Bump version to 2.36.0 (#6495)

* Set the RESOLVED_ACCOUNT_ID (T) user-agent metric only when accountID is actually resolved from credentials (#6472)

* Timestream InfluxDB Update: This release adds support for creating and managing InfluxDB 3 Core and Enterprise DbClusters.

* Amazon GuardDuty Update: Added default pagination value for ListMalwareProtectionPlans API and updated UpdateFindingsFeedback API

* Amazon DocumentDB with MongoDB compatibility Update: Add support for NetworkType field in CreateDbCluster, ModifyDbCluster, RestoreDbClusterFromSnapshot and RestoreDbClusterToPointInTime for DocumentDB.

* Amazon Elastic Compute Cloud Update: Introducing EC2 Capacity Manager for monitoring and analyzing capacity usage across On-Demand Instances, Spot Instances, and Capacity Reservations.

* Elastic Load Balancing Update: This release expands Listener Rule Conditions to support RegexValues and adds support for a new Transforms field in Listener Rules.

* Amazon Lightsail Update: Add support for manage Lightsail Bucket CORS configuration

* Amazon Bedrock Update: Amazon Bedrock Automated Reasoning Policy now offers enhanced AWS KMS integration. The CreateAutomatedReasoningPolicy API includes a new kmsKeyId field, allowing customers to specify their preferred KMS key for encryption, improving control and compliance with AWS encryption mandates.

* Updated endpoints.json and partitions.json.

* Release 2.35.8. Updated CHANGELOG.md, README.md and all pom.xml.

* Update to next snapshot version: 2.35.9-SNAPSHOT

* Add tests to verify legacy signer code path (#6473)

* Add more auth and signer tests and refactor existing tests

* Fix tests

* Mixed version compatibility detection (#6477)

* Add mixed version compatibility detection workflow

- Detects changes to base classes (AwsRequest, AwsResponse, SdkPojo, etc.)
- Requires manual review via 'mixed-version-compatibility-reviewed' label
- Prevents merge until team approves compatibility impact

* Improve mixed version detection: filter false positives

- Filter out comments containing 'public.*(' patterns
- Filter out string literals with 'public.*(' patterns
- Filter out javadoc examples with 'public.*(' patterns
- Reduces noise while maintaining detection accuracy

* Fix false positive filtering for block comments

Add filtering for block comments that start with /*
This should catch patterns like: /* Example usage: public void method() */

* Address feedback: show only changed class names in error message

- Extract class names from actually changed files, not all possible files
- Makes error message dynamic and specific to detected changes
- Addresses maintainability concern from code review

* Add comments, expand exclusion of patterns

* Bump version to 2.36.0

Bumping the version to release #6466.

---------

Co-authored-by: Alex Woods <[email protected]>
Co-authored-by: AWS <>
Co-authored-by: aws-sdk-java-automation <[email protected]>
Co-authored-by: Zoe Wang <[email protected]>
Co-authored-by: Ran Vaknin <[email protected]>

Author: 5 people

.changes/2.35.0.json .changes/2.35.x/2.35.0.json.changes/2.35.0.json renamed to .changes/2.35.x/2.35.0.json

@@ -0,0 +1,60 @@
+{
+    "version": "2.35.8",
+    "date": "2025-10-15",
+    "entries": [
+        {
+            "type": "bugfix",
+            "category": "AWS SDK for Java v2",
+            "contributor": "",
+            "description": "Set the RESOLVED_ACCOUNT_ID (T) user-agent metric only when accountID is actually resolved from credentials."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon Bedrock",
+            "contributor": "",
+            "description": "Amazon Bedrock Automated Reasoning Policy now offers enhanced AWS KMS integration. The CreateAutomatedReasoningPolicy API includes a new kmsKeyId field, allowing customers to specify their preferred KMS key for encryption, improving control and compliance with AWS encryption mandates."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon DocumentDB with MongoDB compatibility",
+            "contributor": "",
+            "description": "Add support for NetworkType field in CreateDbCluster, ModifyDbCluster, RestoreDbClusterFromSnapshot and RestoreDbClusterToPointInTime for DocumentDB."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon Elastic Compute Cloud",
+            "contributor": "",
+            "description": "Introducing EC2 Capacity Manager for monitoring and analyzing capacity usage across On-Demand Instances, Spot Instances, and Capacity Reservations."
+        },
+        {
+            "type": "feature",
+            "category": "Amazon GuardDuty",
+            "contributor": "",
+            "description": "Added default pagination value for ListMalwareProtectionPlans API and updated UpdateFindingsFeedback API"
+        },
+        {
+            "type": "feature",
+            "category": "Amazon Lightsail",
+            "contributor": "",
+            "description": "Add support for manage Lightsail Bucket CORS configuration"
+        },
+        {
+            "type": "feature",
+            "category": "Elastic Load Balancing",
+            "contributor": "",
+            "description": "This release expands Listener Rule Conditions to support RegexValues and adds support for a new Transforms field in Listener Rules."
+        },
+        {
+            "type": "feature",
+            "category": "Timestream InfluxDB",
+            "contributor": "",
+            "description": "This release adds support for creating and managing InfluxDB 3 Core and Enterprise DbClusters."
+        },
+        {
+            "type": "feature",
+            "category": "AWS SDK for Java v2",
+            "contributor": "",
+            "description": "Updated endpoint and partition metadata."
+        }
+    ]
+}

.changes/2.35.1.json .changes/2.35.x/2.35.1.json.changes/2.35.1.json renamed to .changes/2.35.x/2.35.1.json

@@ -0,0 +1,104 @@
+name: Mixed Version Compatibility Review
+
+permissions:
+  contents: read
+  pull-requests: read
+
+on:
+  merge_group:
+  pull_request:
+    types: [ opened, synchronize, reopened, labeled, unlabeled ]
+    branches:
+      - master
+
+jobs:
+  mixed-version-compatibility-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      
+      - name: Check for mixed version compatibility risks
+        id: compatibility-check
+        run: |
+          git fetch origin ${{ github.base_ref }} --depth 1
+          
+          # Define the specific base class files that are risky for mixed versions
+          BASE_CLASS_FILES="core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsRequest.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsResponse.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsResponseMetadata.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/exception/AwsServiceException.java
+          core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkPojo.java"
+          
+          # Check if any of the base class files were modified
+          CHANGED_BASE_FILES=$(git diff --name-only remotes/origin/${{ github.base_ref }} -- $BASE_CLASS_FILES || true)
+          
+          if [ -z "$CHANGED_BASE_FILES" ]; then
+            echo "No base class changes detected."
+            echo "has_risk=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+          
+          echo "Base class changes detected in:"
+          echo "$CHANGED_BASE_FILES"
+          
+          # Look for new public methods in the changed base class files
+          # Filter out obvious false positives: comments, string literals, javadoc
+          NEW_METHODS=$(git diff remotes/origin/${{ github.base_ref }} -- $BASE_CLASS_FILES | \
+          
+          grep '^+.*public.*(' | \                # Find lines with new public methods
+          grep -v '^+[[:space:]]*//.*' | \        # Line comments  
+          grep -v '^+[[:space:]]*\*.*' | \        # Javadoc lines
+          grep -v '^+[[:space:]]*/\*.*' || true   # Block comments
+          
+          if [ -n "$NEW_METHODS" ]; then
+            echo "::warning::New public methods detected in base classes:"
+            echo "$NEW_METHODS" | while read line; do
+              echo "::warning::$line"
+            done
+            echo "has_risk=true" >> $GITHUB_OUTPUT
+            echo "risk_type=new_methods" >> $GITHUB_OUTPUT
+          else
+            echo "::warning::Base class files modified but no new public methods detected"
+            echo "has_risk=true" >> $GITHUB_OUTPUT  
+            echo "risk_type=other_changes" >> $GITHUB_OUTPUT
+          fi
+      
+      - name: Fail if compatibility risks found without approval
+        if: ${{ steps.compatibility-check.outputs.has_risk == 'true' && !contains(github.event.pull_request.labels.*.name, 'mixed-version-compatibility-reviewed') }}
+        run: |
+          # Define the base class files
+          BASE_CLASS_FILES="core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsRequest.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsResponse.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/AwsResponseMetadata.java
+          core/aws-core/src/main/java/software/amazon/awssdk/awscore/exception/AwsServiceException.java
+          core/sdk-core/src/main/java/software/amazon/awssdk/core/SdkPojo.java"
+          
+          # Extract class names from the actually changed files
+          CHANGED_BASE_FILES=$(git diff --name-only remotes/origin/${{ github.base_ref }} -- $BASE_CLASS_FILES || true)
+          CHANGED_CLASS_NAMES=$(echo "$CHANGED_BASE_FILES" | sed 's|.*/||' | sed 's|\.java||' | paste -sd ',' - | sed 's/,/, /g')
+          
+          echo "::error::Mixed version compatibility risk detected!"
+          echo "::error::Changes were made to base classes that generated service code implements:"
+          echo "::error::- $CHANGED_CLASS_NAMES"
+          echo "::error::"
+          echo "::error::This may break customers using mixed SDK versions if:"
+          echo "::error::- New methods are added with UnsupportedOperationException defaults"
+          echo "::error::- Core behavior changes invoke existing methods in new ways"
+          echo "::error::- Interface contracts change in subtle ways"
+          echo "::error::"
+          echo "::error::Please review with the team for mixed version impact and add"
+          echo "::error::'mixed-version-compatibility-reviewed' label after approval."
+          echo "::error::"
+          echo "::error::If this introduces compatibility issues, consider:"
+          echo "::error::- Bumping minor version"
+          echo "::error::- Documenting compatibility impact in release notes"
+          echo "::error::- Ensuring older service modules can handle the changes"
+          exit 1
+      
+      - name: Success message when approved
+        if: ${{ steps.compatibility-check.outputs.has_risk == 'true' && contains(github.event.pull_request.labels.*.name, 'mixed-version-compatibility-reviewed') }}
+        run: |
+          echo "✅ Mixed version compatibility risk detected but approved for merge"
+          echo "Base class changes have been reviewed and approved by the team"