get_resolver_dnssec_config()
        * list_resolver_dnssec_configs()
        * update_resolver_dnssec_config()

    * S3Control:
        * create_multi_region_access_point()
        * delete_multi_region_access_point()
        * delete_storage_lens_configuration()
        * describe_multi_region_access_point_operation()
        * get_multi_region_access_point()
        * get_multi_region_access_point_policy()
        * get_multi_region_access_point_policy_status()
        * list_multi_region_access_points()
        * put_multi_region_access_point_policy()

    * SecurityHub:
        * create_members()
        * get_members()
        * list_members()

Miscellaneous:
    * ACM: import_certificate() now supports all key types, RSA and EC
    * APIGateway: update_rest_api() now supports `/endpointConfiguration/types`
    * Autoscaling: update_auto_scaling_group() now supports the MixedInstancesPolicy-parameter
    * Batch: register_job_definition() now supports the eksProperties-parameter
    * DMS: create_replication_task() now supports the Tags-parameter
    * Organizations: list_policies() now support pagination
    * Organizations now supports Resource Control Policy
    * Redshift: describe_clusters() now supports the TagKeys-parameter
    * Logs: put_subscription_filter() now supports other LogGroups

`v5.1.19`

Compare Source

Docker Digest for 5.1.19: sha256:1bba01d147a15d14a5816b69ee6d346ba04bd43baab4a3a27a55c368ecc2bb90

General:
    * Removed support for ElasticTranscoder, now that AWS has also deprecated this service

New Methods:
    * ACM-PCA:
        * revoke_certificate()

    * DSQL:
        * delete_cluster()
        * get_vpc_endpoint_service_name()
        * list_tags_for_resource()

    * FSX:
        * describe_backups()

    * SESv2:
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

    * VPC Lattice:
        * delete_auth_policy()
        * delete_resource_policy()
        * get_auth_policy()
        * get_resource_policy()
        * put_auth_policy()
        * put_resource_policy()

Miscellaneous:
    * DynamoDB: put_item() now correctly validates numeric and boolean values
    * EC2: describe_instances() now returns the correct status for BlockDeviceMappings.Ebs.Status (attached, instead of in-use)
    * EC2: describe_network_acls() now supports the 'association.association-id' Filter
    * ELBv2: modify_load_balancer_attributes() no longer fails when modifying the 'health_check_logs.s3.enabled' attribute
    * ResourceGroupsTaggingAPI: get_resources() now supports the SESv2 resources: ConfigurationSets, ContactLists, DedicatedIpPool, EmailIdentity
    * Route53: change_tags_for_resource() no longer throws an error for removing a non-existing tag
    * S3: list_object_versions() now correctly calculates the IsLatest-attribute
    * Scheduler: list_schedules() and list_schedule_groups() now support pagination
    * SecretsManager: batch_get_secret_value() now returns error handling for unknown secrets
    * SSM: put_parameter() now returns the Tier-attribute

`v5.1.18`

Compare Source

Docker Digest for 5.1.18: sha256:c99ea4ab0881e1d95af5601c2cd42ef4dac15eefdf6597532c59d9631068818a

General:
    * Introduces two methods for enabling and disabling IAM authentication:
        from moto.core import disable_iam_authentication, enable_iam_authentication
      They behave the same as the `@set_initial_no_auth_action_count`-decorator, but can be used as a fixture/context manager

New Services:
    * Pipes:
        * create_pipe()
        * delete_pipe()
        * describe_pipe()
        * list_pipes()
        * tag_resource()
        * untag_resource()

New Methods:
    * S3Control:
        * list_tags_for_resource()
        * tag_resource()
        * untag_resource()

    * S3Vectors:
        * delete_vector_bucket_policy()
        * delete_vectors()
        * get_vector_bucket_policy()
        * get_vectors()
        * list_vectors()
        * put_vector_bucket_policy()
        * put_vectors()

Miscellaneous:
    * APIGateway: put_rest_api() now correctly creates integrations
    * AutoScaling: create_auto_scaling_group() now correctly calculates the InstancesDistribution for MixedInstancesPolicies
    * ResourceGroupsTaggingAPI: get_resources() now supports filtering by `sqs:queue`
    * SecretsManager: put_secret_value() now adds the AWSCURRENT-label if it's the first version of the Secret being added

`v5.1.17`

Compare Source

Docker Digest for 5.1.17: sha256:0361ac8f0cc6687dcf3835da1d60e31cf457fb0d49229d56586f2aa5c510f170

General:
    * The MotoServer dashboard (available on http://localhost:5000/moto-api) now has an new and improved look, making it easier to search for and find your resources

New Methods:
    * CloudFront:
        * tag_resource()
        * untag_resource()

    * DMS:
        * create_replication_subnet_group()
        * describe_connection()
        * describe_replication_subnet_group()
        * delete_endpoint()
        * delete_replication_instance()
        * delete_replication_subnet_group()
        * test_endpoint()

    * EC2:
        * describe_reserved_instances_offerings()

    * RDS:
        * add_role_to_db_cluster()
        * add_role_to_db_instance()

    * S3Vectors:
        * create_index()
        * delete_index()
        * get_index()
        * list_indexes()

    * ServiceCatalog:
        * create_product()
        * describe_product()
        * delete_product()

Miscellaneous:
    * ACM-PCA: get_certificate() now returns the CertificateChain-attribute, if appropriate
    * DMS: Manual control of the State Transition is now available for the `dms:connection` and `dms:replicationinstance` models.
    * Organizations: describe_account() now returns the State-attribute.
    * ResourceGroupsTaggingAPI: get_resources() now supports all Comprehend models
    * StepFunctions: create_execution() now takes the execution input into account when checking idempotency.

python-poetry/poetry (poetry)

`v2.3.1`

Compare Source

Fixed

Fix an issue where cached information about each package was always considered outdated (#10699).

Docs

Document SHELL_VERBOSITY environment variable (#10678).

`v2.3.0`

Compare Source

Added

Add support for exporting pylock.toml files with poetry-plugin-export (#10677).
Add support for specifying build constraints for dependencies (#10388).
Add support for publishing artifacts whose version is determined dynamically by the build-backend (#10644).
Add support for editable project plugins (#10661).
Check requires-poetry before any other validation (#10593).
Validate the content of project.readme when running poetry check (#10604).
Add the option to clear all caches by making the cache name in poetry cache clear optional (#10627).
Automatically update the cache for packages where the locked files differ from cached files (#10657).
Suggest to clear the cache if running a command with --no-cache solves an issue (#10585).
Propose poetry init when trying poetry new for an existing directory (#10563).
Add support for poetry publish --skip-existing for new Nexus OSS versions (#10603).
Show Poetry's own Python's path in poetry debug info (#10588).

Changed

Drop support for Python 3.9 (#10634).
Change the default of installer.re-resolve from true to false (#10622).
PEP 735 dependency groups are considered in the lock file hash (#10621).
Deprecate poetry.utils._compat.metadata, which is sometimes used in plugins, in favor of importlib.metadata (#10634).
Improve managing free-threaded Python versions with poetry python (#10606).
Prefer JSON API to HTML API in legacy repositories (#10672).
When running poetry init, only add the readme field in the pyproject.toml if the readme file exists (#10679).
Raise an error if no hash can be determined for any distribution link of a package (#10673).
Require dulwich>=0.25.0 (#10674).

Fixed

Fix an issue where poetry remove did not work for PEP 735 dependency groups with include-group items (#10587).
Fix an issue where poetry remove caused dangling include-group references in PEP 735 dependency groups (#10590).
Fix an issue where poetry add did not work for PEP 735 dependency groups with include-group items (#10636).
Fix an issue where PEP 735 dependency groups were not considered in the lock file hash (#10621).
Fix an issue where wrong markers were locked for a dependency that was required by several groups with different markers (#10613).
Fix an issue where non-deterministic markers were created in a method used by poetry-plugin-export (#10667).
Fix an issue where wrong wheels were chosen for installation in free-threaded Python environments if Poetry itself was not installed with free-threaded Python (#10614).
Fix an issue where poetry publish used the metadata of the project instead of the metadata of the build artifact (#10624).
Fix an issue where poetry env use just used another Python version instead of failing when the requested version was not supported by the project (#10685).
Fix an issue where poetry env activate returned the wrong command for dash (#10696).
Fix an issue where data-dir and python.installation-dir could not be set (#10595).
Fix an issue where Python and pip executables were not correctly detected on Windows (#10645).
Fix an issue where invalid template variables in virtualenvs.prompt caused an incomprehensible error message (#10648).

Docs

Add a warning about ~/.netrc for Poetry credential configuration (#10630).
Clarify that the local configuration takes precedence over the global configuration (#10676).
Add an explanation in which cases packages are automatically detected (#10680).

poetry-core (`2.3.0`)

Normalize versions (#893).
Fix an issue where unsatisfiable requirements did not raise an error (#891).
Fix an issue where the implicit main group did not exist if it was explicitly declared as not having any dependencies (#892).
Fix an issue where python_full_version markers with pre-release versions were parsed incorrectly (#893).

pre-commit/mirrors-mypy (pre-commit/mirrors-mypy)

`v1.19.1`

Compare Source

`v1.19.0`

Compare Source

tox-dev/tox (tox)

`v4.34.1`

Compare Source

What's Changed

fix: wheel corruption when running parallel tox processes by @gaborbernat in #3667

Full Changelog: https://github.com/tox-dev/tox/compare/4.34.0...4.34.1

`v4.34.0`

Compare Source

What's Changed

feat: Support depenedcy groups with self references by @Czaki in #3666

Full Changelog: https://github.com/tox-dev/tox/compare/4.33.0...4.34.0

`v4.33.0`

Compare Source

What's Changed

Pass LOCALAPPDATA by default on Windows (#3639) by @clint-lawrence in #3640
Docs: Add caution about ranges like py{39-314} by @ferdnyc in #3652
CLI Parser: Drop epilog message for Sphinx help by @ferdnyc in #3653
📚 Integrate sphinx-issues extension by @webknjaz in #3655
Fix sphinx doc build by @gaborbernat in #3662
feat: add conditional set_env support via PEP-496 markers by @gaborbernat in #3663