chore(deps): bump the dependencies group in /deployer with 2 updates

[dependabot]

Bumps the dependencies group in /deployer with 2 updates: boto3 and black.

Updates boto3 from 1.34.59 to 1.34.64

Changelog

Sourced from boto3's changelog.

1.34.64

• api-change:backup: [botocore] This release introduces a boolean attribute ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This attribute can be used to filter out the recovery points protected by AWSBackup.
• api-change:codebuild: [botocore] AWS CodeBuild now supports overflow behavior on Reserved Capacity.
• api-change:connect: [botocore] This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.
• api-change:ec2: [botocore] Add media accelerator and neuron device information on the describe instance types API.
• api-change:kinesisanalyticsv2: [botocore] Support for Flink 1.18 in Managed Service for Apache Flink
• api-change:s3: [botocore] Documentation updates for Amazon S3.
• api-change:sagemaker: [botocore] Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker documentation.
• api-change:workspaces-thin-client: [botocore] Removed unused parameter kmsKeyArn from UpdateDeviceRequest

1.34.63

• api-change:amplify: [botocore] Documentation updates for Amplify. Identifies the APIs available only to apps created using Amplify Gen 1.
• api-change:ec2-instance-connect: [botocore] This release includes a new exception type "SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API.
• api-change:elbv2: [botocore] This release allows you to configure HTTP client keep-alive duration for communication between clients and Application Load Balancers.
• api-change:fis: [botocore] This release adds support for previewing target resources before running a FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to API responses.
• api-change:iot-roborunner: [botocore] The iot-roborunner client has been removed following the deprecation of the service.
• api-change:rds: [botocore] Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2.
• api-change:secretsmanager: [botocore] Doc only update for Secrets Manager
• api-change:timestream-influxdb: [botocore] This is the initial SDK release for Amazon Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time time-series applications using open source APIs.
• enhancement:urllib3: [botocore] Added support for urllib3 2.2.1+ in Python 3.10+

1.34.62

• api-change:ivs-realtime: [botocore] adds support for multiple new composition layout configuration options (grid, pip)
• api-change:kinesisanalyticsv2: [botocore] Support new RuntimeEnvironmentUpdate parameter within UpdateApplication API allowing callers to change the Flink version upon which their application runs.
• api-change:s3: [botocore] This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).

1.34.61

• api-change:cloudformation: [botocore] CloudFormation documentation update for March, 2024
• api-change:connect: [botocore] This release increases MaxResults limit to 500 in request for SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect.
• api-change:ec2: [botocore] Documentation updates for Amazon EC2.
• api-change:kafka: [botocore] Added support for specifying the starting position of topic replication in MSK-Replicator.
• api-change:ssm: [botocore] March 2024 doc-only updates for Systems Manager.

1.34.60

• api-change:codestar-connections: [botocore] Added a sync configuration enum to disable publishing of deployment status to source providers (PublishDeploymentStatus). Added a sync configuration enum (TriggerStackUpdateOn) to only trigger changes.
• api-change:elasticache: [botocore] Revisions to API text that are now to be carried over to SDK text, changing usages of "SFO" in code examples to "us-west-1", and some other typos.

... (truncated)

Commits

• f4491f1 Merge branch 'release-1.34.64'
• a3306a7 Bumping version to 1.34.64
• c4b5971 Add changelog entries from botocore
• e2d520c Merge branch 'release-1.34.63'
• 675cded Merge branch 'release-1.34.63' into develop
• d1aefcd Bumping version to 1.34.63
• e627bf6 Add changelog entries from botocore
• 23c0741 Fix boto3 resource reference docs (#4050)
• 49d87f3 Merge branch 'release-1.34.62'
• 453b615 Merge branch 'release-1.34.62' into develop
• Additional commits viewable in compare view

Updates black from 24.2.0 to 24.3.0

Release notes

Sourced from black's releases.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

• Don't move comments along with delimiters, which could cause crashes (#4248)
• Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
• Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

• Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

• Note what happens when --check is used with --quiet (#4236)

Changelog

Sourced from black's changelog.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

• Don't move comments along with delimiters, which could cause crashes (#4248)
• Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
• Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

• Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

• Note what happens when --check is used with --quiet (#4236)

Commits

• 552baf8 Prepare release 24.3.0 (#4279)
• f000936 Fix catastrophic performance in lines_with_leading_tabs_expanded() (#4278)
• 7b5a657 Fix --line-ranges behavior when ranges are at EOF (#4273)
• 1abcffc Use regex where we ignore case on windows (#4252)
• 719e674 Fix 4227: Improve documentation for --quiet --check (#4236)
• e5510af update plugin url for Thonny (#4259)
• 6af7d11 Fix AST safety check false negative (#4270)
• f03ee11 Ensure blib2to3.pygram is initialized before use (#4224)
• e4bfedb fix: Don't move comments while splitting delimiters (#4248)
• d0287e1 Make trailing comma logic more concise (#4202)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @mdn-bot.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[mdn-bot]

@dependabot squash and merge