v1.26.5

Summary

This patch release addresses a packaging regression that introduced mypy boto3 typing packages as prod dependencies instead of dev dependencies -- huge thanks to @tb102122 for spotting this 30m ago.

Everything else in this release is related to operational excellence on improving GitHub Actions workflow performance, and last steps to make our new Lambda Layer release pipeline ready.

Changes

🐛 Bug and hot fixes

• fix(deps): correct mypy types as dev dependency (#1322) by @heitorlessa
• fix(ci): keep layer version permission resource (#1318) by @am29d
• fix(ci): lambda layer workflow release version and conditionals (#1316) by @am29d
• fix(ci): remove additional quotes in PR action (#1317) by @heitorlessa
• fix(ci): install poetry before calling setup/python with cache (#1315) by @rubenfonseca

🔧 Maintenance

• fix(deps): correct mypy types as dev dependency (#1322) by @heitorlessa
• fix(ci): lambda layer workflow release version and conditionals (#1316) by @am29d
• chore(ci): adds caching when installing python dependencies (#1311) by @rubenfonseca

This release was made possible by the following contributors:

@am29d, @dependabot[bot], @heitorlessa, @rubenfonseca and Release bot

v1.26.4

Summary

This release continues our focus on Operational Excellence with several GitHub Actions to improve our automation on governance tasks (e.g., PR labelling, security, release automation, dependencies, etc.).

We also moved the Lambda Layer release pipeline to Github Actions (#1278). This will expand the official Lambda Layer to all commercial AWS regions, once operational. Huge thanks to @am29d!

In addition, we laid the groundwork for end-to-end (E2E) testing, starting with the core features (logger, metrics, tracer). Thank you @mploski!

Changes

🐛 Bug and hot fixes

• fix(parser): raise ValidationError when SNS->SQS keys are intentionally missing (#1299) by @rubenfonseca
• fix(ci): fixes typos and small issues on github scripts (#1302) by @rubenfonseca

🔧 Maintenance

• chore(ci): increase release automation and limit to one manual step (#1297) by @heitorlessa
• chore(deps): bump constructs from 10.1.1 to 10.1.49 (#1308) by @dependabot
• chore(deps): bump fastjsonschema from 2.15.3 to 2.16.1 (#1309) by @dependabot
• fix(parser): raise ValidationError when SNS->SQS keys are intentionally missing (#1299) by @rubenfonseca
• chore(deps): bump constructs from 10.1.1 to 10.1.46 (#1306) by @dependabot
• chore(ci): lockdown 3rd party workflows to pin sha (#1301) by @heitorlessa
• chore(ci): automatically add area label based on title (#1300) by @rubenfonseca
• chore(deps): bump jsii from 1.61.0 to 1.62.0 (#1294) by @dependabot
• chore(ci): add end to end testing mechanism (#1247) by @mploski
• chore(deps-dev): bump mypy-boto3-appconfig from 1.24.0 to 1.24.29 (#1295) by @dependabot

This release was made possible by the following contributors:

@am29d, @dependabot, @dependabot[bot], @heitorlessa, @mploski and @rubenfonseca

v1.26.3

Summary

This patch release addresses an issue with Lambda handlers with custom signatures (*args, **kwargs) when using logger.inject_lambda_context decorator - thanks to @RonRandemaker

Thanks to @kbakk, we now have officially documented how to inject standard logging record attributes when using Logger.

This release continues our focus on Operational Excellence with several GitHub Actions to improve our automation on governance tasks (e.g., PR labeling, Comments on issues closed, Markdown linting rules etc.).

Last but not least, we've started revamping all documentation examples, including making some of them more realistic to how customers would code.

Ah! Before I forget...huge thanks to new contributors @RonRademaker, @kbakk.

Changes

📜 Documentation updates

• docs(metrics): snippets split, improved, and lint (#1272) by @heitorlessa
• docs(logger): document enriching logs with logrecord attributes (#1271) by @kbakk
• docs(logger): snippets split, improved, and lint (#1262) by @heitorlessa
• docs(tracer): snippets split, improved, and lint (#1261) by @heitorlessa
• docs(tracer): split and lint code snippets (#1260) by @heitorlessa
• docs(lint): add markdownlint rules and automation (#1256) by @heitorlessa

🐛 Bug and hot fixes

• fix(logger): preserve std keys when using custom formatters (#1264) by @heitorlessa
• fix(logger): support additional args for handlers when injecting lambda context (#1276) by @RonRademaker

🔧 Maintenance

• chore(deps): bump dependabot/fetch-metadata from 1.3.2 to 1.3.3 (#1273) by @dependabot
• chore(deps-dev): bump flake8-bugbear from 22.6.22 to 22.7.1 (#1274) by @dependabot
• chore(deps): bump aws-xray-sdk from 2.9.0 to 2.10.0 (#1270) by @dependabot
• chore(deps): bump dependabot/fetch-metadata from 1.1.1 to 1.3.2 (#1269) by @dependabot
• docs(logger): snippets split, improved, and lint (#1262) by @heitorlessa
• docs(tracer): snippets split, improved, and lint (#1261) by @heitorlessa
• docs(tracer): split and lint code snippets (#1260) by @heitorlessa
• docs(lint): add markdownlint rules and automation (#1256) by @heitorlessa
• chore(deps-dev): bump flake8-bugbear from 22.4.25 to 22.6.22 (#1258) by @dependabot
• chore(deps-dev): bump mypy-boto3-dynamodb from 1.24.0 to 1.24.12 (#1255) by @dependabot
• chore(deps-dev): bump mypy-boto3-secretsmanager from 1.24.0 to 1.24.11.post3 (#1252) by @dependabot
• chore(test-perf): use pytest-benchmark to improve reliability (#1250) by @heitorlessa

This release was made possible by the following contributors:

@RonRademaker, @dependabot, @dependabot[bot], @heitorlessa and @kbakk

v1.26.2

Summary

This release addresses CORS Pre-flight issue when using Event Handler with ALB. Prior to this release, ALB would return HTTP 502 if Lambda would return a null body for a Pre-flight (HTTP OPTIONS) request. This release sets body to an empty string for compliance, and it doesn't affect API Gateway/AppSync features.

Shoutout to @francispeabody for spotting this behaviour, as CORS Specification doesn't dictate whether there should be a response or not leaving to each service to make their own judgement.

Changes

🐛 Bug and hot fixes

• fix(event-handler): body to empty string in CORS preflight (ALB non-compliant) (#1249) by @heitorlessa

🔧 Maintenance

• chore(deps): bump actions/setup-python from 3 to 4 (#1244) by @dependabot
• chore(deps-dev): bump mypy-boto3-appconfig from 1.23.0.post1 to 1.24.0 (#1233) by @dependabot
• chore(deps-dev): bump mypy-boto3-dynamodb from 1.23.0.post1 to 1.24.0 (#1234) by @dependabot
• chore(deps-dev): bump mypy-boto3-secretsmanager from 1.23.8 to 1.24.0 (#1232) by @dependabot
• chore(deps-dev): bump mypy-boto3-ssm from 1.23.0.post1 to 1.24.0 (#1231) by @dependabot
• chore(deps-dev): bump mypy from 0.960 to 0.961 (#1241) by @dependabot
• chore(metrics): revert dimensions test and split (#1243) by @heitorlessa

This release was made possible by the following contributors:

@am29d, @dependabot, @dependabot[bot] and @heitorlessa

v1.26.1

Summary

This is an emergency release to ensure Metrics utility raises an exception when customers add 9 user-defined metric dimensions.

Huge thanks to @dnlopes for spotting this bug thus warranting this emergency release.

Background

Lambda Powertools adds a service CloudWatch Metric Dimension on top of user-defined dimensions (max 8). Prior to this release, customers were able to add 9 user-defined dimensions leading to a total of 10 metric dimensions. This makes CloudWatch EMF fail silently and not convert them as metrics.

The confusion stems from CloudWatch Metrics and CloudWatch Logs EMF having different limits. CloudWatch Metrics support 10 dimensions while CloudWatch EMF (async) support 9. For EMF, all validation must happen client side as EMF fails silently should any limit is hit and no feedback is given.

We provided this feedback to the CloudWatch EMF team, and they're looking at ways to improve customers feedback on the server-side so it's less reliant on client-side validation.

Changes

📜 Documentation updates

• fix(metrics): raise SchemaValidationError for >8 metric dimensions (#1240) by @heitorlessa
• docs(maintainers): initial maintainers playbook (#1222) by @heitorlessa

🐛 Bug and hot fixes

• fix(metrics): raise SchemaValidationError for >8 metric dimensions (#1240) by @heitorlessa

🔧 Maintenance

• docs(maintainers): initial maintainers playbook (#1222) by @heitorlessa
• chore(deps-dev): bump mypy from 0.950 to 0.960 (#1224) by @dependabot
• chore(deps-dev): bump mypy-boto3-secretsmanager from 1.23.0.post1 to 1.23.8 (#1225) by @dependabot

This release was made possible by the following contributors:

@dependabot, @dependabot[bot] and @heitorlessa

v1.26.0

Summary

This release unblocks customers using Parameters utility when trying to use VPC private endpoints, or looking to bring their own boto3 clients to ease testing, custom settings, etc.

Documentation

User Experience

As part of this release, we've made progress on a few governance topics such as a new dedicated board of activities and our first iteration of the new roadmap process - you can read more details on our current pause message update.

Changes

🌟New features and non-breaking changes

• feat(parameters): accept boto3_client to support private endpoints and ease testing (#1096) by @ran-isenberg

📜 Documentation updates

• feat(parameters): accept boto3_client to support private endpoints and ease testing (#1096) by @ran-isenberg
• docs(roadmap): add new roadmap section (#1204) by @heitorlessa

🐛 Bug and hot fixes

• fix(docs): remove Slack link (#1210) by @sthulb
• fix(batch): missing space in BatchProcessingError message (#1201) by @mew1033
• fix(batch): docstring fix for success_handler() record parameter (#1202) by @peterschutt

🔧 Maintenance

• chore(deps-dev): bump mypy-boto3-secretsmanager from 1.21.34 to 1.23.0.post1 (#1218) by @dependabot
• chore(deps-dev): bump mypy-boto3-appconfig from 1.21.34 to 1.23.0.post1 (#1219) by @dependabot
• chore(deps-dev): bump mypy-boto3-ssm from 1.21.34 to 1.23.0.post1 (#1220) by @dependabot
• chore(deps): bump pydantic from 1.9.0 to 1.9.1 (#1221) by @dependabot
• feat(parameters): accept boto3_client to support private endpoints and ease testing (#1096) by @ran-isenberg
• chore(deps): bump email-validator from 1.1.3 to 1.2.1 (#1199) by @dependabot

This release was made possible by the following contributors:

@dependabot, @dependabot[bot], @heitorlessa, @mew1033, @peterschutt, @ran-isenberg and @sthulb

v1.25.10

Summary

This patch release addresses the following main issues:

• Event Handler: Previously, Lambda handlers decorated with event source data class that also use Event Handler were incompatible
• Event Handler: Raising a ServiceError like NotFound as part of an exception handler ended up propagating a ServiceError instead of converting into a non-successful response (e.g., 4xx)
• Event Source Data Classes: Missing date field type annotation in SESEvent to string instead of list, and missing fields like cc, bcc, sender, and reply_to, and dkim related fields
• Parameters: Previously, customers couldn't easily clear parameters (SSM, Secrets Manager, AppConfig, DynamoDB) cache as part of their automated tests

Changes

🌟 New features and non-breaking changes

• feat(parameters): add clear_cache method for providers (#1194) by @heitorlessa

🐛 Bug and hot fixes

• fix(data-classes): fix SES date field typing and add missing fields (#1045) by @michaelbrewer
• fix(deps-dev): remove jmespath due to dev deps conflict (#1148) by @sthulb
• fix(deps): ignore boto3 updates until needed (#1151) by @sthulb
• fix(event_handler): allow event source data class events (#1159) by @michaelbrewer
• fix(event_handler): exception_handler to handle ServiceError exceptions (#1160) by @michaelbrewer

🔧 Maintenance

• chore(deps-dev): bump flake8-bugbear from 22.1.11 to 22.4.25 (#1156) by @dependabot
• chore(deps-dev): bump mypy from 0.942 to 0.950 (#1162) by @dependabot
• chore(deps-dev): bump flake8-eradicate from 1.2.0 to 1.2.1 (#1158) by @dependabot
• chore(deps): bump github/codeql-action from 1 to 2 (#1154) by @dependabot
• chore(ci): disable mergify configuration after breaking changes (#1188) by @heitorlessa
• fix(deps): ignore boto3 updates until needed (#1151) by @sthulb
• chore(deps-dev): bump mkdocs-git-revision-date-plugin from 0.3.1 to 0.3.2 (#1146) by @dependabot
• chore(deps): bump codecov/codecov-action from 3.0.0 to 3.1.0 (#1143) by @dependabot
• chore(deps-dev): bump xenon from 0.8.0 to 0.9.0 (#1145) by @dependabot
• chore(deps-dev): bump mypy from 0.931 to 0.942 (#1133) by @dependabot
• fix(deps-dev): remove jmespath due to dev deps conflict (#1148) by @sthulb

This release was made possible by the following contributors:

@dependabot, @dependabot[bot], @heitorlessa, @huonw, @michaelbrewer, and @sthulb

v1.25.9

Summary

Quick patch release to fix jmespath pip marker to exact Python 3.6 version to address conflict in later versions.

Changes

🐛 Bug and hot fixes

• fix(deps): correct py36 marker for jmespath

This release was made possible by the following contributors:

@dependabot[bot], @heitorlessa and @mergify[bot]

v1.25.8

Summary

This patch release updates jmespath marker to address a dependency conflict for customers bundling the latest version of boto3, as part of their Lambda deployment package. Boto's latest version upgraded jmespath to 1.0 which drops support for Python 3.6.

Changes

📜 Documentation updates

• docs(layer): remove link from clipboard button (#1135) by @heitorlessa

🐛 Bug and hot fixes

• fix(deps): update jmespath marker to support 1.0 and py3.6 (#1139) by @michaelbrewer

🔧 Maintenance

• chore(deps-dev): bump mkdocs-material from 8.2.4 to 8.2.7 (#1131) by @dependabot
• chore(deps-dev): bump pytest from 6.2.5 to 7.0.1 (#1063) by @dependabot

This release was made possible by the following contributors:

@Dunedan, @dependabot, @dependabot[bot], @heitorlessa, @corey-cole, @sthulb, and @michaelbrewer

v1.25.7

Summary

This patch release addresses bugs on Logger, Event Handler REST API, Idempotency, and a static type annotation on middleware factory utility.

We also updated our issues to use the new GitHub Issue Form, including a new Ask a Question, and Static typing mismatch report. The latter addresses an increase of bug reports that are better categorized as static typing mismatch - this will help us understand whether we might be able to support both Mypy and Pyright in the future.

Logger

Thanks to @eliasbrange, customers using clear_state=True will no longer be affected by custom keys being accidentally removed in subsequent invocations - a regression introduced two releases ago. We improved tests on clear_state functionality.

Idempotency

Thanks to @ojongerius, customers changing the incoming event within the Lambda handler will no longer impact idempotency hash calculation. This was caused by Python's default pass by reference behaviour.

Event Handler REST API

Thanks to @sthuber90, customers receiving API calls that contain whitespace in path parameters - /customer/power tools - will no longer return 404s. Despite API Gateway correctly decoding whitespace, our regex for safe and unsafe URI chars missed an explicit whitespace.

Middleware Factory

Thanks to @huonw, Mypy customers using --strict mode will no longer complain about the return type of custom decorators using lambda_handler_decorator. It's a hard problem to solve considering our support for Python 3.6+. Later in the year, we'll look into the value-effort ratio of supporting strict mode, and how to gradually bring typing_extensions package across the board.

Huge thanks to new contributors: @sthuber90, @eliasbrange, and @ojongerius

Changes

🐛 Bug and hot fixes

• fix(api_gateway): allow whitespace in routes' path parameter (#1099) by @sthuber90
• fix(middleware_factory): ret type annotation for handler dec (#1066) by @huonw
• fix(logger): clear_state should keep custom key formats (#1095) by @eliasbrange
• fix(idempotency): pass by value on idem key to guard inadvertent mutations (#1090) by @ojongerius

This release was made possible by the following contributors:

@eliasbrange, @heitorlessa, @huonw, @mergify[bot], @ojongerius and @sthuber90