Bump the dependencies group with 8 updates

[dependabot]

Bumps the dependencies group with 8 updates:

Package	From	To
aws-lambda-powertools	3.29.0	3.30.0
boto3	1.43.33	1.43.36
pytest	9.1.0	9.1.1
ruff	0.15.18	0.15.20
coverage	7.14.1	7.14.3
pyright	1.1.410	1.1.411
hypothesis	6.155.5	6.155.7
click	8.4.1	8.4.2

Updates aws-lambda-powertools from 3.29.0 to 3.30.0

Release notes

Sourced from aws-lambda-powertools's releases.

v3.30.0

Summary

This release adds a custom serializer option to the BedrockAgentResolver, plus documentation improvements and bug fixes across the Event Handler.

A huge thanks to @​kimnamu, @​Avinm and @​hirenkumar-n-dholariya for their contributions!

Custom serializer on BedrockAgentResolver

Docs

You can now pass your own serializer to BedrockAgentResolver, the same way the other resolvers already allow. This lets you control exactly how responses are serialized to JSON, for example to handle custom types or tune the output format.

import json
from decimal import Decimal
from aws_lambda_powertools.event_handler import BedrockAgentResolver
from aws_lambda_powertools.utilities.typing import LambdaContext
def custom_serializer(obj: dict) -> str:
return json.dumps(obj, default=str)
app = BedrockAgentResolver(serializer=custom_serializer)
@​app.get("/price", description="Returns the current price")
def get_price() -> dict:
return {"price": Decimal("9.99")}
def lambda_handler(event: dict, context: LambdaContext):
return app.resolve(event, context)

Changes

• feat(event_handler): allow custom serializer on BedrockAgentResolver (#8271) by @​kimnamu
• fix(event-handler): handle CORS preflight OPTIONS in HttpResolverLocal (#8268) by @​Avinm
• fix(event-handler): fix ruff lint violations in event_handler module (#8208) by @​hirenkumar-n-dholariya

📜 Documentation updates

• refactor(event_handler): promote HttpResolver to stable (#8289) by @​leandrodamascena
• fix(batch): add optional logger injection for BatchProcessors (#7553) (#8272) by @​Sujit-1509
• docs(event-handler): add import path gotcha for dependency_overrides testing (#8269) by @​hirenkumar-n-dholariya
• chore: fix minor typos and grammar in docs and comments (#8245) by @​Sujit-1509
• docs(metadata): fix broken Lambda Metadata Endpoint link (#8212) by @​derdelean

... (truncated)

Changelog

Sourced from aws-lambda-powertools's changelog.

[v3.30.0] - 2026-06-24

Maintenance

• version bump
• deps-dev: bump aws-cdk-lib from 2.259.0 to 2.260.0 (#8294)

Commits

• 198b96d chore: version bump
• ea8f79e chore(deps-dev): bump aws-cdk-lib from 2.259.0 to 2.260.0 (#8294)
• b58376c chore(deps-dev): bump aws-cdk from 2.1127.0 to 2.1128.1 in the aws-cdk group ...
• e6f0e63 chore(deps): bump the github-actions group with 2 updates (#8292)
• e2aa10b chore(deps-dev): bump the dev-dependencies group across 1 directory with 3 up...
• 5b7cbd3 chore(deps): bump ujson from 5.12.1 to 5.13.0 (#8298)
• ef61980 chore(deps): bump pydantic-settings from 2.14.1 to 2.14.2 (#8299)
• 7634b2f refactor(event_handler): promote HttpResolver to stable (#8289)
• 50541fe fix(batch): add optional logger injection for BatchProcessors (#7553) (#8272)
• f7239b8 feat(event_handler): allow custom serializer on BedrockAgentResolver (#8271)
• Additional commits viewable in compare view

Updates boto3 from 1.43.33 to 1.43.36

Commits

• 1d26f21 Merge branch 'release-1.43.36'
• 111333b Bumping version to 1.43.36
• 9d1fa23 Add changelog entries from botocore
• 6d7f3c2 Update security docs to use newer versions of openssl and python (#4796)
• c5b26ca Merge branch 'release-1.43.35'
• c3750ac Merge branch 'release-1.43.35' into develop
• 46e77cd Bumping version to 1.43.35
• 9919ede Add changelog entries from botocore
• 1820b7d Merge branch 'release-1.43.34'
• 0065dbe Merge branch 'release-1.43.34' into develop
• Additional commits viewable in compare view

Updates pytest from 9.1.0 to 9.1.1

Release notes

Sourced from pytest's releases.

9.1.1

pytest 9.1.1 (2026-06-19)

Bug fixes

• #14220: Fixed a logic bug in pytest.RaisesGroup which would might cause it to display incorrect "It matches FooError() which was paired with BarError" messages.
• #14591: Fixed a regression in pytest 9.1.0 which caused overriding a parametrized fixture with an indirect @​pytest.mark.parametrize to fail with "duplicate parametrization of '<fixture name>'".
• #14606: Fixed list-item typing errors from mypy in @pytest.mark.parametrize <pytest.mark.parametrize ref> argvalues parameter.
• #14608: Fixed a regression in pytest 9.1.0 where conftest.py files located in <invocation dir>/test* were no longer loaded as initial conftests when invoked without arguments. This could cause certain hooks (like pytest_addoption) in these files to not fire.

Commits

• cf470ec Prepare release version 9.1.1
• e0c8ce6 Merge pull request #14625 from pytest-dev/patchback/backports/9.1.x/a07c31a97...
• 1b82d16 Merge pull request #14624 from pytest-dev/patchback/backports/9.1.x/b375b79ec...
• 501c4bc Merge pull request #14596 from bluetech/doc-classmethod
• b61f588 Merge pull request #14622 from chrisburr/fix-14608-initial-conftest-test-subdir
• 9a567e0 [automated] Update plugin list (#14617) (#14618)
• ef8b299 Merge pull request #14620 from pytest-dev/patchback/backports/9.1.x/680f9f3ed...
• 66abd07 Merge pull request #14220 from bysiber/fix-stale-iexp-raisesgroup
• 79fbf93 Merge pull request #14612 from pytest-dev/patchback/backports/9.1.x/974ed48b6...
• 0d312eb Merge pull request #14611 from bluetech/parametrize-argvalues-typing
• Additional commits viewable in compare view

Updates ruff from 0.15.18 to 0.15.20

Release notes

Sourced from ruff's releases.

0.15.20

Release Notes

Released on 2026-06-25.

Preview features

• Allow human-readable names in rule selectors (#25887)
• Emit a warning instead of an error for unknown rule selectors (#26113)
• Match noqa shebang handling in ruff:ignore comments (#26286)
• [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

• Add versioning sections to custom crate READMEs (#26317)
• Update ruff_python_parser README for crates.io (#26315)
• [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

• @​dhruvmanila
• @​MichaReiser
• @​ntBre
• @​trilamsr

Install ruff 0.15.20

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.ps1 | iex"

Download ruff 0.15.20

File	Platform	Checksum
ruff-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
ruff-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
ruff-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
ruff-i686-pc-windows-msvc.zip	x86 Windows	checksum
ruff-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
ruff-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
ruff-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.20

Released on 2026-06-25.

Preview features

• Allow human-readable names in rule selectors (#25887)
• Emit a warning instead of an error for unknown rule selectors (#26113)
• Match noqa shebang handling in ruff:ignore comments (#26286)
• [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

• Add versioning sections to custom crate READMEs (#26317)
• Update ruff_python_parser README for crates.io (#26315)
• [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

• @​dhruvmanila
• @​MichaReiser
• @​ntBre
• @​trilamsr

0.15.19

Released on 2026-06-23.

Preview features

• Support human-readable names when hovering suppression comments and in code actions (#26114)

Bug fixes

• Fall back to default settings when editor-only settings are invalid (#26244)
• Fix panic when inserting text at a notebook cell boundary (#26111)

Rule changes

• [pylint] Update fix suggestions for __floor__, __trunc__, __length_hint__, and __matmul__ variants (PLC2801) (#26239)

Performance

• Avoid allocating when parsing single string literals (#26200)
• Avoid reallocating singleton call arguments (#26223)
• Lazily create source files for lint diagnostics (#26226)
• Optimize formatter text width and indentation (#26236)
• Reserve capacity for builtin bindings (#26229)
• Skip repeated-key checks for singleton dictionaries (#26228)
• Use ArrayVec for qualified name segments (#26224)

... (truncated)

Commits

• f82a36b Bump 0.15.20 (#26376)
• af32943 Improve the summarise-ecosystem-results skill (#26378)
• 485ebab Remove RUF076 name from schema (#26371)
• ef81835 [ty] Implement rust-analyzer's "Click for full compiler diagnostic" feature (...
• 572b31e [ruff] Remove pytest-fixture-autouse (RUF076) (#26240)
• f703f21 Allow human-readable names in rule selectors (#25887)
• 0d726b2 [ty] Reuse equality semantics for membership compatibility (#25955)
• dbe6e98 [ty] Infer definite equality comparison results (#26337)
• e700ea3 [ty] Prove TypedDict structural patterns exhaustive (#26285)
• 6a0d2ec [ty] Widen inferred class-valued instance attributes (#26338)
• Additional commits viewable in compare view

Updates coverage from 7.14.1 to 7.14.3

Changelog

Sourced from coverage's changelog.

Version 7.14.3 — 2026-06-22

• Fix: the default ... exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long -> dict[ ... ] annotation that a formatter has split over multiple lines). Closes issue 2185, thanks Mengjia Shang <pull 2196_>.

• Fix: On 3.13t, we incorrectly issued Couldn't import C tracer errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, Hugo van Kemenade <pull 2203_>_.

.. _issue 2185: coveragepy/coveragepy#2185 .. _pull 2196: coveragepy/coveragepy#2196 .. _pull 2203: coveragepy/coveragepy#2203

.. _changes_7-14-2:

Version 7.14.2 — 2026-06-20

• Fix: some messages were being written to stdout, making coverage json -o - useless for capturing JSON output. Now messages are written to stderr, fixing issue 2197_.

• Fix: CoverageData kept one SQLite connection per thread that recorded coverage, but never closed them when those threads terminated. On long runs with many short-lived threads this leaked one file descriptor per dead thread, eventually failing with OSError: [Errno 24] Too many open files. Connections belonging to terminated threads are now closed and dropped. Fixes issue 2192. Thanks, Matthew Lloyd <pull 2193_>.

• Fix: when using sys.monitoring, we were assuming we could use the COVERAGE_ID tool id. But other tools might also assume they could use that id. Pre-allocated ids don't really make sense, so now we search for a usable one instead. Fixes issue 2187_.

• Following the advice of cibuildwheel <no-13t_>_, we no longer distribute wheels for Python 3.13 free-threaded.

.. _issue 2187: coveragepy/coveragepy#2187 .. _issue 2192: coveragepy/coveragepy#2192 .. _pull 2193: coveragepy/coveragepy#2193 .. _issue 2197: coveragepy/coveragepy#2197 .. _no-13t: https://py-free-threading.github.io/ci/#building-free-threaded-wheels-with-cibuildwheel

.. _changes_7-14-1:

Commits

• 22f13ea docs: sample HTML for 7.14.3
• 2ca4e5f docs: prep for 7.14.3
• 01d714e docs: add changelog entry for #2203
• f36248d fix: don't emit 'Couldn't import C tracer' warning for 3.13t (#2203)
• 86d73d1 docs: thanks, Mengjia Shang
• 3d4ae3c docs: add the #2196 pr link to CHANGES
• f4b2b4d fix: exclude ... bodies after multi-line return-type annotations (#2185) (#...
• 1980ed0 chore: bump sigstore/gh-action-sigstore-python (#2201)
• bca3217 build: since we don't ship 3.13t, don't test it
• 77550d8 docs: oops, mismatched pull requests
• Additional commits viewable in compare view

Updates pyright from 1.1.410 to 1.1.411

Commits

• 392b6ba Pyright NPM Package update to 1.1.411 (#363)
• See full diff in compare view

Updates hypothesis from 6.155.5 to 6.155.7

Commits

• 929e5fb Bump hypothesis version to 6.155.7 and update changelog
• 93ee3c9 Merge pull request #4772 from Liam-DeVoe/recursive-property-thread-safety
• 0bb0f2f drop more 3.13t
• de6bd79 drop inbetween
• ff583cc drop 313t jobs
• a5474e4 claude: re-trigger CI
• 55d2b97 claude: re-trigger CI (flaky conjecture-coverage + transient scipy/OpenBLAS b...
• 0a2bdae claude: fix recursive_property thread-safety; install Python via fresh uv met...
• 4641d65 Bump hypothesis version to 6.155.6 and update changelog
• 7d90a93 Merge pull request #4770 from Liam-DeVoe/ignore-up037
• Additional commits viewable in compare view

Updates click from 8.4.1 to 8.4.2

Changelog

Sourced from click's changelog.

Version 8.4.2

Unreleased

• Fix Fish shell completion broken in 8.4.0 by {pr}3126. Newlines and tabs in option help text are now escaped, keeping the original completion format while still supporting multi-line help. {issue}3502 {issue}3043 {pr}3504 {pr}3508
• Deprecated commands and options with empty or missing help text no longer render a stray leading space before the (DEPRECATED) label. {pr}3509
• A {class}Group with invoke_without_command=True marks its subcommand as optional in the usage help, showing [COMMAND] instead of COMMAND. {issue}3059 {pr}3507
• echo_via_pager flushes after each write, so passing a generator streams output to the pager incrementally instead of staying hidden until the pipe buffer fills. {issue}3242 {issue}2542 {pr}3534
• echo_via_pager and get_pager_file no longer close a borrowed stdout stream when no external pager runs, completing the partial I/O operation on closed file fix from {pr}3482. {issue}3449 {pr}3533

Commits

• b2e30a1 Release version 8.4.2
• 7a16b20 Fix package_name resolution when module differs from distribution name (#3582)
• bec5928 Fix package_name resolution when top-level module differs from distribution...
• 916883a Fix tests to not rely on -Wdefault option (#3591)
• 09195f6 Fix double-bracketing of choices in synopsis (#3578)
• 1557e26 Check for warning exception with idiomatic context manager
• d9ff133 Static typing improvements in click.shell_completion (#3460)
• 762c97e Fix double-bracketing of choices in synopsis
• 8929d39 Convert changes to markdown. (#3559)
• 237be50 Move changes headings down a level.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions