chore(deps): update mend: high confidence minor and patch dependency updates by mend-for-github-com[bot] · Pull Request #70 · snowdensb/aws-lambda-powertools-python

mend-for-github-com · 2024-02-28T02:49:31Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bandit (source, changelog)	`1.7.1` → `1.9.4`
coverage	`6.2` → `6.5.0`
flake8-black	`^0.2.3` → `^0.4.0`
flake8-bugbear (changelog)	`22.4.25` → `22.12.6`
flake8-comprehensions (changelog)	`3.7.0` → `3.17.0`
flake8-eradicate	`1.2.1` → `1.5.0`
flake8-isort (changelog)	`4.1.1` → `4.2.0`
isort (changelog)	`5.10.1` → `5.13.2`
mkdocs-material (changelog)	`8.2.7` → `8.5.11`
pdoc3 (source)	`^0.10.0` → `^0.11.0`
pytest (changelog)	`7.0.1` → `7.4.4`
pytest-mock (changelog)	`3.6.1` → `3.15.1`
xenon	`0.9.0` → `0.9.3`

Release Notes

PyCQA/bandit (bandit)

`v1.9.4`

Compare Source

What's Changed

chore: fixed some typos in comments by @jakob1379 in #1351
Bump docker/login-action from 3.6.0 to 3.7.0 by @dependabot[bot] in #1353
Bump docker/build-push-action from 6.18.0 to 6.19.2 by @dependabot[bot] in #1357
Fix B613 crash when reading from stdin by @worksbyfriday in #1361
Include filename in nosec 'no failed test' warning by @worksbyfriday in #1363
Fix B615 false positive when revision is set via variable by @worksbyfriday in #1358
Lower version guard in check_ast_node to Python 3.12 by @rcgray in #1355
Fix B106 reporting wrong line number on multiline function calls by @worksbyfriday in #1360

New Contributors

@jakob1379 made their first contribution in #1351
@worksbyfriday made their first contribution in #1361
@rcgray made their first contribution in #1355

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

`v1.9.3`

Compare Source

What's Changed

Bump actions/checkout from 5 to 6 by @dependabot[bot] in #1334
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #1335
Fix B608 to detect VALUES( without space by @kfess in #1337
Add check for hardcoded passwords in dicts. by @alanverresen in #1338
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci[bot] in #1341
Update tox tests for Python 3.10 by @willschlitzer in #1346
Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by @dependabot[bot] in #1347
Limit B614 to torch.load deserializers by @dibussoc in #1348

New Contributors

@kfess made their first contribution in #1337
@alanverresen made their first contribution in #1338
@willschlitzer made their first contribution in #1346
@dibussoc made their first contribution in #1348

Full Changelog: PyCQA/bandit@1.9.2...1.9.3

`v1.9.2`

Compare Source

What's Changed

Argparse Python 3.14 enhancements by @ericwb in #1331
Check whether Constant value is str by @ericwb in #1333

Full Changelog: PyCQA/bandit@1.9.1...1.9.2

`v1.9.1`

Compare Source

What's Changed

More Python version related fixes by @ericwb in #1327

Full Changelog: PyCQA/bandit@1.9.0...1.9.1

`v1.8.6`

Compare Source

What's Changed

Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 by @dependabot in #1279
Bump docker/setup-buildx-action from 3.10.0 to 3.11.1 by @dependabot in #1278
added hint to FreeBSD package in doc/source/integrations.rst by @daniel-mohr in #1282
Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 by @dependabot in #1284
Huggingface revision pinning by @lukehinds in #1281

New Contributors

@daniel-mohr made their first contribution in #1282

Full Changelog: PyCQA/bandit@1.8.5...1.8.6

`v1.8.5`

Compare Source

What's Changed

Fix the rendering of the CI/CD doc by @ericwb in #1274
Fix for publish to PyPI failure by @ericwb in #1273

Full Changelog: PyCQA/bandit@1.8.4...1.8.5

`v1.8.3`

Compare Source

What's Changed

Bump docker/build-push-action from 6.10.0 to 6.11.0 by @dependabot in #1220
Bump docker/build-push-action from 6.11.0 to 6.12.0 by @dependabot in #1221
Bump docker/build-push-action from 6.12.0 to 6.13.0 by @dependabot in #1222
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1229
Update bug template to include latest released versions by @ericwb in #1218
Add markupsafe.Markup XSS plugin by @Daverball in #1225
Warn not error on an nonexistant test given by @ericwb in #1230
Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 by @dependabot in #1233
Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 by @dependabot in #1234
B107: Skip None values in hardcoded password detection by @lukehinds in #1232
Pytorch fix by @lukehinds in #1231

New Contributors

@Daverball made their first contribution in #1225

Full Changelog: PyCQA/bandit@1.8.2...1.8.3

`v1.8.2`

Compare Source

What's Changed

Revert "Start testing with 3.14 alphas" by @ericwb in #1217

Full Changelog: PyCQA/bandit@1.8.1...1.8.2

`v1.8.1`

Compare Source

What's Changed

Bump docker/build-push-action from 6.9.0 to 6.10.0 by @dependabot in #1209
Update the bug template with latest bandit version by @ericwb in #1208
Add Mercedes-Benz to sponsor list by @ericwb in #1210
Bump docker/setup-buildx-action from 3.7.1 to 3.8.0 by @dependabot in #1211
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1213
Start testing with 3.14 alphas by @ericwb in #1189
Remove lxml (B320 & B410) from blacklist by @djbrown in #1212
Clarify "getting started" docs by @Flimm in #963

New Contributors

@djbrown made their first contribution in #1212
@Flimm made their first contribution in #963

Full Changelog: PyCQA/bandit@1.8.0...1.8.1

`v1.8.0`

Compare Source

What's Changed

Bump docker/build-push-action from 6.7.0 to 6.9.0 by @dependabot in #1178
Rename doc file to match proper bandit ID by @ericwb in #1183
Removal of Python 3.8 support by @ericwb in #1174
Add more insecure cryptography cipher algorithms by @ericwb in #1185
Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 by @dependabot in #1186
Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @dependabot in #1187
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1162
No need to check httpx client without timeout defined by @ericwb in #1177
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1191
Mark Python 3.13 as officially supported by @ericwb in #1192
Update project urls with added links by @ericwb in #1193
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1196
Add a JSON to seek funding from the FLOSS/fund by @ericwb in #1194
Remove Sentry as a sponsor by @ericwb in #1198
Remove more leftover OpenStack references by @ericwb in #1195

Full Changelog: PyCQA/bandit@1.7.10...1.8.0

`v1.7.10`

Compare Source

What's Changed

Bump docker/build-push-action from 5.4.0 to 6.0.0 by @dependabot in #1147
Suggested small refactors in assignments by @ericwb in #1150
Performance improvement in blacklist function by @ericwb in #1148
Add test for usage of FTP_TLS by @ericwb in #1149
New check: B113: TrojanSource - Bidirectional control characters by @Lucas-C in #757
Bump docker/build-push-action from 6.0.0 to 6.1.0 by @dependabot in #1152
feat(plugins): add support for httpx in B113 by @mkniewallner in #1060
Nit: remove unused variable by @ericwb in #1153
Add recent releases to version choice in bug report by @ericwb in #1151
Bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #1155
Bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #1157
Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #1156
Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @dependabot in #1158
Bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #1159
Bump docker/build-push-action from 6.3.0 to 6.5.0 by @dependabot in #1160
Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by @dependabot in #1163
Bump docker/build-push-action from 6.5.0 to 6.6.1 by @dependabot in #1166
Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #1165
Bump docker/build-push-action from 6.6.1 to 6.7.0 by @dependabot in #1168
Use consistent file naming of docs by @ericwb in #1170
Pytorch Load / Save Plugin by @lukehinds in #1114

New Contributors

@Lucas-C made their first contribution in #757

Full Changelog: PyCQA/bandit@1.7.9...1.7.10

`v1.7.9`

Compare Source

What's Changed

Bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #1117
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1119
New logo for Bandit based on raccoon by @ericwb in #1121
Start testing on Python 3.13 by @ericwb in #1122
Bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #1123
Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in #1124
Bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #1125
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1126
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1127
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #1130
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1131
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #1132
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1133
Updates banner logo so it renders well in dark mode by @ericwb in #1134
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1135
Add a sponsor section to README by @ericwb in #1137
Ensure sarif extra is included as part of doc build by @ericwb in #1139
Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #1142
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1143
[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #1145
Guard against empty call argument list by @ericwb in #1146
Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #1144
Support configfile in .bandit file by @bersbersbers in #1052

New Contributors

@pre-commit-ci made their first contribution in #1119
@bersbersbers made their first contribution in #1052

Full Changelog: PyCQA/bandit@1.7.8...1.7.9

`v1.7.8`

Compare Source

What's Changed

Incorrect tag naming in readme by @lukehinds in #1105
Utilize PyPI's trusted publishing by @ericwb in #1107
Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @dependabot in #1109
Add 1.7.7 to versions of bug template by @ericwb in #1110
Use datetime to avoid updating copyright year by @ericwb in #1112
filter data is safe for tarfile extractall by @etienneschalk in #1111
Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #1115
[B605] Add functions that are vulnerable to shell injection. by @shihai1991 in #1116
Add a SARIF output formatter by @ericwb in #1113

New Contributors

@etienneschalk made their first contribution in #1111
@shihai1991 made their first contribution in #1116

Full Changelog: PyCQA/bandit@1.7.7...1.7.8

`v1.7.7`

Compare Source

What's Changed

Add the new release to bandit versions of bug template by @ericwb in #1075
Bump actions/setup-python from 4 to 5 by @dependabot in #1076
Handle variant in how policy is passed in paramiko by @ericwb in #1078
Flag str.replace as possible sql injection by @costaparas in #1044
defusedxml: Show correct module name by @kajinamit in #1081
Add tidelift to the sponsor funding list by @ericwb in #1089
Create a security policy by @ericwb in #1091
Fix up issues found running Bandit on itself by @ericwb in #1093
Add random.randbytes to blacklist calls by @ericwb in #1096
Prepend ./ for files specified as CLI args by @ericwb in #1094
Rework GitPython dependency to be an extra for bandit-baseline by @ericwb in #1099
Bump actions/dependency-review-action from 3 to 4 by @dependabot in #1101
Introduce Official Bandit Images by @lukehinds in #1088
Remove markdown formatting in reStructuredText formatted README by @ericwb in #1103
Downsize the org:repo name by @lukehinds in #1104

New Contributors

@kajinamit made their first contribution in #1081

Full Changelog: PyCQA/bandit@1.7.6...1.7.7

`v1.7.6`

Compare Source

What's Changed

Update bug report to include version 1.7.5 by @ericwb in #993
Render Python 3.10 in drop down correctly by @ericwb in #997
Remove checks for Python2 urllib by @ericwb in #999
Improper detection of non-requests module by @ericwb in #1011
xmlrpclib replaced with xmlrpc in Python3 by @ericwb in #1012
language and linting updates by @marksmayo in #1015
Adds check for crypt module usage as weak hash by @ericwb in #1018
Switch to tox 4 by @mportesdev in #1020
Skip unnecessary pip install commands in the pythonpackage.yml workflow by @mportesdev in #1021
Update versions of used GitHub Actions by @mportesdev in #1024
Update pre-commit hooks by @mportesdev in #1026
Add random.Random to B311 checks by @shiftinv in #940
Add a copy button to all code snippets in docs by @ericwb in #1030
Replace pbr in favor of importlib by @ericwb in #1016
Switch from open collective to PSF by @ericwb in #1031
Make pre-commit run Bandit hook using a single process by @Klavionik in #1029
Remove support for Python 3.7 due to end-of-life by @ericwb in #1034
Update asserts.py documentation by @deronnax in #1036
Simplify wrap_file_object by @mportesdev in #1037
django_rawsql_used: support keyword arguments used in RawSQL by @kevinmarsh in #765
Avoid gitpyhon CVE-2022-24439 by @carlosduelo in #1048
Update blacklist call documentation by @costaparas in #1045
Support ignoring blacklists by name by @costaparas in #1046
Fix dependabot to update github actions by @ericwb in #1057
Bump actions/checkout from 3 to 4 by @dependabot in #1058
Fix for ReadtheDocs build by @ericwb in #1061
fix(plugins/B507): also detect class instances by @mkniewallner in #1064
Use mirror repository for black pre-commit hook by @mportesdev in #1070
Add official support of Python 3.12 by @ericwb in #1068
Fix crash on pyproject.toml without bandit config by @javajawa in #1073
refactor: remove importlib-metadata fallback by @mkniewallner in #1066
Fixes for sphinx build by @ericwb in #1063

New Contributors

@marksmayo made their first contribution in #1015
@shiftinv made their first contribution in #940
@Klavionik made their first contribution in #1029
@deronnax made their first contribution in #1036
@kevinmarsh made their first contribution in #765
@carlosduelo made their first contribution in #1048
@costaparas made their first contribution in #1045
@dependabot made their first contribution in #1058
@javajawa made their first contribution in #1073

Full Changelog: PyCQA/bandit@1.7.5...1.7.6

`v1.7.5`

Compare Source

What's Changed

Add an example screen shot of Bandit to README by @ericwb in #847
Bad link to screen shot by @ericwb in #848
Use a constant for weak hashes by @ericwb in #850
Group location line with code output by @ericwb in #822
Fix line range using Python 3.8 end_lineno by @ericwb in #821
Add classifier to indicate Py3 only by @ericwb in #853
Removal of blacklist call B309 httpsconnection by @ericwb in #858
Remove blacklist call check for os.tempnam by @ericwb in #859
Indiciate hash type in message by @ericwb in #860
Add the httpx module check for verify by @ericwb in #861
Add doc for hashlib plugin by @ericwb in #862
Make use of rich for progress bar by @ericwb in #863
Replace toml with tomli by @mkniewallner in #829
Fix up B109 and B111 removed plugins docs by @ericwb in #864
add check for "requests" calls without timeout by @mschfh in #743
Fix for build breaks in format job by @ericwb in #869
Add license and contributing links to docs by @ericwb in #867
Remove redundant word Bandit in titles of sections by @ericwb in #873
Add request for feedback via 👍 by @ericwb in #871
Add a Discord link to the docs by @ericwb in #870
Adding logging.config.listen() plugin with examples by @raj3shp in #874
Removal of ghugo by @ericwb in #881
Remove redundant pip line by @ericwb in #884
Corrected documentation on configuration by @a-takahashi223 in #868
Start testing against Python 3.11 by @mkniewallner in #887
Add myself to sponsor list by @ericwb in #885
Add Discord link to README by @ericwb in #875
Update action versions in Actions workflows (#890) by @mportesdev in #893
Add dependency review action by @ericwb in #891
Fix an unclosed tag in HTML formatter by @mportesdev in #896

'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by @rajaramsrn in #897

Make small fixes in docs by @mportesdev in #899

Specify semver range for Python 3.11 by @mportesdev in #901

Add another bad example of yaml load by @ericwb in #905

Add releases link in "Version control integration" by @travisjungroth in #909

Update version of dependency-review-action by @mportesdev in #911

Avoid redundant message if debug on by @ericwb in #913

Remove invalid checking on hashlib by @ericwb in #914

Add some missing curve types by @ericwb in #920

add jsonpickle deserialization blacklist by @SugarP1g in #707

Fix reading the number argument from config file by @KAUTH in #923

Add end_col_offset if available by @ericwb in #851

Enhancement Proposal: Plugin "assert_used" config-skip snippet by @marianomartinelli in #695

Blacklist pandas read_pickle and add functional test for it by @jaspersival in #710

Docs for request without timeout has dead link by @ericwb in #925

Add case for global exec by @tonybaloney in #570

Fix a false positive condition yaml_load by @ericwb in #927

Fix issue #453 jinja2 template select_autoescape when using jinja2.select_autoescape by @kinow in #454

Adding tarfile.extractall() plugin with examples by @yilmi in #549

Check for deprecated TLS 1.1 by @ericwb in #928

weak_cryptographic_key assumes positional arg by @ericwb in #930

Fix filename of B202 in docs by @mportesdev in #932

Remove python 2 reference in docs by @ericwb in #933

Pass correct number of arguments to match the %s placeholders. by @mportesdev in #934

Fixup some invalid pickle testing by @ericwb in #924

Fix json and yaml formatters to respect num lines by @ericwb in #929

Fix AttributeError on detect of tuple assign condition by @ericwb in #931

[docs] Mention exclude_dirs option available in TOML and YAML by @bittner in #876

Typo fix by @PermanAtayev in #945

remove py2 exec example in docs by @clavedeluna in #947

Add official Python 3.11 support by @ericwb in #964

DOC: Add explanation on how to use pre-commit with config file by @phofl in #968

Fix breaking build due to new tox by @ericwb in #983

Correct build status badge in README by @gliptak in #980

Improve detecting SQL injections in f-strings by @kfrydel in #917

Improve handling nosec for multi-line strings by @kfrydel in #915

Check for github action updates monthly by @jlosito in #989

Added a bit more project_urls by @KOLANICH in #985

New Contributors

@mschfh made their first contribution in #743

@raj3shp made their first contribution in #874

@a-takahashi223 made their first contribution in #868

@mportesdev made their first contribution in #893

@rajaramsrn made their first contribution in #897

@travisjungroth made their first contribution in #909

@SugarP1g made their first contribution in #707

@KAUTH made their first contribution in [#&

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

mend-for-github-com · 2024-02-28T02:49:32Z

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock

Creating virtualenv aws-lambda-powertools-j4tV00Qc-py3.12 in /home/ubuntu/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...


The current project's Python requirement (>=3.6.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - flake8-black requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7
  - flake8-black requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7
  - flake8-black requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7
  - flake8-black requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7
  - flake8-black requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7

Because no versions of flake8-black match >0.3.0,<0.3.2 || >0.3.2,<0.3.3 || >0.3.3,<0.3.4 || >0.3.4,<0.3.5 || >0.3.5,<0.3.6 || >0.3.6,<0.4.0
 and flake8-black (0.3.0) depends on black (>=22.1.0), flake8-black (>=0.3.0,<0.3.2 || >0.3.2,<0.3.3 || >0.3.3,<0.3.4 || >0.3.4,<0.3.5 || >0.3.5,<0.3.6 || >0.3.6,<0.4.0) requires black (>=22.1.0).
And because flake8-black (0.3.2) requires Python >=3.7, flake8-black (>=0.3.0,<0.3.3 || >0.3.3,<0.3.4 || >0.3.4,<0.3.5 || >0.3.5,<0.3.6 || >0.3.6,<0.4.0) requires black (>=22.1.0).
And because flake8-black (0.3.3) requires Python >=3.7
 and flake8-black (0.3.4) requires Python >=3.7, flake8-black (>=0.3.0,<0.3.5 || >0.3.5,<0.3.6 || >0.3.6,<0.4.0) requires black (>=22.1.0).
And because flake8-black (0.3.5) requires Python >=3.7
 and flake8-black (0.3.6) requires Python >=3.7, flake8-black (>=0.3.0,<0.4.0) requires black (>=22.1.0).
So, because aws-lambda-powertools depends on both black (^21.12b0) and flake8-black (^0.3.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties
    
    For flake8-black, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"
    For flake8-black, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"
    For flake8-black, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"
    For flake8-black, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"
    For flake8-black, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers

mend-for-github-com · 2024-05-22T02:44:03Z

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock

Updating dependencies
Resolving dependencies...


The current project's Python requirement (>=3.6.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9
  - pdoc3 requires Python >=3.7, so it will not be satisfied for Python >=3.6.2,<3.7
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9
  - pdoc3 requires Python >=3.9, so it will not be satisfied for Python >=3.6.2,<3.9

Because no versions of pdoc3 match >0.11.0,<0.11.1 || >0.11.1,<0.11.2 || >0.11.2,<0.11.3 || >0.11.3,<0.11.4 || >0.11.4,<0.11.5 || >0.11.5,<0.11.6 || >0.11.6,<0.12.0
 and pdoc3 (0.11.0) requires Python >=3.7, pdoc3 is forbidden.
And because pdoc3 (0.11.1) requires Python >=3.9, pdoc3 is forbidden.
And because pdoc3 (0.11.2) requires Python >=3.9
 and pdoc3 (0.11.3) requires Python >=3.9, pdoc3 is forbidden.
And because pdoc3 (0.11.4) requires Python >=3.9
 and pdoc3 (0.11.5) requires Python >=3.9, pdoc3 is forbidden.
So, because pdoc3 (0.11.6) requires Python >=3.9
 and aws-lambda-powertools depends on pdoc3 (^0.11.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties
    
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.7,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"
    For pdoc3, a possible solution would be to set the `python` property to ">=3.9,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers

…updates

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates Mar 7, 2024

mend-for-github-com Bot changed the title ~~chore(deps): update mend: high confidence minor and patch dependency updates~~ fix(deps): update mend: high confidence minor and patch dependency updates Mar 11, 2024

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates Mar 12, 2024

mend-for-github-com Bot changed the title ~~chore(deps): update mend: high confidence minor and patch dependency updates~~ fix(deps): update mend: high confidence minor and patch dependency updates Apr 8, 2024

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates Apr 9, 2024

mend-for-github-com Bot changed the title ~~chore(deps): update mend: high confidence minor and patch dependency updates~~ fix(deps): update mend: high confidence minor and patch dependency updates May 7, 2024

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates May 22, 2024

mend-for-github-com Bot changed the title ~~chore(deps): update mend: high confidence minor and patch dependency updates~~ fix(deps): update mend: high confidence minor and patch dependency updates May 25, 2024

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates Jun 5, 2024

mend-for-github-com Bot changed the title ~~chore(deps): update mend: high confidence minor and patch dependency updates~~ fix(deps): update mend: high confidence minor and patch dependency updates Jun 9, 2024

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 3d86905 to 6c0d870 Compare August 29, 2024 03:08

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 6c0d870 to ebb5ba8 Compare December 18, 2024 04:27

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from ebb5ba8 to 5bbb977 Compare February 14, 2025 04:44

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 5bbb977 to 16f2837 Compare April 21, 2025 04:04

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 16f2837 to f3ed795 Compare September 29, 2025 04:45

mend-for-github-com Bot changed the title ~~fix(deps): update mend: high confidence minor and patch dependency updates~~ chore(deps): update mend: high confidence minor and patch dependency updates Sep 29, 2025

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from f3ed795 to 2ba6689 Compare November 4, 2025 05:09

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from 2ba6689 to b5a7555 Compare November 27, 2025 11:25

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from b5a7555 to de10ae1 Compare December 15, 2025 05:06

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 2 times, most recently from 6f9e121 to 7ec6f24 Compare February 22, 2026 05:32

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch 3 times, most recently from ea1f8ba to bcd1faa Compare April 23, 2026 05:17

chore(deps): update mend: high confidence minor and patch dependency …

aab0818

…updates

mend-for-github-com Bot force-pushed the whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates branch from bcd1faa to aab0818 Compare April 25, 2026 05:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update mend: high confidence minor and patch dependency updates#70

chore(deps): update mend: high confidence minor and patch dependency updates#70
mend-for-github-com[bot] wants to merge 1 commit intodevelopfrom
whitesource-remediate/mend-high-confidence-minor-and-patch-dependency-updates

mend-for-github-com Bot commented Feb 28, 2024 •

edited

Loading

Uh oh!

mend-for-github-com Bot commented Feb 28, 2024 •

edited

Loading

Uh oh!

mend-for-github-com Bot commented May 22, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

mend-for-github-com Bot commented Feb 28, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

Configuration

Uh oh!

mend-for-github-com Bot commented Feb 28, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠ Artifact update problem

File name: poetry.lock

Uh oh!

mend-for-github-com Bot commented May 22, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

⚠️ Artifact update problem

File name: poetry.lock

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

mend-for-github-com Bot commented Feb 28, 2024 •

edited

Loading

mend-for-github-com Bot commented Feb 28, 2024 •

edited

Loading

mend-for-github-com Bot commented May 22, 2024 •

edited

Loading