Merge branch 'master' into update-botocore-1.37.3

Author: stj

.github/workflows/ci-cd.yml

@@ -1,6 +1,8 @@
 ---
 name: CI/CD
 
+permissions: {}
+
 on:
   merge_group:
   push:
@@ -22,28 +24,9 @@ env:
 
 jobs:
   build:
-    name: Build distribution 📦
-    runs-on: ubuntu-24.04
-    timeout-minutes: 5
-
-    steps:
-    - uses: actions/checkout@v4
-    - name: Install uv
-      uses: astral-sh/setup-uv@v5
-    - name: Build distribution 📦
-      run: uv build
-    - name: Check distribution 📦
-      run: uvx twine check --strict dist/*
-    - name: Upload distribution 📦
-      uses: actions/upload-artifact@v4
-      with:
-        name: python-package-distributions
-        path: dist/
+    uses: ./.github/workflows/reusable-build.yml
 
   test:
-    name: Test Python ${{ matrix.python-version }} on ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
-    continue-on-error: ${{ matrix.experimental }}
     strategy:
       matrix:
         python-version:
@@ -67,49 +50,35 @@ jobs:
           python-version: 3.11
           os: ubuntu-24.04
       fail-fast: false
-    env:
-      UV_FROZEN: 1
-    timeout-minutes: 5
+    uses: ./.github/workflows/reusable-test.yml
+    with:
+      python-version: ${{ matrix.python-version }}
+      os: ${{ matrix.os }}
+      continue-on-error: ${{ matrix.experimental }}
+      enable-cache: ${{ github.ref_type == 'tag' && 'false' || 'auto' }}
+      upload-coverage: ${{ matrix.upload-coverage }}
+    secrets:
+      # yamllint disable-line rule:line-length
+      codecov-token: ${{ matrix.upload-coverage && secrets.CODECOV_TOKEN || '' }}
 
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v4
-      with:
-        submodules: true
-    - name: Install uv
-      uses: astral-sh/setup-uv@v5
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: Run pre-commit hooks
-      run: |
-        uv run make pre-commit
-    - name: Run unittests
-      env:
-        COLOR: 'yes'
-      run: |
-        uv run make mototest
-    - name: Upload coverage to Codecov
-      if: ${{ matrix.upload-coverage }}
-      uses: codecov/codecov-action@v5.4.2
-      with:
-        token: ${{ secrets.CODECOV_TOKEN }}  # not required for public repos
-        files: ./coverage.xml
-        flags: unittests  # optional
-        name: codecov-umbrella  # optional
-        fail_ci_if_error: true  # optional (default = false)
-        verbose: true  # optional (default = false)
+  zizmor:
+    uses: ./.github/workflows/reusable-zizmor.yml
+    permissions:
+      security-events: write
 
   check:  # This job does nothing and is only used for the branch protection
     if: always()
     needs:
     - build
     - test
+    - zizmor
     runs-on: ubuntu-24.04
     timeout-minutes: 5
 
     steps:
     - name: Decide whether the needed jobs succeeded or failed
-      uses: re-actors/alls-green@release/v1
+      # yamllint disable-line rule:line-length
+      uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe  # v1.2.2
       with:
         jobs: ${{ toJSON(needs) }}
 
@@ -135,7 +104,10 @@ jobs:
         path: dist/
     - name: Check if distribution 📦 names match git tag
       run: |
-        test -f "dist/aiobotocore-${{ github.ref_name }}.tar.gz"
-        test -f "dist/aiobotocore-${{ github.ref_name }}-py3-none-any.whl"
+        test -f "dist/aiobotocore-${REF_NAME}.tar.gz"
+        test -f "dist/aiobotocore-${REF_NAME}-py3-none-any.whl"
+      env:
+        REF_NAME: ${{ github.ref_name }}
     - name: Publish distribution 📦 to PyPI
-      uses: pypa/gh-action-pypi-publish@release/v1
+      # yamllint disable-line rule:line-length
+      uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc  # v1.12.4

.github/workflows/reusable-build.yml

@@ -0,0 +1,37 @@
+---
+name: Reusable build
+
+permissions: {}
+
+on:
+  workflow_call:
+
+env:
+  FORCE_COLOR: 1
+
+jobs:
+  build:
+    name: Build distribution 📦
+    runs-on: ubuntu-24.04
+    timeout-minutes: 5
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+    - name: Install uv
+      # yamllint disable-line rule:line-length
+      uses: astral-sh/setup-uv@c7f87aa956e4c323abf06d5dec078e358f6b4d04  # v6.0.0
+      with:
+        # yamllint disable-line rule:line-length
+        enable-cache: | # zizmor: ignore[cache-poisoning] cache is disabled when publishing to prevent poisoning
+          ${{ github.ref_type == 'tag' && 'false' || 'auto' }}
+    - name: Build distribution 📦
+      run: uv build
+    - name: Check distribution 📦
+      run: uvx twine check --strict dist/*
+    - name: Upload distribution 📦
+      uses: actions/upload-artifact@v4
+      with:
+        name: python-package-distributions
+        path: dist/

.github/workflows/reusable-test.yml

@@ -0,0 +1,68 @@
+---
+name: Reusable test
+
+permissions: {}
+
+on:
+  workflow_call:
+    inputs:
+      python-version:
+        type: string
+        required: true
+      os:
+        type: string
+        required: true
+      continue-on-error:
+        type: boolean
+      enable-cache:
+        type: string
+        required: true
+      upload-coverage:
+        type: boolean
+    secrets:
+      codecov-token:
+        required: false
+
+env:
+  FORCE_COLOR: 1
+
+jobs:
+  test:
+    name: Test Python ${{ inputs.python-version }} on ${{ inputs.os }}
+    runs-on: ${{ inputs.os }}
+    continue-on-error: ${{ inputs.continue-on-error }}
+    env:
+      UV_FROZEN: 1
+    timeout-minutes: 5
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+        submodules: true
+    - name: Install uv
+      # yamllint disable-line rule:line-length
+      uses: astral-sh/setup-uv@c7f87aa956e4c323abf06d5dec078e358f6b4d04  # v6.0.0
+      with:
+        python-version: ${{ inputs.python-version }}
+        enable-cache: ${{ inputs.enable-cache }}
+    - name: Run pre-commit hooks
+      run: |
+        uv run make pre-commit
+    - name: Run unittests
+      env:
+        COLOR: 'yes'
+      run: |
+        uv run make mototest
+    - name: Upload coverage to Codecov
+      if: ${{ inputs.upload-coverage }}
+      # yamllint disable-line rule:line-length
+      uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d  # v5.4.2
+      with:
+        token: ${{ secrets.codecov-token }}  # not required for public repos
+        files: ./coverage.xml
+        flags: unittests  # optional
+        name: codecov-umbrella  # optional
+        fail_ci_if_error: true  # optional (default = false)
+        verbose: true  # optional (default = false)

.github/workflows/reusable-zizmor.yml

@@ -0,0 +1,39 @@
+---
+name: Reusable zizmor
+
+permissions: {}
+
+on:
+  workflow_call:
+
+env:
+  FORCE_COLOR: 1
+
+jobs:
+  zizmor:
+    name: zizmor
+    runs-on: ubuntu-24.04
+    permissions:
+      security-events: write
+    timeout-minutes: 5
+
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+    - name: Install uv
+      # yamllint disable-line rule:line-length
+      uses: astral-sh/setup-uv@c7f87aa956e4c323abf06d5dec078e358f6b4d04  # v6.0.0
+      with:
+        # yamllint disable-line rule:line-length
+        enable-cache: | # zizmor: ignore[cache-poisoning] cache is disabled when publishing to prevent poisoning
+          ${{ github.ref_type == 'tag' && 'false' || 'auto' }}
+    - name: Run zizmor 🌈
+      run: uvx zizmor --format=sarif . > results.sarif
+      env:
+        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - name: Upload SARIF file
+      uses: github/codeql-action/upload-sarif@v3
+      with:
+        sarif_file: results.sarif
+        category: zizmor

.pre-commit-config.yaml

@@ -22,7 +22,7 @@ repos:
     args: [--fix]
   - id: ruff-format
 - repo: https://github.com/astral-sh/uv-pre-commit
-  rev: 0.6.0
+  rev: 0.6.17
   hooks:
   - id: uv-lock
 - repo: https://github.com/adrienverge/yamllint

CHANGES.rst

@@ -1,9 +1,11 @@
 Changes
 -------
 
-2.22.0 (2025-04-15)
+2.22.0 (2025-04-29)
 ^^^^^^^^^^^^^^^^^^^
-* patch `ResponseParser`
+* fully patch ``ClientArgsCreator.get_client_args()``
+* patch ``AioEndpoint.__init__()``
+* patch ``EventStream._parse_event()``, ``ResponseParser`` and subclasses
 * use SPDX license identifier for project metadata
 * upstream support for the smithy-rpc-v2-cbor protocol
 * bump botocore dependency specification

aiobotocore/args.py

@@ -6,6 +6,7 @@
 
 from .config import AioConfig
 from .endpoint import DEFAULT_HTTP_SESSION_CLS, AioEndpointCreator
+from .parsers import create_parser
 from .regions import AioEndpointRulesetResolver
 from .signers import AioRequestSigner
 
@@ -94,7 +95,7 @@ def get_client_args(
         serializer = botocore.serialize.create_serializer(
             protocol, parameter_validation
         )
-        response_parser = botocore.parsers.create_parser(protocol)
+        response_parser = create_parser(protocol)
 
         ruleset_resolver = self._build_endpoint_resolver(
             endpoints_ruleset_data,

aiobotocore/endpoint.py

@@ -16,6 +16,7 @@
 
 from aiobotocore.httpchecksum import handle_checksum_body
 from aiobotocore.httpsession import AIOHTTPSession
+from aiobotocore.parsers import AioResponseParserFactory
 from aiobotocore.response import StreamingBody
 
 DEFAULT_HTTP_SESSION_CLS = AIOHTTPSession
@@ -57,6 +58,28 @@ async def convert_to_response_dict(http_response, operation_model):
 
 
 class AioEndpoint(Endpoint):
+    def __init__(
+        self,
+        host,
+        endpoint_prefix,
+        event_emitter,
+        response_parser_factory=None,
+        http_session=None,
+    ):
+        if response_parser_factory is None:
+            response_parser_factory = AioResponseParserFactory()
+
+        if http_session is None:
+            raise ValueError('http_session must be provided')
+
+        super().__init__(
+            host=host,
+            endpoint_prefix=endpoint_prefix,
+            event_emitter=event_emitter,
+            response_parser_factory=response_parser_factory,
+            http_session=http_session,
+        )
+
     async def close(self):
         await self.http_session.close()
 
@@ -203,7 +226,6 @@ async def _do_get_response(self, request, operation_model, context):
             customized_response_dict=customized_response_dict,
         )
         parser = self._response_parser_factory.create_parser(protocol)
-
         parsed_response = await parser.parse(
             response_dict, operation_model.output_shape
         )
@@ -233,7 +255,6 @@ async def _add_modeled_error_fields(
         error_shape = service_model.shape_for_error_code(error_code)
         if error_shape is None:
             return
-
         modeled_parse = await parser.parse(response_dict, error_shape)
         # TODO: avoid naming conflicts with ResponseMetadata and Error
         parsed_response.update(modeled_parse)

aiobotocore/eventstream.py

@@ -3,6 +3,7 @@
     EventStreamBuffer,
     NoInitialResponseError,
 )
+from botocore.exceptions import EventStreamError
 
 
 class AioEventStream(EventStream):
@@ -14,7 +15,7 @@ def __aiter__(self):
 
     async def __anext__(self):
         async for event in self._event_generator:
-            parsed_event = self._parse_event(event)
+            parsed_event = await self._parse_event(event)
             if parsed_event:
                 yield parsed_event
 
@@ -25,6 +26,16 @@ async def _create_raw_event_generator(self):
             for event in event_stream_buffer:
                 yield event  # unfortunately no yield from async func support
 
+    async def _parse_event(self, event):
+        response_dict = event.to_response_dict()
+        parsed_response = await self._parser.parse(
+            response_dict, self._output_shape
+        )
+        if response_dict['status_code'] == 200:
+            return parsed_response
+        else:
+            raise EventStreamError(parsed_response, self._operation_name)
+
     async def get_initial_response(self):
         try:
             async for event in self._event_generator: