chore(deps): bump the production-dependencies group with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates: boto3, botocore, pyarrow and aiohttp.

Updates boto3 from 1.34.150 to 1.34.153

Commits

• 1b7dafa Merge branch 'release-1.34.153'
• 809d4cd Bumping version to 1.34.153
• f753c4f Add changelog entries from botocore
• ba3d7ce Merge branch 'release-1.34.152'
• 9489da6 Merge branch 'release-1.34.152' into develop
• be5b965 Bumping version to 1.34.152
• 8723785 Add changelog entries from botocore
• 64fb912 Merge branch 'release-1.34.151'
• 533a186 Merge branch 'release-1.34.151' into develop
• 37f7211 Bumping version to 1.34.151
• Additional commits viewable in compare view

Updates botocore from 1.34.153 to 1.34.158

Changelog

Sourced from botocore's changelog.

1.34.158

• api-change:cognito-idp: Fixed a description of AdvancedSecurityAdditionalFlows in Amazon Cognito user pool configuration.
• api-change:connect: This release supports adding RoutingCriteria via UpdateContactRoutingData public API.
• api-change:ssm: Systems Manager doc-only updates for August 2024.

1.34.157

• api-change:cognito-idp: Added support for threat protection for custom authentication in Amazon Cognito user pools.
• api-change:connect: This release fixes a regression in number of access control tags that are allowed to be added to a security profile in Amazon Connect. You can now add up to four access control tags on a single security profile.
• api-change:ec2: Launch of private IPv6 addressing for VPCs and Subnets. VPC IPAM supports the planning and monitoring of private IPv6 usage.
• api-change:glue: This release adds support to retrieve the validation status when creating or updating Glue Data Catalog Views. Also added is support for BasicCatalogTarget partition keys.

1.34.156

• api-change:appintegrations: Updated CreateDataIntegration and CreateDataIntegrationAssociation API to support bulk data export from Amazon Connect Customer Profiles to the customer S3 bucket.
• api-change:glue: Introducing AWS Glue Data Quality anomaly detection, a new functionality that uses ML-based solutions to detect data anomalies users have not explicitly defined rules for.

1.34.155

• api-change:bedrock-agent-runtime: Introduce model invocation output traces for orchestration traces, which contain the model's raw response and usage.
• api-change:cognito-idp: Advanced security feature updates to include password history and log export for Cognito user pools.
• api-change:cost-optimization-hub: This release adds savings percentage support to the ListRecommendationSummaries API.
• api-change:workspaces: Added support for BYOL_GRAPHICS_G4DN_WSP IngestionProcess
• enhancement:AWSCRT: Update awscrt version to 0.21.2

1.34.154

• api-change:datazone: This releases Data Product feature. Data Products allow grouping data assets into cohesive, self-contained units for ease of publishing for data producers, and ease of finding and accessing for data consumers.
• api-change:ecr: Released two new APIs along with documentation updates. The GetAccountSetting API is used to view the current basic scan type version setting for your registry, while the PutAccountSetting API is used to update the basic scan type version for your registry.
• api-change:kinesis-video-webrtc-storage: Add JoinStorageSessionAsViewer API
• api-change:pi: Added a description for the Dimension db.sql.tokenized_id on the DimensionGroup data type page.

Commits

• 1bba722 Merge branch 'release-1.34.158'
• 60ee24a Bumping version to 1.34.158
• 1a3e2ee Update endpoints model
• 338353f Update to latest models
• 894686f Merge branch 'release-1.34.157'
• c13dc94 Merge branch 'release-1.34.157' into develop
• 6853abf Bumping version to 1.34.157
• 18a9479 Update to latest models
• 0a2e478 Merge branch 'release-1.34.156'
• 7f23afd Merge branch 'release-1.34.156' into develop
• Additional commits viewable in compare view

Updates pyarrow from 16.1.0 to 17.0.0

Release notes

Sourced from pyarrow's releases.

Apache Arrow 17.0.0

Release Notes URL: https://arrow.apache.org/release/17.0.0.html

Apache Arrow 17.0.0 RC2

Release Notes: Release Candidate: 17.0.0 RC2

Apache Arrow 17.0.0 RC1

Release Notes: Release Candidate: 17.0.0 RC1

Apache Arrow 17.0.0 RC0

Release Notes: Release Candidate: 17.0.0 RC0

Commits

• 6a2e19a MINOR: [Release] Update versions for 17.0.0
• 1a2fff4 MINOR: [Release] Update .deb/.rpm changelogs for 17.0.0
• 9d4cccc MINOR: [Release] Update CHANGELOG.md for 17.0.0
• bf75923 GH-43204: [CI][Packaging] Apply vcpkg patch to fix Thrift version (#43208)
• e85767a GH-41541: [Go][Parquet] More fixes for writer performance regression (#42003)
• 5c69895 GH-43199: [CI][Packaging] dev/release/utils-create-release-tarball.sh should ...
• 12be569 GH-42149: [C++] Use FetchContent for bundled ORC (#43011)
• 58d5142 GH-43158: [Packaging] Use bundled nlohmann/json on AlmaLinux 8/CentOS Stream ...
• 56a9862 GH-41910: [Python] Add support for Pyodide (#37822)
• 14e4684 GH-43116: [C++][Compute] Mark KeyCompare.CompareColumnsToRowsLarge as large m...
• Additional commits viewable in compare view

Updates aiohttp from 3.10.2 to 3.10.3

Release notes

Sourced from aiohttp's releases.

3.10.3

Bug fixes

• Fixed multipart reading when stream buffer splits the boundary over several read() calls -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8653.

• Fixed :py:class:aiohttp.TCPConnector doing blocking I/O in the event loop to create the SSLContext -- by :user:bdraco.

  The blocking I/O would only happen once per verify mode. However, it could cause the event loop to block for a long time if the SSLContext creation is slow, which is more likely during startup when the disk cache is not yet present.

  Related issues and pull requests on GitHub: #8672.

Miscellaneous internal changes

• Improved performance of :py:meth:~aiohttp.ClientWebSocketResponse.receive and :py:meth:~aiohttp.web.WebSocketResponse.receive when there is no timeout. -- by :user:bdraco.

  The timeout context manager is now avoided when there is no timeout as it accounted for up to 50% of the time spent in the :py:meth:~aiohttp.ClientWebSocketResponse.receive and :py:meth:~aiohttp.web.WebSocketResponse.receive methods.

  Related issues and pull requests on GitHub: #8660.

• Improved performance of starting request handlers with Python 3.12+ -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8661.

• Improved performance of HTTP keep-alive checks -- by :user:bdraco.

  Previously, when processing a request for a keep-alive connection, the keep-alive check would happen every second; the check is now rescheduled if it fires too early instead.

  Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.3 (2024-08-10)

Bug fixes

• Fixed multipart reading when stream buffer splits the boundary over several read() calls -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8653.

• Fixed :py:class:aiohttp.TCPConnector doing blocking I/O in the event loop to create the SSLContext -- by :user:bdraco.

  The blocking I/O would only happen once per verify mode. However, it could cause the event loop to block for a long time if the SSLContext creation is slow, which is more likely during startup when the disk cache is not yet present.

  Related issues and pull requests on GitHub: :issue:8672.

Miscellaneous internal changes

• Improved performance of :py:meth:~aiohttp.ClientWebSocketResponse.receive and :py:meth:~aiohttp.web.WebSocketResponse.receive when there is no timeout. -- by :user:bdraco.

  The timeout context manager is now avoided when there is no timeout as it accounted for up to 50% of the time spent in the :py:meth:~aiohttp.ClientWebSocketResponse.receive and :py:meth:~aiohttp.web.WebSocketResponse.receive methods.

  Related issues and pull requests on GitHub: :issue:8660.

• Improved performance of starting request handlers with Python 3.12+ -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8661.

• Improved performance of HTTP keep-alive checks -- by :user:bdraco.

  Previously, when processing a request for a keep-alive connection, the keep-alive check would happen every second; the check is now rescheduled if it fires too early instead.

... (truncated)

Commits

• ef20502 Release 3.10.3 (#8675)
• 73d17d4 [PR #8676/2915102 backport][3.10] Fix type ignore in SSLContext creation conn...
• f3fcba4 [PR #8672/c3219bf backport][3.10] Fix TCPConnector doing blocking I/O in the ...
• f96182a [PR #8662/be23d16f backport][3.10] Improve performance of keepalive reschedul...
• dbcdb16 [PR #8667/406cd2c7 backport][3.10] Improve performance of generating random W...
• b4ad882 [PR #8661/4d604ea backport][3.10] Improve performance of starting request han...
• 3a9de0c [PR #8660/14d5295 backport][3.10] Improve performance of WebSockets when ther...
• 1bc8d53 [PR #8657/6c6ecfaf backport][3.10] Fix multipart reading with split boundary ...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[LeonLuttenberger]

@dependabot recreate

[malachi-constant]

AWS CodeBuild CI Report

• CodeBuild project: GitHubCodeBuild8756EF16-4rfo0GHQ0u9a
• Commit ID: 037770d
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[malachi-constant]

AWS CodeBuild CI Report

• CodeBuild project: GitHubDistributedCodeBuild6-jWcl5DLmvupS
• Commit ID: 037770d
• Result: FAILED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[malachi-constant]

AWS CodeBuild CI Report

• CodeBuild project: GitHubCodeBuild8756EF16-4rfo0GHQ0u9a
• Commit ID: eba9924
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[malachi-constant]

AWS CodeBuild CI Report

• CodeBuild project: GitHubDistributedCodeBuild6-jWcl5DLmvupS
• Commit ID: eba9924
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository