v2.4.0-rc.1

Turtdle · Turtdle · commit 9654742d5aca · 2026-06-08T11:36:12.000-07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,27 @@
 # Changelog
 
+## v2.4.0-rc.1 [2026-06-08]
+
+__What's New:__
+
+* Added `awsstsjwt` federation provider support (OIDC-based AWS federation via STS `GetWebIdentityToken`)
+
+__Enhancements:__
+
+* Updated federation provider help text to list all valid providers including `awsstsjwt` parameter format
+
+__Bug Fixes:__
+
+* Added per-profile file locking to prevent concurrent duplicate checkouts
+
+__Dependencies:__
+
+* Bumped `britive` SDK requirement from `>=4.1.2` to `>=4.6.0`
+
+__Other:__
+
+* None
+
 ## v2.3.2 [2026-04-07]
 
 __What's New:__
diff --git a/docs/index.md b/docs/index.md
@@ -266,7 +266,8 @@ At feature launch the following types of identity providers are supported for wo
 `pybritive` offers some native integrations with the following services.
 
 * Github Actions
-* AWS
+* AWS (STS)
+* AWS (STS via OIDC JWT)
 * Bitbucket
 * Azure System Assigned Managed Identities
 * Azure User Assigned Managed Identities
@@ -318,6 +319,24 @@ pybritive checkout "profile" --federation-provider aws-profile_expirationseconds
 pybritive checkout "profile" --federation-provider aws_expirationseconds
 ```
 
+#### AWS STS via OIDC (JWT)
+
+```sh
+# use awsstsjwt with an AWS CLI profile, audience, signing algorithm, and duration
+# format: awsstsjwt-<profile>|<audience>|<signing_algorithm>|<duration_seconds>
+pybritive checkout "profile" --federation-provider awsstsjwt-myprofile|sts.amazonaws.com|RS256|3600
+
+# use awsstsjwt with only an AWS CLI profile (other params use defaults)
+pybritive checkout "profile" --federation-provider awsstsjwt-myprofile
+
+# use awsstsjwt without an AWS CLI profile (source credentials via the standard credential discovery process)
+pybritive checkout "profile" --federation-provider awsstsjwt
+```
+
+The `awsstsjwt` provider uses the AWS STS `AssumeRoleWithWebIdentity` API to federate using an OIDC JWT token.
+Parameters are pipe-delimited in the format `awsstsjwt-<profile>|<audience>|<signing_algorithm>|<duration_seconds>`.
+All parameters after the profile are optional.
+
 #### Bitbucket
 
 > _note: no additional options are available for bitbucket._
diff --git a/src/pybritive/__init__.py b/src/pybritive/__init__.py
@@ -1 +1 @@
-__version__ = '2.3.2'
+__version__ = '2.4.0-rc.1'

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-__version__ = '2.3.2'`
	`1`	`+__version__ = '2.4.0-rc.1'`