Bump the dependencies group with 3 updates

[dependabot[bot]]

Bumps the dependencies group with 3 updates: sigstore, boto3 and botocore.

Updates sigstore from 3.2.0 to 3.3.0

Release notes

Sourced from sigstore's releases.

v3.3.0

Added

• CLI: The sigstore verify command now outputs the inner in-toto statement when verifying DSSE envelopes. If verification is successful, the output will be the inner in-toto statement. This allows the user to see the statement's predicate, which sigstore-python does not verify and should be verified by the user.

• CLI: The sigstore attest subcommand has been added. This command is similar to cosign attest in that it signs over an artifact and a predicate using a DSSE envelope. This commands requires the user to pass a path to the file containing the predicate, and the predicate type. Currently only the SLSA Provenance v0.2 and v1.0 types are supported.

• CLI: The sigstore verify command now supports verifying digests. This means that the user can now pass a digest like sha256:aaaa.... instead of the path to an artifact, and sigstore-python will verify it as if it was the artifact with that digest.

Changelog

Sourced from sigstore's changelog.

[3.3.0]

Added

• CLI: The sigstore verify command now outputs the inner in-toto statement when verifying DSSE envelopes. If verification is successful, the output will be the inner in-toto statement. This allows the user to see the statement's predicate, which sigstore-python does not verify and should be verified by the user.

• CLI: The sigstore attest subcommand has been added. This command is similar to cosign attest in that it signs over an artifact and a predicate using a DSSE envelope. This commands requires the user to pass a path to the file containing the predicate, and the predicate type. Currently only the SLSA Provenance v0.2 and v1.0 types are supported.

• CLI: The sigstore verify command now supports verifying digests. This means that the user can now pass a digest like sha256:aaaa.... instead of the path to an artifact, and sigstore-python will verify it as if it was the artifact with that digest.

Commits

• 343cbbf prep 3.3.0 (#1129)
• eea7315 Add support for verifying digests to CLI verify commands (#1125)
• 55e8d15 build(deps): bump platformdirs from 4.3.2 to 4.3.3 (#1127)
• 0650983 build(deps): bump peter-evans/create-pull-request from 7.0.2 to 7.0.3 in the ...
• a8671f1 build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 in the actions g...
• 2a3f720 build(deps): update ruff requirement from <0.6.5 to <0.6.6 (#1123)
• 3af8dca Attestation CLI command improvements (#1121)
• b704f82 Add sigstore attest CLI subcommand to sign using DSSE envelopes (#1115)
• 75d5f50 Add support for Python 3.13 (#1120)
• 6eb935d build(deps): bump peter-evans/create-pull-request from 7.0.1 to 7.0.2 in the ...
• Additional commits viewable in compare view

Updates boto3 from 1.35.15 to 1.35.25

Commits

• f493e6b Merge branch 'release-1.35.25'
• 6313b69 Bumping version to 1.35.25
• f45c88d Add changelog entries from botocore
• 0902ce1 Merge branch 'release-1.35.24'
• 5bb98c0 Merge branch 'release-1.35.24' into develop
• 03cb1ed Bumping version to 1.35.24
• 08b0363 Add changelog entries from botocore
• 746a999 Merge branch 'release-1.35.23'
• bf912c6 Merge branch 'release-1.35.23' into develop
• dc7b107 Bumping version to 1.35.23
• Additional commits viewable in compare view

Updates botocore from 1.35.15 to 1.35.25

Changelog

Sourced from botocore's changelog.

1.35.25

• api-change:apigateway: Documentation updates for Amazon API Gateway
• api-change:athena: List/Get/Update/Delete/CreateDataCatalog now integrate with AWS Glue connections. Users can create a Glue connection through Athena or use a Glue connection to define their Athena federated parameters.
• api-change:bedrock-agent: Amazon Bedrock Prompt Flows and Prompt Management now supports using inference profiles to increase throughput and improve resilience.
• api-change:ec2: Amazon EC2 G6e instances powered by NVIDIA L40S Tensor Core GPUs are the most cost-efficient GPU instances for deploying generative AI models and the highest performance GPU instances for spatial computing workloads.
• api-change:emr-serverless: This release adds support for job concurrency and queuing configuration at Application level.
• api-change:glue: Added AthenaProperties parameter to Glue Connections, allowing Athena to store service specific properties on Glue Connections.
• api-change:rds: Support ComputeRedundancy parameter in ModifyDBShardGroup API. Add DBShardGroupArn in DBShardGroup API response. Remove InvalidMaxAcuFault from CreateDBShardGroup and ModifyDBShardGroup API. Both API will throw InvalidParameterValueException for invalid ACU configuration.
• api-change:resource-explorer-2: AWS Resource Explorer released ListResources feature which allows customers to list all indexed AWS resources within a view.

1.35.24

• api-change:dynamodb: Generate account endpoint for DynamoDB requests when the account ID is available
• api-change:neptune: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:sagemaker: Amazon SageMaker now supports using manifest files to specify the location of uncompressed model artifacts within Model Packages
• api-change:sagemaker-metrics: This release introduces support for the SageMaker Metrics BatchGetMetrics API.
• api-change:workspaces: Releasing new ErrorCodes for SysPrep failures during ImageImport and CreateImage process

1.35.23

• api-change:codeconnections: This release adds the PullRequestComment field to CreateSyncConfiguration API input, UpdateSyncConfiguration API input, GetSyncConfiguration API output and ListSyncConfiguration API output
• api-change:glue: This change is for releasing TestConnection api SDK model
• api-change:lambda: Tagging support for Lambda event source mapping, and code signing configuration resources.
• api-change:mediaconvert: This release provides support for additional DRM configurations per SPEKE Version 2.0.
• api-change:medialive: Adds Bandwidth Reduction Filtering for HD AVC and HEVC encodes, multiplex container settings.
• api-change:quicksight: QuickSight: 1. Add new API - ListFoldersForResource. 2. Commit mode adds visibility configuration of Apply button on multi-select controls for authors.
• api-change:sagemaker: Introduced support for G6e instance types on SageMaker Studio for JupyterLab and CodeEditor applications.
• api-change:workspaces-web: WorkSpaces Secure Browser now enables Administrators to view and manage end-user browsing sessions via Session Management APIs.

1.35.22

• api-change:ce: This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon DynamoDB reservations.
• api-change:ds: Added new APIs for enabling, disabling, and describing access to the AWS Directory Service Data API
• api-change:ds-data: Added new AWS Directory Service Data API, enabling you to manage data stored in AWS Directory Service directories. This includes APIs for creating, reading, updating, and deleting directory users, groups, and group memberships.
• api-change:guardduty: Add launchType and sourceIPs fields to GuardDuty findings.
• api-change:mailmanager: Introduce a new RuleSet condition evaluation, where customers can set up a StringExpression with a MimeHeader condition. This condition will perform the necessary validation based on the X-header provided by customers.
• api-change:rds: Updates Amazon RDS documentation with information upgrading snapshots with unsupported engine versions for RDS for MySQL and RDS for PostgreSQL.
• api-change:s3: Added SSE-KMS support for directory buckets.

1.35.21

... (truncated)

Commits

• bc882ed Merge branch 'release-1.35.25'
• 5d4f0e8 Bumping version to 1.35.25
• 05a95ee Update to latest models
• 8fd0fec Merge customizations for Resource Explorer 2
• 1013ecc Fix formatting issue (#3262)
• 6d7c09c Merge branch 'release-1.35.24' into develop
• ad832a1 Merge branch 'release-1.35.24'
• e21b158 Bumping version to 1.35.24
• f3e49b4 Update to latest models
• caa3fde Merge customizations for DynamoDB
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions