aws-powertools
diff --git a/‎.github/workflows/codeql-analysis.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/codeql-analysis.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/dependency-review.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/dependency-review.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/label_pr_on_title.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/label_pr_on_title.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/on_label_added.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/on_label_added.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/on_merged_pr.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/on_merged_pr.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/on_opened_pr.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/on_opened_pr.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/ossf_scorecard.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/ossf_scorecard.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/publish_v2_layer.yml
Lines changed: 5 additions & 5 deletions b/‎.github/workflows/publish_v2_layer.yml
Lines changed: 5 additions & 5 deletions
diff --git a/‎.github/workflows/quality_check.yml
Lines changed: 4 additions & 2 deletions b/‎.github/workflows/quality_check.yml
Lines changed: 4 additions & 2 deletions
diff --git a/‎.github/workflows/quality_check_pydanticv2.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/quality_check_pydanticv2.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/record_pr.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/record_pr.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/release.yml
Lines changed: 7 additions & 7 deletions b/‎.github/workflows/release.yml
Lines changed: 7 additions & 7 deletions
diff --git a/‎.github/workflows/reusable_deploy_v2_layer_stack.yml
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/reusable_deploy_v2_layer_stack.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/reusable_deploy_v2_sar.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/reusable_deploy_v2_sar.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/reusable_export_pr_details.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/reusable_export_pr_details.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/reusable_publish_changelog.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/reusable_publish_changelog.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/reusable_publish_docs.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/reusable_publish_docs.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/run-e2e-tests.yml
Lines changed: 2 additions & 1 deletion b/‎.github/workflows/run-e2e-tests.yml
Lines changed: 2 additions & 1 deletion
diff --git a/‎.github/workflows/secure_workflows.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/secure_workflows.yml
Lines changed: 2 additions & 2 deletions
@@ -28,7 +28,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
 
@@ -17,6 +17,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5
+        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
@@ -50,7 +50,7 @@ jobs:
       pull-requests: write  # label respective PR
     steps:
       - name: Checkout repository
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Label PR based on title"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
 
@@ -47,7 +47,7 @@ jobs:
     permissions:
       pull-requests: write  # comment on PR
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       # Maintenance: Persist state per PR as an artifact to avoid spam on label add
       - name: "Suggest split large Pull Request"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
 
@@ -49,7 +49,7 @@ jobs:
       issues: write         # label issue with pending-release
     if: needs.get_pr_details.outputs.prIsMerged == 'true'
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Label PR related issue for release"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
 
@@ -47,7 +47,7 @@ jobs:
     needs: get_pr_details
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Ensure related issue is present"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
@@ -66,7 +66,7 @@ jobs:
     permissions:
       pull-requests: write  # label and comment on PR if missing acknowledge section (requirement)
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Ensure acknowledgement section is present"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
 
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           persist-credentials: false
 
@@ -35,7 +35,7 @@ jobs:
           repo_token: ${{ secrets.SCORECARD_TOKEN }}  # read-only fine-grained token to read branch protection settings
 
       - name: "Upload results"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif
 
@@ -88,7 +88,7 @@ jobs:
         working-directory: ./layer
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -124,7 +124,7 @@ jobs:
 
       - name: Set up Docker Buildx
         id: builder
-        uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0
+        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
         with:
           install: true
           driver: docker
@@ -146,7 +146,7 @@ jobs:
       - name: zip output
         run: zip -r cdk.out.zip cdk.out
       - name: Archive CDK artifacts
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: cdk-layer-artefact
           path: layer/cdk.out.zip
@@ -247,7 +247,7 @@ jobs:
       pages: none
     steps:
       - name: Checkout repository # reusable workflows start clean, so we need to checkout again
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -258,7 +258,7 @@ jobs:
           artifact_name: ${{ inputs.source_code_artifact_name }}
 
       - name: Download CDK layer artifacts
-        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
+        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
         with:
           path: cdk-layer-stack
           pattern: cdk-layer-stack-*  # merge all Layer artifacts created per region earlier (reusable_deploy_v2_layer_stack.yml; step "Save Layer ARN artifact")
 
@@ -25,6 +25,7 @@ on:
       - "mypy.ini"
     branches:
       - develop
+      - v3
   push:
     paths:
       - "aws_lambda_powertools/**"
@@ -34,6 +35,7 @@ on:
       - "mypy.ini"
     branches:
       - develop
+      - v3
 
 permissions:
   contents: read
@@ -50,7 +52,7 @@ jobs:
     permissions:
       contents: read  # checkout code only
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: Install poetry
         run: pipx install poetry
       - name: Set up Python ${{ matrix.python-version }}
@@ -71,7 +73,7 @@ jobs:
       - name: Complexity baseline
         run: make complexity-baseline
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@7afa10ed9b269c561c2336fd862446844e0cbf71 # 4.2.0
+        uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # 4.3.1
         with:
           file: ./coverage.xml
           env_vars: PYTHON
 
@@ -49,7 +49,7 @@ jobs:
     permissions:
       contents: read # checkout code only
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: Install poetry
         run: pipx install poetry
       - name: Set up Python ${{ matrix.python-version }}
 
@@ -46,14 +46,14 @@ jobs:
     permissions:
       contents: read  # NOTE: treat as untrusted location
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Extract PR details"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         with:
           script: |
             const script = require('.github/scripts/save_pr_details.js')
             await script({github, context, core})
-      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: pr
           path: pr.txt
 
@@ -80,7 +80,7 @@ jobs:
           RELEASE_VERSION="${RELEASE_TAG_VERSION:1}"
           echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT"
 
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -115,7 +115,7 @@ jobs:
       contents: read
     steps:
       # NOTE: we need actions/checkout to configure git first (pre-commit hooks in make dev)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -156,7 +156,7 @@ jobs:
       attestation_hashes: ${{ steps.encoded_hash.outputs.attestation_hashes }}
     steps:
       # NOTE: we need actions/checkout to configure git first (pre-commit hooks in make dev)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -225,7 +225,7 @@ jobs:
       RELEASE_VERSION: ${{ needs.seal.outputs.RELEASE_VERSION }}
     steps:
       # NOTE: we need actions/checkout in order to use our local actions (e.g., ./.github/actions)
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -259,7 +259,7 @@ jobs:
       contents: write
     steps:
       # NOTE: we need actions/checkout to authenticate and configure git first
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -303,7 +303,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       # NOTE: we need actions/checkout to authenticate and configure git first
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -357,7 +357,7 @@ jobs:
     env:
       RELEASE_VERSION: ${{ needs.seal.outputs.RELEASE_VERSION }}
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
 
@@ -140,7 +140,7 @@ jobs:
             has_arm64_support: "true"
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -180,7 +180,7 @@ jobs:
       - name: install deps
         run: poetry install
       - name: Download artifact
-        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
+        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
         with:
           name: ${{ inputs.artefact-name }}
           path: layer
@@ -197,7 +197,7 @@ jobs:
           cat cdk-layer-stack/${{ matrix.region }}-layer-version.txt
       - name: Save Layer ARN artifact
         if: ${{ inputs.stage == 'PROD' }}
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: cdk-layer-stack-${{ matrix.region }}
           path: ./layer/cdk-layer-stack/* # NOTE: upload-artifact does not inherit working-directory setting.
 
@@ -79,7 +79,7 @@ jobs:
         architecture: ["x86_64", "arm64"]
     steps:
       - name: checkout
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           ref: ${{ env.RELEASE_COMMIT }}
 
@@ -115,7 +115,7 @@ jobs:
         with:
           node-version: ${{ env.NODE_VERSION }}
       - name: Download artifact
-        uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
+        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
         with:
           name: ${{ inputs.artefact-name }}
       - name: Unzip artefact
 
@@ -76,7 +76,7 @@ jobs:
       prLabels: ${{ steps.prLabels.outputs.prLabels }}
     steps:
       - name: Checkout repository # in case caller workflow doesn't checkout thus failing with file not found
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: "Download previously saved PR"
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
         env:
 
@@ -26,7 +26,7 @@ jobs:
       pull-requests: write  # create PR
     steps:
       - name: Checkout repository # reusable workflows start clean, so we need to checkout again
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           fetch-depth: 0
       - name: "Generate latest changelog"
 
@@ -44,7 +44,7 @@ jobs:
       id-token: write  # trade JWT token for AWS credentials in AWS Docs account
       pages: write     # uncomment if mike fails as we migrated to S3 hosting
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
         with:
           fetch-depth: 0
           ref: ${{ inputs.git_ref }}
 
@@ -19,6 +19,7 @@ on:
   push:
     branches:
       - develop
+      - v3
     paths:
       - "aws_lambda_powertools/**"
       - "tests/e2e/**"
@@ -51,7 +52,7 @@ jobs:
     if: ${{ github.actor != 'dependabot[bot]' && github.repository == 'aws-powertools/powertools-lambda-python' }}
     steps:
       - name: "Checkout"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: Install poetry
         run: pipx install poetry
       - name: "Use Python"
 
@@ -30,9 +30,9 @@ jobs:
       contents: read  # checkout code and subsequently GitHub action workflows
     steps:
       - name: Checkout code
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633  # v4.1.2
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b  # v4.1.4
       - name: Ensure 3rd party workflows have SHA pinned
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ba37328d4ea95eaf8b3bd6c6cef308f709a5f2ec # v3.0.3
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@19ebcb0babbd282ae1822a0b9c28f3f1f25cea45 # v3.0.4
         with:
           allowlist: |
             slsa-framework/slsa-github-generator