Skip to content

build(deps): bump wrapt from 2.2.1 to 2.2.2 in /lambda in the patches group across 1 directory#98

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/lambda/patches-61eed9b54a
Closed

build(deps): bump wrapt from 2.2.1 to 2.2.2 in /lambda in the patches group across 1 directory#98
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/lambda/patches-61eed9b54a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps the patches group with 1 update in the /lambda directory: wrapt.

Updates wrapt from 2.2.1 to 2.2.2

Release notes

Sourced from wrapt's releases.

wrapt 2.2.2

Full release notes: https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

Install from PyPi (recommended):

pip install wrapt==2.2.2

PyPi uploads follow each GitHub release; if pip reports the version is unavailable, the matching PyPi upload may not have happened yet.

Pre-built wheels are provided for a range of Python versions and platforms (Linux x86_64/aarch64/riscv64, macOS x86_64 and arm64, Windows x86_64 and arm64, plus PyPy and free-threaded builds). The source distribution is also attached together with SHA256SUMS for verification.

wrapt 2.2.2rc3

Release candidate. Release notes for the upcoming 2.2.2 final (work in progress): https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

May be installable from PyPi:

pip install wrapt==2.2.2rc3

If pip reports the version is unavailable, this candidate either has not been uploaded yet or is not being published to PyPi. Use the attached wheels or build from the source distribution instead:

tar xf wrapt-2.2.2rc3.tar.gz
cd wrapt-2.2.2rc3
pip install .

SHA256SUMS is attached for verification of the archives.

wrapt 2.2.2rc2

Release candidate. Release notes for the upcoming 2.2.2 final (work in progress): https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-2

May be installable from PyPi:

pip install wrapt==2.2.2rc2

If pip reports the version is unavailable, this candidate either has not been uploaded yet or is not being published to PyPi. Use the attached wheels or build from the source distribution instead:

tar xf wrapt-2.2.2rc2.tar.gz

... (truncated)

Changelog

Sourced from wrapt's changelog.

Version 2.2.2

Bugs Fixed

  • When @wrapt.lru_cache was applied to an instance method that was overridden in a subclass, and the subclass method called the base class method via super(), a RecursionError was raised instead of the base class method being invoked. The per-instance cache for each method was stored as an attribute on the instance whose name was derived only from the method __name__, so the base and derived methods shared a single cache slot. The subclass cache was therefore found again when the base method was reached through super(), re-entering the subclass body and recursing without end. The cache attribute name now incorporates a unique identifier for each decorated method so that a base method and a method that overrides it use distinct per-instance caches. With thanks to the reporter of issue [#342](https://github.com/GrahamDumpleton/wrapt/issues/342) <https://github.com/GrahamDumpleton/wrapt/issues/342>_.

  • When @wrapt.lru_cache was applied to a method of a class deriving from wrapt.ObjectProxy, the per-instance cache was stored on the wrapped object rather than on the proxy. This is because the proxy __setattr__ forwards attribute assignment to the wrapped object for any name that is not a recognised proxy attribute, and the cache attribute name was not one. Storing the cache on the wrapped object had several consequences: the wrapped object was polluted with cache attributes it never defined; the cache held a reference back to the proxy through the bound method it wrapped, so a wrapped object that outlived the proxy kept the proxy alive and prevented its collection; wrapping an object that does not accept arbitrary attributes, such as one using __slots__, caused the first cached call to fail with an AttributeError; and two proxies sharing a single wrapped object shared one cache and could return results computed for the wrong proxy. The cache attribute is now stored on the proxy itself using the proxy __self_setattr__ method when the instance is a wrapt object proxy, falling back to setattr for ordinary instances.

Commits
  • 0ae09fd Merge branch 'release/2.2.2'
  • 86db7a9 Update to 2.2.2 for final release.
  • 6deda43 Update to 2.2.2rc3.
  • 9c48a1e Constrain lru_cache proxy detection to BaseObjectProxy subclasses.
  • 4053838 Update version to 2.2.2rc2.
  • 99bf4ef Store lru_cache per-instance cache on object proxy not wrapped object.
  • 0e862fb Document pickling instances with lru_cache decorated methods.
  • 73dca57 Add lru_cache tests for overridden methods calling super().
  • beead5c Fix lru_cache recursion for overridden methods calling super().
  • fbf2fc1 Document pure Python failure mode for ObjectProxy + ABCMeta mixin.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the patches group with 1 update in the /lambda directory: [wrapt](https://github.com/GrahamDumpleton/wrapt).


Updates `wrapt` from 2.2.1 to 2.2.2
- [Release notes](https://github.com/GrahamDumpleton/wrapt/releases)
- [Changelog](https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst)
- [Commits](GrahamDumpleton/wrapt@2.2.1...2.2.2)

---
updated-dependencies:
- dependency-name: wrapt
  dependency-version: 2.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patches
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 3, 2026
@github-actions github-actions Bot enabled auto-merge (squash) July 3, 2026 02:52
@timpugh

timpugh commented Jul 3, 2026

Copy link
Copy Markdown
Owner

Landed directly on main via uv lock --upgrade-package wrapt==2.2.2 (lambda/requirements.txt is generated from uv.lock, so PRs editing it can never pass the drift gate).

@timpugh timpugh closed this Jul 3, 2026
auto-merge was automatically disabled July 3, 2026 02:52

Pull request was closed

@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/pip/lambda/patches-61eed9b54a branch July 3, 2026 02:52
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

🏗️ CDK infra diff — PR vs main

ServerlessApp-us-east-1-stage/ServerlessAppBackend-us-east-1
Stack ServerlessApp-us-east-1-stage/ServerlessAppBackend-us-east-1 (ServerlessAppBackend-us-east-1)
Resources
[-] AWS::Lambda::Version ServerlessAppBackend-us-east-1/App/ApiFunction/CurrentVersion AppApiFunctionCurrentVersion01C510ACe0f93303d39fa7ee2624a275646b532f destroy
[+] AWS::Lambda::Version ServerlessAppBackend-us-east-1/App/ApiFunction/CurrentVersion AppApiFunctionCurrentVersion01C510ACb64d14417710025655192a84da656592
[~] AWS::Lambda::Function ServerlessAppBackend-us-east-1/App/ApiFunction AppApiFunctionDE515850
 ├─ [~] Code
 │   └─ [~] .S3Key:
 │       ├─ [-] 016d43b86985580afff736c428f3669246211f2f7c1349659dc1aefab28629e7.zip
 │       └─ [+] cf6805643894ed839e8415c69439651b15b99de2a2caec44a07414e4bcc2c727.zip
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] ../asset.016d43b86985580afff736c428f3669246211f2f7c1349659dc1aefab28629e7
         └─ [+] ../asset.cf6805643894ed839e8415c69439651b15b99de2a2caec44a07414e4bcc2c727
[~] AWS::Lambda::Alias ServerlessAppBackend-us-east-1/App/LiveAlias AppLiveAlias3872472E
 └─ [~] FunctionVersion
     └─ [~] .Fn::GetAtt:
         └─ @@ -1,4 +1,4 @@
            [ ] [
            [-]   "AppApiFunctionCurrentVersion01C510ACe0f93303d39fa7ee2624a275646b532f",
            [+]   "AppApiFunctionCurrentVersion01C510ACb64d14417710025655192a84da656592",
            [ ]   "Version"
            [ ] ]



✨  Number of stacks with differences: 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant