chore: bump deps & document upstream test (aws#646)

* chore: bump deps & document upstream test

* chore: remove upstream py37 from GHW

Author: texastony

Diff for: .github/workflows/ci_test-vector-handler.yaml

@@ -37,7 +37,7 @@ jobs:
           - os: macos-latest
             architecture: x86
     steps:
-      - uses: aws-actions/configure-aws-credentials@v1
+      - uses: aws-actions/configure-aws-credentials@v4
         with:
           aws-access-key-id: ${{ secrets.INTEG_AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.INTEG_AWS_SECRET_ACCESS_KEY }}

Diff for: .github/workflows/ci_tests.yaml

@@ -64,26 +64,6 @@ jobs:
         env:
           TOXENV: ${{ matrix.category }}
         run: tox -- -vv
-  upstream-py37:
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: true
-      matrix:
-        category:
-          - nocmk
-          - test-upstream-requirements-py37
-    steps:
-        - uses: actions/checkout@v4
-        - uses: actions/setup-python@v4
-          with:
-            python-version: 3.7
-        - run: |
-            python -m pip install --upgrade pip
-            pip install --upgrade -r dev_requirements/ci-requirements.txt
-        - name: run test
-          env:
-            TOXENV: ${{ matrix.category }}
-          run: tox -- -vv
   upstream-py311:
     runs-on: ubuntu-latest
     strategy:

Diff for: dev_requirements/linter-requirements.txt

@@ -1,5 +1,5 @@
 bandit==1.7.4
-black==22.3.0
+black==24.2.0
 doc8==0.10.1
 flake8==4.0.1
 flake8-bugbear==22.9.11
@@ -10,4 +10,4 @@ pyflakes==2.4.0
 pylint==2.13.5
 readme_renderer==37.3
 seed-isort-config==2.2.0
-vulture==2.6
+vulture==2.9.1

Diff for: test/upstream-requirements-py311.txt

@@ -3,7 +3,7 @@ boto3==1.26.54
 botocore==1.29.54
 cffi==1.15.1
 coverage==7.0.5
-cryptography==41.0.6
+cryptography==42.0.4
 iniconfig==2.0.0
 jmespath==1.0.1
 mock==4.0.3

Diff for: test/upstream-requirements-py37.txt

@@ -0,0 +1,7 @@
+AWS Crypto Tools maintains `test/upstream-requirements-py<VERSION>.txt` in our Python products such that 
+our Cryptographic Primitive Provider for Python ([pyca/cryptography](https://github.com/pyca/cryptography))
+may execute downstream tests against AWS Crypto Tools Python products.
+These files allow pyca to install and test the Crypto Tools products.
+Additionally, Crypto Tools should maintain a test configuration that can be completed without using any AWS resources.
+If Crypto Tools needs to contact pyca about this expectation,
+they should cut a issue to the pyca/cryptography repo.

Diff for: test/upstream.md

@@ -94,15 +94,6 @@ recreate = True
 deps =
 commands = {toxinidir}/test/freeze-upstream-requirements.sh
 
-# Freeze for Python 3.7
-[testenv:freeze-upstream-requirements-py37]
-basepython = python3.7
-sitepackages = {[testenv:freeze-upstream-requirements-base]sitepackages}
-skip_install = {[testenv:freeze-upstream-requirements-base]skip_install}
-recreate = {[testenv:freeze-upstream-requirements-base]recreate}
-deps = {[testenv:freeze-upstream-requirements-base]deps}
-commands = {[testenv:freeze-upstream-requirements-base]commands} test/upstream-requirements-py37.txt
-
 # Freeze for Python 3.11
 [testenv:freeze-upstream-requirements-py311]
 basepython = python3.11
@@ -118,14 +109,6 @@ sitepackages = False
 recreate = True
 commands = {[testenv:base-command]commands} test/ -m local
 
-# Test frozen upstream requirements for Python 3.7
-[testenv:test-upstream-requirements-py37]
-basepython = python3.7
-deps = -rtest/upstream-requirements-py37.txt
-sitepackages = {[testenv:test-upstream-requirements-base]sitepackages}
-recreate = {[testenv:test-upstream-requirements-base]recreate}
-commands = {[testenv:test-upstream-requirements-base]commands}
-
 # Test frozen upstream requirements for Python 3.11
 [testenv:test-upstream-requirements-py311]
 basepython = python3.11