Boto3 code assistance for any API in any IDE, always up to date

Jeshan Giovanni BABOOA

Last update: Nov 14, 2022

Overview

botostubs

Gives you code assistance for any boto3 API in any IDE. Get started by running pip install botostubs

Demo

Features

PyPI package automatically aligned with boto3 (yay!)
show required / optional fields
show API docs as Python docstrings
full api coverage
support for boto3 clients, e.g type: botostubs.ACM
support for service-level resources, e.g type: botostubs.S3.S3Resource
support for paginators, e.g type: botostubs.EC2.DescribeInstancesPaginator
support for waiters, e.g type: botostubs.EC2.InstanceRunningWaiter

How it works

We look for all boto3 clients by running boto itself. Then loop over each of them to find what operations and classes are used. These are all dumped in a new python script, packaged in this project. This way, botostubs can offer comprehensive API coverage.

The deployment pipeline on AWS checks for boto3 releases every 3 days, installs it, generate new stubs and pushes them to PyPI. Looking for a new API released a few days ago? Just upgrade the package with pip install --upgrade botostubs and you're good to go.

For an in-depth account, see the blog post Code assistance for boto3, always up to date and in any IDE

Notes

This package requires that your IDE already supports getting type hints from PyPI packages. It has been tested with Intellij and Visual Studio Code.
If you are not seeing code completion in Intellij-based ones, please increase the intellisense filesize limit e.g idea.max.intellisense.filesize=30000 in IDE custom properties (Help > Edit Custom Properties), then restart
For other IDEs, you may have some luck by installing jedi, which provides code completion for Vim, Emacs, Sublime, Atom, etc.

TODO

Support python versions before 3.6. Currently requires at least 3.6 due to use of type hints.

Credits

pyboto3 for inspiration behind this. It supported only legacy Python and not Python 3. Besides, it is no longer being maintained.

For forkers

Automated releasing on pypi

Deploy the pipeline in your AWS account by clicking this button:

This is how it looks like:

Image automatically generated with cfnbuddy

Manual Releasing on pypi

docker-compose build
docker-compose run python. Enter credentials when prompted

Comments

This doesn't appear to work with python>=3.6 type hints
As of python 3.6, type hints have changed from

client = boto3.client('ssm') # type: botostubs.SSM

to

client: botostubs.SSM = boto3.client('ssm')

and I can't get it to work in VS code. I never used it in python 3.5 so I'm not sure if the new type hints are the issue or it's just not working with my vscode for some other reason, but I wanted to rule out the type hint format change.
opened by saml-dev 9
Botostubs doesn't know about bucket.upload_file[obj]()

I created a S3 bucket ressource with the boto3 library and annotated it with type hints. From the S3 resource i generated an bucket object. The auto-completion does seem to work just fine, apart from the methods upload_file[obj]() and download_file[obj](), which is simply not existent on the bucket object:

The other methods are there:

Here is the documentation of this method. https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/s3.html?highlight=upload_file#S3.Bucket.upload_fileobj

opened by major-mayer 5
S3.Bucket(name).objects collection (and others?) not showing

Thanks again for this great package!

From: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/s3.html#bucket we know these are the resource's available collections:

multipart_uploads object_versions objects

I was hoping/expecting these to be listed...have I misunderstood the scope of this package?

opened by TeaEarlGrey 4
Type does not populate with autocomplete is there a list of ENUMS?

is there a list of botostubs enum values? I cannot find the correct ENUM for kafka. Autocomplete on the type is not working. I found S3 from example.

def s3_client(): s3 = boto3.client("s3") # type: botostubs.S3 return s3 <-- THIS WORKS

def msk_client(): msk = boto3.client("kafka") # type: botostubs.KAFKA return msk <-- THIS DOES NOT WORK

opened by jmjava 3

fails to import on a mac/Python 3.5

$ pip list
Package         Version
--------------- ------------
ansible         2.9.12
awscli          1.18.116
boto3           1.14.39
botocore        1.17.39
botostubs       0.12.1.14.38
cffi            1.14.1
colorama        0.4.3
cryptography    3.0
docutils        0.15.2
Jinja2          2.11.2
jmespath        0.10.0
MarkupSafe      1.1.1
pip             20.2.1
pyasn1          0.4.8
pycparser       2.20
python-dateutil 2.8.1
PyYAML          5.3.1
rsa             4.5
s3transfer      0.3.3
setuptools      28.8.0
six             1.15.0
urllib3         1.25.10
wheel           0.34.2
$ python
Python 3.5.9 (default, Jul  6 2020, 09:15:33)
[GCC 4.2.1 Compatible Apple LLVM 11.0.3 (clang-1103.0.32.62)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import botostubs
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "~/.envs/python3_5/lib/python3.5/site-packages/botostubs/__init__.py", line 15824
    stack_id: str=None
            ^
SyntaxError: invalid syntax

works just fine with Python 3.6

opened by amozgovoy 3

Make the botostubs package PEP 561 compatible

Without this, tools like mypy won't work correctly. See https://mypy.readthedocs.io/en/latest/installed_packages.html#making-pep-561-compatible-packages.

opened by lithammer 3
what should be type value ?

Hi Jeshan

thanks for developing this tool. its very useful.

I am new to aws and wants to do programming.But I am stuck here. when botostubs is installed and checked it started working for the example you have shown. s3 = boto3.client('s3') # type: botostubs.S3 s3 properties are shown. no issue.

But when I exit from the vscode and come back again then all things disappear and auto complete doesn't work. This is consistently happening sometimes it works other don't.

what I observed is that, If i import 'sys' or 'os' package and then used 'sys.path.append()' using autocomplete feature of vs code then invoked s3. autocomplete then it start displaying properties. But behavior is not consistent. its very frustrating.

now I also want to create object for dynamodb , I am using below command but its not showing the properties. dynamo = boto3.client('dynamodb') # type: botostubs.Dynamodb dynamo = boto3.client('dynamodb') # type: botostubs.DYNAMODB so I don't know if problem is with type definition .

type: botostubs.Dynamodb

type: botostubs.DYNAMODB

I think 'type :' is very important here otherwise it won't show property. do you have complete list of types for each aws object? so that no guessing.

Also in your video, you have shown when you type # type : , you automatically gets "botostubs" and subsequent property, how to get that? Its not working on my end.

Your help is highly appreciated.

Regards

swanand

opened by sarjunwadkar 2
Reg. botostubs Resource autocomplete not working

Hi Jeshan

Thanks for developing botostubs. its very useful tool. Delighted to hear about your journey in making this tool. its very exciting. Installed botostubs on my ubuntu. Its working for client but not for Resource object

obj = boto3.resource('s3') # type : botostubs.ResourceS3

so hear if type .(dot) after obj its not showing the properties.

For Client API you are using type like below, is there any analogy? or where will i find which type to use ? s3 = boto3.client('s3') # type: botostubs.S3

once again thanks for building the tool and showing how to use AWS services end to end.

Regards

swanand

opened by sarjunwadkar 2
Doesn't provide information for boto3 Resource objects

The data generated by the botostubs library doesn't appear to include information on data types used by the Resource classes - created by boto3.resource.

opened by Varriount 2
Bump bleach from 3.1.0 to 3.1.4
Bumps bleach from 3.1.0 to 3.1.4.

Changelog

Sourced from bleach's changelog.

Version 3.1.4 (March 24th, 2020)

Security fixes

bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS).

Calls to bleach.clean with an allowed tag with an allowed style attribute were vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']}).

This issue was confirmed in Bleach versions v3.1.3, v3.1.2, v3.1.1, v3.1.0, v3.0.0, v2.1.4, and v2.1.3. Earlier versions used a similar regular expression and should be considered vulnerable too.

Anyone using Bleach <=v3.1.3 is encouraged to upgrade.

https://bugzilla.mozilla.org/show_bug.cgi?id=1623633

Backwards incompatible changes

Style attributes with dashes, or single or double quoted values are cleaned instead of passed through.

Features

None

Bug fixes

None

Version 3.1.3 (March 17th, 2020)

Security fixes

None

Backwards incompatible changes

None

Features

Add relative link to code of conduct. (#442)

Drop deprecated 'setup.py test' support. (#507)

... (truncated)

Commits

6e74a50 Update for v3.1.4 release

d6018f2 fix bug 1623633

fc77027 Merge branch 'v3.1.0-branch'

e4b1c50 Update for v3.1.3 release

59cc502 Update for v3.1.2 release

3f39d48 add wheel to requirements-dev

175f677 fix bug 1621692

78a0672 Update for v3.1.2 release

7b625ff add wheel to requirements-dev

e4e9e21 fix bug 1621692

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump bleach from 3.1.0 to 3.1.2
Bumps bleach from 3.1.0 to 3.1.2.

Changelog

Sourced from bleach's changelog.

Version 3.1.2 (March 11th, 2020)

Security fixes

bleach.clean behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS.

Calls to bleach.clean with strip=False and math or svg tags and one or more of the RCDATA tags script, noscript, style, noframes, iframe, noembed, or xmp in the allowed tags whitelist were vulnerable to a mutation XSS.

This security issue was confirmed in Bleach version v3.1.1. Earlier versions are likely affected too.

Anyone using Bleach <=v3.1.1 is encouraged to upgrade.

https://bugzilla.mozilla.org/show_bug.cgi?id=1621692

Backwards incompatible changes

None

Features

None

Bug fixes

None

Version 3.1.1 (February 13th, 2020)

Security fixes

bleach.clean behavior parsing noscript tags did not match browser behavior.

Calls to bleach.clean allowing noscript and one or more of the raw text tags (title, textarea, script, style, noembed, noframes, iframe, and xmp) were vulnerable to a mutation XSS.

This security issue was confirmed in Bleach versions v2.1.4, v3.0.2, and v3.1.0. Earlier versions are probably affected too.

... (truncated)

Commits

78a0672 Update for v3.1.2 release

7b625ff add wheel to requirements-dev

e4e9e21 fix bug 1621692

0d88dd8 Update for v3.1.1 release

996cde7 fix bug 1615315

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump certifi from 2019.11.28 to 2022.12.7
Bumps certifi from 2019.11.28 to 2022.12.7.

Commits

9e9e840 2022.12.07

b81bdb2 2022.09.24

939a28f 2022.09.14

aca828a 2022.06.15.2

de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...

b8eb5e9 2022.06.15.1

47fb7ab Fix deprecation warning on Python 3.11 (#199)

b0b48e0 fixes #198 -- update link in license

9d514b4 2022.06.15

4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump py from 1.8.1 to 1.10.0
Bumps py from 1.8.1 to 1.10.0.

Changelog

Sourced from py's changelog.

1.10.0 (2020-12-12)

Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)

Update vendored apipkg: 1.4 => 1.5

Update vendored iniconfig: 1.0.0 => 1.1.1

1.9.0 (2020-06-24)

Add type annotation stubs for the following modules:

py.error

py.iniconfig

py.path (not including SVN paths)

py.io

py.xml

There are no plans to type other modules at this time.

The type annotations are provided in external .pyi files, not inline in the code, and may therefore contain small errors or omissions. If you use py in conjunction with a type checker, and encounter any type errors you believe should be accepted, please report it in an issue.

1.8.2 (2020-06-15)

On Windows, py.path.locals which differ only in case now have the same Python hash value. Previously, such paths were considered equal but had different hashes, which is not allowed and breaks the assumptions made by dicts, sets and other users of hashes.

Commits

e5ff378 Update CHANGELOG for 1.10.0

94cf44f Update vendored libs

5e8ded5 testing: comment out an assert which fails on Python 3.9 for now

afdffcc Rename HOWTORELEASE.rst to RELEASING.rst

2de53a6 Merge pull request #266 from nicoddemus/gh-actions

fa1b32e Merge pull request #264 from hugovk/patch-2

887d6b8 Skip test_samefile_symlink on pypy3 on Windows

e94e670 Fix test_comments() in test_source

fef9a32 Adapt test

4a694b0 Add GitHub Actions badge to README

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump pygments from 2.5.2 to 2.7.4
Bumps pygments from 2.5.2 to 2.7.4.

Release notes

Sourced from pygments's releases.

2.7.4

Updated lexers:

Apache configurations: Improve handling of malformed tags (#1656)

CSS: Add support for variables (#1633, #1666)

Crystal (#1650, #1670)

Coq (#1648)

Fortran: Add missing keywords (#1635, #1665)

Ini (#1624)

JavaScript and variants (#1647 -- missing regex flags, #1651)

Markdown (#1623, #1617)

Shell

Lex trailing whitespace as part of the prompt (#1645)

Add missing in keyword (#1652)

SQL - Fix keywords (#1668)

Typescript: Fix incorrect punctuation handling (#1510, #1511)

Fix infinite loop in SML lexer (#1625)

Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

Limit recursion with nesting Ruby heredocs (#1638)

Fix a few inefficient regexes for guessing lexers

Fix the raw token lexer handling of Unicode (#1616)

Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

Fix incorrect MATLAB example (#1582)

Thanks to Google's OSS-Fuzz project for finding many of these bugs.

2.7.3

Updated lexers:

Ada (#1581)

HTML (#1615, #1614)

Java (#1594, #1586)

JavaScript (#1605, #1589, #1588)

JSON (#1569 -- this is a complete rewrite)

Lean (#1601)

LLVM (#1612)

Mason (#1592)

MySQL (#1555, #1551)

Rust (#1608)

Turtle (#1590, #1553)

Deprecated JsonBareObjectLexer, which is now identical to JsonLexer (#1600)

The ImgFormatter now calculates the exact character width, which fixes some issues with overlapping text (#1213, #1611)

... (truncated)

Changelog

Sourced from pygments's changelog.

Version 2.7.4

(released January 12, 2021)

Updated lexers:

Apache configurations: Improve handling of malformed tags (#1656)

CSS: Add support for variables (#1633, #1666)

Crystal (#1650, #1670)

Coq (#1648)

Fortran: Add missing keywords (#1635, #1665)

Ini (#1624)

JavaScript and variants (#1647 -- missing regex flags, #1651)

Markdown (#1623, #1617)

Shell

Lex trailing whitespace as part of the prompt (#1645)

Add missing in keyword (#1652)

SQL - Fix keywords (#1668)

Typescript: Fix incorrect punctuation handling (#1510, #1511)

Fix infinite loop in SML lexer (#1625)

Fix backtracking string regexes in JavaScript/TypeScript, Modula2 and many other lexers (#1637)

Limit recursion with nesting Ruby heredocs (#1638)

Fix a few inefficient regexes for guessing lexers

Fix the raw token lexer handling of Unicode (#1616)

Revert a private API change in the HTML formatter (#1655) -- please note that private APIs remain subject to change!

Fix several exponential/cubic-complexity regexes found by Ben Caller/Doyensec (#1675)

Fix incorrect MATLAB example (#1582)

Thanks to Google's OSS-Fuzz project for finding many of these bugs.

Version 2.7.3

(released December 6, 2020)

Updated lexers:

Ada (#1581)

HTML (#1615, #1614)

Java (#1594, #1586)

JavaScript (#1605, #1589, #1588)

JSON (#1569 -- this is a complete rewrite)

Lean (#1601)

LLVM (#1612)

Mason (#1592)

... (truncated)

Commits

4d555d0 Bump version to 2.7.4.

fc3b05d Update CHANGES.

ad21935 Revert "Added dracula theme style (#1636)"

e411506 Prepare for 2.7.4 release.

275e34d doc: remove Perl 6 ref

2e7e8c4 Fix several exponential/cubic complexity regexes found by Ben Caller/Doyensec

eb39c43 xquery: fix pop from empty stack

2738778 fix coding style in test_analyzer_lexer

02e0f09 Added 'ERROR STOP' to fortran.py keywords. (#1665)

c83fe48 support added for css variables (#1633)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump pyyaml from 5.3 to 5.4
Bumps pyyaml from 5.3 to 5.4.

Changelog

Sourced from pyyaml's changelog.

5.4 (2021-01-19)

yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA

yaml/pyyaml#472 -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader

yaml/pyyaml#441 -- Fix memory leak in implicit resolver setup

yaml/pyyaml#392 -- Fix py2 copy support for timezone objects

yaml/pyyaml#378 -- Fix compatibility with Jython

5.3.1 (2020-03-18)

yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor

Commits

58d0cb7 5.4 release

a60f7a1 Fix compatibility with Jython

ee98abd Run CI on PR base branch changes

ddf2033 constructor.timezone: _copy & deepcopy

fc914d5 Avoid repeatedly appending to yaml_implicit_resolvers

a001f27 Fix for CVE-2020-14343

fe15062 Add 3.9 to appveyor file for completeness sake

1e1c7fb Add a newline character to end of pyproject.toml

0b6b7d6 Start sentences and phrases for capital letters

c976915 Shell code improvements

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump jinja2 from 2.10.3 to 2.11.3
Bumps jinja2 from 2.10.3 to 2.11.3.

Release notes

Sourced from jinja2's releases.

2.11.3

This contains a fix for a speed issue with the urlize filter. urlize is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to urlize in general, not just the specific input cases.

PyPI: https://pypi.org/project/Jinja2/2.11.3/

Changes: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3

2.11.2

Changelog: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-2

2.11.1

This fixes an issue in async environment when indexing the result of an attribute lookup, like {{ data.items[1:] }}.

Changes: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1

2.11.0

Changes: https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0

Blog: https://palletsprojects.com/blog/jinja-2-11-0-released/

Twitter: https://twitter.com/PalletsTeam/status/1221883554537230336

This is the last version to support Python 2.7 and 3.5. The next version will be Jinja 3.0 and will support Python 3.6 and newer.

Changelog

Sourced from jinja2's changelog.

Version 2.11.3

Released 2021-01-31

Improve the speed of the urlize filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:1343

Version 2.11.2

Released 2020-04-13

Fix a bug that caused callable objects with __getattr__, like :class:~unittest.mock.Mock to be treated as a :func:contextfunction. :issue:1145

Update wordcount filter to trigger :class:Undefined methods by wrapping the input in :func:soft_str. :pr:1160

Fix a hang when displaying tracebacks on Python 32-bit. :issue:1162

Showing an undefined error for an object that raises AttributeError on access doesn't cause a recursion error. :issue:1177

Revert changes to :class:~loaders.PackageLoader from 2.10 which removed the dependency on setuptools and pkg_resources, and added limited support for namespace packages. The changes caused issues when using Pytest. Due to the difficulty in supporting Python 2 and :pep:451 simultaneously, the changes are reverted until 3.0. :pr:1182

Fix line numbers in error messages when newlines are stripped. :pr:1178

The special namespace() assignment object in templates works in async environments. :issue:1180

Fix whitespace being removed before tags in the middle of lines when lstrip_blocks is enabled. :issue:1138

:class:~nativetypes.NativeEnvironment doesn't evaluate intermediate strings during rendering. This prevents early evaluation which could change the value of an expression. :issue:1186

Version 2.11.1

Released 2020-01-30

Fix a bug that prevented looking up a key after an attribute ({{ data.items[1:] }}) in an async template. :issue:1141

... (truncated)

Commits

cf21539 release version 2.11.3

15ef8f0 Merge pull request #1343 from pallets/urlize-speedup

ef658dc speed up urlize matching

eeca0fe Merge pull request #1207 from mhansen/patch-1

2dd7691 Merge pull request #1209 from mhansen/patch-3

4892940 do_dictsort: update example ready to copy/paste

7db7d33 api.rst: bugfix in docs, import PackageLoader

9ec465b fix changelog header

737a4cd release version 2.11.2

179df6b Merge pull request #1190 from pallets/native-eval

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Not compatible with mypy
Not sure the level of effort to get this to work with mypy. I have many examples but this one makes the most sense:

Making API call with filter:

response = client.describe_instance_type_offerings( LocationType=location, Filters=[{"Name": "instance-type", "Values": [instance_type]}], )

mypy error:

error: List item 0 has incompatible type "Dict[str, Sequence[str]]"; expected "Filter" [list-item]

I have tried many ways to fix it:

filter: botostubs.EC2.Filter = { "Name": "instance-type", "Values": [instance_type] }

but nothing works. Thats because the variable filter is supposed to be an instance of the class Filter. Where really with boto3 a filter is a Dict[str, Any].

I haven't even looked at what it would take to implement but I might give this a look if this is something people are interested in.
opened by shadycuz 2

Releases(v0.15.1.23.9)

v0.15.1.23.9(May 28, 2022)

Compatibility with boto3 version 1.23.9. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.9
Source code(tar.gz)
Source code(zip)
v0.15.1.23.7(May 25, 2022)

Compatibility with boto3 version 1.23.7. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.7
Source code(tar.gz)
Source code(zip)
v0.15.1.23.5(May 22, 2022)

Compatibility with boto3 version 1.23.5. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.5
Source code(tar.gz)
Source code(zip)
v0.15.1.23.3(May 19, 2022)

Compatibility with boto3 version 1.23.3. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.3
Source code(tar.gz)
Source code(zip)
v0.15.1.23.10(May 31, 2022)

Compatibility with boto3 version 1.23.10. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.10
Source code(tar.gz)
Source code(zip)
v0.15.1.23.0(May 16, 2022)

Compatibility with boto3 version 1.23.0. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.23.0
Source code(tar.gz)
Source code(zip)
v0.15.1.22.9(May 7, 2022)

Compatibility with boto3 version 1.22.9. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.9
Source code(tar.gz)
Source code(zip)
v0.15.1.22.6(May 4, 2022)

Compatibility with boto3 version 1.22.6. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.6
Source code(tar.gz)
Source code(zip)
v0.15.1.22.4(May 1, 2022)

Compatibility with boto3 version 1.22.4. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.4
Source code(tar.gz)
Source code(zip)
v0.15.1.22.2(Apr 28, 2022)

Compatibility with boto3 version 1.22.2. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.2
Source code(tar.gz)
Source code(zip)
v0.15.1.22.13(May 13, 2022)

Compatibility with boto3 version 1.22.13. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.13
Source code(tar.gz)
Source code(zip)
v0.15.1.22.10(May 10, 2022)

Compatibility with boto3 version 1.22.10. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.22.10
Source code(tar.gz)
Source code(zip)
v0.15.1.21.9(Mar 1, 2022)

Compatibility with boto3 version 1.21.9. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.9
Source code(tar.gz)
Source code(zip)
v0.15.1.21.8(Feb 28, 2022)

Compatibility with boto3 version 1.21.8. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.8
Source code(tar.gz)
Source code(zip)
v0.15.1.21.46(Apr 25, 2022)

Compatibility with boto3 version 1.21.46. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.46
Source code(tar.gz)
Source code(zip)
v0.15.1.21.42(Apr 16, 2022)

Compatibility with boto3 version 1.21.42. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.42
Source code(tar.gz)
Source code(zip)
v0.15.1.21.39(Apr 13, 2022)

Compatibility with boto3 version 1.21.39. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.39
Source code(tar.gz)
Source code(zip)
v0.15.1.21.37(Apr 10, 2022)

Compatibility with boto3 version 1.21.37. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.37
Source code(tar.gz)
Source code(zip)
v0.15.1.21.35(Apr 7, 2022)

Compatibility with boto3 version 1.21.35. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.35
Source code(tar.gz)
Source code(zip)
v0.15.1.21.32(Apr 4, 2022)

Compatibility with boto3 version 1.21.32. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.32
Source code(tar.gz)
Source code(zip)
v0.15.1.21.31(Apr 1, 2022)

Compatibility with boto3 version 1.21.31. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.31
Source code(tar.gz)
Source code(zip)
v0.15.1.21.30(Mar 31, 2022)

Compatibility with boto3 version 1.21.30. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.30
Source code(tar.gz)
Source code(zip)
v0.15.1.21.27(Mar 28, 2022)

Compatibility with boto3 version 1.21.27. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.27
Source code(tar.gz)
Source code(zip)
v0.15.1.21.26(Mar 25, 2022)

Compatibility with boto3 version 1.21.26. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.26
Source code(tar.gz)
Source code(zip)
v0.15.1.21.23(Mar 22, 2022)

Compatibility with boto3 version 1.21.23. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.23
Source code(tar.gz)
Source code(zip)
v0.15.1.21.22(Mar 19, 2022)

Compatibility with boto3 version 1.21.22. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.22
Source code(tar.gz)
Source code(zip)
v0.15.1.21.20(Mar 16, 2022)

Compatibility with boto3 version 1.21.20. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.20
Source code(tar.gz)
Source code(zip)
v0.15.1.21.18(Mar 13, 2022)

Compatibility with boto3 version 1.21.18. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.18
Source code(tar.gz)
Source code(zip)
v0.15.1.21.16(Mar 10, 2022)

Compatibility with boto3 version 1.21.16. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.16
Source code(tar.gz)
Source code(zip)
v0.15.1.21.13(Mar 7, 2022)

Compatibility with boto3 version 1.21.13. See boto3 release here: https://github.com/boto/boto3/releases/tag/1.21.13
Source code(tar.gz)
Source code(zip)