Bump aws-sdk-s3 from 1.61.1 to 1.208.0 in /example

[dependabot]

Bumps aws-sdk-s3 from 1.61.1 to 1.208.0.

Changelog

Sourced from aws-sdk-s3's changelog.

1.208.0 (2025-12-16)

• Feature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.

1.207.0 (2025-12-15)

• Feature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.

1.206.0 (2025-12-02)

• Feature - New S3 Storage Class FSX_ONTAP

1.205.0 (2025-11-20)

• Feature - Enable / Disable ABAC on a general purpose bucket.

1.204.0 (2025-11-19)

• Feature - Adds support for blocking SSE-C writes to general purpose buckets.

1.203.1 (2025-11-10)

• Issue - Deprecated :checksum_mode parameter in FileDownloader#download. When set to "DISABLED", a deprecation warning is issued and the parameter is ignored. Use :response_checksum_validation on the S3 client instead to control checksum validation behavior.

1.203.0 (2025-11-05)

• Feature - Launch IPv6 dual-stack support for S3 Express

1.202.0 (2025-10-28)

• Feature - Amazon Simple Storage Service / Features: Add conditional writes in CopyObject on destination key to prevent unintended object modifications.

1.201.0 (2025-10-21)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

• Issue - Fix multipart upload to respect request_checksum_calculation when_required mode.

1.200.0 (2025-10-15)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

EntelligenceAI PR Summary

Major AWS SDK dependency update in example Gemfile.lock with new explicit gem requirements.

• Updated aws-sdk-core from 3.92.0 to 3.240.0
• Updated aws-sdk-kms from 1.30.0 to 1.118.0
• Updated aws-sdk-s3 from 1.61.1 to 1.208.0
• Added new required dependencies: base64, bigdecimal, and logger gems
• Updated supporting AWS gems (aws-eventstream, aws-partitions, aws-sigv4) and jmespath to compatible versions

[cr-gpt]

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[entelligence-ai-pr-reviews]

Entelligence AI Vulnerability Scanner

Status: No security vulnerabilities found

Your code passed our comprehensive security analysis.

[entelligence-ai-pr-reviews]

Walkthrough

This PR updates the AWS SDK dependencies in the example Gemfile.lock to significantly newer versions, representing a major version bump across the AWS SDK ecosystem. The aws-sdk-core jumps from 3.92.0 to 3.240.0, aws-sdk-kms from 1.30.0 to 1.118.0, and aws-sdk-s3 from 1.61.1 to 1.208.0. Additionally, new explicit dependencies (base64, bigdecimal, and logger) are added as required by the updated aws-sdk-core. Supporting AWS gems including aws-eventstream, aws-partitions, aws-sigv4, and jmespath are also updated to compatible versions with relaxed version constraints. These updates likely include security patches, bug fixes, and API improvements accumulated over multiple releases.

Changes

File(s)	Summary
example/Gemfile.lock	Updated AWS SDK gems to major newer versions: aws-sdk-core (3.92.0 → 3.240.0), aws-sdk-kms (1.30.0 → 1.118.0), aws-sdk-s3 (1.61.1 → 1.208.0). Added new explicit dependencies: base64, bigdecimal, and logger gems. Updated supporting AWS gems (aws-eventstream, aws-partitions, aws-sigv4) and jmespath to compatible versions with relaxed constraints.

Sequence Diagram

This diagram shows the interactions between components:

sequenceDiagram
    participant App as Application
    participant S3 as aws-sdk-s3 (v1.208.0)
    participant KMS as aws-sdk-kms (v1.118.0)
    participant Core as aws-sdk-core (v3.240.0)
    participant SigV4 as aws-sigv4 (v1.12.1)
    participant EventStream as aws-eventstream (v1.4.0)
    participant JMESPath as jmespath (v1.6.2)
    
    Note over App,JMESPath: Dependency Update: AWS SDK v3.240.0
    
    App->>S3: Requires aws-sdk-s3
    S3->>Core: Depends on aws-sdk-core (~> 3, >= 3.234.0)
    S3->>KMS: Depends on aws-sdk-kms (~> 1)
    S3->>SigV4: Depends on aws-sigv4 (~> 1.5)
    
    KMS->>Core: Depends on aws-sdk-core (~> 3, >= 3.239.1)
    KMS->>SigV4: Depends on aws-sigv4 (~> 1.5)
    
    Core->>EventStream: Depends on aws-eventstream (~> 1, >= 1.3.0)
    Core->>SigV4: Depends on aws-sigv4 (~> 1.9)
    Core->>JMESPath: Depends on jmespath (~> 1, >= 1.6.1)
    
    Note over Core: New dependencies added:<br/>base64, bigdecimal, logger
    
    SigV4->>EventStream: Depends on aws-eventstream (~> 1, >= 1.0.2)
    
    Note over App,JMESPath: All dependencies updated to latest compatible versions

Loading

▶️ ⚡ AI Code Reviews for VS Code, Cursor, Windsurf
Install the extension

Note for Windsurf

Please change the default marketplace provider to the following in the windsurf settings:

Marketplace Extension Gallery Service URL: https://marketplace.visualstudio.com/_apis/public/gallery

Marketplace Gallery Item URL: https://marketplace.visualstudio.com/items

Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts below

Emoji Descriptions:

• ⚠️ Potential Issue - May require further investigation.
• 🔒 Security Vulnerability - Fix to ensure system safety.
• 💻 Code Improvement - Suggestions to enhance code quality.
• 🔨 Refactor Suggestion - Recommendations for restructuring code.
• ℹ️ Others - General comments and information.

Interact with the Bot:

• Send a message or request using the format:
  @entelligenceai + *your message*

Example: @entelligenceai Can you suggest improvements for this code?

• Help the Bot learn by providing feedback on its responses.
  @entelligenceai + *feedback*

Example: @entelligenceai Do not comment on `save_auth` function !

Also you can trigger various commands with the bot by doing
@entelligenceai command

The current supported commands are

1. config - shows the current config
2. retrigger_review - retriggers the review

More commands to be added soon.