chore(deps): update all patch dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
boto3	==1.42.49 → ==1.42.59
python-dotenv	==1.2.1 → ==1.2.2

Review

• Updates have been tested and work
• If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

---

Release Notes

boto/boto3 (boto3)

v1.42.59

Compare Source

=======

• api-change:arc-region-switch: [botocore] Post-Recovery Workflows enable customers to maintain comprehensive disaster recovery automation. This allows customer SREs and leadership to have complete recovery orchestration from failover through post-recovery preparation, ensuring Regions remain ready for subsequent recovery events.
• api-change:batch: [botocore] This feature allows customers to specify the minimum time (in minutes) that AWS Batch keeps instances running in a compute environment after all jobs on the instance complete
• api-change:bedrock: [botocore] Added four new model lifecycle date fields, startOfLifeTime, endOfLifeTime, legacyTime, and publicExtendedAccessTime. Adds support for using the Converse API with Bedrock Batch inference jobs.
• api-change:cognito-idp: [botocore] Cognito is introducing a two-secret rotation model for app clients, enabling seamless credential rotation without downtime. Dedicated APIs support passing in a custom secret. Custom secrets need to be at least 24 characters. This eliminates reconfiguration needs and reduces security risks.
• api-change:connect: [botocore] Deprecate EvaluationReviewMetadata's CreatedBy and CreatedTime, add EvaluationReviewMetadata's RequestedBy and RequestedTime
• api-change:customer-profiles: [botocore] This release introduces an optional SourcePriority parameter to the ProfileObjectType APIs, allowing you to control the precedence of object types when ingesting data from multiple sources. Additionally, WebAnalytics and Device have been added as new StandardIdentifier values.
• api-change:health: [botocore] Updates the regex for validating availabilityZone strings used in the describe events filters.
• api-change:keyspacesstreams: [botocore] Added support for Change Data Capture (CDC) streams with Duration DataType.
• api-change:odb: [botocore] ODB Networking Route Management is a feature improvement which allows for implicit creation and deletion of EC2 Routes in the Peer Network Route Table designated by the customer via new optional input. This feature release is combined with Multiple App-VPC functionality for ODB Network Peering(s).
• api-change:ram: [botocore] Resource owners can now specify ResourceShareConfiguration request parameter for CreateResourceShare API including RetainSharingOnAccountLeaveOrganization boolean parameter

v1.42.58

Compare Source

=======

• api-change:backup-gateway: [botocore] This release updates GetGateway API to include deprecationDate and softwareVersion in the response, enabling customers to track gateway software versions and upcoming deprecation dates.
• api-change:ec2: [botocore] Add c8id, m8id and hpc8a instance types.
• api-change:ecs: [botocore] Adding support for Capacity Reservations for ECS Managed Instances by introducing a new "capacityOptionType" value of "RESERVED" and new field "capacityReservations" for CreateCapacityProvider and UpdateCapacityProvider APIs.
• api-change:marketplace-entitlement: [botocore] Added License Arn as a new optional filter for GetEntitlements and LicenseArn field in each entitlement in the response.
• api-change:meteringmarketplace: [botocore] Added LicenseArn to ResolveCustomer response and BatchMeterUsage usage records. BatchMeterUsage now accepts LicenseArn in each UsageRecord to report usage at the license level. Added InvalidLicenseException error response for invalid license parameters.
• api-change:securityhub: [botocore] Security Hub added EXTENDED PLAN integration type to DescribeProductsV2 and added metadata.product.vendor name GroupBy support to GetFindingStatisticsV2

v1.42.57

Compare Source

=======

• api-change:batch: [botocore] AWS Batch documentation update for service job capacity units.
• api-change:ec2: [botocore] Add support for EC2 Capacity Blocks in Local Zones.
• api-change:ecr: [botocore] Update repository name regex to comply with OCI Distribution Specification
• api-change:neptune: [botocore] Neptune global clusters now supports tags
• api-change:wafv2: [botocore] AWS WAF now supports GetTopPathStatisticsByTraffic that provides aggregated statistics on the top URI paths accessed by bot traffic. Use this operation to see which paths receive the most bot traffic, identify the specific bots accessing them, and filter by category, organization, or bot name.

v1.42.56

Compare Source

=======

• api-change:cloudwatch: [botocore] This release adds the APIs (PutAlarmMuteRule, ListAlarmMuteRules, GetAlarmMuteRule and DeleteAlarmMuteRule) to manage a new Cloudwatch resource, AlarmMuteRules. AlarmMuteRules allow customers to temporarily mute alarm notifications during expected downtime periods.
• api-change:ec2: [botocore] Adds httpTokensEnforced property to ModifyInstanceMetadataDefaults API. Set per account or manage organization-wide using declarative policies to prevent IMDSv1-enabled instance launch and block attempts to enable IMDSv1 on existing IMDSv2-only instances.
• api-change:elementalinference: [botocore] Initial GA launch for AWS Elemental Inference including capabilities of Smart Crop and Live Event Clipping
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
• api-change:es: [botocore] Fixed HTTP binding for DescribeDomainAutoTunes API to correctly pass request parameters as query parameters in the HTTP request.
• api-change:medialive: [botocore] AWS Elemental MediaLive - Added support for Elemental Inference for Smart Cropping and Clipping features for MediaLive.
• api-change:observabilityadmin: [botocore] Adding a new field in the CreateCentralizationRuleForOrganization, UpdateCentralizationRuleForOrganization API and updating the GetCentralizationRuleForOrganization API response to include the new field
• api-change:opensearch: [botocore] Fixed HTTP binding for DescribeDomainAutoTunes API to correctly pass request parameters as query parameters in the HTTP request.
• api-change:partnercentral-selling: [botocore] Added support for filtering opportunities by target close date in the ListOpportunities API. You can now filter results to return opportunities with a target close date before or after a specified date, enabling more precise opportunity searches based on expected closure timelines.

v1.42.55

Compare Source

=======

• api-change:bedrock: [botocore] Automated Reasoning checks in Amazon Bedrock Guardrails now support fidelity report generation. The new workflow type assesses policy coverage and accuracy against customer documents. The GetAutomatedReasoningPolicyBuildWorkflowResultAssets API adds support for the three new asset types.
• api-change:connectcases: [botocore] SearchCases API can now accept 25 fields in the request and response as opposed to the previous limit of 10. DeleteField's hard limit of 100 fields per domain has been lifted.
• api-change:controlcatalog: [botocore] Updated ExemptedPrincipalArns parameter documentation for improved accuracy
• api-change:datazone: [botocore] Add workflow properties support to connections APIs
• api-change:dynamodb: [botocore] This change supports the creation of multi-account global tables. It adds one new arguments to UpdateTable, GlobalTableSettingsReplicationMode.
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
• api-change:mediatailor: [botocore] Updated endpoint rule set for dualstack endpoints. Added a new opt-in option to log raw ad decision server requests for Playback Configurations.
• api-change:quicksight: [botocore] Adds support for SEMISTRUCT to InputColumn Type
• api-change:wickr: [botocore] AWS Wickr now provides APIs to manage your Wickr OpenTDF integration. These APIs enable you to test and save your OpenTDF configuration allowing you to manage rooms based on Trusted Data Format attributes.

v1.42.54

Compare Source

=======

• api-change:appstream: [botocore] Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances.
• api-change:ecs: [botocore] Migrated to Smithy. No functional changes
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
• api-change:sagemaker-runtime: [botocore] Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads.
• api-change:signer-data: [botocore] This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs.
• api-change:ssm: [botocore] Add support for AssociationDispatchAssumeRole in AWS SSM State Manager.
• api-change:trustedadvisor: [botocore] Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios.

v1.42.53

Compare Source

=======

• api-change:bcm-dashboards: [botocore] The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards.
• api-change:ecr: [botocore] Adds multiple artifact types filter support in ListImageReferrers API.
• api-change:pca-connector-scep: [botocore] AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately.
• enhancement:checksums: [botocore] Added support for the SHA512 checksum algorithm. When the optional AWS CRT (awscrt) dependency is installed, support is also enabled for the XXHASH64, XXHASH3, and XXHASH128 checksum algorithms. Also added pass-through support for customer-provided MD5 checksum headers (without SDK-side MD5 calculation or validation).

v1.42.52

Compare Source

=======

• api-change:cleanrooms: [botocore] This release adds support for federated catalogs in Athena-sourced configured tables.
• api-change:connect: [botocore] Correcting in-app notifications API documentation.

v1.42.51

Compare Source

=======

• api-change:ec2: [botocore] Add Operator field to CreatePlacementGroup and DescribePlacementGroup APIs.
• api-change:evidently: [botocore] The evidently client has been removed following the deprecation of the service.
• api-change:grafana: [botocore] This release updates Amazon Managed Grafana's APIs to support customer managed KMS keys.
• api-change:iotanalytics: [botocore] The iotanalytics client has been removed following the deprecation of the service.
• api-change:rds: [botocore] Adds support for the StorageEncryptionType field to specify encryption type for DB clusters, DB instances, snapshots, automated backups, and global clusters.
• api-change:workspaces-web: [botocore] Adds support for branding customization without requiring a custom wallpaper.

v1.42.50

Compare Source

=======

• api-change:arc-region-switch: [botocore] Clarify documentation on ARC Region Switch start-plan-execution operation
• api-change:ec2: [botocore] Documentation updates for EC2 Secondary Networks
• api-change:ecr: [botocore] Adds support for enabling blob mounting, and removes support for Clair based image scanning
• api-change:kafka: [botocore] Amazon MSK now supports dual-stack connectivity (IPv4 and IPv6) for existing MSK clusters. You can enable dual-stack on existing clusters by specifying the NetworkType parameter in updateConnectivity API.
• api-change:kms: [botocore] Added support for Decrypt and ReEncrypt API's to use dry run feature without ciphertext for authorization validation
• api-change:qconnect: [botocore] Update MessageType enum to include missing types.

theskumar/python-dotenv (python-dotenv)

v1.2.2

Compare Source

Added

• Support for Python 3.14, including the free-threaded (3.14t) build. (#​588)

Changed

• The dotenv run command now forwards flags directly to the specified command by [@​bbc2] in [#​607]
• Improved documentation clarity regarding override behavior and the reference page.
• Updated PyPy support to version 3.11.
• Documentation for FIFO file support.
• Dropped Support for Python 3.9.

Fixed

• Improved set_key and unset_key behavior when interacting with symlinks by [@​bbc2] in [790c5c0]
• Corrected the license specifier and added missing Python 3.14 classifiers in package metadata by [@​JYOuyang] in [#​590]

Breaking Changes

• dotenv.set_key and dotenv.unset_key used to follow symlinks in some
  situations. This is no longer the case. For that behavior to be restored in
  all cases, follow_symlinks=True should be used.

• In the CLI, set and unset used to follow symlinks in some situations. This
  is no longer the case.

• dotenv.set_key, dotenv.unset_key and the CLI commands set and unset
  used to reset the file mode of the modified .env file to 0o600 in some
  situations. This is no longer the case: The original mode of the file is now
  preserved. Is the file needed to be created or wasn't a regular file, mode
  0o600 is used.

---

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.