
Latest version: v4.1.1

Safety actively analyzes 706267 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 15 of 18


**1. New Features**

* update Elasticsearch to 7.1
* add support for SNS redrive policy for Lambda/SQS/HTTP events
* add message polling mechanism for Lambda-SQS integration
* add test for S3 list_object_versions with EncodingType parameter
* add CloudFormation support for SSM::Parameter, API Gateway MethodResponses
* add SQS list-dead-letter-source-queues API

**2. Enhancements**

* support passing of parameters to nested CF stacks
* generate default Lambda FunctionName in CloudFormation
* handle empty Subject in SNS publish calls
* integrate S3 starter into multiserver to improve performance
* clear out sys.modules to resolve name clashes for multiple local python lambda functions
* suppress supervisor warning when running in docker as root

**3. Bug Fixes**

* fix error around ChangeSet deployment in CloudFormation
* fix CF dependency resolution for stack update
* fix downloading of CF template from S3 with custom hostname
* fix timestamp formatting (millis instead of micros)
* fix returning ETag for S3 GetObject calls with range parameter
* fix send_raw_email for sending raw emails in SES
* fix SecretsManager list-secrets to return same ARNs for secrets
* fix empty response for PutTargets in CloudWatch Events
* fix forwarding of Lambda output to CloudWatch Logs
* fix region in CF stack ARNs


Not secure
**1. New Features**

* add CF support for S3::BucketPolicy
* add basic `/health` check endpoint
* add API to confirm SNS subscriptions
* add persistence for Elasticsearch Service API calls
* add support for Java11 Lambda runtime
* add ignoreDockerRunErrors JUnit Docker attribute

**2. Enhancements**

* make Lambda batch size configurable for Kinesis event source mappings
* move Java sources into separate project
* refactor CF dependency resolution loop
* optimize plugin loading to speed up boot time
* configure Node.js Lambdas to skip SSL verification by default
* apply LAMBDA_REMOVE_CONTAINERS config for docker-reuse Lambda executor
* update exports on CF stack update
* allow deleting a specific version of an object in S3
* return SQS `maxReceiveCount` as integer
* return ConsumedCapacity for DynamoDB Query action
* support static refs in CloudFormation Fn::Sub strings
* support ExtendedS3DestinationConfiguration in Firehose streams
* expose Java options for local Lambda executors
* mark non-Docker Java `LocalstackExtension` as deprecated
* prefix CloudWatch event file names with timestamps
* refactor resolution of CF resource name placeholders
* add ExportName to CloudFormation stack outputs
* update ElasticMQ version, fix SQS tags API
* refactor logic and use single file for persistence
* resolve CloudFormation attributes starting with lower case
* adjust urllib3 pool size to allow more parallel HTTP requests
* add test for S3 range header
* make Lambdas triggered by SQS run asynchronously
* include latest Lambda regions from boto3
* pull non-existing Docker image from JUnit runner

**3. Bug Fixes**

* fix deployment of EC2 subnets with CidrIpv6
* fix creation of SQS tags via CloudFormation
* fix notifications for S3 uploads made with presigned POST requests
* fix objectsize in S3 notification events
* fix SNS subscription confirmation message to include signature details
* fix returned attributes on ReturnValues=ALL_OLD for DynamoDB PutItem
* fix CreationTime for CF stacks
* fix handler lookup for "provided" Lambda runtime
* fix CloudWatch log streams lambda timestamp format
* fix RawMessageDelivery subscription values for SNS-SQS integration
* fix setting of empty SQS queue attribute values
* fix CloudFormation support for IAM::Role
* fix SNS tag listing to remove duplicate tags
* fix regex for replacement of S3 ETag hashes
* fix region for SQS queue ARNs in Lambda event source mappings
* fix `nextToken` for CW Logs API
* fix CreationDate format for S3 ListBuckets
* fix forward URL protocol for S3 proxy
* fix S3 uploads with underscores in metadata
* fix detection of absolute URLs in proxy paths
* remove None strings from SNS results


Not secure
**1. New Features**

* add kinesis/ListStreams API Gateway integration
* add initial support for Kinesis stream consumers
* add initial support for KMS via local-kms
* add CloudFormation support for deployment of SAM resources

**2. Enhancements**

* add UUIDs to CW events
* update SSL certificate to new requirements in MacOS Catalina
* add test for CW logs multi-byte message
* enhance proxy to transparently accept both HTTP/HTTPS on the same port
* support TemplateURL for CF ValidateTemplate
* support Marker for S3 ListObjects
* bump moto to latest version
* allow trailing slashes in Elasticsearch API
* refactor Java libs, make Docker the default JUnit executor
* update ElasticMQ version
* support JARs in lib/ folder for Java lambdas
* disable SSL verification for CF template URLs
* add S3 website ErrorDocument emulation
* add locking for SSL cert creation

**3. Bug Fixes**

* fix Docker port mapping for JUnit test runner
* fix S3 bucket name validation, auto-convert uppercase characters in bucket names
* fix CF deployment of step functions
* fix DOCKER_HOST_FROM_CONTAINER config for local exec
* fix object ACLs for multipart uploads
* fix MD5 hash of message attributes on SQS->Lambda integration
* fix SNS FilterPolicy configuration
* fix LocationConstraint markup in S3 responses
* fix success_action_status for S3 POST Object
* fix return type of Lambda GetPolicy
* fix API Gateway authorizer implementation
* fix permission issue for cert files
* fix non-JSON content types for API Gateway
* fix DynamoDB error for Put on non-existing table
* fix notification triggers on S3 presigned URL upload
* fix passing of metadata on S3 presigned URL put
* fix Terraform deployment for Lambdas
* fix stack name in CloudFormation resource names
* fix S3 bucket name checks for domain based addressing


Not secure
Change Log:

Various CloudFormation fixes: deployment of API GW method integrations, properly skip resource updates, Lambda SQS event source mapping, avoid duplicate resource creation, support for ApiGateway::GatewayResponse and Events::Rule, log groups for Lambdas; support adding Lambda policies; customize Docker registry for Lambda images; support multiple configurations in S3 notifications; fix encoding of non-ASCII results from API Gateway; allow docker-reuse to use mounted volumes; support presigned S3 URL upload notifications; fix lookup of Python Lambda handler in sub directories; upgrade kinesalite; fix duplicate CORS headers; fix mapping of Lambda versions and ARNs; fix SNS x-amz-sns-message-type header; send SNS confirmation message for HTTP(S) subscriptions; fix DynamoDB local libs for Docker Alpine; add CF support for SNS subscriptions; fix RecordId for firehose put-record-batch; fix SQS messages with multi-byte characters; avoid creating multiple SNS subscriptions; add .bat script and support running under Windows; fix S3 location constraint for CF


Not secure
Change Log:

Add checks for open UDP ports; fix S3 chunked encoding uploads; fix LatestStreamLabel; fix CORS headers for SQS/SNS; set Java lambda debug port only when needed; expose default region in a util function; fix MacOS tmp folder; clear tmp supervisord logs at container startup; fix signed header requests for S3; expose Web UI via HTTPS; add Timestamp to SNS messages; fix attributes for SQS queues addressed via URL


Not secure
Change Log:

Allow specifying data types for CF attributes; add API for service status and starting services at runtime; support NextShardIterator in DDB streams; add mock responses for S3 encryption and replication; fix rendering of resources in web UI; custom SQS queue attributes; fix Lambda docker command and imports; fix SQS queue physical ID in CF; allow proxy listener to define custom backend per request; support Lambda event body over stdin; exclude `ingest-geoip` ES module to optimize image size; skip checking MD5 on S3 copy; fix DynamoDB table ARN for CF; fix CF deployment of StepFunction activities; fix uploading of Java Lambda as JAR in ZIP; fix installing libs for plugins; added `LAMBDA_JAVA_OPTS` for Java Lambda debugging; bump Maven dependency versions; refactor Lambda API; fix boolean strings in CF templates; allow overriding AWS account id with `TEST_AWS_ACCOUNT_ID`; fix incorrect region for API GW resources created via CF; fix permissions for cache files in `/tmp`

Page 15 of 18

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.