Sourced from aws-lambda-powertools[tracer]'s releases.

v3.19.0

Summary

This release adds support for fetching multiple secrets from AWS Secrets Manager in a single API call.

We also fixed a critical bug when working with Data validation and Middleware in our Event Handler utility.

⭐️ Congrats to @​dap0am and @​trevmt for contributing to this project for the first time!

Fetching multiple secrets

Docs

You can fetch multiple secrets from Secrets Manager in a single API call using get_secrets_by_name. This reduces the number of API calls and improves performance when you need to retrieve several secrets at once. This new method allows you to retrieve up to 20 secrets per call with filtering, lower AWS costs, and improved error resilience.

Working with Data Validation and Middleware

We have split OpenAPI validation into two phases, so you now benefit from:

• Request validation runs before any business logic, checking only incoming requests.
• Response validation runs only on actual endpoint responses.

This change ensures that only real endpoint responses go through schema validation, preventing errors from control flow responses (401, 403, 429) returned by other middlewares.

Read more about this change here

Changes

• refactor(parser): Improve ALB models with examples and descriptions (#7100) by @​leandrodamascena
• refactor(parser): Improve Kinesis models with examples and descriptions (#7092) by @​leandrodamascena
• refactor(parser): Improve EventBridge models with examples and descriptions (#7090) by @​leandrodamascena

🌟New features and non-breaking changes

• feat(parameters): add support for retrieving batch of secrets (#7058) by @​leandrodamascena

📜 Documentation updates

• docs(logger): fix typo in sampling examples (#7133) by @​trevmt
• docs(maintainers): improve release process documentation (#7088) by @​leandrodamascena
• docs(event_handler): improve routing rules syntax documentation (#7094) by @​dap0am

🐛 Bug and hot fixes

• fix(parameters): fix _transform_and_cache_get_parameters_response (#7083) by @​ericbn

... (truncated)

Sourced from aws-lambda-powertools[tracer]'s changelog.

[v3.19.0] - 2025-08-12

Bug Fixes

• event_handler: split OpenAPI validation to respect middleware returns (#7050)
• parameters: fix _transform_and_cache_get_parameters_response (#7083)

Code Refactoring

• parser: Improve ALB models with examples and descriptions (#7100)
• parser: Improve Kinesis models with examples and descriptions (#7092)
• parser: Improve EventBridge models with examples and descriptions (#7090)

Documentation

• event_handler: improve routing rules syntax documentation (#7094)
• logger: fix typo in sampling examples (#7133)
• maintainers: improve release process documentation (#7088)

Features

• parameters: add support for retrieving batch of secrets (#7058)

Maintenance

• version bump
• ci: new pre-release 3.18.1a6 (#7134)
• ci: new pre-release 3.18.1a5 (#7114)
• ci: new pre-release 3.18.1a1 (#7077)
• ci: new pre-release 3.18.1a0 (#7068)
• ci: new pre-release 3.18.1a9 (#7155)
• ci: new pre-release 3.18.1a8 (#7147)
• ci: new pre-release 3.18.1a3 (#7097)
• ci: new pre-release 3.18.1a7 (#7141)
• ci: new pre-release 3.18.1a2 (#7085)
• ci: new pre-release 3.18.1a4 (#7105)
• deps: bump mkdocs-llmstxt from 0.3.0 to 0.3.1 (#7112)
• deps: bump squidfunk/mkdocs-material from 0bfdba4 to bb7b015 in /docs (#7059)
• deps: bump redis from 6.3.0 to 6.4.0 (#7140)
• deps: bump actions/checkout from 4.2.2 to 5.0.0 (#7154)
• deps: bump aws-powertools/actions from 1.3.0 to 1.4.0 (#7104)
• deps: bump actions/download-artifact from 4.3.0 to 5.0.0 (#7126)
• deps: bump aws-powertools/actions from 1.1.0 to 1.3.0 (#7061)
• deps: bump aws-actions/configure-aws-credentials from 4.2.1 to 4.3.0 (#7103)
• deps: bump aws-actions/configure-aws-credentials from 59b441846ad109fa4a1549b73ef4e149c4bfb53b to aa1f74b81b53cb3adb28afcdb21d7b9f3fceea98 (#7113)
• deps: bump redis from 6.2.0 to 6.3.0 (#7108)
• deps: bump mkdocs-material from 9.6.15 to 9.6.16 in /docs (#7060)
• deps: bump mkdocs-llmstxt from 0.3.0 to 0.3.1 (#7130)
• deps: bump mkdocs-material from 9.6.15 to 9.6.16 (#7065)
• deps-dev: bump boto3-stubs from 1.40.2 to 1.40.3 (#7111)
• deps-dev: bump cfn-lint from 1.38.1 to 1.38.2 (#7109)

... (truncated)

• 2942073 chore: version bump
• eee8e38 chore(ci): new pre-release 3.18.1a9 (#7155)
• c15fadc chore(deps-dev): bump boto3-stubs from 1.40.6 to 1.40.7 (#7153)
• fb4af31 chore(deps-dev): bump types-python-dateutil from 2.9.0.20250708 to 2.9.0.2025...
• a1b1782 chore(deps-dev): bump coverage from 7.10.2 to 7.10.3 (#7152)
• 6e423f3 chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#7154)
• ec8b27a chore(deps-dev): bump types-protobuf from 6.30.2.20250703 to 6.30.2.20250809 ...
• effb662 chore(ci): changelog rebuild (#7148)
• 0c39d31 chore(deps-dev): bump boto3-stubs from 1.40.5 to 1.40.6 (#7143)
• 8dfaa89 chore(ci): new pre-release 3.18.1a8 (#7147)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)