From 0d3ab7070d7fe6cb65ab788a6cb40dbfd03227c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Aug 2024 03:29:47 +0000 Subject: [PATCH 1/2] Upgrade: [dependabot] - bump cfn-lint from 1.11.0 to 1.11.1 (#1235) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [cfn-lint](https://github.com/aws-cloudformation/cfn-lint) from 1.11.0 to 1.11.1.
Release notes

Sourced from cfn-lint's releases.

Release v1.11.1

What's Changed

Full Changelog: https://github.com/aws-cloudformation/cfn-lint/compare/v1.11.0...v1.11.1

Changelog

Sourced from cfn-lint's changelog.

v1.11.1

What's Changed

Full Changelog: https://github.com/aws-cloudformation/cfn-lint/compare/v1.11.0...v1.11.1

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cfn-lint&package-manager=pip&previous-version=1.11.0&new-version=1.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- poetry.lock | 8 ++++---- pyproject.toml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/poetry.lock b/poetry.lock index 57ddf83d4..7edf5add4 100644 --- a/poetry.lock +++ b/poetry.lock @@ -174,13 +174,13 @@ files = [ [[package]] name = "cfn-lint" -version = "1.11.0" +version = "1.11.1" description = "Checks CloudFormation templates for practices and behaviour that could potentially be improved" optional = false python-versions = ">=3.8" files = [ - {file = "cfn_lint-1.11.0-py3-none-any.whl", hash = "sha256:83bc47443c9ad9955c613877396a8f96bb34916819814f4c8ddc760d45f77929"}, - {file = "cfn_lint-1.11.0.tar.gz", hash = "sha256:4e276e28df09a0e4a521c544ed4ded61c899c747095d9d46d7df6f5ab9ead171"}, + {file = "cfn_lint-1.11.1-py3-none-any.whl", hash = "sha256:25d41467cf9de1bbfae5a099581ab4e5ef10e8df30b57034a033830ee9a2e244"}, + {file = "cfn_lint-1.11.1.tar.gz", hash = "sha256:676ce33b3ef37a2d18adc6c931ed87486b4d6b728e6fe11198c7e56bb4be1234"}, ] [package.dependencies] @@ -1523,4 +1523,4 @@ test = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more-it [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "9568398fcf21a4d255ebd49609c37edb5eda2058f4eee93452b0bbac6acd2e13" +content-hash = "3ff3647b7b6fb3a75afb31747a71ffb180b2824b3d8440fa9e4cc764bcd3b42f" diff --git a/pyproject.toml b/pyproject.toml index dae9f9327..6eabd2be7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -34,7 +34,7 @@ boto3 = "^1.35.8" argparse = "^1.4.0" pre-commit = "^3.5.0" pytest = "^8.3.2" -cfn-lint = "^1.11.0" +cfn-lint = "^1.11.1" [tool.poetry.dev-dependencies] flake8 = "^5.0.4" From 8209c9cd283ddd75bdb4122086a5edd367b169f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Aug 2024 03:40:57 +0000 Subject: [PATCH 2/2] Upgrade: [dependabot] - bump boto3 from 1.35.8 to 1.35.9 (#1234) Bumps [boto3](https://github.com/boto/boto3) from 1.35.8 to 1.35.9.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=boto3&package-manager=pip&previous-version=1.35.8&new-version=1.35.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- poetry.lock | 16 ++++++++-------- pyproject.toml | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/poetry.lock b/poetry.lock index 7edf5add4..d8c4ee049 100644 --- a/poetry.lock +++ b/poetry.lock @@ -111,17 +111,17 @@ uvloop = ["uvloop (>=0.15.2)"] [[package]] name = "boto3" -version = "1.35.8" +version = "1.35.9" description = "The AWS SDK for Python" optional = false python-versions = ">=3.8" files = [ - {file = "boto3-1.35.8-py3-none-any.whl", hash = "sha256:06eac4757de2a9c6020381205cb902f05964caad80b56e58c8931284a133b4cb"}, - {file = "boto3-1.35.8.tar.gz", hash = "sha256:b9587131372a808bf6f99c5ed8b11be55cd113261cc3b437a917b4acc6c30bfe"}, + {file = "boto3-1.35.9-py3-none-any.whl", hash = "sha256:1ee9c52d83e8f4902300e985d62688cf31ca8fc47a80534b4295350ebc418e46"}, + {file = "boto3-1.35.9.tar.gz", hash = "sha256:07e0f335d801765999da67325455ea8219c1a6d7f06bdaad0975ee505276bcbe"}, ] [package.dependencies] -botocore = ">=1.35.8,<1.36.0" +botocore = ">=1.35.9,<1.36.0" jmespath = ">=0.7.1,<2.0.0" s3transfer = ">=0.10.0,<0.11.0" @@ -130,13 +130,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] [[package]] name = "botocore" -version = "1.35.8" +version = "1.35.9" description = "Low-level, data-driven core of boto 3." optional = false python-versions = ">=3.8" files = [ - {file = "botocore-1.35.8-py3-none-any.whl", hash = "sha256:adf389eb8fd87775f193300e3431d1353f925807ad3a39958172cb644f0d60a1"}, - {file = "botocore-1.35.8.tar.gz", hash = "sha256:4b820cf680ab5d778bd2fe4feeef1ff8a2b96d5c535d4638ab30f703ade282f8"}, + {file = "botocore-1.35.9-py3-none-any.whl", hash = "sha256:92962460e4f35d139a23bca28149722030143257ee2916de442243c2464a7434"}, + {file = "botocore-1.35.9.tar.gz", hash = "sha256:9e44572fd2401b89dd58bf8b71ac2c36d5b0437f8cbf40de83302c499965fb54"}, ] [package.dependencies] @@ -1523,4 +1523,4 @@ test = ["big-O", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more-it [metadata] lock-version = "2.0" python-versions = "^3.8" -content-hash = "3ff3647b7b6fb3a75afb31747a71ffb180b2824b3d8440fa9e4cc764bcd3b42f" +content-hash = "dce8da151922088a6738421700f70655b3458899b6ca74e4e9c5a05458350a99" diff --git a/pyproject.toml b/pyproject.toml index 6eabd2be7..56884b8c6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -30,7 +30,7 @@ jsonpath-rw = "^1.4.0" semver = "^3.0.2" gitpython = "^3.1.43" requests = "^2.32.3" -boto3 = "^1.35.8" +boto3 = "^1.35.9" argparse = "^1.4.0" pre-commit = "^3.5.0" pytest = "^8.3.2"