build(deps): bump the patches group in /lambda with 4 updates

[dependabot]

Bumps the patches group in /lambda with 4 updates: boto3, botocore, pydantic-settings and wrapt.

Updates boto3 from 1.43.31 to 1.43.34

Commits

• 1820b7d Merge branch 'release-1.43.34'
• 2178e7a Bumping version to 1.43.34
• 797f30d Add changelog entries from botocore
• 325a059 Remove DocumentModifiedShape and re-export it from botocore (#4795)
• 44bfb9a Merge branch 'release-1.43.33'
• 447ab8f Merge branch 'release-1.43.33' into develop
• 1a41f9c Bumping version to 1.43.33
• 3a2819d Add changelog entries from botocore
• 22ffece Bump https://github.com/astral-sh/ruff-pre-commit (#4802)
• 19645b7 Merge branch 'release-1.43.32'
• Additional commits viewable in compare view

Updates botocore from 1.43.31 to 1.43.34

Commits

• 67d724c Merge branch 'release-1.43.34'
• 8279c40 Bumping version to 1.43.34
• 42c8aee Update to latest models
• f1f6826 Merge customizations for Glue
• 9634887 Document policyDocumentShape for iam operations as a dict (#3721)
• 1ac5768 Merge branch 'release-1.43.33'
• dbfa9d0 Merge branch 'release-1.43.33' into develop
• 911ee32 Bumping version to 1.43.33
• 77e35af Update to latest models
• 42d47f6 Bump https://github.com/astral-sh/ruff-pre-commit (#3730)
• Additional commits viewable in compare view

Updates pydantic-settings from 2.14.1 to 2.14.2

Release notes

Sourced from pydantic-settings's releases.

v2.14.2

What's Changed

This is a security patch release.

• Prevent NestedSecretsSettingsSource from following symlinks outside secrets_dir by @​hramezani in pydantic/pydantic-settings#889
• Prepare release 2.14.2 by @​hramezani in pydantic/pydantic-settings#890

Security

Fixes GHSA-4xgf-cpjx-pc3j: NestedSecretsSettingsSource with secrets_nested_subdir=True could follow a symbolic link inside secrets_dir pointing outside it, reading out-of-tree files into settings values and bypassing the secrets_dir_max_size cap. Affected versions: >= 2.12.0, < 2.14.2.

Full Changelog: pydantic/pydantic-settings@v2.14.1...v2.14.2

Commits

• d703bd7 Prepare release 2.14.2 (#890)
• See full diff in compare view

Updates wrapt from 2.2.1 to 2.2.2

Release notes

Sourced from wrapt's releases.

wrapt 2.2.2

Full release notes: https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

Install from PyPi (recommended):

pip install wrapt==2.2.2

PyPi uploads follow each GitHub release; if pip reports the version is unavailable, the matching PyPi upload may not have happened yet.

Pre-built wheels are provided for a range of Python versions and platforms (Linux x86_64/aarch64/riscv64, macOS x86_64 and arm64, Windows x86_64 and arm64, plus PyPy and free-threaded builds). The source distribution is also attached together with SHA256SUMS for verification.

wrapt 2.2.2rc3

Release candidate. Release notes for the upcoming 2.2.2 final (work in progress): https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

May be installable from PyPi:

pip install wrapt==2.2.2rc3

If pip reports the version is unavailable, this candidate either has not been uploaded yet or is not being published to PyPi. Use the attached wheels or build from the source distribution instead:

tar xf wrapt-2.2.2rc3.tar.gz
cd wrapt-2.2.2rc3
pip install .

SHA256SUMS is attached for verification of the archives.

wrapt 2.2.2rc2

Release candidate. Release notes for the upcoming 2.2.2 final (work in progress): https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

May be installable from PyPi:

pip install wrapt==2.2.2rc2

If pip reports the version is unavailable, this candidate either has not been uploaded yet or is not being published to PyPi. Use the attached wheels or build from the source distribution instead:

tar xf wrapt-2.2.2rc2.tar.gz

... (truncated)

Changelog

Sourced from wrapt's changelog.

Version 2.2.2

Bugs Fixed

• When @wrapt.lru_cache was applied to an instance method that was overridden in a subclass, and the subclass method called the base class method via super(), a RecursionError was raised instead of the base class method being invoked. The per-instance cache for each method was stored as an attribute on the instance whose name was derived only from the method __name__, so the base and derived methods shared a single cache slot. The subclass cache was therefore found again when the base method was reached through super(), re-entering the subclass body and recursing without end. The cache attribute name now incorporates a unique identifier for each decorated method so that a base method and a method that overrides it use distinct per-instance caches. With thanks to the reporter of issue [#342](https://github.com/GrahamDumpleton/wrapt/issues/342) <https://github.com/GrahamDumpleton/wrapt/issues/342>_.

• When @wrapt.lru_cache was applied to a method of a class deriving from wrapt.ObjectProxy, the per-instance cache was stored on the wrapped object rather than on the proxy. This is because the proxy __setattr__ forwards attribute assignment to the wrapped object for any name that is not a recognised proxy attribute, and the cache attribute name was not one. Storing the cache on the wrapped object had several consequences: the wrapped object was polluted with cache attributes it never defined; the cache held a reference back to the proxy through the bound method it wrapped, so a wrapped object that outlived the proxy kept the proxy alive and prevented its collection; wrapping an object that does not accept arbitrary attributes, such as one using __slots__, caused the first cached call to fail with an AttributeError; and two proxies sharing a single wrapped object shared one cache and could return results computed for the wrong proxy. The cache attribute is now stored on the proxy itself using the proxy __self_setattr__ method when the instance is a wrapt object proxy, falling back to setattr for ordinary instances.

Commits

• 0ae09fd Merge branch 'release/2.2.2'
• 86db7a9 Update to 2.2.2 for final release.
• 6deda43 Update to 2.2.2rc3.
• 9c48a1e Constrain lru_cache proxy detection to BaseObjectProxy subclasses.
• 4053838 Update version to 2.2.2rc2.
• 99bf4ef Store lru_cache per-instance cache on object proxy not wrapped object.
• 0e862fb Document pickling instances with lru_cache decorated methods.
• 73dca57 Add lru_cache tests for overridden methods calling super().
• beead5c Fix lru_cache recursion for overridden methods calling super().
• fbf2fc1 Document pure Python failure mode for ObjectProxy + ABCMeta mixin.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🏗️ CDK infra diff — PR vs main

ServerlessApp-us-east-1-stage/ServerlessAppBackend-us-east-1

Stack ServerlessApp-us-east-1-stage/ServerlessAppBackend-us-east-1 (ServerlessAppBackend-us-east-1)
Resources
[-] AWS::Lambda::Version ServerlessAppBackend-us-east-1/App/ApiFunction/CurrentVersion AppApiFunctionCurrentVersion01C510AC4b985b54454c9a3df820f2aa4e35cb27 destroy
[+] AWS::Lambda::Version ServerlessAppBackend-us-east-1/App/ApiFunction/CurrentVersion AppApiFunctionCurrentVersion01C510AC5dc6874f5cbd938b2605a01920b12035
[~] AWS::Lambda::Function ServerlessAppBackend-us-east-1/App/ApiFunction AppApiFunctionDE515850
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] d4c873589f9d3207e51121cb2e97c7f271f11cfffa15a38fd2190c36f4d523b4.zip
 │       └─ [+] afefbe444c83e53bb01aee8f52f65d57f824c17a55d456cbee69304f42735696.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] ../asset.d4c873589f9d3207e51121cb2e97c7f271f11cfffa15a38fd2190c36f4d523b4
         └─ [+] ../asset.afefbe444c83e53bb01aee8f52f65d57f824c17a55d456cbee69304f42735696
[~] AWS::Lambda::Alias ServerlessAppBackend-us-east-1/App/LiveAlias AppLiveAlias3872472E
 └─ [~] FunctionVersion
     └─ [~] .Fn::GetAtt:
         └─ @@ -1,4 +1,4 @@
            [ ] [
            [-]   "AppApiFunctionCurrentVersion01C510AC4b985b54454c9a3df820f2aa4e35cb27",
            [+]   "AppApiFunctionCurrentVersion01C510AC5dc6874f5cbd938b2605a01920b12035",
            [ ]   "Version"
            [ ] ]



✨  Number of stacks with differences: 1