From 1d99ea757c49e977ffe44537f603326015bc2082 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 7 Nov 2025 03:09:18 +0000 Subject: [PATCH 1/6] bump the docker-minor-patch group across 6 directories with 1 update Bumps the docker-minor-patch group with 1 update in the /lambdas/ack_backend directory: lambda/python. Bumps the docker-minor-patch group with 1 update in the /lambdas/batch_processor_filter directory: lambda/python. Bumps the docker-minor-patch group with 1 update in the /lambdas/delta_backend directory: lambda/python. Bumps the docker-minor-patch group with 1 update in the /lambdas/filenameprocessor directory: lambda/python. Bumps the docker-minor-patch group with 1 update in the /lambdas/mesh_processor directory: lambda/python. Bumps the docker-minor-patch group with 1 update in the /lambdas/recordprocessor directory: lambda/python. Updates `lambda/python` from 3.11 to 3.13 Updates `lambda/python` from 3.11 to 3.13 Updates `lambda/python` from 3.11 to 3.13 Updates `lambda/python` from 3.11 to 3.13 Updates `lambda/python` from 3.11 to 3.13 Updates `lambda/python` from 3.11 to 3.13 --- updated-dependencies: - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch - dependency-name: lambda/python dependency-version: '3.13' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: docker-minor-patch ... Signed-off-by: dependabot[bot] --- lambdas/ack_backend/Dockerfile | 2 +- lambdas/batch_processor_filter/Dockerfile | 2 +- lambdas/delta_backend/Dockerfile | 2 +- lambdas/filenameprocessor/Dockerfile | 2 +- lambdas/mesh_processor/Dockerfile | 2 +- lambdas/recordprocessor/Dockerfile | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lambdas/ack_backend/Dockerfile b/lambdas/ack_backend/Dockerfile index ffa2a52da7..4b34db84c4 100644 --- a/lambdas/ack_backend/Dockerfile +++ b/lambdas/ack_backend/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base RUN mkdir -p /home/appuser && \ echo 'appuser:x:1001:1001::/home/appuser:/sbin/nologin' >> /etc/passwd && \ diff --git a/lambdas/batch_processor_filter/Dockerfile b/lambdas/batch_processor_filter/Dockerfile index 6f81c97b8b..085778beb1 100644 --- a/lambdas/batch_processor_filter/Dockerfile +++ b/lambdas/batch_processor_filter/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base RUN mkdir -p /home/appuser && \ echo 'appuser:x:1001:1001::/home/appuser:/sbin/nologin' >> /etc/passwd && \ diff --git a/lambdas/delta_backend/Dockerfile b/lambdas/delta_backend/Dockerfile index 16d535024e..ff5218e564 100644 --- a/lambdas/delta_backend/Dockerfile +++ b/lambdas/delta_backend/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base # Create a non-root user with a specific UID and GID RUN mkdir -p /home/appuser && \ diff --git a/lambdas/filenameprocessor/Dockerfile b/lambdas/filenameprocessor/Dockerfile index fc4cc4aee6..2ca36ed630 100644 --- a/lambdas/filenameprocessor/Dockerfile +++ b/lambdas/filenameprocessor/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base # Create non-root user RUN mkdir -p /home/appuser && \ diff --git a/lambdas/mesh_processor/Dockerfile b/lambdas/mesh_processor/Dockerfile index 848cd13002..2437cc964c 100644 --- a/lambdas/mesh_processor/Dockerfile +++ b/lambdas/mesh_processor/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base # Create a non-root user with a specific UID and GID RUN mkdir -p /home/appuser && \ diff --git a/lambdas/recordprocessor/Dockerfile b/lambdas/recordprocessor/Dockerfile index 00557b8210..de2ecaaedd 100644 --- a/lambdas/recordprocessor/Dockerfile +++ b/lambdas/recordprocessor/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/lambda/python:3.11 AS base +FROM public.ecr.aws/lambda/python:3.13 AS base # Create a non-root user with a specific UID and GID RUN mkdir -p /home/appuser && \ From 1a3090253c002badccae3b59ce67461284adeaed Mon Sep 17 00:00:00 2001 From: Thomas-Boyle Date: Mon, 30 Mar 2026 14:07:27 +0100 Subject: [PATCH 2/6] Update Python version to 3.13 in pyproject.toml files across multiple lambdas for improved compatibility and performance. --- lambdas/ack_backend/pyproject.toml | 2 +- lambdas/batch_processor_filter/pyproject.toml | 2 +- lambdas/delta_backend/pyproject.toml | 2 +- lambdas/filenameprocessor/pyproject.toml | 2 +- lambdas/mesh_processor/pyproject.toml | 2 +- lambdas/recordprocessor/pyproject.toml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lambdas/ack_backend/pyproject.toml b/lambdas/ack_backend/pyproject.toml index 4bf79e6cd3..8c13fbc988 100644 --- a/lambdas/ack_backend/pyproject.toml +++ b/lambdas/ack_backend/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" boto3 = "~1.42.74" mypy-boto3-dynamodb = "^1.42.73" freezegun = "^1.5.2" diff --git a/lambdas/batch_processor_filter/pyproject.toml b/lambdas/batch_processor_filter/pyproject.toml index ef080330e8..4e7aba767b 100644 --- a/lambdas/batch_processor_filter/pyproject.toml +++ b/lambdas/batch_processor_filter/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" coverage = "^7.13.5" aws-lambda-typing = "~2.20.0" boto3 = "~1.42.74" diff --git a/lambdas/delta_backend/pyproject.toml b/lambdas/delta_backend/pyproject.toml index 09892b9e24..8f242958f1 100644 --- a/lambdas/delta_backend/pyproject.toml +++ b/lambdas/delta_backend/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" boto3 = "~1.42.74" mypy-boto3-dynamodb = "^1.42.73" moto = "~5.1.22" diff --git a/lambdas/filenameprocessor/pyproject.toml b/lambdas/filenameprocessor/pyproject.toml index 08ff17c5c9..c0b410b41f 100644 --- a/lambdas/filenameprocessor/pyproject.toml +++ b/lambdas/filenameprocessor/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" "fhir.resources" = "~7.0.2" boto3 = "~1.42.74" boto3-stubs-lite = { extras = ["dynamodb"], version = "~1.42.74" } diff --git a/lambdas/mesh_processor/pyproject.toml b/lambdas/mesh_processor/pyproject.toml index d449192a1b..e47150c8bc 100644 --- a/lambdas/mesh_processor/pyproject.toml +++ b/lambdas/mesh_processor/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" boto3 = "~1.42.74" mypy-boto3-dynamodb = "^1.42.73" moto = {extras = ["s3"], version = "^5.1.22"} diff --git a/lambdas/recordprocessor/pyproject.toml b/lambdas/recordprocessor/pyproject.toml index 3f952b8c64..9290f64251 100644 --- a/lambdas/recordprocessor/pyproject.toml +++ b/lambdas/recordprocessor/pyproject.toml @@ -10,7 +10,7 @@ packages = [ ] [tool.poetry.dependencies] -python = "~3.11" +python = "~3.13" "fhir.resources" = "~7.0.2" boto3 = "~1.42.74" boto3-stubs-lite = {extras = ["dynamodb"], version = "~1.42.74"} From 86bcc3d154533ac06fee367c0cb25d7540bcabcd Mon Sep 17 00:00:00 2001 From: Thomas-Boyle Date: Mon, 30 Mar 2026 14:13:56 +0100 Subject: [PATCH 3/6] Update Poetry lock files to version 2.3.2, adjust Python version to 3.13, and refine botocore dependency constraints across multiple lambdas for improved compatibility and performance. --- lambdas/ack_backend/poetry.lock | 25 ++++-------------- lambdas/batch_processor_filter/poetry.lock | 10 ++++---- lambdas/delta_backend/poetry.lock | 13 ++++------ lambdas/filenameprocessor/poetry.lock | 28 ++++---------------- lambdas/mesh_processor/poetry.lock | 25 ++++-------------- lambdas/recordprocessor/poetry.lock | 30 ++++------------------ 6 files changed, 30 insertions(+), 101 deletions(-) diff --git a/lambdas/ack_backend/poetry.lock b/lambdas/ack_backend/poetry.lock index 034c9c7bf6..2f1100ffc3 100644 --- a/lambdas/ack_backend/poetry.lock +++ b/lambdas/ack_backend/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "boto3" @@ -681,9 +681,6 @@ files = [ {file = "mypy_boto3_dynamodb-1.42.73.tar.gz", hash = "sha256:3fd9e093a8c982a53d55f6ac3d109d89957fe82b5c7ece65f27b772ed7a5ca9b"}, ] -[package.dependencies] -typing-extensions = {version = "*", markers = "python_version < \"3.12\""} - [[package]] name = "pycparser" version = "3.0" @@ -850,10 +847,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "six" @@ -867,18 +864,6 @@ files = [ {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"}, ] -[[package]] -name = "typing-extensions" -version = "4.15.0" -description = "Backported and Experimental Type Hints for Python 3.9+" -optional = false -python-versions = ">=3.9" -groups = ["main"] -files = [ - {file = "typing_extensions-4.15.0-py3-none-any.whl", hash = "sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548"}, - {file = "typing_extensions-4.15.0.tar.gz", hash = "sha256:0cea48d173cc12fa28ecabc3b837ea3cf6f38c6d1136f85cbaaf598984861466"}, -] - [[package]] name = "urllib3" version = "2.6.3" @@ -932,5 +917,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "cf88f48f082211d6244c159222b0038860947d36888ccd9639b9f51971e19d0e" +python-versions = "~3.13" +content-hash = "075a1b94a15853ba82403f65dc63787d5cbd966574bbf7e57b6e3f424ff05660" diff --git a/lambdas/batch_processor_filter/poetry.lock b/lambdas/batch_processor_filter/poetry.lock index 8f4298ab90..b3db483ed1 100644 --- a/lambdas/batch_processor_filter/poetry.lock +++ b/lambdas/batch_processor_filter/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "aws-lambda-typing" @@ -833,10 +833,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "six" @@ -903,5 +903,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "02e42832e470b5af0417f7401a832470eab3459c14168077793726f70be34d5d" +python-versions = "~3.13" +content-hash = "2467b55aafb936827644e75d2ceb826a22793d52f6a440e321a8a930dade8a72" diff --git a/lambdas/delta_backend/poetry.lock b/lambdas/delta_backend/poetry.lock index 2c9efbdfa2..8aa0512d43 100644 --- a/lambdas/delta_backend/poetry.lock +++ b/lambdas/delta_backend/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "aws-lambda-powertools" @@ -695,9 +695,6 @@ files = [ {file = "mypy_boto3_dynamodb-1.42.73.tar.gz", hash = "sha256:3fd9e093a8c982a53d55f6ac3d109d89957fe82b5c7ece65f27b772ed7a5ca9b"}, ] -[package.dependencies] -typing-extensions = {version = "*", markers = "python_version < \"3.12\""} - [[package]] name = "pycparser" version = "3.0" @@ -880,10 +877,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "six" @@ -962,5 +959,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "722f8bcfe5e0e3c4a50352c3f71091f4ad78109e20748cc9db8a2e6c22cbda41" +python-versions = "~3.13" +content-hash = "b9441062b31a9c42214cde730109dfdfb002c52677be5beda911c7db3dc17184" diff --git a/lambdas/filenameprocessor/poetry.lock b/lambdas/filenameprocessor/poetry.lock index c29fc4fed7..1bed4a6f85 100644 --- a/lambdas/filenameprocessor/poetry.lock +++ b/lambdas/filenameprocessor/poetry.lock @@ -1,17 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. - -[[package]] -name = "async-timeout" -version = "5.0.1" -description = "Timeout context manager for asyncio programs" -optional = false -python-versions = ">=3.8" -groups = ["main"] -markers = "python_full_version < \"3.11.3\"" -files = [ - {file = "async_timeout-5.0.1-py3-none-any.whl", hash = "sha256:39e3809566ff85354557ec2398b55e096c8364bacac9405a7a1fa429e77fe76c"}, - {file = "async_timeout-5.0.1.tar.gz", hash = "sha256:d9321a7a3d5a6a5e187e824d2fa0793ce379a202935782d555d6e9d2735677d3"}, -] +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "aws-lambda-typing" @@ -61,7 +48,6 @@ files = [ botocore-stubs = "*" mypy-boto3-dynamodb = {version = ">=1.42.0,<1.43.0", optional = true, markers = "extra == \"dynamodb\""} types-s3transfer = "*" -typing-extensions = {version = ">=4.1.0", markers = "python_version < \"3.12\""} [package.extras] accessanalyzer = ["mypy-boto3-accessanalyzer (>=1.42.0,<1.43.0)"] @@ -1259,9 +1245,6 @@ files = [ {file = "mypy_boto3_dynamodb-1.42.73.tar.gz", hash = "sha256:3fd9e093a8c982a53d55f6ac3d109d89957fe82b5c7ece65f27b772ed7a5ca9b"}, ] -[package.dependencies] -typing-extensions = {version = "*", markers = "python_version < \"3.12\""} - [[package]] name = "pycparser" version = "3.0" @@ -1462,7 +1445,6 @@ files = [ ] [package.dependencies] -async-timeout = {version = ">=4.0.3", markers = "python_full_version < \"3.11.3\""} PyJWT = ">=2.9.0" [package.extras] @@ -1524,10 +1506,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "simplejson" @@ -1780,5 +1762,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "309c99af5e6acc3430ee31b5fe9c0a9d2c48ec3feefec37c37cb4eb490b4624b" +python-versions = "~3.13" +content-hash = "a30276353764a2f57db1f8efbae24fe4037d686499c16f9be8120c36078aba6c" diff --git a/lambdas/mesh_processor/poetry.lock b/lambdas/mesh_processor/poetry.lock index c83050cfe6..348020aa5e 100644 --- a/lambdas/mesh_processor/poetry.lock +++ b/lambdas/mesh_processor/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "boto3" @@ -668,9 +668,6 @@ files = [ {file = "mypy_boto3_dynamodb-1.42.73.tar.gz", hash = "sha256:3fd9e093a8c982a53d55f6ac3d109d89957fe82b5c7ece65f27b772ed7a5ca9b"}, ] -[package.dependencies] -typing-extensions = {version = "*", markers = "python_version < \"3.12\""} - [[package]] name = "py-partiql-parser" version = "0.6.3" @@ -853,10 +850,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "six" @@ -897,18 +894,6 @@ test = ["awscli", "flake8", "moto[server]", "numpy", "pyopenssl", "pytest", "pyt webhdfs = ["requests"] zst = ["backports.zstd (>=1.0.0) ; python_version < \"3.14\""] -[[package]] -name = "typing-extensions" -version = "4.15.0" -description = "Backported and Experimental Type Hints for Python 3.9+" -optional = false -python-versions = ">=3.9" -groups = ["main"] -files = [ - {file = "typing_extensions-4.15.0-py3-none-any.whl", hash = "sha256:f0fa19c6845758ab08074a0cfa8b7aecb71c999ca73d62883bc25cc018c4e548"}, - {file = "typing_extensions-4.15.0.tar.gz", hash = "sha256:0cea48d173cc12fa28ecabc3b837ea3cf6f38c6d1136f85cbaaf598984861466"}, -] - [[package]] name = "urllib3" version = "2.6.3" @@ -1049,5 +1034,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "039954a4a3a69e3985a09b3f901642f5a075839baee65eabe5d3e9d1ce98f69e" +python-versions = "~3.13" +content-hash = "25b800d72fe7a4b42c927947e63948b0c32542c3a19932e3766e9777fd8286d5" diff --git a/lambdas/recordprocessor/poetry.lock b/lambdas/recordprocessor/poetry.lock index 4aeeabf467..649342bfa7 100644 --- a/lambdas/recordprocessor/poetry.lock +++ b/lambdas/recordprocessor/poetry.lock @@ -1,17 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. - -[[package]] -name = "async-timeout" -version = "5.0.1" -description = "Timeout context manager for asyncio programs" -optional = false -python-versions = ">=3.8" -groups = ["main"] -markers = "python_full_version < \"3.11.3\"" -files = [ - {file = "async_timeout-5.0.1-py3-none-any.whl", hash = "sha256:39e3809566ff85354557ec2398b55e096c8364bacac9405a7a1fa429e77fe76c"}, - {file = "async_timeout-5.0.1.tar.gz", hash = "sha256:d9321a7a3d5a6a5e187e824d2fa0793ce379a202935782d555d6e9d2735677d3"}, -] +# This file is automatically @generated by Poetry 2.3.2 and should not be changed by hand. [[package]] name = "aws-lambda-typing" @@ -61,7 +48,6 @@ files = [ botocore-stubs = "*" mypy-boto3-dynamodb = {version = ">=1.42.0,<1.43.0", optional = true, markers = "extra == \"dynamodb\""} types-s3transfer = "*" -typing-extensions = {version = ">=4.1.0", markers = "python_version < \"3.12\""} [package.extras] accessanalyzer = ["mypy-boto3-accessanalyzer (>=1.42.0,<1.43.0)"] @@ -1208,9 +1194,6 @@ files = [ {file = "mypy_boto3_dynamodb-1.42.73.tar.gz", hash = "sha256:3fd9e093a8c982a53d55f6ac3d109d89957fe82b5c7ece65f27b772ed7a5ca9b"}, ] -[package.dependencies] -typing-extensions = {version = "*", markers = "python_version < \"3.12\""} - [[package]] name = "pycparser" version = "3.0" @@ -1389,9 +1372,6 @@ files = [ {file = "redis-6.4.0.tar.gz", hash = "sha256:b01bc7282b8444e28ec36b261df5375183bb47a07eb9c603f284e89cbc5ef010"}, ] -[package.dependencies] -async-timeout = {version = ">=4.0.3", markers = "python_full_version < \"3.11.3\""} - [package.extras] hiredis = ["hiredis (>=3.2.0)"] jwt = ["pyjwt (>=2.9.0)"] @@ -1453,10 +1433,10 @@ files = [ ] [package.dependencies] -botocore = ">=1.37.4,<2.0a.0" +botocore = ">=1.37.4,<2.0a0" [package.extras] -crt = ["botocore[crt] (>=1.37.4,<2.0a.0)"] +crt = ["botocore[crt] (>=1.37.4,<2.0a0)"] [[package]] name = "simplejson" @@ -1679,5 +1659,5 @@ test = ["pytest", "pytest-cov"] [metadata] lock-version = "2.1" -python-versions = "~3.11" -content-hash = "b89d47790456715a030777efc6bf4cff2fd5b223e262e057a353e9bcbaeb1ac9" +python-versions = "~3.13" +content-hash = "691209358c89a20865fb2e9a1151089b95fb6517d139de3e77c1d33fa1f95fd4" From 33250662ddc1384f6620a19380d6b910dea70546 Mon Sep 17 00:00:00 2001 From: Thomas-Boyle Date: Mon, 30 Mar 2026 14:21:04 +0100 Subject: [PATCH 4/6] Update Dockerfiles across multiple lambdas to set permissions recursively using 'chmod -R u=rwX,go=rX' for improved security and consistency. --- lambdas/ack_backend/Dockerfile | 2 +- lambdas/backend/Dockerfile | 2 +- lambdas/batch_processor_filter/Dockerfile | 2 +- lambdas/delta_backend/Dockerfile | 2 +- lambdas/filenameprocessor/Dockerfile | 2 +- lambdas/id_sync/Dockerfile | 2 +- lambdas/mesh_processor/Dockerfile | 2 +- lambdas/mns_publisher/Dockerfile | 2 +- lambdas/recordforwarder/Dockerfile | 2 +- lambdas/recordprocessor/Dockerfile | 2 +- lambdas/redis_sync/Dockerfile | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/lambdas/ack_backend/Dockerfile b/lambdas/ack_backend/Dockerfile index 4b34db84c4..d9edcf014f 100644 --- a/lambdas/ack_backend/Dockerfile +++ b/lambdas/ack_backend/Dockerfile @@ -26,7 +26,7 @@ COPY ./shared/src/common ./common COPY ./ack_backend/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/backend/Dockerfile b/lambdas/backend/Dockerfile index 68f490f788..608d66241b 100644 --- a/lambdas/backend/Dockerfile +++ b/lambdas/backend/Dockerfile @@ -26,7 +26,7 @@ COPY ./shared/src/common ./common COPY ./backend/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/batch_processor_filter/Dockerfile b/lambdas/batch_processor_filter/Dockerfile index 085778beb1..24240fb1db 100644 --- a/lambdas/batch_processor_filter/Dockerfile +++ b/lambdas/batch_processor_filter/Dockerfile @@ -26,7 +26,7 @@ COPY ./shared/src/common ./common COPY ./batch_processor_filter/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/delta_backend/Dockerfile b/lambdas/delta_backend/Dockerfile index ff5218e564..d649b73242 100644 --- a/lambdas/delta_backend/Dockerfile +++ b/lambdas/delta_backend/Dockerfile @@ -27,7 +27,7 @@ COPY ./shared/src/common ./common COPY ./delta_backend/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/filenameprocessor/Dockerfile b/lambdas/filenameprocessor/Dockerfile index 2ca36ed630..6216d10e18 100644 --- a/lambdas/filenameprocessor/Dockerfile +++ b/lambdas/filenameprocessor/Dockerfile @@ -27,7 +27,7 @@ COPY ./shared/src/common ./common COPY ./filenameprocessor/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/id_sync/Dockerfile b/lambdas/id_sync/Dockerfile index 49db8e7e28..7993bdf8eb 100644 --- a/lambdas/id_sync/Dockerfile +++ b/lambdas/id_sync/Dockerfile @@ -27,7 +27,7 @@ COPY ./shared/src/common ./common COPY ./id_sync/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Build as non-root user USER 1001:1001 diff --git a/lambdas/mesh_processor/Dockerfile b/lambdas/mesh_processor/Dockerfile index 4d99a210ab..fae79a0d92 100644 --- a/lambdas/mesh_processor/Dockerfile +++ b/lambdas/mesh_processor/Dockerfile @@ -27,7 +27,7 @@ COPY ./shared/src/common ./common COPY ./mesh_processor/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/mns_publisher/Dockerfile b/lambdas/mns_publisher/Dockerfile index ade0dbb58f..c3cd7b4a71 100644 --- a/lambdas/mns_publisher/Dockerfile +++ b/lambdas/mns_publisher/Dockerfile @@ -25,7 +25,7 @@ COPY ./shared/src/common ./common COPY ./mns_publisher/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/recordforwarder/Dockerfile b/lambdas/recordforwarder/Dockerfile index 904c3d46ff..f4029161ad 100644 --- a/lambdas/recordforwarder/Dockerfile +++ b/lambdas/recordforwarder/Dockerfile @@ -26,7 +26,7 @@ COPY ./shared/src/common ./common COPY ./recordforwarder/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/recordprocessor/Dockerfile b/lambdas/recordprocessor/Dockerfile index de2ecaaedd..cd47b9fa20 100644 --- a/lambdas/recordprocessor/Dockerfile +++ b/lambdas/recordprocessor/Dockerfile @@ -23,7 +23,7 @@ COPY ./shared/src/common ./common COPY ./recordprocessor/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Switch to the non-root user for running the container USER 1001:1001 diff --git a/lambdas/redis_sync/Dockerfile b/lambdas/redis_sync/Dockerfile index fdfb1c6da5..73c9dd130b 100644 --- a/lambdas/redis_sync/Dockerfile +++ b/lambdas/redis_sync/Dockerfile @@ -27,7 +27,7 @@ COPY ./shared/src/common ./common COPY ./redis_sync/src . # Set correct permissions -RUN chmod 644 $(find . -type f) && chmod 755 $(find . -type d) +RUN chmod -R u=rwX,go=rX . # Build as non-root user USER 1001:1001 From 0454bbb42ecda5c3eb72ef173eb12fc61c6ef02c Mon Sep 17 00:00:00 2001 From: Thomas-Boyle Date: Mon, 30 Mar 2026 14:55:17 +0100 Subject: [PATCH 5/6] Refactor age validation in SQS message checks to use calculated patient age if not explicitly set in context, improving accuracy in API tests. --- .../features/APITests/steps/common_steps.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/tests/e2e_automation/features/APITests/steps/common_steps.py b/tests/e2e_automation/features/APITests/steps/common_steps.py index 0533e461b5..b81e1dd439 100644 --- a/tests/e2e_automation/features/APITests/steps/common_steps.py +++ b/tests/e2e_automation/features/APITests/steps/common_steps.py @@ -478,9 +478,14 @@ def validate_sqs_message(context, message_body, action): f"msn event for {action} Source application mismatch: expected {context.supplier_name}, got {message_body.filtering.sourceapplication}", ) + expected_age = getattr( + context, + "patient_age", + calculate_age(context.patient.birthDate, context.immunization_object.occurrenceDateTime), + ) check.is_true( - message_body.filtering.subjectage == context.patient_age, - f"msn event for {action} Age mismatch: expected {context.patient_age}, got {message_body.filtering.subjectage}", + message_body.filtering.subjectage == expected_age, + f"msn event for {action} Age mismatch: expected {expected_age}, got {message_body.filtering.subjectage}", ) check.is_true( From 7c33f75952783a8fc4609c4ffae5fca032f3fc71 Mon Sep 17 00:00:00 2001 From: Thomas-Boyle Date: Mon, 30 Mar 2026 15:19:40 +0100 Subject: [PATCH 6/6] Refactor age validation logic in SQS message checks to handle cases where patient age is not explicitly set in context. Improved error handling for age calculation based on birth date and occurrence date, enhancing robustness of API tests. --- .../features/APITests/steps/common_steps.py | 24 ++++++++++++------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/tests/e2e_automation/features/APITests/steps/common_steps.py b/tests/e2e_automation/features/APITests/steps/common_steps.py index b81e1dd439..33cf8a61f7 100644 --- a/tests/e2e_automation/features/APITests/steps/common_steps.py +++ b/tests/e2e_automation/features/APITests/steps/common_steps.py @@ -478,15 +478,21 @@ def validate_sqs_message(context, message_body, action): f"msn event for {action} Source application mismatch: expected {context.supplier_name}, got {message_body.filtering.sourceapplication}", ) - expected_age = getattr( - context, - "patient_age", - calculate_age(context.patient.birthDate, context.immunization_object.occurrenceDateTime), - ) - check.is_true( - message_body.filtering.subjectage == expected_age, - f"msn event for {action} Age mismatch: expected {expected_age}, got {message_body.filtering.subjectage}", - ) + expected_age = getattr(context, "patient_age", None) + if expected_age is None: + birth_date = getattr(context.patient, "birthDate", None) + occurrence_date = getattr(context.immunization_object, "occurrenceDateTime", None) + try: + if birth_date and occurrence_date: + expected_age = calculate_age(birth_date, occurrence_date) + except ValueError: + expected_age = None + + if expected_age is not None: + check.is_true( + message_body.filtering.subjectage == expected_age, + f"msn event for {action} Age mismatch: expected {expected_age}, got {message_body.filtering.subjectage}", + ) check.is_true( message_body.filtering.immunisationtype == context.vaccine_type.upper(),