chore(deps): bump aiobotocore from 3.3.0 to 3.7.0

[dependabot]

Bumps aiobotocore from 3.3.0 to 3.7.0.

Release notes

Sourced from aiobotocore's releases.

3.7.0

• replace per-PR CHANGES.rst / __init__.py ceremony with an AI-drafted release flow: contributors no longer touch version or changelog files; a workflow-triggered agent synthesizes merged PRs into a release PR at release time (closes #1167) (#1592)
• add AioSession.warm_up_loader_caches() and warm_up_loader_caches option in AioConfig to pre-populate botocore loader caches off the event loop, avoiding blocking file I/O on first client/waiter/paginator use (closes #1199) (#1462)
• fix race condition in AioAssumeRoleProvider._visited_profiles causing false InfiniteLoopConfigError under concurrent async usage (closes #1455) (#1537)
• fall back to synchronous subprocess.run (via asyncio.to_thread) for credential_process when the running event loop does not implement subprocess transports — notably asyncio.SelectorEventLoop on Windows (closes #1415) (#1588)

3.6.0

What's Changed

• Relax botocore dependency specification by @​jakob-keller in aio-libs/aiobotocore#1578
• Relax botocore dependency specification by @​jakob-keller in aio-libs/aiobotocore#1579

• Bump actions/cache from 5.0.4 to 5.0.5 by @​dependabot[bot] in aio-libs/aiobotocore#1575
• Bump packaging from 26.0 to 26.1 by @​dependabot[bot] in aio-libs/aiobotocore#1576
• Bump anthropics/claude-code-action from 1.0.101 to 1.0.105 by @​dependabot[bot] in aio-libs/aiobotocore#1580
• Bump anthropic from 0.96.0 to 0.97.0 by @​dependabot[bot] in aio-libs/aiobotocore#1581
• ci(claude): skip dependabot and fork PRs in pull_request trigger by @​thehesiod in aio-libs/aiobotocore#1582
• Revert pull_request → pull_request_target switch (App token 401) by @​thehesiod in aio-libs/aiobotocore#1583

Full Changelog: aio-libs/aiobotocore@3.5.0...3.6.0

3.5.0

What's Changed

• Relax botocore dependency specification by @​claude[bot] in aio-libs/aiobotocore#1546
• Bump botocore dependency specification by @​claude[bot] in aio-libs/aiobotocore#1571

• Fix sync prompt template vars, add MCP commit fallback by @​thehesiod in aio-libs/aiobotocore#1523
• Fix Claude bot failing on issue comments by @​thehesiod in aio-libs/aiobotocore#1536
• Add dev environment to Claude CI workflow by @​thehesiod in aio-libs/aiobotocore#1538
• Bump cryptography from 46.0.6 to 46.0.7 in the uv group across 1 directory by @​dependabot[bot] in aio-libs/aiobotocore#1541
• Bump anthropics/claude-code-action from 1.0.75 to 1.0.87 by @​dependabot[bot] in aio-libs/aiobotocore#1542
• Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 by @​dependabot[bot] in aio-libs/aiobotocore#1543

... (truncated)

Changelog

Sourced from aiobotocore's changelog.

3.7.0 (2026-05-09) ^^^^^^^^^^^^^^^^^^

• replace per-PR CHANGES.rst / __init__.py ceremony with an AI-drafted release flow: contributors no longer touch version or changelog files; a workflow-triggered agent synthesizes merged PRs into a release PR at release time (closes #1167) (#1592)
• add AioSession.warm_up_loader_caches() and warm_up_loader_caches option in AioConfig to pre-populate botocore loader caches off the event loop, avoiding blocking file I/O on first client/waiter/paginator use (closes #1199) (#1462)
• fix race condition in AioAssumeRoleProvider._visited_profiles causing false InfiniteLoopConfigError under concurrent async usage (closes #1455) (#1537)
• fall back to synchronous subprocess.run (via asyncio.to_thread) for credential_process when the running event loop does not implement subprocess transports — notably asyncio.SelectorEventLoop on Windows (closes #1415) (#1588)

3.6.0 (2026-04-30) ^^^^^^^^^^^^^^^^^^

• relax botocore dependency specification to support "botocore >= 1.42.90, < 1.43.1"
• drop support for Python 3.9 (EOL)

3.5.0 (2026-04-19) ^^^^^^^^^^^^^^^^^^

• bump botocore dependency specification to support "botocore >= 1.42.90, < 1.42.92"

3.4.0 (2026-04-07) ^^^^^^^^^^^^^^^^^^

• bump botocore dependency specification to support "botocore >= 1.42.79, < 1.42.85"

Commits

• d232742 Release v3.7.0 (#1595)
• 0fb20e5 fix(draft-release): tighten window boundary + unique-PR count (#1597)
• e8bb50e docs(CLAUDE.md): canonical branch-creation pattern for Claude workflows (#1596)
• b8c2266 fix(draft-release): provision uv + Python in workflow (#1594)
• 392dfce feat: AI-drafted release flow (closes #1167) (#1592)
• 0cbf437 chore(release): consolidate unreleased 3.6.1/3.7.0/3.7.1 into 3.7.0 (#1593)
• e332cd4 fix: credential_process on Windows + Selector event loop (closes #1415) (#1588)
• 4d1dbad Bump anthropics/claude-code-action from 1.0.105 to 1.0.111 (#1584)
• bc3c5b5 Support warm-up of loader caches (#1462)
• 804cf28 Bump pre-commit from 4.5.1 to 4.6.0 (#1586)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)