Bump localstack from 4.5.0 to 4.6.0

[dependabot]

Bumps localstack from 4.5.0 to 4.6.0.

Release notes

Sourced from localstack's releases.

v4.6.0

Summary

LocalStack 4.6 is now available! This release introduces AWS CodeArtifact support for package management, Kubernetes execution for Glue jobs, dramatically improved AppSync JavaScript resolver performance, API Gateway HTTP API SQS integrations, and enhancements across S3, CloudFront, CodeBuild, and EventBridge Pipes providers.

AWS Features

• LocalStack now supports AWS CodeArtifact, enabling you to mock creating domains, repositories, external connections, and authorization tokens, with additional support for NPM repositories, enabling you to publish and install packages locally. Refer to our documentation to learn more. (🌟 base)

Enhancements

• LocalStack now includes Kubernetes support for AWS Glue job execution, enabling you to run them as pods in your Kubernetes cluster. To activate the Kubernetes executor, set the GLUE_JOB_EXECUTOR_PROVIDER environment variable to v2, and set the CONTAINER_RUNTIME environment variable to kubernetes. (🌟 enterprise)
• LocalStack has significantly improved the performance and capabilities of AWS AppSync JavaScript resolvers. The JavaScript resolver executor has been overhauled to replace the previous Docker container-based implementation with a lightweight Node.js runtime package. (🌟 ultimate)
• AppSync provider now includes the following enhancements: (🌟 ultimate)
  • AppSync now supports console.log statements in resolver code, with the output directed to LocalStack logs for improved debugging capabilities.
  • Support for attributeExists conditions in the RDS statement where clause logic.
  • Enhanced JavaScript resolver utility functions, including support for util.error and util.unauthorized methods, with improved util.appendError functionality.
• CodeBuild provider now includes the following enhancements: (🌟 base)
  • Buildspec overrides now follow the correct precedence. Buildspecs from CreateProject and StartBuild take priority over those in the source code. Buildspec overrides from CodePipeline actions are supported and passed to StartBuild.
  • CRUD support for source credentials is now available: ImportSourceCredentials, ListSourceCredentials, and DeleteSourceCredentials .
  • You can use custom Docker images by setting the CODEBUILD_ENABLE_CUSTOM_IMAGES environment variable. This allows any build image, not just Amazon Linux 2023 containers. Official AWS CodeBuild Docker images from GitHub are also supported.
  • Environment variables now support Secrets Manager and SSM parameters as well as plaintext variables. Variable precedence is handled correctly (StartBuild > CreateProject > buildspec), and parameter overrides now update values instead of fully replacing them during builds.
• API Gateway HTTP API provider now includes support for AWS_PROXY SQS subtypes (first-class integrations), enabling direct SQS operations through HTTP API endpoints. The supported operations include: (🌟 base)
  • SendMessage
  • ReceiveMessage
  • PurgeQueue
  • DeleteMessage
• Support for AWS S3 MetricsConfiguration APIs, enabling management of CloudWatch request metrics configurations for S3 buckets. The supported operations include:
  • PutMetricsConfiguration
  • GetMetricsConfiguration
  • DeleteMetricsConfiguration
  • ListBucketMetricsConfigurations
• EventBridge Pipes provider now supports pipe configuration updates through the UpdatePipe operation. You can now modify: (🌟 ultimate)
  • Pipe targets
  • Target parameters
  • Enrichment configurations This is in addition to the previously supported source parameters.
• API Gateway provider now supports:
  • Support for the UpdateMethodResponse API.
  • CRUD operations for WebSockets route and integration request parameters through enhanced CreateRoute and CreateIntegration validation logic. (🌟 base)
  • DeleteRouteRequestParameter operation, enabling complete lifecycle management of WebSocket route configurations and proper parameter handling in the invocation layer. (🌟 base)
  • Improved VTL $input.path and $input.json handling, fixing edge cases for empty request bodies, non-existent JSONPath values, non-JSON content, and string body fallback behavior for better parity with AWS.
• S3 provider now includes the following enhancements:
  • DeleteObject now checks IfMatch headers correctly. It returns errors for IfMatch on regular buckets, since this is only supported in Directory Buckets, and adds clear logs.
  • Object Lock compliance is improved. Retention Mode values are validated, and COMPLIANCE mode restrictions are enforced when updating retention with PutObjectRetention.
  • Improved Checksum handling in UploadPartCopy with checksums now calculated and returned correctly during multipart copy in multipart uploads.
  • GetObjectAttributes now fully implements ObjectParts. It supports both COMPOSITE and FULL_OBJECT checksums for multipart uploads and stores and retrieves part metadata correctly.
• CloudFront provider now supports custom distribution IDs through the _custom_id_ tag, enabling predictable distribution URLs. Refer to our documentation to learn more. (🌟 base)
• EFS provider now supports the following new API operations: (🌟 ultimate)
  • UpdateFileSystem

... (truncated)

Commits

• fcdc53c release version 4.6.0
• 583b620 IAM: Fix listing roles with tags (#12825)
• fdef993 removed create appsync fixtures (#12572)
• 518c2fe APIGW: implement UpdateMethodResponse and tests for MethodResponse (#12821)
• 7fd523c Update STS session storage model to be more flexible (#12793)
• 6a0e8ee CFn telemetry: capture actions on resources (#12798)
• 0f5ebcc Upgrade pinned Python dependencies (#12822)
• e854dd1 CI: updated owners of .test_durations file (#12820)
• a6ec498 Update ASF APIs (#12817)
• 24d0f8f [Testing] Update test durations (#12815)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[eddalmond1]

@dependabot rebase