Skip to content

poetry: bump aws-lambda-powertools from 2.35.1 to 3.19.0 #1012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

poetry: bump aws-lambda-powertools from 2.35.1 to 3.19.0 #1012

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 18, 2025

Bumps aws-lambda-powertools from 2.35.1 to 3.19.0.

Release notes

Sourced from aws-lambda-powertools's releases.

v3.19.0

Summary

This release adds support for fetching multiple secrets from AWS Secrets Manager in a single API call.

We also fixed a critical bug when working with Data validation and Middleware in our Event Handler utility.

⭐️ Congrats to @​dap0am and @​trevmt for contributing to this project for the first time!

Fetching multiple secrets

Docs

You can fetch multiple secrets from Secrets Manager in a single API call using get_secrets_by_name. This reduces the number of API calls and improves performance when you need to retrieve several secrets at once. This new method allows you to retrieve up to 20 secrets per call with filtering, lower AWS costs, and improved error resilience.

Working with Data Validation and Middleware

We have split OpenAPI validation into two phases, so you now benefit from:

  • Request validation runs before any business logic, checking only incoming requests.
  • Response validation runs only on actual endpoint responses.

This change ensures that only real endpoint responses go through schema validation, preventing errors from control flow responses (401, 403, 429) returned by other middlewares.

Read more about this change here

Changes

🌟New features and non-breaking changes

📜 Documentation updates

🐛 Bug and hot fixes

  • fix(parameters): fix _transform_and_cache_get_parameters_response (#7083) by @​ericbn

... (truncated)

Changelog

Sourced from aws-lambda-powertools's changelog.

[v3.19.0] - 2025-08-12

Bug Fixes

  • event_handler: split OpenAPI validation to respect middleware returns (#7050)
  • parameters: fix _transform_and_cache_get_parameters_response (#7083)

Code Refactoring

  • parser: Improve ALB models with examples and descriptions (#7100)
  • parser: Improve Kinesis models with examples and descriptions (#7092)
  • parser: Improve EventBridge models with examples and descriptions (#7090)

Documentation

  • event_handler: improve routing rules syntax documentation (#7094)
  • logger: fix typo in sampling examples (#7133)
  • maintainers: improve release process documentation (#7088)

Features

  • parameters: add support for retrieving batch of secrets (#7058)

Maintenance

  • version bump
  • ci: new pre-release 3.18.1a6 (#7134)
  • ci: new pre-release 3.18.1a5 (#7114)
  • ci: new pre-release 3.18.1a1 (#7077)
  • ci: new pre-release 3.18.1a0 (#7068)
  • ci: new pre-release 3.18.1a9 (#7155)
  • ci: new pre-release 3.18.1a8 (#7147)
  • ci: new pre-release 3.18.1a3 (#7097)
  • ci: new pre-release 3.18.1a7 (#7141)
  • ci: new pre-release 3.18.1a2 (#7085)
  • ci: new pre-release 3.18.1a4 (#7105)
  • deps: bump mkdocs-llmstxt from 0.3.0 to 0.3.1 (#7112)
  • deps: bump squidfunk/mkdocs-material from 0bfdba4 to bb7b015 in /docs (#7059)
  • deps: bump redis from 6.3.0 to 6.4.0 (#7140)
  • deps: bump actions/checkout from 4.2.2 to 5.0.0 (#7154)
  • deps: bump aws-powertools/actions from 1.3.0 to 1.4.0 (#7104)
  • deps: bump actions/download-artifact from 4.3.0 to 5.0.0 (#7126)
  • deps: bump aws-powertools/actions from 1.1.0 to 1.3.0 (#7061)
  • deps: bump aws-actions/configure-aws-credentials from 4.2.1 to 4.3.0 (#7103)
  • deps: bump aws-actions/configure-aws-credentials from 59b441846ad109fa4a1549b73ef4e149c4bfb53b to aa1f74b81b53cb3adb28afcdb21d7b9f3fceea98 (#7113)
  • deps: bump redis from 6.2.0 to 6.3.0 (#7108)
  • deps: bump mkdocs-material from 9.6.15 to 9.6.16 in /docs (#7060)
  • deps: bump mkdocs-llmstxt from 0.3.0 to 0.3.1 (#7130)
  • deps: bump mkdocs-material from 9.6.15 to 9.6.16 (#7065)
  • deps-dev: bump boto3-stubs from 1.40.2 to 1.40.3 (#7111)
  • deps-dev: bump cfn-lint from 1.38.1 to 1.38.2 (#7109)

... (truncated)

Upgrade guide

Sourced from aws-lambda-powertools's upgrade guide.

title: Upgrade guide description: Guide to update between major Powertools for AWS Lambda (Python) versions

End of support v2

!!! warning "On March 25st, 2025, Powertools for AWS Lambda (Python) v2 reached end of support and will no longer receive updates or releases. If you are still using v2, we strongly recommend you to read our upgrade guide and update to the latest version."

Given our commitment to all of our customers using Powertools for AWS Lambda (Python), we will keep Pypi{target="_blank"} v2 releases and documentation 2.x versions to prevent any disruption.

Migrate to v3 from v2

!!! info "We strongly encourage you to migrate to v3. However, if you still need to upgrade from v1 to v2, you can find the upgrade guide."

We've made minimal breaking changes to make your transition to v3 as smooth as possible.

Quick summary

Area Change Code change required
Pydantic We have removed support for Pydantic v1 No
Parser We have replaced DynamoDBStreamModel AttributeValue with native Python types Yes
Parser We no longer export Pydantic objects from parser.pydantic. Yes
Lambda layer Lambda layers are now compiled according to the specific Python version and architecture No
Event Handler We have deprecated the get_header_value function. Yes
Batch Processor @batch_processor and @async_batch_processor decorators are now deprecated Yes
Event Source Data Classes We have updated default values for optional fields. Yes
Parameters The default cache TTL is now set to 5 minutes No
Parameters The config parameter is deprecated in favor of boto_config Yes
JMESPath Functions The extract_data_from_envelope function is deprecated in favor of query Yes
Types file We have removed the type imports from the shared/types.py file Yes

First Steps

Before you start, we suggest making a copy of your current working project or create a new branch with git.

  1. Upgrade Python to at least v3.9.
  2. Ensure you have the latest version via Lambda Layer or PyPi{target="_blank"}.
  3. Review the following sections to confirm if you need to make changes to your code.

Drop support for Pydantic v1

!!! note "No code changes required"

As of June 30, 2024, Pydantic v1 has reached its end-of-life, and we have discontinued support for this version. We now exclusively support Pydantic v2.

Use Pydantic v2 Migration Guide{target="_blank"} to migrate your custom Pydantic models to v2.

... (truncated)

Commits
  • 2942073 chore: version bump
  • eee8e38 chore(ci): new pre-release 3.18.1a9 (#7155)
  • c15fadc chore(deps-dev): bump boto3-stubs from 1.40.6 to 1.40.7 (#7153)
  • fb4af31 chore(deps-dev): bump types-python-dateutil from 2.9.0.20250708 to 2.9.0.2025...
  • a1b1782 chore(deps-dev): bump coverage from 7.10.2 to 7.10.3 (#7152)
  • 6e423f3 chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#7154)
  • ec8b27a chore(deps-dev): bump types-protobuf from 6.30.2.20250703 to 6.30.2.20250809 ...
  • effb662 chore(ci): changelog rebuild (#7148)
  • 0c39d31 chore(deps-dev): bump boto3-stubs from 1.40.5 to 1.40.6 (#7143)
  • 8dfaa89 chore(ci): new pre-release 3.18.1a8 (#7147)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
poetry: bump aws-lambda-powertools from 2.35.1 to 3.19.0
9f18468 
Bumps [aws-lambda-powertools](https://github.com/aws-powertools/powertools-lambda-python) from 2.35.1 to 3.19.0.
- [Release notes](https://github.com/aws-powertools/powertools-lambda-python/releases)
- [Changelog](https://github.com/aws-powertools/powertools-lambda-python/blob/develop/CHANGELOG.md)
- [Upgrade guide](https://github.com/aws-powertools/powertools-lambda-python/blob/develop/docs/upgrade.md)
- [Commits](aws-powertools/powertools-lambda-python@v2.35.1...v3.19.0)

---
updated-dependencies:
- dependency-name: aws-lambda-powertools
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Aug 18, 2025
@dependabot dependabot bot mentioned this pull request Aug 18, 2025
Closed
@sonarqubecloud
Copy link

sonarqubecloud bot commented Aug 18, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link

github-actions bot commented Aug 18, 2025

💥 Something went wrong while deploying the pull request environment.
Check Output Logs

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2025

Superseded by #1037.

@dependabot dependabot bot closed this Sep 15, 2025
@dependabot dependabot bot deleted the dependabot/pip/aws-lambda-powertools-3.19.0 branch September 15, 2025 01:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants