mendix · SwapnilThange · Nov 21, 2024 · Sep 19, 2024 · Sep 19, 2024 · Aug 23, 2024
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -2,24 +2,25 @@
 fail_fast: false
 repos:
   - repo: https://github.com/adrienverge/yamllint.git
-    rev: v1.33.0
+    rev: v1.35.1
     hooks:
       - id: yamllint
         args: ["--format", "parsable", "--strict"]
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v5.0.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: fix-byte-order-marker
       - id: mixed-line-ending
       - id: check-json
       - id: detect-aws-credentials
+        args: ["--allow-missing-credentials"]
   - repo: https://github.com/markdownlint/markdownlint
     rev: v0.12.0
     hooks:
       - id: markdownlint_docker
   - repo: https://github.com/charliermarsh/ruff-pre-commit
-    rev: 'v0.1.6'
+    rev: 'v0.7.3'
     hooks:
       - id: ruff
diff --git a/README.md b/README.md
@@ -198,6 +198,8 @@ cf set-env <YOUR_APP> DATABASE_CONNECTION_PARAMS '{"tcpKeepAlive": "true", "conn
 
 To allow connection to an AWS RDS database the buildpack selects the regional CA certificate stored in [`rds-certificates`](etc/rds-certificates). If the region's certificate doesn't exist, the buildpack will fail with an error `Could not find database CA certificate in map`.
 
+*:warning: After the root CA rotation of AWS RDS on 22nd August 2024, only buildpacks v5.0.5 or higher will continue to work, all older buildpacks only import no longer valid certificates and no longer can establish a connection to AWS RDS.*
+
 #### Supported VCAP Schemas
 
  Cloud Foundry database services are detected from Cloud Foundry service bindings ([VCAP](https://docs.cloudfoundry.org/devguide/deploy-apps/environment-variable.html#VCAP-SERVICES)) and translated into Mendix Runtime configuration. In case no database service is bound, the fallback is the environment variable `DATABASE_URL`.

diff --git a/buildpack/core/runtime.py b/buildpack/core/runtime.py
@@ -185,7 +185,7 @@ def _activate_license():
           <entry key="id2" value="{{LICENSE_ID}}"/>
           <entry key="license_key2" value="{{LICENSE_KEY}}"/>
         </map>"""
-        
+
     license_key = os.environ.get(
         "FORCED_LICENSE_KEY", os.environ.get("LICENSE_KEY", None)
     )

diff --git a/buildpack/infrastructure/database.py b/buildpack/infrastructure/database.py
@@ -347,7 +347,7 @@ def init(self):
                 jdbc_params.update({"sslmode": "verify-full"})
         except Exception:
             raise Exception("Could not find database CA certificate in map")
-    
+
         if database_type == "PostgreSQL" and not self.url.startswith("jdbc:"):
             self.extract_inline_cert(jdbc_params, self.SSLCERT, "postgresql.crt")
             self.extract_inline_cert(jdbc_params, self.SSLKEY, "postgresql.pk8")

diff --git a/buildpack/telemetry/metrics.py b/buildpack/telemetry/metrics.py
@@ -119,7 +119,7 @@ def micrometer_metrics_enabled(runtime_version):
             logging.debug("micrometer for non mendix public cloud")
             micrometer_enabled =  True
     return micrometer_enabled
-    
+
 
 
 def configure_metrics_registry(m2ee):

diff --git a/dependencies-stage.yml b/dependencies-stage.yml
@@ -5,5 +5,5 @@
   uri: https://cdn.mendix.com/mx-buildpack/python/python_3.10.14_linux_x64_cflinuxfs4_dda5228c.tgz
   sha256: dda5228c36196f8a7346767ad9c9ac774ec270aa55065beb8d3d052d652b9120
   cf_stacks:
-  - cflinuxfs4
+    - cflinuxfs4
   source_sha256: cefea32d3be89c02436711c95a45c7f8e880105514b78680c14fe76f5709a0f6
diff --git a/dependencies.yml b/dependencies.yml
@@ -89,10 +89,10 @@ dependencies:
       version: 8.6.0
   nginx:
     artifact: nginx_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz
-    commit: 909b06a9
+    commit: b1316f75
     fs: cflinuxfs4
     cpe: cpe:2.3:a:f5:nginx:{{ version }}:*:*:*:*:*:*:*
-    version: 1.22.1
+    version: 1.26.1
   ruby:
     artifact: ruby/ruby_{{ version }}_linux_x64_{{ fs }}_{{ commit }}.tgz
     commit: 5fed98f8

diff --git a/requirements-dev.in b/requirements-dev.in
@@ -1,10 +1,10 @@
 click==8.1.7
-idna==3.8
+idna==3.10
 pytest==8.3.3
 pytest-timer==1.0.0
 pytest-timeout==2.3.1
-pylint==3.2.7
+pylint==3.3.1
 randomname==0.2.1
 requests-mock==1.12.1
-ruff==0.6.4
+ruff==0.7.4
 parameterized==0.9.0
diff --git a/requirements.in b/requirements.in
@@ -1,11 +1,11 @@
 backoff==2.2.1
 certifi==2024.8.30
-cryptography==43.0.1
+cryptography==43.0.3
 distro==1.9.0
 httplib2==0.22.0
 jinja2==3.1.4
 omegaconf==2.3.0
-psycopg2-binary==2.9.9
+psycopg2-binary==2.9.10
 pyyaml==6.0.2
 requests==2.32.3
 urllib3==2.2.3
diff --git a/requirements.txt b/requirements.txt
@@ -16,21 +16,21 @@ cffi==1.14.4
     # via cryptography
 charset-normalizer==2.0.3
     # via requests
-cryptography==43.0.1
+cryptography==43.0.3
     # via -r requirements.in
 distro==1.9.0
     # via -r requirements.in
 httplib2==0.22.0
     # via -r requirements.in
-idna==3.7
+idna==3.10
     # via requests
 jinja2==3.1.4
     # via -r requirements.in
 markupsafe==2.0.1
     # via jinja2
 omegaconf==2.3.0
     # via -r requirements.in
-psycopg2-binary==2.9.9
+psycopg2-binary==2.9.10
     # via -r requirements.in
 pycparser==2.20
     # via cffi