Bump the dependencies group with 3 updates

[dependabot]

Bumps the dependencies group with 3 updates: sigstore, boto3 and botocore.

Updates sigstore from 3.0.0 to 3.1.0

Release notes

Sourced from sigstore's releases.

v3.1.0

Added

• API: dsse.StatementBuilder has been added. It can be used to construct an in-toto Statement for subsequent enveloping and signing. This API is public but is not considered stable until the next major release. (#1077)

• API: dsse.Digest, dsse.DigestSet, and dsse.Subject have been added. These types can be used with the StatementBuilder API as part of in-toto Statement construction. These API are public but are not considered stable until the next major release. (#1078)

Changed

• API: verify_dsse now rejects bundles with DSSE envelopes that have more than one signature, rather than checking all signatures against the same key (#1062)

Changelog

Sourced from sigstore's changelog.

[3.1.0]

Added

• API: dsse.StatementBuilder has been added. It can be used to construct an in-toto Statement for subsequent enveloping and signing. This API is public but is not considered stable until the next major release. (#1077)

• API: dsse.Digest, dsse.DigestSet, and dsse.Subject have been added. These types can be used with the StatementBuilder API as part of in-toto Statement construction. These API are public but are not considered stable until the next major release. (#1078)

Changed

• API: verify_dsse now rejects bundles with DSSE envelopes that have more than one signature, rather than checking all signatures against the same key (#1062)

Commits

• 3cda2b5 prep 3.1.0 (#1079)
• cd70cc1 dsse: make constituent types public (#1078)
• 7466e1b API: make _StatementBuilder public (#1077)
• 575124a build(deps): bump the actions group with 2 updates (#1075)
• 5ddcd72 build(deps): update ruff requirement from <0.5.5 to <0.5.6 (#1073)
• c052391 build(deps): bump github/codeql-action from 3.25.13 to 3.25.14 in the actions...
• 53c39d9 build(deps): update ruff requirement from <0.5.4 to <0.5.5 (#1071)
• 360e30d build(deps): bump pyopenssl from 24.1.0 to 24.2.1 (#1072)
• 0138068 build(deps): bump the actions group with 2 updates (#1070)
• 2fc4caf build(deps): update ruff requirement from <0.5.3 to <0.5.4 (#1069)
• Additional commits viewable in compare view

Updates boto3 from 1.34.150 to 1.34.154

Commits

• 2447300 Merge branch 'release-1.34.154'
• 366b907 Bumping version to 1.34.154
• af13ba7 Add changelog entries from botocore
• 1b7dafa Merge branch 'release-1.34.153'
• 62f3484 Merge branch 'release-1.34.153' into develop
• 809d4cd Bumping version to 1.34.153
• f753c4f Add changelog entries from botocore
• ba3d7ce Merge branch 'release-1.34.152'
• 9489da6 Merge branch 'release-1.34.152' into develop
• be5b965 Bumping version to 1.34.152
• Additional commits viewable in compare view

Updates botocore from 1.34.150 to 1.34.154

Changelog

Sourced from botocore's changelog.

1.34.154

• api-change:datazone: This releases Data Product feature. Data Products allow grouping data assets into cohesive, self-contained units for ease of publishing for data producers, and ease of finding and accessing for data consumers.
• api-change:ecr: Released two new APIs along with documentation updates. The GetAccountSetting API is used to view the current basic scan type version setting for your registry, while the PutAccountSetting API is used to update the basic scan type version for your registry.
• api-change:kinesis-video-webrtc-storage: Add JoinStorageSessionAsViewer API
• api-change:pi: Added a description for the Dimension db.sql.tokenized_id on the DimensionGroup data type page.

1.34.153

• api-change:cloudwatch: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:kinesis: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:resiliencehub: Customers are presented with the grouping recommendations and can determine if the recommendations are accurate and apply to their case. This feature simplifies onboarding by organizing resources into appropriate AppComponents.
• api-change:route53: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:waf-regional: Add v2 smoke tests and smithy smokeTests trait for SDK testing.

1.34.152

• api-change:bedrock: API and Documentation for Bedrock Model Copy feature. This feature lets you share and copy a custom model from one region to another or one account to another.
• api-change:controlcatalog: AWS Control Tower provides two new public APIs controlcatalog:ListControls and controlcatalog:GetControl under controlcatalog service namespace, which enable customers to programmatically retrieve control metadata of available controls.
• api-change:controltower: Updated Control Tower service documentation for controlcatalog control ARN support with existing Control Tower public APIs
• api-change:iam: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:memorydb: Doc only update for changes to deletion API.
• api-change:rds: This release adds support for specifying optional MinACU parameter in CreateDBShardGroup and ModifyDBShardGroup API. DBShardGroup response will contain MinACU if specified.
• api-change:sagemaker: This release adds support for Amazon EMR Serverless applications in SageMaker Studio for running data processing jobs.
• api-change:ssm-quicksetup: This release adds API support for the QuickSetup feature of AWS Systems Manager
• api-change:support: Doc only updates to CaseDetails

1.34.151

• api-change:appstream: Added support for Red Hat Enterprise Linux 8 on Amazon AppStream 2.0
• api-change:autoscaling: Increase the length limit for VPCZoneIdentifier from 2047 to 5000
• api-change:codepipeline: AWS CodePipeline V2 type pipelines now support stage level conditions to enable development teams to safely release changes that meet quality and compliance requirements.
• api-change:elasticache: Doc only update for changes to deletion API.
• api-change:elb: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:events: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:lexv2-models: This release adds new capabilities to the AMAZON.QnAIntent: Custom prompting, Guardrails integration and ExactResponse support for Bedrock Knowledge Base.
• api-change:logs: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
• api-change:rolesanywhere: IAM RolesAnywhere now supports custom role session name on the CreateSession. This release adds the acceptRoleSessionName option to a profile to control whether a role session name will be accepted in a session request with a given profile.
• api-change:tnb: This release adds Network Service Update, through which customers will be able to update their instantiated networks to a new network package. See the documentation for limitations. The release also enhances the Get network operation API to return parameter overrides used during the operation.
• api-change:workspaces: Removing multi-session as it isn't supported for pools

Commits

• 94ce27e Merge branch 'release-1.34.154'
• fa530df Bumping version to 1.34.154
• 5affdb7 Update endpoints model
• 73e1d40 Update to latest models
• dae6c6a Merge branch 'release-1.34.153'
• e538b86 Merge branch 'release-1.34.153' into develop
• 7c016e1 Bumping version to 1.34.153
• eeee2ad Update to latest models
• 19ce2f5 Merge branch 'release-1.34.152'
• e5b059e Merge branch 'release-1.34.152' into develop
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions