Release v1.50.1

What's Changed

• fix: Rule E3031 false positive for boolean values with pattern by @kddejong in #4485
• Add python 3.14 support by @kddejong in #4487
• Update CloudFormation schemas to 2026-04-29 by @github-actions[bot] in #4483
• fix: use TOML-native posargs syntax for multi-arg expansion by @kddejong in #4488

Full Changelog: v1.50.0...v1.50.1

Release v1.50.0

What's Changed

• feat: add rule E3720 to validate StorageEncrypted is set when KmsKeyId is specified for non-custom engine RDS DBInstances by @kddejong in #4480
• feat: add rule E3721 to validate ReplicaMode enum values for Oracle and Db2 engines by @kddejong in #4480
• feat: add rule W3699 to warn when ReplicaMode is specified for non-Oracle/Db2 engines (silently ignored) by @kddejong in #4480
• feat: add rule W3700 to warn when EIP Domain has non-standard values (silently converted to vpc) by @kddejong in #4480
• Add maxUniqueItems JSON Schema keyword for arrays where duplicates are allowed but unique count is limited by @kddejong in #4480
• Fix schema validation false positives for CloudWatch Alarm actions, Lambda Layers, Connect RoutingProfile, and stale smithy enums by @kddejong in #4480
• Update CI badge in README.md by @ScottBrenner in #4478
• Update CloudFormation schemas to 2026-04-27 by @github-actions[bot] in #4477

Full Changelog: v1.49.3...v1.50.0

Release v1.49.3

What's Changed

• chore(deps): update sympy requirement from >=1.0.0 to >=1.14.0 in /requirements by @dependabot[bot] in #4473
• Fix E3719 false positive when BackupRetentionPeriod is omitted by @kddejong in #4475
• Update CloudFormation schemas to 2026-04-22 by @github-actions[bot] in #4467

Full Changelog: v1.49.2...v1.49.3

Release v1.49.2

What's Changed

• Fix E1041 false positive: add Lambda::Function.Arn format to Lambda Alias by @kddejong in #4469

Full Changelog: v1.49.1...v1.49.2

Release v1.49.1

What's Changed

• Add rule E3718 to validate AuthorizerResultTtlInSeconds maximum of 3600 only applies to TOKEN and REQUEST authorizers by @kddejong in #4444
• Add rule W3671 to validate Iops is ignored for certain EBS volume types by @kddejong in #4444
• Add rule E3719 to validate RDS BackupRetentionPeriod based on instance configuration by @kddejong in #4444
• Fix schema false positives by @kddejong in #4463
• Fix E3032 false positive on arrays with mutually exclusive conditions by @kddejong in #4464
• Update CloudFormation schemas to 2026-04-21 by @github-actions[bot] in #4462

Full Changelog: v1.49.0...v1.49.1

Release v1.49.0

What's Changed

• feat: add rule E3712 to validate TargetTrackingScaling policy requires ASG MaxSize greater than MinSize by @kddejong in #4444
• feat: add rule E3713 to validate Fargate ECS services use supported log drivers by @kddejong in #4444
• feat: add rule E3714 to validate LaunchTemplate SecurityGroup and Subnet are in the same VPC by @kddejong in #4444
• feat: add rule E3711 to validate ListenerRule target group protocol is not GENEVE by @kddejong in #4444
• feat: add rule E3715 to validate VirtualName uses ephemeral device format when Ebs is absent by @kddejong in #4456
• feat: add rule W3698 to warn VirtualName is ignored when Ebs is specified by @kddejong in #4456
• feat: add rule E3716 to validate Lambda layer ARN length based on region by @kddejong in #4444
• Expand format keyword coverage for additional AWS services by @kddejong in #4442
• Add missing resource types to _all_property_types for GetAtt by @kddejong in #4443
• Fix Lambda FunctionName maxLength from 140 to 64 by @kddejong in #4448
• Fix false positive E3062 when EngineVersion is unquoted float by @kddejong in #4454
• fix: condition CNF explosion for templates with nested condition references by @kddejong in #4455
• Fix smithy script to check exceptions for pattern constraints by @kddejong in #4451
• Skip me-south-1 during schema update due to endpoint timeout by @kddejong in #4449
• chore(deps): restrict to Python 3.13 by @adrianmace in #4452
• chore(deps): bump softprops/action-gh-release from 2 to 3 by @dependabot[bot] in #4457
• Update CloudFormation schemas to 2026-04-20 by @github-actions[bot] in #4450

New Contributors

• @adrianmace made their first contribution in #4452

Full Changelog: v1.48.1...v1.49.0

Release v1.48.1

What's Changed

• fix: Timestream lifecycle patches to exclude InfluxDB resources by @kddejong in #4437
• Add Publish to smithy action prefixes for LayerVersion validation by @kddejong in #4438
• Update CloudFormation schemas to 2026-03-31 by @github-actions[bot] in #4434

Full Changelog: v1.48.0...v1.48.1

Release v1.48.0

What's Changed

• feat: add rule E3697 to validate Lambda env var 4KB size limit by @raajheshkannaa in #4405
• Require VpcConfig when FileSystemConfigs is specified on Lambda Function by @kddejong in #4408
• Freeze date in tests for deterministic runtime deprecation results by @kddejong in #4409
• feat: add rule E3530 to validate AssumeRolePolicyDocument principal ARNs by @raajheshkannaa in #4410
• Add W1053: Warn on dynamic references with spaces by @kddejong in #4412
• Fix max recursion crash when cfnlintrc has non_zero_exit_code by @kddejong in #4414
• Fix deployment file template path resolution from CWD by @kddejong in #4415
• Fix maintenance workflow to update requirements/base.txt by @kddejong in #4416
• Add enum validation for predictive scaling predefined metric types by @kddejong in #4417
• Add JSONPath pattern validation for Step Functions state machine by @kddejong in #4419
• Fix ForEach transform resolving functions in Fn::If condition name by @kddejong in #4418
• Fix E2533 not reporting deprecated runtimes from AllowedValues by @kddejong in #4421
• Add graph() function to cfnlint.api by @kddejong in #4422
• feat: add rule E3706 to validate AutoScaling MaxSize is greater than or equal to
  MinSize by @kddejong in #4424
• feat: add schema patch to enforce Lambda Layers maxItems of 5 by @kddejong in #4424
• feat: add schema patch to validate CloudWatch AlarmName has no leading/trailing whitespace by @kddejong in #4424
• feat: add schema patch for uniqueKeys on AutoScaling LaunchTemplate Overrides to prevent duplicate instance types by @kddejong in https://github.com/aws-cloudformation/cfn-lint
  /pull/4424
• feat: add cfnGather JSON Schema keyword for cross-resource property validation by @kddejong in #4393
• feat: add rule E3699 to validate API Gateway Method and Authorizer use the same RestApi
  by @kddejong in #4393
• feat: add rule E3708 to validate API Gateway Method AuthorizationType matches Authorizer
  Type by @kddejong in #4393
• feat: add rule E3698 to validate API Gateway Stage and Deployment use the same RestApi by
  @kddejong in #4393
• feat: add rule E3705 to validate SQS FIFO queue EventSourceMapping BatchSize is at most
  10 by @kddejong in #4393
• feat: add rule W3664 to validate Lambda Permission Principal matches SourceArn resource
  type by @kddejong in #4393
• feat: add rule E3707 to validate RDS DBInstance Engine matches DBCluster Engine by @
  kddejong in #4393
• feat: add rule E3709 to validate RDS DBInstance StorageEncrypted matches DBCluster by @
  kddejong in #4393
• feat: add rule W3694 to validate SNS Subscription Endpoint matches Protocol by @kddejong
  in #4393
• Add RDS DBCluster MasterUsername validation by @kddejong in #4425
• feat: add rule E3710 to error on resource types from fully shut down AWS services by @
  kddejong in #4423
• feat: add rule W3696 to warn on resource types from sunsetting AWS services by @kddejong
  in #4423
• feat: add rule W3697 to warn on resource types from AWS services in maintenance mode by @
  kddejong in #4423
• fix: add required to cfnGather if/then schemas to prevent vacuous matches by @kddejong in #4426
• chore(deps): bump codecov/codecov-action from 5 to 6 by @dependabot[bot] in #4432
• Remove PyPI API token by @meeuw in #4431
• Update CloudFormation schemas to 2026-03-31 by @github-actions[bot] in #4411

New Contributors

• @raajheshkannaa made their first contribution in #4405

Full Changelog: v1.47.1...v1.48.0

Release v1.47.1

What's Changed

• Fix E3063 false positive when Code is a string (aws-cli pattern) by @kddejong in #4399
• Cap resolve_value permutations to prevent exponential blowup by @kddejong in #4394
• Fix: maintenance guardduty policy by @kddejong in #4400
• Add EngineVersion of 8.0.0 to DocDB Cluster by @kddejong in #4401
• Support multi-attribute composite keys in DynamoDB GSI KeySchema by @kddejong in #4402
• Allow JSONata string expressions for Arguments in Step Functions by @kddejong in #4403
• Update CloudFormation schemas to 2026-03-24 by @github-actions[bot] in #4404

Full Changelog: v1.47.0...v1.47.1

Release v1.47.0

What's Changed

• Remove Python 3.9 support (EOL October 2025) by @kddejong in #4383
• feat: add region filtering to --update-specs by @kddejong in #4382
• Add unknown validation state for intrinsic functions in composite validators by @kddejong in #4384
• Update CloudFormation schemas to 2026-03-10 by @github-actions[bot] in #4381
• Fix/skip resolve unconstrained schema by @kddejong in #4388
• chore(deps): bump setuptools from 82.0.0 to 82.0.1 in /requirements by @dependabot[bot] in #4385
• Update CloudFormation schemas to 2026-03-13 by @github-actions[bot] in #4386

Full Changelog: v1.46.0...v1.47.0