Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github-aws-runners/terraform-aws-github-runner
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.10.1
Choose a base ref
...
head repository: github-aws-runners/terraform-aws-github-runner
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v7.0.0
Choose a head ref
  • 20 commits
  • 135 files changed
  • 11 contributors

Commits on Dec 3, 2025

  1. fix(lambda): bump the aws group in /lambdas with 7 updates (#4924) 

    Bumps the aws group in /lambdas with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[@aws-sdk/client-ec2](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ec2)
| `3.938.0` | `3.940.0` |
|
[@aws-sdk/client-ssm](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ssm)
| `3.936.0` | `3.940.0` |
|
[@aws-sdk/types](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/types)
| `3.930.0` | `3.936.0` |
|
[@aws-sdk/client-sqs](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sqs)
| `3.936.0` | `3.940.0` |
|
[@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3)
| `3.937.0` | `3.940.0` |
|
[@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage)
| `3.937.0` | `3.940.0` |
|
[@aws-sdk/client-eventbridge](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-eventbridge)
| `3.936.0` | `3.940.0` |

Updates `@aws-sdk/client-ec2` from 3.938.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-ec2</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ec2/CHANGELOG.md"><code>@​aws-sdk/client-ec2</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<h3>Features</h3>
<ul>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b06</a>)</li>
</ul>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-ec2</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352"><code>7d70b06</code></a>
feat(client-ec2): This release adds support to view Network firewall
proxy ap...</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/clients/client-ec2">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-ssm` from 3.936.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-ssm</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ssm/CHANGELOG.md"><code>@​aws-sdk/client-ssm</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-ssm</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-ssm</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/clients/client-ssm">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/types` from 3.930.0 to 3.936.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/types</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.936.0</h2>
<h4>3.936.0(2025-11-19)</h4>
<h5>New Features</h5>
<ul>
<li><strong>credential-provider-login:</strong> add login credential
provider (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7512">#7512</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2c08b1e01631e29003979b5648538996df0f6ad8">2c08b1e0</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.936.0.zip</strong></p>
<h2>v3.935.0</h2>
<h4>3.935.0(2025-11-19)</h4>
<h5>Chores</h5>
<ul>
<li><strong>codegen:</strong> update for smithy/core serde fixes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7511">#7511</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/ac2be518aa22bbc0c1899580073b433c0d3836ac">ac2be518</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-19
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/d7b51c496bae5e4373cb9603a3a43abd80dfc2aa">d7b51c49</a>)</li>
<li><strong>client-sts:</strong> IAM now supports outbound identity
federation via the STS GetWebIdentityToken API, enabling AWS workloads
to securely authenticate with external services using short-lived JSON
Web Tokens. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/f9fed01c2ac683e43296a3c82c60a1da231cc0ec">f9fed01c</a>)</li>
<li><strong>client-dynamodb:</strong> Extended Global Secondary Index
(GSI) composite keys to support up to 8 attributes. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/622ef038c5ea8ce707e72f57f9582e650c23f374">622ef038</a>)</li>
<li><strong>client-medialive:</strong> MediaLive is adding support for
MediaConnect Router by supporting a new input type called
MEDIACONNECT_ROUTER. This new input type will provide seamless encrypted
transport between MediaConnect Router and your MediaLive channel. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/1667189eeecb33a4cb76c16304ca115a355242e2">1667189e</a>)</li>
<li><strong>client-bcm-pricing-calculator:</strong> Add
GroupSharingPreference, CostCategoryGroupSharingPreferenceArn, and
CostCategoryGroupSharingPreferenceEffectiveDate to Bill Estimate. Add
GroupSharingPreference and CostCategoryGroupSharingPreferenceArn to Bill
Scenario. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e0dc140cb605b847bae2a9967f56c1e6615115f3">e0dc140c</a>)</li>
<li><strong>client-backup:</strong> Amazon GuardDuty Malware Protection
now supports AWS Backup, extending malware detection capabilities to
EC2, EBS, and S3 backups. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/498dcf3d4af9f604f3aaa22b3471c37e5ad9f517">498dcf3d</a>)</li>
<li><strong>client-connectcampaignsv2:</strong> This release added
support for ring timer configuration for campaign calls. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/1155c3c437eba06dee2d77c7f7ae2f70fe1f014f">1155c3c4</a>)</li>
<li><strong>client-ecs:</strong> Added support for Amazon ECS Managed
Instances infrastructure optimization configuration. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2ee0c3f31abe7f67e08ffedbf6fd9552a0a26cf2">2ee0c3f3</a>)</li>
<li><strong>client-ecr:</strong> Add support for ECR archival storage
class and Inspector org policy for scanning (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/ed5e232dd00ea85e75ad4144e27b406abaa53466">ed5e232d</a>)</li>
<li><strong>client-sagemaker:</strong> Added support for enhanced
metrics for SageMaker AI Endpoints. This features provides Utilization
Metrics at instance and container granularity and also provides easy
configuration of metric publish frequency from 10 sec -&gt; 5 mins (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/ad2587c7e6162aef0d68e9f89a20651c6f035b34">ad2587c7</a>)</li>
<li><strong>client-apigatewayv2:</strong> Support for API Gateway
portals and portal products. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fc064256af49eeedc9ea64e30a20114bf5821499">fc064256</a>)</li>
<li><strong>client-billingconductor:</strong> This release adds support
for Billing Transfers, enabling management of billing transfers with
billing groups on AWS Billing Conductor. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/4e32b65dbd5712a063768d02c7166febbbb79225">4e32b65d</a>)</li>
<li><strong>client-cloudwatch-logs:</strong> Adding support for ocsf
version 1.5, add optional parameter MappingVersion (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2a15be86e1c126bb8d1e748eb602edf3b6159bcb">2a15be86</a>)</li>
<li><strong>client-api-gateway:</strong> API Gateway now supports
response streaming and new security policies for REST APIs and custom
domain names. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e1d2d6b1eba60429c227e2c5e5a6803970c59c60">e1d2d6b1</a>)</li>
<li><strong>client-cost-optimization-hub:</strong> Release
ListEfficiencyMetrics API (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2b031582471976be86e70be7bd2422be89b3aa8d">2b031582</a>)</li>
<li><strong>client-bedrock-runtime:</strong> This release includes
support for Search Results. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/40ffa77a438ad33d7bb4ebc5b70d8160c25d7e01">40ffa77a</a>)</li>
<li><strong>client-cloudtrail:</strong> AWS CloudTrail now supports
Insights for data events, expanding beyond management events to
automatically detect unusual activity on data plane operations. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/f857066506ab98f31b1b6b3dd26d721b066b0241">f8570665</a>)</li>
<li><strong>client-health:</strong> Adds actionability and personas
properties to Health events exposed through DescribeEvents,
DescribeEventsForOrganization, DescribeEventDetails, and
DescribeEventTypes APIs. Adds filtering by actionabilities and personas
in EventFilter, OrganizationEventFilter, EventTypeFilter. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/c754b2426595d98f8b9b97b220cc0d7dc57a1d3f">c754b242</a>)</li>
<li><strong>client-networkflowmonitor:</strong> Added new enum value
(AWS::EKS::Cluster) for type field under MonitorLocalResource (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/6672978744f52673d746711fd4842441d99afc65">66729787</a>)</li>
<li><strong>client-invoicing:</strong> Add support for adding Billing
transfers in Invoice configuration (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2e4934904c6c7b80f5fdfd33e1be1c1dbceff20e">2e493490</a>)</li>
<li><strong>client-s3:</strong> Adds support for blocking SSE-C writes
to general purpose buckets. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/cee2e72ffbcafb34a5283c9f4779c58c02a0be59">cee2e72f</a>)</li>
<li><strong>client-network-firewall:</strong> Partner Managed Rulegroup
feature support (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2e8472d63d02d9e34aa8972f91d0787b93a31494">2e8472d6</a>)</li>
<li><strong>client-emr:</strong> Add CloudWatch Logs integration for
Spark driver, executor and step logs (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7e6e1684a26ef235e9bc4a5a22991058f69d21ee">7e6e1684</a>)</li>
<li><strong>client-fsx:</strong> Adding File Server Resource Manager
configuration to FSx Windows (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2e3c0c96aca567f518c0a80c6a14d801d787e104">2e3c0c96</a>)</li>
<li><strong>client-guardduty:</strong> Add support for scanning and
viewing scan results for backup resource types (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/231cf06b1c1d7a5a2b249b55bde3c2cd629bf8fc">231cf06b</a>)</li>
<li><strong>client-sfn:</strong> Adds support to TestState for mocked
results and exceptions, along with additional inspection data. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/1b18be75d99c17a3303409708f5a18f9f9965b80">1b18be75</a>)</li>
<li><strong>client-partnercentral-channel:</strong> Initial GA launch of
Partner Central Channel (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b77d16823e8e4d161a57489ad5091bc1db2f8134">b77d1682</a>)</li>
<li><strong>client-secrets-manager:</strong> Adds support to create,
update, retrieve, rotate, and delete managed external secrets. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/c13b6f97233fadcfcf16126b4d03e75a6cc695e2">c13b6f97</a>)</li>
<li><strong>client-iam:</strong> Added the
EnableOutboundWebIdentityFederation,
DisableOutboundWebIdentityFederation and
GetOutboundWebIdentityFederationInfo APIs for the IAM outbound
federation feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/5774faa2064753e7a5c99ff079994b870d652763">5774faa2</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/packages/types/CHANGELOG.md"><code>@​aws-sdk/types</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.935.0...v3.936.0">3.936.0</a>
(2025-11-19)</h1>
<h3>Features</h3>
<ul>
<li><strong>credential-provider-login:</strong> add login credential
provider (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/issues/7512">#7512</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2c08b1e01631e29003979b5648538996df0f6ad8">2c08b1e</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/a180cc700f630c07711ca0c823b668fe50e5123e"><code>a180cc7</code></a>
Publish v3.936.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/2c08b1e01631e29003979b5648538996df0f6ad8"><code>2c08b1e</code></a>
feat(credential-provider-login): add login credential provider (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/types/issues/7512">#7512</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.936.0/packages/types">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-sqs` from 3.936.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-sqs</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-sqs/CHANGELOG.md"><code>@​aws-sdk/client-sqs</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-sqs</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-sqs</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/clients/client-sqs">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-s3` from 3.937.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-s3</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md"><code>@​aws-sdk/client-s3</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-s3</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-s3</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/clients/client-s3">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/lib-storage` from 3.937.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/lib-storage</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md"><code>@​aws-sdk/lib-storage</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/lib-storage</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/lib-storage</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/lib/lib-storage">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-eventbridge` from 3.936.0 to 3.940.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-eventbridge</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.940.0</h2>
<h4>3.940.0(2025-11-25)</h4>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2025-11-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e27709045616337e38c5118cfb895908792b404f">e2770904</a>)</li>
<li><strong>client-network-firewall:</strong> Network Firewall release
of the Proxy feature. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/0eb20e887961327021849393df0ac5f30497ab8b">0eb20e88</a>)</li>
<li><strong>client-organizations:</strong> Add support for policy
operations on the S3_POLICY and BEDROCK_POLICY policy type. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/75e196ee52c6ec3e1fee97d715e92d9d38ad3f0d">75e196ee</a>)</li>
<li><strong>client-route-53:</strong> Adds support for new route53
feature: accelerated recovery. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dbe0a58f8de1c9919049dd9f9ea7443f4feb46c5">dbe0a58f</a>)</li>
<li><strong>client-ec2:</strong> This release adds support to view
Network firewall proxy appliances attached to an existing NAT Gateway
via DescribeNatGateways API NatGatewayAttachedAppliance structure. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/7d70b063103b71d5ae67bd2bf31ba423382e6352">7d70b063</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core/protocols:</strong> performance improvements for shape
serde traversal (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7523">#7523</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b20a25eab019b6795afc2db74f87be12e1c22bf9">b20a25ea</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>codegen:</strong> update codegen unit tests (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7525">#7525</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/e43ff44c79fd48475c0889a5fd7376991e2eae38">e43ff44c</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.940.0.zip</strong></p>
<h2>v3.939.0</h2>
<h4>3.939.0(2025-11-24)</h4>
<h5>Chores</h5>
<ul>
<li><strong>scripts:</strong> reduce api validation to packages/lib only
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7519">#7519</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/eb74d6a06c95955a11d4434a0b0e50ce760ebe25">eb74d6a0</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cloudwatch-logs:</strong> New CloudWatch Logs feature
- LogGroup Deletion Protection, a capability that allows customers to
safeguard their critical CloudWatch log groups from accidental or
unintended deletion. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/02360329959d33ca2411d666e0f96643c6ba5191">02360329</a>)</li>
<li><strong>client-cloudfront:</strong> Add TrustStore,
ConnectionFunction APIs to CloudFront SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/168505ee3412bd533b0a2d891fb2d9eedeef66a9">168505ee</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>clients:</strong> export enum objects for string shapes (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7521">#7521</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/62f648dff5c6734948740f07f2d39aa4715bca6c">62f648df</a>)</li>
<li><strong>cloudfront-signer:</strong> skip extended encoding for query
parameters in the base url (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7515">#7515</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/954d411e083c384ecc959d86f9359ea8796990ff">954d411e</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li>increase beforeAll hook timeouts (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7518">#7518</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/720ba4cd02b75b71a2a1f0c7e9f007de9b8448e3">720ba4cd</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.939.0.zip</strong></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-eventbridge/CHANGELOG.md"><code>@​aws-sdk/client-eventbridge</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.939.0...v3.940.0">3.940.0</a>
(2025-11-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-eventbridge</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.938.0...v3.939.0">3.939.0</a>
(2025-11-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-eventbridge</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/e9962f1c4512d6ea969ca621754b3db01ac54aa9"><code>e9962f1</code></a>
Publish v3.940.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/15923791acb0f527cf323c58aecd5d4bea7fff29"><code>1592379</code></a>
Publish v3.939.0</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.940.0/clients/client-eventbridge">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 3, 2025
    Configuration menu
    Copy the full SHA
    62a3a8b View commit details
    Browse the repository at this point in the history

  2. fix(lambda): bump the aws-powertools group in /lambdas with 4 updates ( 

    …#4925)

Bumps the aws-powertools group in /lambdas with 4 updates:
[@aws-lambda-powertools/parameters](https://github.com/aws-powertools/powertools-lambda-typescript),
[@aws-lambda-powertools/logger](https://github.com/aws-powertools/powertools-lambda-typescript),
[@aws-lambda-powertools/metrics](https://github.com/aws-powertools/powertools-lambda-typescript)
and
[@aws-lambda-powertools/tracer](https://github.com/aws-powertools/powertools-lambda-typescript).

Updates `@aws-lambda-powertools/parameters` from 2.28.1 to 2.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/releases"><code>@​aws-lambda-powertools/parameters</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v2.29.0</h2>
<h2>Summary</h2>
<h3>🎉 Powertools for AWS Lambda (Typescript) - Event Handler Utility is
now Generally Available (GA)</h3>
<blockquote>
<p><a
href="https://docs.aws.amazon.com/powertools/typescript/latest/features/event-handler/rest/">Docs</a></p>
</blockquote>
<p>We're excited to announce that the Event Handler utility is now
production-ready! 🚀
Event Handler provides lightweight routing to reduce boilerplate for API
Gateway REST/HTTP API, ALB and Lambda Function URLs.</p>
<blockquote>
<p>⭐ Congratulations to <a
href="https://github.com/yoshi-taka"><code>@​yoshi-taka</code></a>, <a
href="https://github.com/iamgerg"><code>@​iamgerg</code></a>, <a
href="https://github.com/fidelisojeah"><code>@​fidelisojeah</code></a>,
and <a
href="https://github.com/benthorner"><code>@​benthorner</code></a> for
their first PR merged in the project 🎉</p>
</blockquote>
<h3>Import path update</h3>
<p>With Event Handler moving to GA, the import path has changed from the
experimental namespace to a stable one.</p>
<pre lang="typescript"><code>// Before
import { Router } from
'@aws-lambda-powertools/event-handler/experimental-rest';
<p>// Now
import { Router } from
'<code>@​aws-lambda-powertools/event-handler/</code>http';
</code></pre></p>
<h3>Support for HTTP APIs, ALB, and Function URL</h3>
<p>Event Handler now supports HTTP APIs (API Gateway v2), Application
Load Balancers (ALB) and Lambda Function URL in addition to the existing
REST API and support. This means you can use the same routing API across
different AWS services, making it easier to build and migrate serverless
applications regardless of your chosen architecture.</p>
<pre lang="typescript"><code>import { Router } from
'@aws-lambda-powertools/event-handler/http';
import type {
  ALBEvent,
  APIGatewayProxyEvent,
  APIGatewayProxyEventV2,
  Context,
  LambdaFunctionURLEvent,
} from 'aws-lambda';
<p>const app = new Router();
app.get('/hello', () =&gt; {
return {
message: 'Hello Event Handler!',
};
});</p>
<p>// Works across different services without any changes
export const restApiHandler = (event: APIGatewayProxyEvent, context:
Context) =&gt;
app.resolve(event, context);</p>
<p>export const httpApiHandler = (
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/blob/main/CHANGELOG.md"><code>@​aws-lambda-powertools/parameters</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">2.29.0</a>
(2025-11-21)</h2>
<h3>Improvements</h3>
<ul>
<li><strong>commons</strong> Make trace ID access more robust (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4693">#4693</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/b26cd2c7395e55fb33a6ce719bc69b1a11004446">b26cd2c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>logger</strong> infinite loop on log buffer when item size
is max bytes (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4741">#4741</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/f0677d4f1220df6f68f9fd8ece221306fdd9b154">f0677d4</a>)</li>
<li><strong>logger</strong> not passing persistent keys to children (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4740">#4740</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eafbe13aa6ca7067c2c8329150fdf600ebca12a7">eafbe13</a>)</li>
<li><strong>event-handler</strong> moved the response mutation logic to
the <code>composeMiddleware</code> function (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4773">#4773</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2fe04e351aa4f8a104a145d3fcef7bb6d856506f">2fe04e3</a>)</li>
<li><strong>event-handler</strong> handle repeated queryString values
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4755">#4755</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/5d3cf2de5821171e968577fcb1c74d5198e153d6">5d3cf2d</a>)</li>
<li><strong>event-handler</strong> allow event handler response to
return array (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4725">#4725</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eef92ca929cd7a2551e228b20deae3b59044a0ee">eef92ca</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li><strong>logger</strong> use async local storage for logger (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4668">#4668</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/4507fccb8872975f4a3e683ec9034e7f71e67d30">4507fcc</a>)</li>
<li><strong>metrics</strong> use async local storage for metrics (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4663">#4663</a>)
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4694">#4694</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2e08f74cfe86571ef7f2388d3a028763561c11e9">2e08f74</a>)</li>
<li><strong>parser</strong> add type for values parsed by
DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8">c2bd849</a>)</li>
<li><strong>batch</strong> use async local storage for batch processing
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4700">#4700</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/67a8de7baec4a240bc5f22493a13c75289397d7c">67a8de7</a>)</li>
<li><strong>event-handler</strong> add support for ALB (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4759">#4759</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a4708925fb08da09044ea1592ea7df58e46f383d">a470892</a>)</li>
<li><strong>event-handler</strong> expose response streaming in public
API (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4743">#4743</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/be4e4e2b9f0a39210f972f22d03a382aea304f60">be4e4e2</a>)</li>
<li><strong>event-handler</strong> add first-class support for binary
responses (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4723">#4723</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/13dbcdccc3626d442f66c6037af7df88626dd9c2">13dbcdc</a>)</li>
<li><strong>event-handler</strong> Add support for HTTP APIs (API
Gateway v2) (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4714">#4714</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2f700189aef42445a229da8a0d1446e1d63423fa">2f70018</a>)</li>
</ul>
<h3>Maintenance</h3>
<ul>
<li><strong>tracer</strong> bump aws-xray-sdk-core from 3.11.0 to 3.12.0
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05">afb5678</a>)</li>
<li><strong>event-handler</strong> unflag http handler from experimental
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa">a2deb8d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/fa726e0a56f738c62fe253d96fd1f70ae696cabf"><code>fa726e0</code></a>
chore(ci): bump version to 2.29.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4802">#4802</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa"><code>a2deb8d</code></a>
chore(event-handler): unflag http handler from experimental (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8"><code>c2bd849</code></a>
feat(parser): add type for values parsed by DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05"><code>afb5678</code></a>
chore(deps): bump aws-xray-sdk-core from 3.11.0 to 3.12.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/8806cadcfada8e76ca44ec64aa5b86f2853e3e65"><code>8806cad</code></a>
docs(event-handler): added documentation for support for HTTP API, ALB
and FU...</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/d2e0fcc504de8011fe91217976d2afcf99c1bed2"><code>d2e0fcc</code></a>
chore(deps): upgrade InvokeStore to v0.2.1 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4794">#4794</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/bccd0b178aa971af8fce755001178beea1316d4b"><code>bccd0b1</code></a>
docs(event-handler): add response streaming docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4786">#4786</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2279f9b0fa1dbb6f9fa3ea7a5de076bc9edc649f"><code>2279f9b</code></a>
chore(deps): bump mkdocs-llmstxt from 0.4.0 to 0.5.0 in /docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4789">#4789</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/12c5e63cd36c574109f343e35591eacc8f2e6f2c"><code>12c5e63</code></a>
chore(deps): bump actions/checkout from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4788">#4788</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/943bb4ff23bb125170e6b62b21f193d3fb8f7318"><code>943bb4f</code></a>
docs(event-handler): update binary response docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4783">#4783</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for
<code>@​aws-lambda-powertools/parameters</code> since your current
version.</p>
</details>
<br />

Updates `@aws-lambda-powertools/logger` from 2.28.1 to 2.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/releases"><code>@​aws-lambda-powertools/logger</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v2.29.0</h2>
<h2>Summary</h2>
<h3>🎉 Powertools for AWS Lambda (Typescript) - Event Handler Utility is
now Generally Available (GA)</h3>
<blockquote>
<p><a
href="https://docs.aws.amazon.com/powertools/typescript/latest/features/event-handler/rest/">Docs</a></p>
</blockquote>
<p>We're excited to announce that the Event Handler utility is now
production-ready! 🚀
Event Handler provides lightweight routing to reduce boilerplate for API
Gateway REST/HTTP API, ALB and Lambda Function URLs.</p>
<blockquote>
<p>⭐ Congratulations to <a
href="https://github.com/yoshi-taka"><code>@​yoshi-taka</code></a>, <a
href="https://github.com/iamgerg"><code>@​iamgerg</code></a>, <a
href="https://github.com/fidelisojeah"><code>@​fidelisojeah</code></a>,
and <a
href="https://github.com/benthorner"><code>@​benthorner</code></a> for
their first PR merged in the project 🎉</p>
</blockquote>
<h3>Import path update</h3>
<p>With Event Handler moving to GA, the import path has changed from the
experimental namespace to a stable one.</p>
<pre lang="typescript"><code>// Before
import { Router } from
'@aws-lambda-powertools/event-handler/experimental-rest';
<p>// Now
import { Router } from
'<code>@​aws-lambda-powertools/event-handler/</code>http';
</code></pre></p>
<h3>Support for HTTP APIs, ALB, and Function URL</h3>
<p>Event Handler now supports HTTP APIs (API Gateway v2), Application
Load Balancers (ALB) and Lambda Function URL in addition to the existing
REST API and support. This means you can use the same routing API across
different AWS services, making it easier to build and migrate serverless
applications regardless of your chosen architecture.</p>
<pre lang="typescript"><code>import { Router } from
'@aws-lambda-powertools/event-handler/http';
import type {
  ALBEvent,
  APIGatewayProxyEvent,
  APIGatewayProxyEventV2,
  Context,
  LambdaFunctionURLEvent,
} from 'aws-lambda';
<p>const app = new Router();
app.get('/hello', () =&gt; {
return {
message: 'Hello Event Handler!',
};
});</p>
<p>// Works across different services without any changes
export const restApiHandler = (event: APIGatewayProxyEvent, context:
Context) =&gt;
app.resolve(event, context);</p>
<p>export const httpApiHandler = (
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/blob/main/CHANGELOG.md"><code>@​aws-lambda-powertools/logger</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">2.29.0</a>
(2025-11-21)</h2>
<h3>Improvements</h3>
<ul>
<li><strong>commons</strong> Make trace ID access more robust (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4693">#4693</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/b26cd2c7395e55fb33a6ce719bc69b1a11004446">b26cd2c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>logger</strong> infinite loop on log buffer when item size
is max bytes (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4741">#4741</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/f0677d4f1220df6f68f9fd8ece221306fdd9b154">f0677d4</a>)</li>
<li><strong>logger</strong> not passing persistent keys to children (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4740">#4740</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eafbe13aa6ca7067c2c8329150fdf600ebca12a7">eafbe13</a>)</li>
<li><strong>event-handler</strong> moved the response mutation logic to
the <code>composeMiddleware</code> function (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4773">#4773</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2fe04e351aa4f8a104a145d3fcef7bb6d856506f">2fe04e3</a>)</li>
<li><strong>event-handler</strong> handle repeated queryString values
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4755">#4755</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/5d3cf2de5821171e968577fcb1c74d5198e153d6">5d3cf2d</a>)</li>
<li><strong>event-handler</strong> allow event handler response to
return array (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4725">#4725</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eef92ca929cd7a2551e228b20deae3b59044a0ee">eef92ca</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li><strong>logger</strong> use async local storage for logger (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4668">#4668</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/4507fccb8872975f4a3e683ec9034e7f71e67d30">4507fcc</a>)</li>
<li><strong>metrics</strong> use async local storage for metrics (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4663">#4663</a>)
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4694">#4694</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2e08f74cfe86571ef7f2388d3a028763561c11e9">2e08f74</a>)</li>
<li><strong>parser</strong> add type for values parsed by
DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8">c2bd849</a>)</li>
<li><strong>batch</strong> use async local storage for batch processing
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4700">#4700</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/67a8de7baec4a240bc5f22493a13c75289397d7c">67a8de7</a>)</li>
<li><strong>event-handler</strong> add support for ALB (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4759">#4759</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a4708925fb08da09044ea1592ea7df58e46f383d">a470892</a>)</li>
<li><strong>event-handler</strong> expose response streaming in public
API (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4743">#4743</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/be4e4e2b9f0a39210f972f22d03a382aea304f60">be4e4e2</a>)</li>
<li><strong>event-handler</strong> add first-class support for binary
responses (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4723">#4723</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/13dbcdccc3626d442f66c6037af7df88626dd9c2">13dbcdc</a>)</li>
<li><strong>event-handler</strong> Add support for HTTP APIs (API
Gateway v2) (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4714">#4714</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2f700189aef42445a229da8a0d1446e1d63423fa">2f70018</a>)</li>
</ul>
<h3>Maintenance</h3>
<ul>
<li><strong>tracer</strong> bump aws-xray-sdk-core from 3.11.0 to 3.12.0
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05">afb5678</a>)</li>
<li><strong>event-handler</strong> unflag http handler from experimental
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa">a2deb8d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/fa726e0a56f738c62fe253d96fd1f70ae696cabf"><code>fa726e0</code></a>
chore(ci): bump version to 2.29.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4802">#4802</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa"><code>a2deb8d</code></a>
chore(event-handler): unflag http handler from experimental (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8"><code>c2bd849</code></a>
feat(parser): add type for values parsed by DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05"><code>afb5678</code></a>
chore(deps): bump aws-xray-sdk-core from 3.11.0 to 3.12.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/8806cadcfada8e76ca44ec64aa5b86f2853e3e65"><code>8806cad</code></a>
docs(event-handler): added documentation for support for HTTP API, ALB
and FU...</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/d2e0fcc504de8011fe91217976d2afcf99c1bed2"><code>d2e0fcc</code></a>
chore(deps): upgrade InvokeStore to v0.2.1 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4794">#4794</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/bccd0b178aa971af8fce755001178beea1316d4b"><code>bccd0b1</code></a>
docs(event-handler): add response streaming docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4786">#4786</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2279f9b0fa1dbb6f9fa3ea7a5de076bc9edc649f"><code>2279f9b</code></a>
chore(deps): bump mkdocs-llmstxt from 0.4.0 to 0.5.0 in /docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4789">#4789</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/12c5e63cd36c574109f343e35591eacc8f2e6f2c"><code>12c5e63</code></a>
chore(deps): bump actions/checkout from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4788">#4788</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/943bb4ff23bb125170e6b62b21f193d3fb8f7318"><code>943bb4f</code></a>
docs(event-handler): update binary response docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4783">#4783</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​aws-lambda-powertools/logger</code>
since your current version.</p>
</details>
<br />

Updates `@aws-lambda-powertools/metrics` from 2.28.1 to 2.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/releases"><code>@​aws-lambda-powertools/metrics</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v2.29.0</h2>
<h2>Summary</h2>
<h3>🎉 Powertools for AWS Lambda (Typescript) - Event Handler Utility is
now Generally Available (GA)</h3>
<blockquote>
<p><a
href="https://docs.aws.amazon.com/powertools/typescript/latest/features/event-handler/rest/">Docs</a></p>
</blockquote>
<p>We're excited to announce that the Event Handler utility is now
production-ready! 🚀
Event Handler provides lightweight routing to reduce boilerplate for API
Gateway REST/HTTP API, ALB and Lambda Function URLs.</p>
<blockquote>
<p>⭐ Congratulations to <a
href="https://github.com/yoshi-taka"><code>@​yoshi-taka</code></a>, <a
href="https://github.com/iamgerg"><code>@​iamgerg</code></a>, <a
href="https://github.com/fidelisojeah"><code>@​fidelisojeah</code></a>,
and <a
href="https://github.com/benthorner"><code>@​benthorner</code></a> for
their first PR merged in the project 🎉</p>
</blockquote>
<h3>Import path update</h3>
<p>With Event Handler moving to GA, the import path has changed from the
experimental namespace to a stable one.</p>
<pre lang="typescript"><code>// Before
import { Router } from
'@aws-lambda-powertools/event-handler/experimental-rest';
<p>// Now
import { Router } from
'<code>@​aws-lambda-powertools/event-handler/</code>http';
</code></pre></p>
<h3>Support for HTTP APIs, ALB, and Function URL</h3>
<p>Event Handler now supports HTTP APIs (API Gateway v2), Application
Load Balancers (ALB) and Lambda Function URL in addition to the existing
REST API and support. This means you can use the same routing API across
different AWS services, making it easier to build and migrate serverless
applications regardless of your chosen architecture.</p>
<pre lang="typescript"><code>import { Router } from
'@aws-lambda-powertools/event-handler/http';
import type {
  ALBEvent,
  APIGatewayProxyEvent,
  APIGatewayProxyEventV2,
  Context,
  LambdaFunctionURLEvent,
} from 'aws-lambda';
<p>const app = new Router();
app.get('/hello', () =&gt; {
return {
message: 'Hello Event Handler!',
};
});</p>
<p>// Works across different services without any changes
export const restApiHandler = (event: APIGatewayProxyEvent, context:
Context) =&gt;
app.resolve(event, context);</p>
<p>export const httpApiHandler = (
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/blob/main/CHANGELOG.md"><code>@​aws-lambda-powertools/metrics</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">2.29.0</a>
(2025-11-21)</h2>
<h3>Improvements</h3>
<ul>
<li><strong>commons</strong> Make trace ID access more robust (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4693">#4693</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/b26cd2c7395e55fb33a6ce719bc69b1a11004446">b26cd2c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>logger</strong> infinite loop on log buffer when item size
is max bytes (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4741">#4741</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/f0677d4f1220df6f68f9fd8ece221306fdd9b154">f0677d4</a>)</li>
<li><strong>logger</strong> not passing persistent keys to children (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4740">#4740</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eafbe13aa6ca7067c2c8329150fdf600ebca12a7">eafbe13</a>)</li>
<li><strong>event-handler</strong> moved the response mutation logic to
the <code>composeMiddleware</code> function (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4773">#4773</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2fe04e351aa4f8a104a145d3fcef7bb6d856506f">2fe04e3</a>)</li>
<li><strong>event-handler</strong> handle repeated queryString values
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4755">#4755</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/5d3cf2de5821171e968577fcb1c74d5198e153d6">5d3cf2d</a>)</li>
<li><strong>event-handler</strong> allow event handler response to
return array (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4725">#4725</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eef92ca929cd7a2551e228b20deae3b59044a0ee">eef92ca</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li><strong>logger</strong> use async local storage for logger (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4668">#4668</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/4507fccb8872975f4a3e683ec9034e7f71e67d30">4507fcc</a>)</li>
<li><strong>metrics</strong> use async local storage for metrics (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4663">#4663</a>)
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4694">#4694</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2e08f74cfe86571ef7f2388d3a028763561c11e9">2e08f74</a>)</li>
<li><strong>parser</strong> add type for values parsed by
DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8">c2bd849</a>)</li>
<li><strong>batch</strong> use async local storage for batch processing
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4700">#4700</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/67a8de7baec4a240bc5f22493a13c75289397d7c">67a8de7</a>)</li>
<li><strong>event-handler</strong> add support for ALB (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4759">#4759</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a4708925fb08da09044ea1592ea7df58e46f383d">a470892</a>)</li>
<li><strong>event-handler</strong> expose response streaming in public
API (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4743">#4743</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/be4e4e2b9f0a39210f972f22d03a382aea304f60">be4e4e2</a>)</li>
<li><strong>event-handler</strong> add first-class support for binary
responses (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4723">#4723</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/13dbcdccc3626d442f66c6037af7df88626dd9c2">13dbcdc</a>)</li>
<li><strong>event-handler</strong> Add support for HTTP APIs (API
Gateway v2) (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4714">#4714</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2f700189aef42445a229da8a0d1446e1d63423fa">2f70018</a>)</li>
</ul>
<h3>Maintenance</h3>
<ul>
<li><strong>tracer</strong> bump aws-xray-sdk-core from 3.11.0 to 3.12.0
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05">afb5678</a>)</li>
<li><strong>event-handler</strong> unflag http handler from experimental
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa">a2deb8d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/fa726e0a56f738c62fe253d96fd1f70ae696cabf"><code>fa726e0</code></a>
chore(ci): bump version to 2.29.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4802">#4802</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa"><code>a2deb8d</code></a>
chore(event-handler): unflag http handler from experimental (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8"><code>c2bd849</code></a>
feat(parser): add type for values parsed by DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05"><code>afb5678</code></a>
chore(deps): bump aws-xray-sdk-core from 3.11.0 to 3.12.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/8806cadcfada8e76ca44ec64aa5b86f2853e3e65"><code>8806cad</code></a>
docs(event-handler): added documentation for support for HTTP API, ALB
and FU...</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/d2e0fcc504de8011fe91217976d2afcf99c1bed2"><code>d2e0fcc</code></a>
chore(deps): upgrade InvokeStore to v0.2.1 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4794">#4794</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/bccd0b178aa971af8fce755001178beea1316d4b"><code>bccd0b1</code></a>
docs(event-handler): add response streaming docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4786">#4786</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2279f9b0fa1dbb6f9fa3ea7a5de076bc9edc649f"><code>2279f9b</code></a>
chore(deps): bump mkdocs-llmstxt from 0.4.0 to 0.5.0 in /docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4789">#4789</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/12c5e63cd36c574109f343e35591eacc8f2e6f2c"><code>12c5e63</code></a>
chore(deps): bump actions/checkout from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4788">#4788</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/943bb4ff23bb125170e6b62b21f193d3fb8f7318"><code>943bb4f</code></a>
docs(event-handler): update binary response docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4783">#4783</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for
<code>@​aws-lambda-powertools/metrics</code> since your current
version.</p>
</details>
<br />

Updates `@aws-lambda-powertools/tracer` from 2.28.1 to 2.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/releases"><code>@​aws-lambda-powertools/tracer</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v2.29.0</h2>
<h2>Summary</h2>
<h3>🎉 Powertools for AWS Lambda (Typescript) - Event Handler Utility is
now Generally Available (GA)</h3>
<blockquote>
<p><a
href="https://docs.aws.amazon.com/powertools/typescript/latest/features/event-handler/rest/">Docs</a></p>
</blockquote>
<p>We're excited to announce that the Event Handler utility is now
production-ready! 🚀
Event Handler provides lightweight routing to reduce boilerplate for API
Gateway REST/HTTP API, ALB and Lambda Function URLs.</p>
<blockquote>
<p>⭐ Congratulations to <a
href="https://github.com/yoshi-taka"><code>@​yoshi-taka</code></a>, <a
href="https://github.com/iamgerg"><code>@​iamgerg</code></a>, <a
href="https://github.com/fidelisojeah"><code>@​fidelisojeah</code></a>,
and <a
href="https://github.com/benthorner"><code>@​benthorner</code></a> for
their first PR merged in the project 🎉</p>
</blockquote>
<h3>Import path update</h3>
<p>With Event Handler moving to GA, the import path has changed from the
experimental namespace to a stable one.</p>
<pre lang="typescript"><code>// Before
import { Router } from
'@aws-lambda-powertools/event-handler/experimental-rest';
<p>// Now
import { Router } from
'<code>@​aws-lambda-powertools/event-handler/</code>http';
</code></pre></p>
<h3>Support for HTTP APIs, ALB, and Function URL</h3>
<p>Event Handler now supports HTTP APIs (API Gateway v2), Application
Load Balancers (ALB) and Lambda Function URL in addition to the existing
REST API and support. This means you can use the same routing API across
different AWS services, making it easier to build and migrate serverless
applications regardless of your chosen architecture.</p>
<pre lang="typescript"><code>import { Router } from
'@aws-lambda-powertools/event-handler/http';
import type {
  ALBEvent,
  APIGatewayProxyEvent,
  APIGatewayProxyEventV2,
  Context,
  LambdaFunctionURLEvent,
} from 'aws-lambda';
<p>const app = new Router();
app.get('/hello', () =&gt; {
return {
message: 'Hello Event Handler!',
};
});</p>
<p>// Works across different services without any changes
export const restApiHandler = (event: APIGatewayProxyEvent, context:
Context) =&gt;
app.resolve(event, context);</p>
<p>export const httpApiHandler = (
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/blob/main/CHANGELOG.md"><code>@​aws-lambda-powertools/tracer</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">2.29.0</a>
(2025-11-21)</h2>
<h3>Improvements</h3>
<ul>
<li><strong>commons</strong> Make trace ID access more robust (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4693">#4693</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/b26cd2c7395e55fb33a6ce719bc69b1a11004446">b26cd2c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>logger</strong> infinite loop on log buffer when item size
is max bytes (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4741">#4741</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/f0677d4f1220df6f68f9fd8ece221306fdd9b154">f0677d4</a>)</li>
<li><strong>logger</strong> not passing persistent keys to children (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4740">#4740</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eafbe13aa6ca7067c2c8329150fdf600ebca12a7">eafbe13</a>)</li>
<li><strong>event-handler</strong> moved the response mutation logic to
the <code>composeMiddleware</code> function (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4773">#4773</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2fe04e351aa4f8a104a145d3fcef7bb6d856506f">2fe04e3</a>)</li>
<li><strong>event-handler</strong> handle repeated queryString values
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4755">#4755</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/5d3cf2de5821171e968577fcb1c74d5198e153d6">5d3cf2d</a>)</li>
<li><strong>event-handler</strong> allow event handler response to
return array (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4725">#4725</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/eef92ca929cd7a2551e228b20deae3b59044a0ee">eef92ca</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li><strong>logger</strong> use async local storage for logger (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4668">#4668</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/4507fccb8872975f4a3e683ec9034e7f71e67d30">4507fcc</a>)</li>
<li><strong>metrics</strong> use async local storage for metrics (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4663">#4663</a>)
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4694">#4694</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2e08f74cfe86571ef7f2388d3a028763561c11e9">2e08f74</a>)</li>
<li><strong>parser</strong> add type for values parsed by
DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8">c2bd849</a>)</li>
<li><strong>batch</strong> use async local storage for batch processing
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4700">#4700</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/67a8de7baec4a240bc5f22493a13c75289397d7c">67a8de7</a>)</li>
<li><strong>event-handler</strong> add support for ALB (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4759">#4759</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a4708925fb08da09044ea1592ea7df58e46f383d">a470892</a>)</li>
<li><strong>event-handler</strong> expose response streaming in public
API (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4743">#4743</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/be4e4e2b9f0a39210f972f22d03a382aea304f60">be4e4e2</a>)</li>
<li><strong>event-handler</strong> add first-class support for binary
responses (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4723">#4723</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/13dbcdccc3626d442f66c6037af7df88626dd9c2">13dbcdc</a>)</li>
<li><strong>event-handler</strong> Add support for HTTP APIs (API
Gateway v2) (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4714">#4714</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2f700189aef42445a229da8a0d1446e1d63423fa">2f70018</a>)</li>
</ul>
<h3>Maintenance</h3>
<ul>
<li><strong>tracer</strong> bump aws-xray-sdk-core from 3.11.0 to 3.12.0
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05">afb5678</a>)</li>
<li><strong>event-handler</strong> unflag http handler from experimental
(<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)
(<a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa">a2deb8d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/fa726e0a56f738c62fe253d96fd1f70ae696cabf"><code>fa726e0</code></a>
chore(ci): bump version to 2.29.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4802">#4802</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/a2deb8d702bb305bbf017882ce16beb6b3c809aa"><code>a2deb8d</code></a>
chore(event-handler): unflag http handler from experimental (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4801">#4801</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/c2bd8499c38f2e9048782d717613a721b3e8ccc8"><code>c2bd849</code></a>
feat(parser): add type for values parsed by DynamoDBStreamRecord (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4793">#4793</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/afb5678ed6176d9d2e0a759993af0054a2c80b05"><code>afb5678</code></a>
chore(deps): bump aws-xray-sdk-core from 3.11.0 to 3.12.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4792">#4792</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/8806cadcfada8e76ca44ec64aa5b86f2853e3e65"><code>8806cad</code></a>
docs(event-handler): added documentation for support for HTTP API, ALB
and FU...</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/d2e0fcc504de8011fe91217976d2afcf99c1bed2"><code>d2e0fcc</code></a>
chore(deps): upgrade InvokeStore to v0.2.1 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4794">#4794</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/bccd0b178aa971af8fce755001178beea1316d4b"><code>bccd0b1</code></a>
docs(event-handler): add response streaming docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4786">#4786</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/2279f9b0fa1dbb6f9fa3ea7a5de076bc9edc649f"><code>2279f9b</code></a>
chore(deps): bump mkdocs-llmstxt from 0.4.0 to 0.5.0 in /docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4789">#4789</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/12c5e63cd36c574109f343e35591eacc8f2e6f2c"><code>12c5e63</code></a>
chore(deps): bump actions/checkout from 5.0.1 to 6.0.0 (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4788">#4788</a>)</li>
<li><a
href="https://github.com/aws-powertools/powertools-lambda-typescript/commit/943bb4ff23bb125170e6b62b21f193d3fb8f7318"><code>943bb4f</code></a>
docs(event-handler): update binary response docs (<a
href="https://redirect.github.com/aws-powertools/powertools-lambda-typescript/issues/4783">#4783</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/aws-powertools/powertools-lambda-typescript/compare/v2.28.1...v2.29.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for <code>@​aws-lambda-powertools/tracer</code>
since your current version.</p>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 3, 2025
    Configuration menu
    Copy the full SHA
    f1d156e View commit details
    Browse the repository at this point in the history

Commits on Dec 6, 2025

  1. chore(docs): bump urllib3 from 2.5.0 to 2.6.0 in /.github/workflows/m… 

    …kdocs (#4935)

Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.5.0 to 2.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.6.0</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support. If your company or organization uses Python and
would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and
thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly compressed HTTP content (&quot;decompression bombs&quot;) leading
to excessive resource consumption even when a small amount of data was
requested. Reading small chunks of compressed data is safer and much
more efficient now. (CVE-2025-66471 reported by <a
href="https://github.com/Cycloctane"><code>@​Cycloctane</code></a>, 8.9
High, GHSA-2xpw-w6gg-jr37)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with virtually unlimited links in the
<code>Content-Encoding</code> header, potentially leading to a denial of
service (DoS) attack by exhausting system resources during decoding. The
number of allowed chained encodings is now limited to 5. (CVE-2025-66418
reported by <a
href="https://github.com/illia-v"><code>@​illia-v</code></a>, 8.9 High,
GHSA-gm62-xv2j-4w53)</li>
</ul>
<blockquote>
<p>[!IMPORTANT]</p>
<ul>
<li>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but your environment contains a
Brotli/brotlicffi/brotlipy package anyway, make sure to upgrade it to at
least Brotli 1.2.0 or brotlicffi 1.2.0.0 to benefit from the security
fixes and avoid warnings. Prefer using <code>urllib3[brotli]</code> to
install a compatible Brotli package automatically.</li>
<li>If you use custom decompressors, please make sure to update them to
respect the changed API of
<code>urllib3.response.ContentDecoder</code>.</li>
</ul>
</blockquote>
<h2>Features</h2>
<ul>
<li>Enabled retrieval, deletion, and membership testing in
<code>HTTPHeaderDict</code> using bytes keys. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3653">#3653</a>)</li>
<li>Added host and port information to string representations of
<code>HTTPConnection</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3666">#3666</a>)</li>
<li>Added support for Python 3.14 free-threading builds explicitly. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3696">#3696</a>)</li>
</ul>
<h2>Removals</h2>
<ul>
<li>Removed the <code>HTTPResponse.getheaders()</code> method in favor
of <code>HTTPResponse.headers</code>. Removed the
<code>HTTPResponse.getheader(name, default)</code> method in favor of
<code>HTTPResponse.headers.get(name, default)</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3622">#3622</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Fixed redirect handling in <code>urllib3.PoolManager</code> when an
integer is passed for the retries parameter. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3649">#3649</a>)</li>
<li>Fixed <code>HTTPConnectionPool</code> when used in Emscripten with
no explicit port. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3664">#3664</a>)</li>
<li>Fixed handling of <code>SSLKEYLOGFILE</code> with expandable
variables. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3700">#3700</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li>Changed the <code>zstd</code> extra to install
<code>backports.zstd</code> instead of <code>zstandard</code> on Python
3.13 and before. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3693">#3693</a>)</li>
<li>Improved the performance of content decoding by optimizing
<code>BytesQueueBuffer</code> class. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3710">#3710</a>)</li>
<li>Allowed building the urllib3 package with newer setuptools-scm v9.x.
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3652">#3652</a>)</li>
<li>Ensured successful urllib3 builds by setting Hatchling requirement
to ≥ 1.27.0. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3638">#3638</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.6.0 (2025-12-05)</h1>
<h2>Security</h2>
<ul>
<li>Fixed a security issue where streaming API could improperly handle
highly
compressed HTTP content (&quot;decompression bombs&quot;) leading to
excessive resource
consumption even when a small amount of data was requested. Reading
small
chunks of compressed data is safer and much more efficient now.
(<code>GHSA-2xpw-w6gg-jr37
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37&gt;</code>__)</li>
<li>Fixed a security issue where an attacker could compose an HTTP
response with
virtually unlimited links in the <code>Content-Encoding</code> header,
potentially
leading to a denial of service (DoS) attack by exhausting system
resources
during decoding. The number of allowed chained encodings is now limited
to 5.
(<code>GHSA-gm62-xv2j-4w53
&lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53&gt;</code>__)</li>
</ul>
<p>.. caution::</p>
<ul>
<li>
<p>If urllib3 is not installed with the optional
<code>urllib3[brotli]</code> extra, but
your environment contains a Brotli/brotlicffi/brotlipy package anyway,
make
sure to upgrade it to at least Brotli 1.2.0 or brotlicffi 1.2.0.0 to
benefit from the security fixes and avoid warnings. Prefer using
<code>urllib3[brotli]</code> to install a compatible Brotli package
automatically.</p>
</li>
<li>
<p>If you use custom decompressors, please make sure to update them to
respect the changed API of
<code>urllib3.response.ContentDecoder</code>.</p>
</li>
</ul>
<h2>Features</h2>
<ul>
<li>Enabled retrieval, deletion, and membership testing in
<code>HTTPHeaderDict</code> using bytes keys.
(<code>[#3653](urllib3/urllib3#3653)
&lt;https://github.com/urllib3/urllib3/issues/3653&gt;</code>__)</li>
<li>Added host and port information to string representations of
<code>HTTPConnection</code>.
(<code>[#3666](urllib3/urllib3#3666)
&lt;https://github.com/urllib3/urllib3/issues/3666&gt;</code>__)</li>
<li>Added support for Python 3.14 free-threading builds explicitly.
(<code>[#3696](urllib3/urllib3#3696)
&lt;https://github.com/urllib3/urllib3/issues/3696&gt;</code>__)</li>
</ul>
<h2>Removals</h2>
<ul>
<li>Removed the <code>HTTPResponse.getheaders()</code> method in favor
of <code>HTTPResponse.headers</code>.
Removed the <code>HTTPResponse.getheader(name, default)</code> method in
favor of <code>HTTPResponse.headers.get(name, default)</code>.
(<code>[#3622](urllib3/urllib3#3622)
&lt;https://github.com/urllib3/urllib3/issues/3622&gt;</code>__)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Fixed redirect handling in <code>urllib3.PoolManager</code> when an
integer is passed
for the retries parameter.
(<code>[#3649](urllib3/urllib3#3649)
&lt;https://github.com/urllib3/urllib3/issues/3649&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool</code> when used in Emscripten with
no explicit port.
(<code>[#3664](urllib3/urllib3#3664)
&lt;https://github.com/urllib3/urllib3/issues/3664&gt;</code>__)</li>
<li>Fixed handling of <code>SSLKEYLOGFILE</code> with expandable
variables.
(<code>[#3700](urllib3/urllib3#3700)
&lt;https://github.com/urllib3/urllib3/issues/3700&gt;</code>__)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/720f484b605f18887a48eef448d0084e2b76902d"><code>720f484</code></a>
Release 2.6.0</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"><code>24d7b67</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"><code>c19571d</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/816fcf04528bc0f89672e13398eb813dcc892490"><code>816fcf0</code></a>
Bump actions/setup-python from 6.0.0 to 6.1.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3725">#3725</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/18af0a10efc4c99dd028f7ad5a461470b9a8b0fd"><code>18af0a1</code></a>
Improve speed of <code>BytesQueueBuffer.get()</code> by using memoryview
(<a
href="https://redirect.github.com/urllib3/urllib3/issues/3711">#3711</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/1f6abac3e6d426c3939b8a17cf4afa099e691ab2"><code>1f6abac</code></a>
Bump versions of pre-commit hooks (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3716">#3716</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/1c8fbf787b8e6ed151842c5d6874c9d5bdbf1d0b"><code>1c8fbf7</code></a>
Bump actions/checkout from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3722">#3722</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7784b9eee95b7c90802c02b111e98df70259ae4f"><code>7784b9e</code></a>
Add Python 3.15 to CI (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3717">#3717</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/0241c9e7286d3008e3cce18effc13b40dc633385"><code>0241c9e</code></a>
Updated docs to reflect change in optional zstd dependency from
<code>zstandard</code> t...</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/7afcabb6489d9a8ea95a40e5afcb46463af17351"><code>7afcabb</code></a>
Expand environment variable of SSLKEYLOGFILE (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3705">#3705</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/2.5.0...2.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/github-aws-runners/terraform-aws-github-runner/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    5dc3a8f View commit details
    Browse the repository at this point in the history

  2. chore(deps): bump the github group with 3 updates (#4919) 

    Bumps the github group with 3 updates:
[actions/checkout](https://github.com/actions/checkout),
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
and [actions/setup-python](https://github.com/actions/setup-python).

Updates `actions/checkout` from 5.0.0 to 6.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker
container action</a> scenarios.</p>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>V5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>V5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>V4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a>
update readme/changelog for v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a>
v6-beta (<a
href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a>
Persist creds to a separate file (<a
href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a>
Update README to include Node.js 24 support details and requirements (<a
href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/create-github-app-token` from 2.1.4 to 2.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.4...v2.2.0">2.2.0</a>
(2025-11-21)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump glob from 10.4.5 to 10.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/305">#305</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc">5480f43</a>)</li>
<li><strong>deps:</strong> bump p-retry from 6.2.1 to 7.1.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/294">#294</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4">dce3be8</a>)</li>
<li><strong>deps:</strong> bump the production-dependencies group with 2
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/292">#292</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/55e2a4b2ccaaa8364303e6ab9f77e31ad02298e5">55e2a4b</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/296">#296</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d90aa532332d33f6dc9656fd4491a98441595a37">d90aa53</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/7e473efe3cb98aa54f8d4bac15400b15fad77d94"><code>7e473ef</code></a>
build(release): 2.2.0 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4"><code>dce3be8</code></a>
fix(deps): bump p-retry from 6.2.1 to 7.1.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/294">#294</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc"><code>5480f43</code></a>
fix(deps): bump glob from 10.4.5 to 10.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/305">#305</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d90aa532332d33f6dc9656fd4491a98441595a37"><code>d90aa53</code></a>
feat: update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/296">#296</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/55e2a4b2ccaaa8364303e6ab9f77e31ad02298e5"><code>55e2a4b</code></a>
fix(deps): bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/292">#292</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/cc6f999683e9e6150699fa443589ab389e4d3334"><code>cc6f999</code></a>
ci(test): trigger on merge_group (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/308">#308</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/40fa6b52b33cc945b40f86ff422cb3991908649f"><code>40fa6b5</code></a>
build(deps-dev): bump <code>@​sinonjs/fake-timers</code> from 14.0.0 to
15.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/295">#295</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/396e5022f0b3904220aca120478484fe822c5aac"><code>396e502</code></a>
build(deps): bump actions/checkout from 5 to 6 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/306">#306</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f48f2eb9326f99a06d3f3e8461c45793d5a24ffa"><code>f48f2eb</code></a>
build(deps): bump stefanzweifel/git-auto-commit-action from 6.0.1 to
7.0.0 (#...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/b7f83f6278be73b624257deedba056416f53fed2"><code>b7f83f6</code></a>
build(deps): bump actions/setup-node from 4 to 6 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/299">#299</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/67018539274d69449ef7c02e8e71183d1719ab42...7e473efe3cb98aa54f8d4bac15400b15fad77d94">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-python` from 6.0.0 to 6.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements:</h3>
<ul>
<li>Add support for <code>pip-install</code> input by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-python/pull/1201">actions/setup-python#1201</a></li>
<li>Add graalpy early-access and windows builds by <a
href="https://github.com/timfel"><code>@​timfel</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/880">actions/setup-python#880</a></li>
</ul>
<h3>Dependency and Documentation updates:</h3>
<ul>
<li>Enhanced wording and updated example usage for
<code>allow-prereleases</code> by <a
href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/979">actions/setup-python#979</a></li>
<li>Upgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes
in v6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1139">actions/setup-python#1139</a></li>
<li>Upgrade typescript from 5.4.2 to 5.9.3 and Documentation update by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/actions/setup-python/pull/1094">actions/setup-python#1094</a></li>
<li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 &amp;
Documentation update for pip-install input by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1199">actions/setup-python#1199</a></li>
<li>Upgrade requests from 2.32.2 to 2.32.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1130">actions/setup-python#1130</a></li>
<li>Upgrade prettier from 3.5.3 to 3.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1234">actions/setup-python#1234</a></li>
<li>Upgrade <code>@​types/node</code> from 24.1.0 to 24.9.1 and update
macos-13 to macos-15-intel by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1235">actions/setup-python#1235</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/yarikoptic"><code>@​yarikoptic</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-python/pull/979">actions/setup-python#979</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v6...v6.1.0">https://github.com/actions/setup-python/compare/v6...v6.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/83679a892e2d95755f2dac6acb0bfd1e9ac5d548"><code>83679a8</code></a>
Bump <code>@​types/node</code> from 24.1.0 to 24.9.1 and update macos-13
to macos-15-intel ...</li>
<li><a
href="https://github.com/actions/setup-python/commit/bfc4944b43a5d84377eca3cf6ab5b7992ba61923"><code>bfc4944</code></a>
Bump prettier from 3.5.3 to 3.6.2 (<a
href="https://redirect.github.com/actions/setup-python/issues/1234">#1234</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/97aeb3efb8a852c559869050c7fb175b4efcc8cf"><code>97aeb3e</code></a>
Bump requests from 2.32.2 to 2.32.4 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1130">#1130</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/443da59188462e2402e2942686db5aa6723f4bed"><code>443da59</code></a>
Bump actions/publish-action from 0.3.0 to 0.4.0 &amp; Documentation
update for pi...</li>
<li><a
href="https://github.com/actions/setup-python/commit/cfd55ca82492758d853442341ad4d8010466803a"><code>cfd55ca</code></a>
graalpy: add graalpy early-access and windows builds (<a
href="https://redirect.github.com/actions/setup-python/issues/880">#880</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/bba65e51ff35d50c6dbaaacd8a4681db13aa7cb4"><code>bba65e5</code></a>
Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md
(<a
href="https://redirect.github.com/actions/setup-python/issues/1094">#1094</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/18566f86b301499665bd3eb1a2247e0849c64fa5"><code>18566f8</code></a>
Improve wording and &quot;fix example&quot; (remove 3.13) on testing
against pre-releas...</li>
<li><a
href="https://github.com/actions/setup-python/commit/2e3e4b15a884dc73a63f962bff250a855150a234"><code>2e3e4b1</code></a>
Add support for pip-install input (<a
href="https://redirect.github.com/actions/setup-python/issues/1201">#1201</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/4267e283df95c05d9f16ece6624106f44613b489"><code>4267e28</code></a>
Bump urllib3 from 1.26.19 to 2.5.0 in /<strong>tests</strong>/data and
document breaking c...</li>
<li>See full diff in <a
href="https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    08c5be3 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 ( 

    …#4920)

Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.8 to 7.0.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.9</h2>
<p>⚙️ Fixes an <a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4228">incompatibility</a>
with the recently released <code>actions/checkout@v6</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>~70 dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>docs: fix workaround description about <code>ready_for_review</code>
by <a href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3939">peter-evans/create-pull-request#3939</a></li>
<li>Docs: <code>add-paths</code> default behavior by <a
href="https://github.com/joeflack4"><code>@​joeflack4</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3928">peter-evans/create-pull-request#3928</a></li>
<li>docs: update to create-github-app-token v2 by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4063">peter-evans/create-pull-request#4063</a></li>
<li>Fix compatibility with actions/checkout@v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4230">peter-evans/create-pull-request#4230</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/joeflack4"><code>@​joeflack4</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3928">peter-evans/create-pull-request#3928</a></li>
<li><a href="https://github.com/Goooler"><code>@​Goooler</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4063">peter-evans/create-pull-request#4063</a></li>
<li><a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4230">peter-evans/create-pull-request#4230</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.8...v7.0.9">https://github.com/peter-evans/create-pull-request/compare/v7.0.8...v7.0.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/84ae59a2cdc2258d6fa0732dd66352dddae2a412"><code>84ae59a</code></a>
fix: compatibility with actions/checkout@v6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4230">#4230</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b4733b9419fd47bbfa1807b15627e17cd70b5b22"><code>b4733b9</code></a>
build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4222">#4222</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/0edc001d28a2959cd7a6b505629f1d82f0a6e67d"><code>0edc001</code></a>
build(deps-dev): bump the npm group with 2 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4201">#4201</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/430aea0fb112656c3ac187e7a22b3604508ba3a7"><code>430aea0</code></a>
build(deps): bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4200">#4200</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/46cdba753c74545733b821043d64bd6925fc4da9"><code>46cdba7</code></a>
build(deps-dev): bump the npm group with 3 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4185">#4185</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b937339b17ca3e45ec14ebcafb879873b1ee8564"><code>b937339</code></a>
build(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4184">#4184</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/e9af275c3778a67411fcac2d613e8d4e9be452fd"><code>e9af275</code></a>
ci: update dependabot config</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/d3e081a03ae8d69301ed924bae10d70ea4af94d9"><code>d3e081a</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.127 to
18.19.128 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4178">#4178</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/9ec683ee07f9121fdf529b923931dd78d977a5c9"><code>9ec683e</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.125 to
18.19.127 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4165">#4165</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/65d8d10bf76513796c0f69457c2567b5da3b9626"><code>65d8d10</code></a>
build(deps-dev): bump ts-jest from 29.4.2 to 29.4.4 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4163">#4163</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/271a8d0340265f705b14b6d32b9829c1cb33d45e...84ae59a2cdc2258d6fa0732dd66352dddae2a412">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.8&new-version=7.0.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    eba47cd View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump zizmorcore/zizmor-action from 0.2.0 to 0.3.0 (#4922) 

    Bumps
[zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action)
from 0.2.0 to 0.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>README: fix troubleshooting link by <a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/50">zizmorcore/zizmor-action#50</a></li>
<li>README: add a troubleshooting section about Advanced Security by <a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/51">zizmorcore/zizmor-action#51</a></li>
<li>feat: Support a config option by <a
href="https://github.com/naokihaba"><code>@​naokihaba</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/56">zizmorcore/zizmor-action#56</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/naokihaba"><code>@​naokihaba</code></a>
made their first contribution in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/56">zizmorcore/zizmor-action#56</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zizmorcore/zizmor-action/compare/v0.2.0...v0.3.0">https://github.com/zizmorcore/zizmor-action/compare/v0.2.0...v0.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/e639db99335bc9038abc0e066dfcd72e23d26fb4"><code>e639db9</code></a>
remove mise.toml (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/57">#57</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/f4409e30393d9c364fd5536e128179c68b5a813f"><code>f4409e3</code></a>
feat: Support a config option (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/56">#56</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/1aba86d8e1245be7a9ca003d46fcc85a76e6aa61"><code>1aba86d</code></a>
chore(deps): bump github/codeql-action in the github-actions group (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/54">#54</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/da5ac40c5419dcf7f21630fb2f95e725ae8fb9d5"><code>da5ac40</code></a>
README: add a troubleshooting section about Advanced Security (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/51">#51</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/cc28a584f0663c198a7788dbab0f86d75b341140"><code>cc28a58</code></a>
README: fix troubleshooting link (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/50">#50</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/c323c83e3ab58baf4acbc7b6b39eef0e0cb14e4d"><code>c323c83</code></a>
chore(deps): bump zizmorcore/zizmor-action from 0.1.2 to 0.2.0 in the
github-...</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/0696496a48b64e0568faa46ddaf5f6fe48b83b04"><code>0696496</code></a>
chore(deps): bump github/codeql-action in the github-actions group (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/48">#48</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/873539476a7f9b0da7504d0d9e9a6a5275094d98"><code>8735394</code></a>
docs: bump action pins (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/46">#46</a>)</li>
<li>See full diff in <a
href="https://github.com/zizmorcore/zizmor-action/compare/e673c3917a1aef3c65c972347ed84ccd013ecda4...e639db99335bc9038abc0e066dfcd72e23d26fb4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zizmorcore/zizmor-action&package-manager=github_actions&previous-version=0.2.0&new-version=0.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    a7447f4 View commit details
    Browse the repository at this point in the history

  5. chore(lambda): bump the nx group in /lambdas with 3 updates (#4926) 

    Bumps the nx group in /lambdas with 3 updates:
[@nx/eslint](https://github.com/nrwl/nx/tree/HEAD/packages/eslint),
[@nx/js](https://github.com/nrwl/nx/tree/HEAD/packages/js) and
[@nx/vite](https://github.com/nrwl/nx/tree/HEAD/packages/vite).

Updates `@nx/eslint` from 22.1.0 to 22.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nrwl/nx/releases"><code>@​nx/eslint</code>'s
releases</a>.</em></p>
<blockquote>
<h2>22.1.2 (2025-11-25)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>core:</strong> add multiple Nx version detection to nx
report (<a
href="https://redirect.github.com/nrwl/nx/pull/33599">#33599</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>core:</strong> filter out automated release commits in
getCommitsRelevantToProjects (<a
href="https://redirect.github.com/nrwl/nx/pull/33482">#33482</a>)</li>
<li><strong>core:</strong> make daemon socket path unique per process to
prevent race condition (<a
href="https://redirect.github.com/nrwl/nx/pull/33580">#33580</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33491">#33491</a>)</li>
<li><strong>core:</strong> use nx-mcp for older nx versions instead of
nx mcp (<a
href="https://redirect.github.com/nrwl/nx/pull/33553">#33553</a>)</li>
<li><strong>core:</strong> propagate continuous task failures to
dependent tasks (<a
href="https://redirect.github.com/nrwl/nx/pull/33492">#33492</a>)</li>
<li><strong>graph:</strong> surface task graph client error via error
toast (<a
href="https://redirect.github.com/nrwl/nx/pull/33600">#33600</a>)</li>
<li><strong>js:</strong> ensure copy-workspace-modules copies transitive
workspace dependencies (<a
href="https://redirect.github.com/nrwl/nx/pull/33570">#33570</a>)</li>
<li><strong>nest:</strong> set moduleResolution to node to prevent
TS5095 error (<a
href="https://redirect.github.com/nrwl/nx/pull/33607">#33607</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33589">#33589</a>)</li>
<li><strong>node:</strong> set generatePackageJson:false for TS Solution
workspaces (<a
href="https://redirect.github.com/nrwl/nx/pull/33606">#33606</a>)</li>
<li><strong>release:</strong> ensure emoji is not repeated in breaking
changes summary (<a
href="https://redirect.github.com/nrwl/nx/pull/33605">#33605</a>)</li>
<li><strong>storybook:</strong> remove upper bound of migration requires
(<a
href="https://redirect.github.com/nrwl/nx/pull/33613">#33613</a>)</li>
<li><strong>testing:</strong> remove declare global wrapper from cypress
commands.ts template (<a
href="https://redirect.github.com/nrwl/nx/pull/33573">#33573</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32930">#32930</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Chau Tran <a
href="https://github.com/nartc"><code>@​nartc</code></a></li>
<li>Colum Ferry <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Coly010 <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Jack Hsu <a
href="https://github.com/jaysoo"><code>@​jaysoo</code></a></li>
<li>Jason Jean <a
href="https://github.com/FrozenPandaz"><code>@​FrozenPandaz</code></a></li>
<li>Kasper Christensen <a
href="https://github.com/fALKENdk"><code>@​fALKENdk</code></a></li>
<li>Laney Pouzet</li>
<li>Leosvel Pérez Espinosa <a
href="https://github.com/leosvelperez"><code>@​leosvelperez</code></a></li>
<li>MaxKless <a
href="https://github.com/MaxKless"><code>@​MaxKless</code></a></li>
</ul>
<h2>22.1.1 (2025-11-21)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>linter:</strong> add util to load eslint rules from a
directory (<a
href="https://redirect.github.com/nrwl/nx/pull/33543">#33543</a>)</li>
<li><strong>nx-cloud:</strong> prepend nx version to stats metadata (<a
href="https://redirect.github.com/nrwl/nx/pull/33568">#33568</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>core:</strong> don't presume a task is long running if its
marked cacheable (<a
href="https://redirect.github.com/nrwl/nx/pull/33545">#33545</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32610">#32610</a>)</li>
<li><strong>core:</strong> daemon command should exit at end (<a
href="https://redirect.github.com/nrwl/nx/pull/33547">#33547</a>)</li>
<li><strong>core:</strong> provide error when nested graph construction
would occur invoked during createNodes (<a
href="https://redirect.github.com/nrwl/nx/pull/33541">#33541</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/29618">#29618</a>)</li>
<li><strong>graph:</strong> align exclude flag with others by using
findMatchingProjects (<a
href="https://redirect.github.com/nrwl/nx/pull/33550">#33550</a>)</li>
<li><strong>linter:</strong> handle various flat config override
structures (<a
href="https://redirect.github.com/nrwl/nx/pull/33548">#33548</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/31796">#31796</a>)</li>
<li><strong>react:</strong> exclude tailwind from CSS modules syntax in
component generator (<a
href="https://redirect.github.com/nrwl/nx/pull/33574">#33574</a>)</li>
<li><strong>storybook:</strong> remove STORYBOOK_PROJECT_ROOT when
running automigrate to prevent hanging (<a
href="https://redirect.github.com/nrwl/nx/pull/33567">#33567</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32492">#32492</a>)</li>
<li><strong>vite:</strong> generate .mts config files to force ESM (<a
href="https://redirect.github.com/nrwl/nx/pull/33518">#33518</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nrwl/nx/commit/1c8796a4d7b3f9e62703cde95a1f3f05dd1ee1ff"><code>1c8796a</code></a>
docs(misc): update migration docs to use supported markdown syntax (<a
href="https://github.com/nrwl/nx/tree/HEAD/packages/eslint/issues/33563">#33563</a>)</li>
<li><a
href="https://github.com/nrwl/nx/commit/05bd3a4c160e2d0d349cf6cc34b2e28c66b89f09"><code>05bd3a4</code></a>
fix(linter): handle various flat config override structures (<a
href="https://github.com/nrwl/nx/tree/HEAD/packages/eslint/issues/33548">#33548</a>)</li>
<li>See full diff in <a
href="https://github.com/nrwl/nx/commits/22.1.2/packages/eslint">compare
view</a></li>
</ul>
</details>
<br />

Updates `@nx/js` from 22.1.1 to 22.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nrwl/nx/releases"><code>@​nx/js</code>'s
releases</a>.</em></p>
<blockquote>
<h2>22.1.2 (2025-11-25)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>core:</strong> add multiple Nx version detection to nx
report (<a
href="https://redirect.github.com/nrwl/nx/pull/33599">#33599</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>core:</strong> filter out automated release commits in
getCommitsRelevantToProjects (<a
href="https://redirect.github.com/nrwl/nx/pull/33482">#33482</a>)</li>
<li><strong>core:</strong> make daemon socket path unique per process to
prevent race condition (<a
href="https://redirect.github.com/nrwl/nx/pull/33580">#33580</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33491">#33491</a>)</li>
<li><strong>core:</strong> use nx-mcp for older nx versions instead of
nx mcp (<a
href="https://redirect.github.com/nrwl/nx/pull/33553">#33553</a>)</li>
<li><strong>core:</strong> propagate continuous task failures to
dependent tasks (<a
href="https://redirect.github.com/nrwl/nx/pull/33492">#33492</a>)</li>
<li><strong>graph:</strong> surface task graph client error via error
toast (<a
href="https://redirect.github.com/nrwl/nx/pull/33600">#33600</a>)</li>
<li><strong>js:</strong> ensure copy-workspace-modules copies transitive
workspace dependencies (<a
href="https://redirect.github.com/nrwl/nx/pull/33570">#33570</a>)</li>
<li><strong>nest:</strong> set moduleResolution to node to prevent
TS5095 error (<a
href="https://redirect.github.com/nrwl/nx/pull/33607">#33607</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33589">#33589</a>)</li>
<li><strong>node:</strong> set generatePackageJson:false for TS Solution
workspaces (<a
href="https://redirect.github.com/nrwl/nx/pull/33606">#33606</a>)</li>
<li><strong>release:</strong> ensure emoji is not repeated in breaking
changes summary (<a
href="https://redirect.github.com/nrwl/nx/pull/33605">#33605</a>)</li>
<li><strong>storybook:</strong> remove upper bound of migration requires
(<a
href="https://redirect.github.com/nrwl/nx/pull/33613">#33613</a>)</li>
<li><strong>testing:</strong> remove declare global wrapper from cypress
commands.ts template (<a
href="https://redirect.github.com/nrwl/nx/pull/33573">#33573</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32930">#32930</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Chau Tran <a
href="https://github.com/nartc"><code>@​nartc</code></a></li>
<li>Colum Ferry <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Coly010 <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Jack Hsu <a
href="https://github.com/jaysoo"><code>@​jaysoo</code></a></li>
<li>Jason Jean <a
href="https://github.com/FrozenPandaz"><code>@​FrozenPandaz</code></a></li>
<li>Kasper Christensen <a
href="https://github.com/fALKENdk"><code>@​fALKENdk</code></a></li>
<li>Laney Pouzet</li>
<li>Leosvel Pérez Espinosa <a
href="https://github.com/leosvelperez"><code>@​leosvelperez</code></a></li>
<li>MaxKless <a
href="https://github.com/MaxKless"><code>@​MaxKless</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nrwl/nx/commit/70bbbe9ff697c119032aa62868ee3ae27204eb34"><code>70bbbe9</code></a>
fix(js): ensure copy-workspace-modules copies transitive workspace
dependenci...</li>
<li>See full diff in <a
href="https://github.com/nrwl/nx/commits/22.1.2/packages/js">compare
view</a></li>
</ul>
</details>
<br />

Updates `@nx/vite` from 22.1.1 to 22.1.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nrwl/nx/releases"><code>@​nx/vite</code>'s
releases</a>.</em></p>
<blockquote>
<h2>22.1.2 (2025-11-25)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>core:</strong> add multiple Nx version detection to nx
report (<a
href="https://redirect.github.com/nrwl/nx/pull/33599">#33599</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>core:</strong> filter out automated release commits in
getCommitsRelevantToProjects (<a
href="https://redirect.github.com/nrwl/nx/pull/33482">#33482</a>)</li>
<li><strong>core:</strong> make daemon socket path unique per process to
prevent race condition (<a
href="https://redirect.github.com/nrwl/nx/pull/33580">#33580</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33491">#33491</a>)</li>
<li><strong>core:</strong> use nx-mcp for older nx versions instead of
nx mcp (<a
href="https://redirect.github.com/nrwl/nx/pull/33553">#33553</a>)</li>
<li><strong>core:</strong> propagate continuous task failures to
dependent tasks (<a
href="https://redirect.github.com/nrwl/nx/pull/33492">#33492</a>)</li>
<li><strong>graph:</strong> surface task graph client error via error
toast (<a
href="https://redirect.github.com/nrwl/nx/pull/33600">#33600</a>)</li>
<li><strong>js:</strong> ensure copy-workspace-modules copies transitive
workspace dependencies (<a
href="https://redirect.github.com/nrwl/nx/pull/33570">#33570</a>)</li>
<li><strong>nest:</strong> set moduleResolution to node to prevent
TS5095 error (<a
href="https://redirect.github.com/nrwl/nx/pull/33607">#33607</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/33589">#33589</a>)</li>
<li><strong>node:</strong> set generatePackageJson:false for TS Solution
workspaces (<a
href="https://redirect.github.com/nrwl/nx/pull/33606">#33606</a>)</li>
<li><strong>release:</strong> ensure emoji is not repeated in breaking
changes summary (<a
href="https://redirect.github.com/nrwl/nx/pull/33605">#33605</a>)</li>
<li><strong>storybook:</strong> remove upper bound of migration requires
(<a
href="https://redirect.github.com/nrwl/nx/pull/33613">#33613</a>)</li>
<li><strong>testing:</strong> remove declare global wrapper from cypress
commands.ts template (<a
href="https://redirect.github.com/nrwl/nx/pull/33573">#33573</a>, <a
href="https://redirect.github.com/nrwl/nx/issues/32930">#32930</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Chau Tran <a
href="https://github.com/nartc"><code>@​nartc</code></a></li>
<li>Colum Ferry <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Coly010 <a
href="https://github.com/Coly010"><code>@​Coly010</code></a></li>
<li>Jack Hsu <a
href="https://github.com/jaysoo"><code>@​jaysoo</code></a></li>
<li>Jason Jean <a
href="https://github.com/FrozenPandaz"><code>@​FrozenPandaz</code></a></li>
<li>Kasper Christensen <a
href="https://github.com/fALKENdk"><code>@​fALKENdk</code></a></li>
<li>Laney Pouzet</li>
<li>Leosvel Pérez Espinosa <a
href="https://github.com/leosvelperez"><code>@​leosvelperez</code></a></li>
<li>MaxKless <a
href="https://github.com/MaxKless"><code>@​MaxKless</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/nrwl/nx/commits/22.1.2/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    3c39465 View commit details
    Browse the repository at this point in the history

  6. chore(deps): bump google/osv-scanner-action/.github/workflows/osv-sca… 

    …nner-reusable-pr.yml from 2.2.4 to 2.3.0 (#4921)

Bumps
[google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action)
from 2.2.4 to 2.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/osv-scanner-action/releases">google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): update workflows by <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
in <a
href="https://redirect.github.com/google/osv-scanner-action/pull/104">google/osv-scanner-action#104</a></li>
<li>Add gemini config.yaml file by <a
href="https://github.com/michaelkedar"><code>@​michaelkedar</code></a>
in <a
href="https://redirect.github.com/google/osv-scanner-action/pull/107">google/osv-scanner-action#107</a></li>
<li>Update to v2.3.0 by <a
href="https://github.com/michaelkedar"><code>@​michaelkedar</code></a>
in <a
href="https://redirect.github.com/google/osv-scanner-action/pull/106">google/osv-scanner-action#106</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/osv-scanner-action/compare/v2.2.4...v2.3.0">https://github.com/google/osv-scanner-action/compare/v2.2.4...v2.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/osv-scanner-action/commit/b77c075a1235514558f0eb88dbd31e22c45e0cd2"><code>b77c075</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/106">#106</a>
from google/update-to-v2.3.0</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/74c480dda7d972c7c7c153657028829e9cdcf612"><code>74c480d</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/107">#107</a>
from google/gemini-config</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/2f926145681cc90324810bf42e3cf4308d258bfc"><code>2f92614</code></a>
Add gemini config.yaml file</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/182fa3ddecb863fb47e360953f74390f8eba3408"><code>182fa3d</code></a>
Update unified workflow example to point to v2.3.0 reusable
workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/35ad5af695460e8fc22ee9777485303c8d0a88cf"><code>35ad5af</code></a>
Update reusable workflows to point to v2.3.0 actions</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/9ca325867d8b4f9a3ccd4a0ca372e3cc7fcee3ef"><code>9ca3258</code></a>
&quot;Update actions to use v2.3.0 osv-scanner image&quot;</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/e4f7571e0252a4fc2df6f7a172407e1750e3ae97"><code>e4f7571</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/104">#104</a>
from renovate-bot/renovate/workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/a700279abb3af0dfd35a1d6f668525434bed0a14"><code>a700279</code></a>
chore(deps): update workflows</li>
<li>See full diff in <a
href="https://github.com/google/osv-scanner-action/compare/9bb69575e74019c2ad085a1860787043adf47ccb...b77c075a1235514558f0eb88dbd31e22c45e0cd2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml&package-manager=github_actions&previous-version=2.2.4&new-version=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    9eb637a View commit details
    Browse the repository at this point in the history

  7. chore(lambda): bump express from 5.1.0 to 5.2.0 in /lambdas (#4923) 

    Bumps [express](https://github.com/expressjs/express) from 5.1.0 to
5.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<h2>Important: Security</h2>
<ul>
<li>Security fix for <a
href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a>
(<a
href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6429">expressjs/express#6429</a></li>
<li>Refactor: simplify <code>acceptsLanguages</code> implementation
using spread operator by <a
href="https://github.com/Ayoub-Mabrouk"><code>@​Ayoub-Mabrouk</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6137">expressjs/express#6137</a></li>
<li>increased code coverage of utils.js file by <a
href="https://github.com/ashish3011"><code>@​ashish3011</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6386">expressjs/express#6386</a></li>
<li>chore: remove duplicate word by <a
href="https://github.com/dufucun"><code>@​dufucun</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6456">expressjs/express#6456</a></li>
<li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6498">expressjs/express#6498</a></li>
<li>build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6497">expressjs/express#6497</a></li>
<li>build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6496">expressjs/express#6496</a></li>
<li>ci: add node.js 24 to test matrix by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6504">expressjs/express#6504</a></li>
<li>ci: update codeql config by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6488">expressjs/express#6488</a></li>
<li>chore: wider range for query test skip by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6512">expressjs/express#6512</a></li>
<li>chore: fix typos in test by <a
href="https://github.com/noritaka1166"><code>@​noritaka1166</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6535">expressjs/express#6535</a></li>
<li>ci: disable credential persistence for checkout actions by <a
href="https://github.com/mertssmnoglu"><code>@​mertssmnoglu</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6522">expressjs/express#6522</a></li>
<li>ci: allow manual triggering of workflow by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6515">expressjs/express#6515</a></li>
<li>test: add coverage for app.listen() variants by <a
href="https://github.com/kgarg1"><code>@​kgarg1</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6476">expressjs/express#6476</a></li>
<li>docs: move documentation and charters to the discussions and .github
… by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6427">expressjs/express#6427</a></li>
<li>build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6549">expressjs/express#6549</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6548">expressjs/express#6548</a></li>
<li>chore: enforce explicit <code>Buffer</code> import and add lint rule
by <a href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6525">expressjs/express#6525</a></li>
<li>chore: use node protocol for querystring by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6520">expressjs/express#6520</a></li>
<li>chore: fix typo by <a
href="https://github.com/mountdisk"><code>@​mountdisk</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6609">expressjs/express#6609</a></li>
<li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6618">expressjs/express#6618</a></li>
<li>add deprecation warnings for redirect arguments undefined by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6405">expressjs/express#6405</a></li>
<li>ci: run CI when the markdown changes by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6632">expressjs/express#6632</a></li>
<li>doc: fix CONTRIBUTING link by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6653">expressjs/express#6653</a></li>
<li>doc: update contributing guidelines and code of conduct links by <a
href="https://github.com/ShubhamOulkar"><code>@​ShubhamOulkar</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6601">expressjs/express#6601</a></li>
<li>build(deps-dev): bump morgan from 1.10.0 to 1.10.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6679">expressjs/express#6679</a></li>
<li>build(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6678">expressjs/express#6678</a></li>
<li>lint: add --fix flag to automatic fix linting issue by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6644">expressjs/express#6644</a></li>
<li>chore: ignore yarn.lock file and update example by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6588">expressjs/express#6588</a></li>
<li>lib: use req.socket over deprecated req.connection by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6705">expressjs/express#6705</a></li>
<li>doc: update express app example by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6718">expressjs/express#6718</a></li>
<li>build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6675">expressjs/express#6675</a></li>
<li>Remove history.md from being packaged on publish by <a
href="https://github.com/sheplu"><code>@​sheplu</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6780">expressjs/express#6780</a></li>
<li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6797">expressjs/express#6797</a></li>
<li>build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6796">expressjs/express#6796</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6795">expressjs/express#6795</a></li>
<li>build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6794">expressjs/express#6794</a></li>
<li>build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6793">expressjs/express#6793</a></li>
<li>ci: add node.js 25 to test matrix by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6843">expressjs/express#6843</a></li>
<li>build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6871">expressjs/express#6871</a></li>
<li>build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6870">expressjs/express#6870</a></li>
<li>build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6869">expressjs/express#6869</a></li>
<li>build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6868">expressjs/express#6868</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/master/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>5.2.0 / 2025-12-01</h1>
<ul>
<li>Security fix for <a
href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a>
(<a
href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li>
<li>deps: <code>body-parser@^2.2.1</code></li>
<li>A deprecation warning was added when using <code>res.redirect</code>
with undefined arguments, Express now emits a warning to help detect
calls that pass undefined as the status or URL and make them easier to
fix.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/4007ad103ba29f6426b2ec9eccfb1ceb792682a8"><code>4007ad1</code></a>
Release: 5.2.0 (<a
href="https://redirect.github.com/expressjs/express/issues/6920">#6920</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/2f64f68c37c64ae333e41ff38032d21860f22255"><code>2f64f68</code></a>
sec: security patch for CVE-2024-51999</li>
<li><a
href="https://github.com/expressjs/express/commit/ed0ba3f1dc905d6b62eabf23bd383abcae4901ba"><code>ed0ba3f</code></a>
build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/expressjs/express/issues/6928">#6928</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/8eace4603cb2547608578a4fbb259dc984216f71"><code>8eace46</code></a>
build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (<a
href="https://redirect.github.com/expressjs/express/issues/6929">#6929</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/30bae810279b2ea162bed5b14ce6c35a110a87f5"><code>30bae81</code></a>
build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (<a
href="https://redirect.github.com/expressjs/express/issues/6930">#6930</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/758d4355d45322b4c8cd347ebcefbf3b154c7e7f"><code>758d435</code></a>
deps: body-parser@^2.2.1 (<a
href="https://redirect.github.com/expressjs/express/issues/6922">#6922</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/77bcd5274a87047e5b3fe2f17f6c342db3909c53"><code>77bcd52</code></a>
docs: update emeritus triagers (<a
href="https://redirect.github.com/expressjs/express/issues/6890">#6890</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/f33caf1f89a028f0ea98ff5a156a68e65a2eabdd"><code>f33caf1</code></a>
Nominate to <a
href="https://github.com/efekrskl"><code>@​efekrskl</code></a> for
triage team (<a
href="https://redirect.github.com/expressjs/express/issues/6888">#6888</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/54af593b739ea44674e4a445efa15b8024f093da"><code>54af593</code></a>
refactor: use cached slice in app.listen (<a
href="https://redirect.github.com/expressjs/express/issues/6897">#6897</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/2551a7d8afd82e41b9282bd0235190a847a59f44"><code>2551a7d</code></a>
docs: switch badges from badgen.net to shields.io (<a
href="https://redirect.github.com/expressjs/express/issues/6900">#6900</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/expressjs/express/compare/v5.1.0...v5.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/github-aws-runners/terraform-aws-github-runner/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    5206e93 View commit details
    Browse the repository at this point in the history

  8. chore(lambda): bump the vite group in /lambdas with 2 updates (#4927) 

    Bumps the vite group in /lambdas with 2 updates:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).

Updates `vite` from 7.2.2 to 7.2.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.2.4</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.2.4/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v7.2.3</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.2.3/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.2.3...v7.2.4">7.2.4</a>
(2025-11-20)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li>revert &quot;perf(deps): replace debug with obug (<a
href="https://redirect.github.com/vitejs/vite/issues/21107">#21107</a>)&quot;
(<a
href="https://github.com/vitejs/vite/commit/2d66b7b14aa6dfd62f3d6a59ee8382ed5ca6fd32">2d66b7b</a>)</li>
</ul>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.2.2...v7.2.3">7.2.3</a>
(2025-11-20)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li>allow multiple <code>bindCLIShortcuts</code> calls with shortcut
merging (<a
href="https://redirect.github.com/vitejs/vite/issues/21103">#21103</a>)
(<a
href="https://github.com/vitejs/vite/commit/5909efd8fbfd1bf1eab65427aea0613124b2797a">5909efd</a>)</li>
<li><strong>deps:</strong> update all non-major dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/21096">#21096</a>)
(<a
href="https://github.com/vitejs/vite/commit/6a34ac3422686e7cf7cc9a25d299cb8e5a8d92a0">6a34ac3</a>)</li>
<li><strong>deps:</strong> update all non-major dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/21128">#21128</a>)
(<a
href="https://github.com/vitejs/vite/commit/4f8171eb3046bd70c83964689897dab4c6b58bc0">4f8171e</a>)</li>
</ul>
<h3>Performance Improvements</h3>
<ul>
<li><strong>deps:</strong> replace debug with obug (<a
href="https://redirect.github.com/vitejs/vite/issues/21107">#21107</a>)
(<a
href="https://github.com/vitejs/vite/commit/acfe939e1f7c303c34b0b39b883cc302da767fa2">acfe939</a>)</li>
</ul>
<h3>Miscellaneous Chores</h3>
<ul>
<li><strong>deps:</strong> update dependency
<code>@​rollup/plugin-commonjs</code> to v29 (<a
href="https://redirect.github.com/vitejs/vite/issues/21099">#21099</a>)
(<a
href="https://github.com/vitejs/vite/commit/02ceaec45e17bef19159188a28d9196fed1761be">02ceaec</a>)</li>
<li><strong>deps:</strong> update rolldown-related dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/21095">#21095</a>)
(<a
href="https://github.com/vitejs/vite/commit/39a0a15fd24ed37257c48b795097a3794e54d255">39a0a15</a>)</li>
<li><strong>deps:</strong> update rolldown-related dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/21127">#21127</a>)
(<a
href="https://github.com/vitejs/vite/commit/50297208452241061cb44d09a4bbdf77a11ac01e">5029720</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite/commit/24a611f1c83a976d32262628d42f683609746635"><code>24a611f</code></a>
release: v7.2.4</li>
<li><a
href="https://github.com/vitejs/vite/commit/2d66b7b14aa6dfd62f3d6a59ee8382ed5ca6fd32"><code>2d66b7b</code></a>
fix: revert &quot;perf(deps): replace debug with obug (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21107">#21107</a>)&quot;</li>
<li><a
href="https://github.com/vitejs/vite/commit/a668014dba377c2b82a32d8124f1761e9ea74f82"><code>a668014</code></a>
release: v7.2.3</li>
<li><a
href="https://github.com/vitejs/vite/commit/acfe939e1f7c303c34b0b39b883cc302da767fa2"><code>acfe939</code></a>
perf(deps): replace debug with obug (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21107">#21107</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/4f8171eb3046bd70c83964689897dab4c6b58bc0"><code>4f8171e</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21128">#21128</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/50297208452241061cb44d09a4bbdf77a11ac01e"><code>5029720</code></a>
chore(deps): update rolldown-related dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21127">#21127</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/5909efd8fbfd1bf1eab65427aea0613124b2797a"><code>5909efd</code></a>
fix: allow multiple <code>bindCLIShortcuts</code> calls with shortcut
merging (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21103">#21103</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/39a0a15fd24ed37257c48b795097a3794e54d255"><code>39a0a15</code></a>
chore(deps): update rolldown-related dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21095">#21095</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/6a34ac3422686e7cf7cc9a25d299cb8e5a8d92a0"><code>6a34ac3</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21096">#21096</a>)</li>
<li><a
href="https://github.com/vitejs/vite/commit/02ceaec45e17bef19159188a28d9196fed1761be"><code>02ceaec</code></a>
chore(deps): update dependency <code>@​rollup/plugin-commonjs</code> to
v29 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21099">#21099</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v7.2.4/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `vitest` from 4.0.13 to 4.0.14
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.14</h2>
<h3>   🚀 Experimental Features</h3>
<ul>
<li><strong>browser</strong>: Expose
<code>utils.configurePrettyDOM</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9103">vitest-dev/vitest#9103</a>
<a href="https://github.com/vitest-dev/vitest/commit/2cc34e0d4"><!-- raw
HTML omitted -->(2cc34)<!-- raw HTML omitted --></a></li>
<li><strong>runner</strong>: Add full names to tasks  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9087">vitest-dev/vitest#9087</a>
<a href="https://github.com/vitest-dev/vitest/commit/821aa2002"><!-- raw
HTML omitted -->(821aa)<!-- raw HTML omitted --></a></li>
<li><strong>ui</strong>: Add tabbed failure view for
<code>toMatchScreenshot</code> with comparison slider  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8813">vitest-dev/vitest#8813</a>
<a href="https://github.com/vitest-dev/vitest/commit/c37c2eb0b"><!-- raw
HTML omitted -->(c37c2)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Externalize before caching  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9077">vitest-dev/vitest#9077</a>
<a href="https://github.com/vitest-dev/vitest/commit/e1b2e086a"><!-- raw
HTML omitted -->(e1b2e)<!-- raw HTML omitted --></a></li>
<li>Collect the duration of external imports  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9097">vitest-dev/vitest#9097</a>
<a href="https://github.com/vitest-dev/vitest/commit/3326cc9f4"><!-- raw
HTML omitted -->(3326c)<!-- raw HTML omitted --></a></li>
<li>Rename <code>collect</code> to <code>import</code>, remove
<code>prepare</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9091">vitest-dev/vitest#9091</a>
<a href="https://github.com/vitest-dev/vitest/commit/1256b5ca3"><!-- raw
HTML omitted -->(1256b)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>:
<ul>
<li>Unsubscribe <code>onCancel</code> on rpc destroy  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9088">vitest-dev/vitest#9088</a>
<a href="https://github.com/vitest-dev/vitest/commit/f5b72374b"><!-- raw
HTML omitted -->(f5b72)<!-- raw HTML omitted --></a></li>
<li>Revert the viewport scaling in non-ui mode <a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9018">#9018</a>
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9072">vitest-dev/vitest#9072</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9018">vitest-dev/vitest#9018</a>
<a href="https://github.com/vitest-dev/vitest/commit/64502a2c4"><!-- raw
HTML omitted -->(64502)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>coverage</strong>:
<ul>
<li>Invalidate circular modules correctly on rerun with coverage  -  by
<a href="https://github.com/aicest"><code>@​aicest</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9096">vitest-dev/vitest#9096</a>
<a href="https://github.com/vitest-dev/vitest/commit/6f22c675f"><!-- raw
HTML omitted -->(6f22c)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>expect</strong>:
<ul>
<li>Allow function as standard schema  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9099">vitest-dev/vitest#9099</a>
<a href="https://github.com/vitest-dev/vitest/commit/ed8a2ebbd"><!-- raw
HTML omitted -->(ed8a2)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>jsdom</strong>:
<ul>
<li>Reuse abort signals if possible  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9090">vitest-dev/vitest#9090</a>
<a href="https://github.com/vitest-dev/vitest/commit/2c468ee95"><!-- raw
HTML omitted -->(2c468)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>pool</strong>:
<ul>
<li>Init <code>VITEST_POOL_ID</code> + <code>VITEST_WORKER_ID</code>
before environment setup  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9085">vitest-dev/vitest#9085</a>
<a href="https://github.com/vitest-dev/vitest/commit/379185b40"><!-- raw
HTML omitted -->(37918)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>web-worker</strong>:
<ul>
<li><code>postMessage</code> to send ports to workers  -  by <a
href="https://github.com/whitphx"><code>@​whitphx</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9078">vitest-dev/vitest#9078</a>
<a href="https://github.com/vitest-dev/vitest/commit/9d1763d11"><!-- raw
HTML omitted -->(9d176)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h3>   🏎 Performance</h3>
<ul>
<li>Replace <code>debug</code> with <code>obug</code>  -  by <a
href="https://github.com/sxzz"><code>@​sxzz</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9057">vitest-dev/vitest#9057</a>
<a href="https://github.com/vitest-dev/vitest/commit/acc5152b9"><!-- raw
HTML omitted -->(acc51)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.13...v4.0.14">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/9ca74cfb2060d8bc1c7a319ba3cba1578517adb0"><code>9ca74cf</code></a>
chore: release v4.0.14</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/821aa20021111de63a71e8a9c69eb9188d6e409a"><code>821aa20</code></a>
feat(runner): Add full names to tasks (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9087">#9087</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/1256b5ca34a36d3a29479d5dfddb129348964d80"><code>1256b5c</code></a>
fix: rename <code>collect</code> to <code>import</code>, remove
<code>prepare</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9091">#9091</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/3326cc9f43f102322f3c627590d103d8a3890dd5"><code>3326cc9</code></a>
fix: collect the duration of external imports (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9097">#9097</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/379185b408baba90ec91540b5e7cf545a4527f1a"><code>379185b</code></a>
fix(pool): init <code>VITEST_POOL_ID</code> +
<code>VITEST_WORKER_ID</code> before environment setu...</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/2c468ee95ee1d42129f59665eabc563e34dae1e4"><code>2c468ee</code></a>
fix(jsdom): reuse abort signals if possible (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9090">#9090</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e1b2e086a40ce154ae11714fa71749ec21b1ac23"><code>e1b2e08</code></a>
fix: externalize before caching (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9077">#9077</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/acc5152b9690992e3ac0cff691db4347f2dccdf9"><code>acc5152</code></a>
perf: replace <code>debug</code> with <code>obug</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9057">#9057</a>)</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    0adfc3a View commit details
    Browse the repository at this point in the history

  9. chore: fix multiple typos (#4889) 

    Hi,
I finally cloned the repo and will create one big PR for the rest of my
typo fixes. Editing via github web UI does not scale for either of us. 😅

Leaving this as draft until I managed to go through the whole
documentation.

Cheers
Pascal

---------

Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
    @pascal-hofmann @npalm
    pascal-hofmann and npalm authored Dec 6, 2025
    Configuration menu
    Copy the full SHA
    dbfc5ae View commit details
    Browse the repository at this point in the history

Commits on Dec 12, 2025

  1. feat(control-plane)!: add support for handling multiple events in a s… 

    …ingle invocation (#4603)

Currently we restrict the `scale-up` Lambda to only handle a single
event at a time. In very busy environments this can prove to be a
bottleneck: there are calls to GitHub and AWS APIs that happen each
time, and they can end up taking long enough that we can't process job
queued events faster than they arrive.

In our environment we are also using a pool, and typically we have
responded to the alerts generated by this (SQS queue length growing) by
expanding the size of the pool. This helps because we will more
frequently find that we don't need to scale up, which allows the lambdas
to exit a bit earlier, so we can get through the queue faster. But it
makes the environment much less responsive to changes in usage patterns.

At its core, this Lambda's task is to construct an EC2 `CreateFleet`
call to create instances, after working out how many are needed. This is
a job that can be batched. We can take any number of events, calculate
the diff between our current state and the number of jobs we have,
capping at the maximum, and then issue a single call.

The thing to be careful about is how to handle partial failures, if EC2
creates some of the instances we wanted but not all of them. Lambda has
a configurable function response type which can be set to
`ReportBatchItemFailures`. In this mode, we return a list of failed
messages from our handler and those are retried. We can make use of this
to give back as many events as we failed to process.

Now we're potentially processing multiple events in a single Lambda, one
thing we should optimise for is not recreating GitHub API clients. We
need one client for the app itself, which we use to find out
installation IDs, and then one client for each installation which is
relevant to the batch of events we are processing. This is done by
creating a new client the first time we see an event for a given
installation.

We also remove the same `batch_size = 1` constraint from the `job-retry`
Lambda. This Lambda is used to retry events that previously failed.
However, instead of reporting failures to be retried, here we maintain
the pre-existing fault-tolerant behaviour where errors are logged but
explicitly do not cause message retries, avoiding infinite loops from
persistent GitHub API issues or malformed events.

Tests are added for all of this.

Tests in a private repo (sorry) look good. This was running ephemeral
runners with no pool, SSM high throughput enabled, the job queued check
\_dis_abled, batch size of 200, wait time of 10 seconds. The workflow
runs are each a matrix with 250 jobs.


![image](https://github.com/user-attachments/assets/0a656e99-8f1e-45e2-924b-0d5c1b6d6afb)

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
Co-authored-by: Niek Palm <niek.palm@philips.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
    @iainlane @npalm
    @dependabot @github-actions
    5 people committed Dec 12, 2025
    Configuration menu
    Copy the full SHA
    3937ec3 View commit details
    Browse the repository at this point in the history

  2. feat!: Upgrade lambda runtime to Node24.x (#4911) 

    Upgrade to Lambda runtime Node24.x
- Upgrade minimal AWS Terraform provider
- Upgrade all lambda runtimes by default to 24x
- Breaking change!


## Dependency and environment upgrades:

* Updated all references to Node.js from version 22 to version 24 in
GitHub Actions workflows (`.github/workflows/lambda.yml`,
`.github/workflows/release.yml`) and Dockerfiles (`.ci/Dockerfile`,
`.devcontainer/Dockerfile`).
[[1]](diffhunk://#diff-b0732b88b9e5a3df48561602571a10179d2b28cbb21ba8032025932bc9606426L23-R23)
[[2]](diffhunk://#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34L33-R33)
[[3]](diffhunk://#diff-fd0c8401badda82156f9e7bd621fa3a0e586d8128e4a80af17c7cbff70bee11eL2-R2)
[[4]](diffhunk://#diff-13bd9d7a30bf46656bc81f1ad5b908a627f9247be3f7d76df862b0578b534fc6L1-R1)
* Upgraded the base Docker images for both the CI and devcontainer
environments to use newer Node.js image digests.
[[1]](diffhunk://#diff-fd0c8401badda82156f9e7bd621fa3a0e586d8128e4a80af17c7cbff70bee11eL2-R2)
[[2]](diffhunk://#diff-13bd9d7a30bf46656bc81f1ad5b908a627f9247be3f7d76df862b0578b534fc6L1-R1)

Terraform provider updates:

* Increased the minimum required version for the AWS Terraform provider
to `>= 6.21` in all example `versions.tf` files.
[[1]](diffhunk://#diff-61160e0ae9e70de675b98889710708e1a9edcccd5194a4a580aa234caa5103aeL5-R5)
[[2]](diffhunk://#diff-debb96ea7aef889f9deb4de51c61ca44a7e23832098e1c9d8b09fa54b1a96582L5-R5)
* Updated the `.terraform.lock.hcl` files in all examples to lock the
AWS provider at version `6.22.1`, the local provider at `2.6.1`, and the
null provider at `3.2.4` where applicable, along with updated hash
values and constraints.
[[1]](diffhunk://#diff-101dfb4a445c2ab4a46c53cbc92db3a43f3423ba1e8ee7b8a11b393ebe835539L5-R43)
[[2]](diffhunk://#diff-2a8b3082767f86cfdb88b00e963894a8cdd2ebcf705c8d757d46b55a98452a6cL5-R43)

---------

Co-authored-by: github-aws-runners-pr|bot <github-aws-runners-pr[bot]@users.noreply.github.com>
Co-authored-by: Guilherme Caulada <guilherme.caulada@gmail.com>
    @npalm @guicaulada
    3 people committed Dec 12, 2025
    Configuration menu
    Copy the full SHA
    682289e View commit details
    Browse the repository at this point in the history

  3. fix!: remove deprecated terraform variables (#4945) 

    This pull request removes support for several deprecated AMI-related
variables across all modules, fully migrating the configuration to the
consolidated `ami` object. This change simplifies how AMI settings are
managed, improves consistency, and reduces confusion for users. All
references to the old variables (`ami_filter`, `ami_owners`,
`ami_id_ssm_parameter_name`, `ami_kms_key_arn`) have been removed from
module inputs, outputs, templates, documentation, and internal logic.

**Migration to consolidated AMI configuration:**

* Removed all deprecated AMI variables (`ami_filter`, `ami_owners`,
`ami_id_ssm_parameter_name`, `ami_kms_key_arn`) from module variable
definitions, outputs, and internal usage in `variables.tf`,
`outputs.tf`, and related files.
[[1]](diffhunk://#diff-05b5a57c136b6ff596500bcbfdcff145ef6cddea2a0e86d184d9daa9a65a288eL396-L424)
[[2]](diffhunk://#diff-23e8f44c0f21971190244acdb8a35eaa21af7578ed5f1b97bef83f1a566d979cL138-L165)
[[3]](diffhunk://#diff-de6c47c2496bd028a84d55ab12d8a4f90174ebfb6544b8b5c7b07a7ee4f27ec7L78-L90)
[[4]](diffhunk://#diff-2daea3e8167ce5d859f6f1bee08138dbe216003262325490e8b90477277c104aL70-L89)
[[5]](diffhunk://#diff-52d0673ff466b6445542e17038ea73a1cf41b8112f49ee57da4cebf8f0cb99c5L73-R73)
[[6]](diffhunk://#diff-52d0673ff466b6445542e17038ea73a1cf41b8112f49ee57da4cebf8f0cb99c5L186-L187)
[[7]](diffhunk://#diff-951f6bd1e32c3d27dd90e2dfb1f5232a704ef01fd925f3ee4323d6adc2dcdf5aL15-L20)
[[8]](diffhunk://#diff-3937b99021390c0192952207dd2e26a409e0c03446478fb09ac3cd360bb60ee5L9-L14)
* Updated example and documentation files to use the new `ami` object
structure, replacing previous usage of the deprecated variables.
[[1]](diffhunk://#diff-ef2038e9f8d807236d2acebe3c3a191039f8021cc4a0188f4778de908f0d453bL36-R40)
[[2]](diffhunk://#diff-ef2038e9f8d807236d2acebe3c3a191039f8021cc4a0188f4778de908f0d453bL52-R57)
[[3]](diffhunk://#diff-0a0d2ecd774e69a1397a913b6230f45692b49c0b17ccb103d318f6ab078353e2L48-R51)
[[4]](diffhunk://#diff-b2b9df08c45240d599f6260d246bad6e67129932174131db209341d8464247a8L18-R19)
[[5]](diffhunk://#diff-61032a0bb5f9d7ae65ba5155b2e58e12901f39bb7068f16b419d94c6f7a5b922L86-R89)
* Refactored module runner logic to only use the new `ami` object,
removing all fallback and compatibility code for the old variables.
[[1]](diffhunk://#diff-dc46acf24afd63ef8c556b77c126ccc6e578bc87e3aa09a931f33d9bf2532fbbL182-L185)
[[2]](diffhunk://#diff-57f00cdf57feef92ffcb35d6618e62e14ad652d5d520f331068332d5f3cade51L30-L32)
[[3]](diffhunk://#diff-e9624b388e62ca51cf1fe073eb0919588e8c36a1143ecdb49580996a89f13bebL40-R51)
* Updated internal references to AMI SSM parameter names and related
policies to use the new configuration, ensuring all resource and
environment variable logic is aligned with the consolidated approach.
[[1]](diffhunk://#diff-bc00c0efa92f360635d026350da2fb775718514e2b1ae718281400e661b7469bL13-R13)
[[2]](diffhunk://#diff-bc00c0efa92f360635d026350da2fb775718514e2b1ae718281400e661b7469bL28-R28)
[[3]](diffhunk://#diff-5921c9e3315946068538b290966e7e4e51b6e49d04c2466b0bdd4b298629b29dL56-R57)
[[4]](diffhunk://#diff-a598ba79d09e4770d55ed09e6b1d51e68c4a54562a3e3cbb46619d625a609d23L28-R28)
[[5]](diffhunk://#diff-a598ba79d09e4770d55ed09e6b1d51e68c4a54562a3e3cbb46619d625a609d23L151-R151)

With these updates, all AMI configuration is now handled through the
unified `ami` object, making runner setup more straightforward and
future-proof.


## Tested

- [x] default example
- [x] multi runner example

---------

Co-authored-by: github-aws-runners-pr|bot <github-aws-runners-pr[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
    @npalm
    3 people committed Dec 12, 2025
    Configuration menu
    Copy the full SHA
    8afc75c View commit details
    Browse the repository at this point in the history

  4. feat: add support to use placement group in launch template (#4929) 

    ## Description

This PR adds support for configuring EC2 placement groups for GitHub
Actions runners in the multi-runner module. It plumbs a new placement
option from the runner configuration through to the underlying EC2
runner module.

## Details

Updated modules/multi-runner/runners.tf to pass placement =
each.value.runner_config.placement into the runners module.
This allows specifying AWS placement groups for EC2 runners, enabling
tighter control over instance placement.
The change is backwards compatible: if placement is unset in
runner_config, behavior remains unchanged.

## Motivation / Future work

Placement groups are a prerequisite for supporting macOS runners, which
require a host_id.
A follow-up PR will add explicit macOS support leveraging this new
placement wiring.

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
    @edersonbrilhante @github-actions @npalm
    3 people committed Dec 12, 2025
    Configuration menu
    Copy the full SHA
    36b7b3e View commit details
    Browse the repository at this point in the history

Commits on Dec 13, 2025

  1. fix(lambda): bump the aws group in /lambdas with 6 updates 

    Bumps the aws group in /lambdas with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-ec2](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ec2) | `3.940.0` | `3.943.0` |
| [@aws-sdk/client-ssm](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ssm) | `3.940.0` | `3.943.0` |
| [@aws-sdk/client-sqs](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sqs) | `3.940.0` | `3.943.0` |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.940.0` | `3.943.0` |
| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage) | `3.940.0` | `3.943.0` |
| [@aws-sdk/client-eventbridge](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-eventbridge) | `3.940.0` | `3.943.0` |


Updates `@aws-sdk/client-ec2` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ec2/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/clients/client-ec2)

Updates `@aws-sdk/client-ssm` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ssm/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/clients/client-ssm)

Updates `@aws-sdk/client-sqs` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-sqs/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/clients/client-sqs)

Updates `@aws-sdk/client-s3` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/clients/client-s3)

Updates `@aws-sdk/lib-storage` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/lib/lib-storage)

Updates `@aws-sdk/client-eventbridge` from 3.940.0 to 3.943.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-eventbridge/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.943.0/clients/client-eventbridge)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-ec2"
  dependency-version: 3.943.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: "@aws-sdk/client-ssm"
  dependency-version: 3.943.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: "@aws-sdk/client-sqs"
  dependency-version: 3.943.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.943.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: "@aws-sdk/lib-storage"
  dependency-version: 3.943.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: aws
- dependency-name: "@aws-sdk/client-eventbridge"
  dependency-version: 3.943.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: aws
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot @npalm
    dependabot[bot] authored and npalm committed Dec 13, 2025
    Configuration menu
    Copy the full SHA
    bf39fbc View commit details
    Browse the repository at this point in the history

  2. fix: remove invalid inputs for submodule direct (#4947) 

    When I was running terragrunt plan in my deployment I noticed this
warning

```
15:25:46.900 STDOUT tofu: │
15:25:46.900 STDOUT tofu: │   on .terraform/modules/ec2_runners.runners/modules/webhook/webhook.tf line 59, in module "direct":
15:25:46.900 STDOUT tofu: │   54:   config = {
15:25:46.900 STDOUT tofu: │   55:     lambda_subnet_ids                     = var.lambda_subnet_ids,
15:25:46.901 STDOUT tofu: │   56:     lambda_security_group_ids             = var.lambda_security_group_ids,
15:25:46.901 STDOUT tofu: │   57:     prefix                                = var.prefix,
15:25:46.901 STDOUT tofu: │   58:     tags                                  = var.tags,
15:25:46.901 STDOUT tofu: │   59:     runner_matcher_config                 = var.runner_matcher_config,
15:25:46.901 STDOUT tofu: │   60:     sqs_job_queues_arns                   = [for k, v in var.runner_matcher_config : v.arn]
15:25:46.901 STDOUT tofu: │   61:     lambda_zip                            = var.lambda_zip,
15:25:46.901 STDOUT tofu: │   62:     lambda_memory_size                    = var.lambda_memory_size,
15:25:46.901 STDOUT tofu: │   63:     lambda_timeout                        = var.lambda_timeout,
15:25:46.901 STDOUT tofu: │   64:     role_permissions_boundary             = var.role_permissions_boundary,
15:25:46.901 STDOUT tofu: │   65:     role_path                             = local.role_path,
15:25:46.901 STDOUT tofu: │   66:     logging_retention_in_days             = var.logging_retention_in_days,
15:25:46.901 STDOUT tofu: │   67:     logging_kms_key_id                    = var.logging_kms_key_id,
15:25:46.901 STDOUT tofu: │   68:     lambda_s3_bucket                      = var.lambda_s3_bucket,
15:25:46.901 STDOUT tofu: │   69:     lambda_s3_key                         = var.webhook_lambda_s3_key,
15:25:46.901 STDOUT tofu: │   70:     lambda_s3_object_version              = var.webhook_lambda_s3_object_version,
15:25:46.901 STDOUT tofu: │   71:     lambda_apigateway_access_log_settings = var.webhook_lambda_apigateway_access_log_settings,
15:25:46.901 STDOUT tofu: │   72:     repository_white_list                 = var.repository_white_list,
15:25:46.901 STDOUT tofu: │   73:     kms_key_arn                           = var.kms_key_arn,
15:25:46.902 STDOUT tofu: │   74:     log_level                             = var.log_level,
15:25:46.902 STDOUT tofu: │   75:     lambda_runtime                        = var.lambda_runtime,
15:25:46.902 STDOUT tofu: │   76:     aws_partition                         = var.aws_partition,
15:25:46.902 STDOUT tofu: │   77:     lambda_architecture                   = var.lambda_architecture,
15:25:46.902 STDOUT tofu: │   78:     github_app_parameters                 = var.github_app_parameters,
15:25:46.902 STDOUT tofu: │   79:     tracing_config                        = var.tracing_config,
15:25:46.902 STDOUT tofu: │   80:     lambda_tags                           = var.lambda_tags,
15:25:46.902 STDOUT tofu: │   81:     matcher_config_parameter_store_tier   = var.matcher_config_parameter_store_tier,
15:25:46.902 STDOUT tofu: │   82:     api_gw_source_arn                     = "${aws_apigatewayv2_api.webhook.execution_arn}/*/*/${local.webhook_endpoint}"
15:25:46.902 STDOUT tofu: │   83:     ssm_parameter_runner_matcher_config = [
15:25:46.902 STDOUT tofu: │   84:       for p in aws_ssm_parameter.runner_matcher_config : {
15:25:46.902 STDOUT tofu: │   85:         name    = p.name
15:25:46.902 STDOUT tofu: │   86:         arn     = p.arn
15:25:46.902 STDOUT tofu: │   87:         version = p.version
15:25:46.902 STDOUT tofu: │   88:       }
15:25:46.903 STDOUT tofu: │   89:     ]
15:25:46.903 STDOUT tofu: │   90:   }
15:25:46.903 STDOUT tofu: │
15:25:46.903 STDOUT tofu: │ The object type for input variable "config" does not include an attribute
15:25:46.903 STDOUT tofu: │ named "runner_matcher_config", so this definition is unused.
15:25:46.903 STDOUT tofu: │
15:25:46.903 STDOUT tofu: │ (and one more similar warning elsewhere)
```

This PR will remove invalid inputs when calling submodule direct in
webhook

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
    @edersonbrilhante @github-actions @npalm
    3 people authored Dec 13, 2025
    Configuration menu
    Copy the full SHA
    79f26d6 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump the github group with 3 updates (#4938) 

    Bumps the github group with 3 updates:
[actions/checkout](https://github.com/actions/checkout),
[actions/setup-node](https://github.com/actions/setup-node) and
[actions/stale](https://github.com/actions/stale).

Updates `actions/checkout` from 6.0.0 to 6.0.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update all references from v5 and v4 to v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
<li>Clarify v6 README by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a>
Clarify v6 README (<a
href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a>
Add worktree support for persist-credentials includeIf (<a
href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a>
Update all references from v5 and v4 to v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-node` from 6.0.0 to 6.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.0</h2>
<h2>What's Changed</h2>
<h3>Enhancement:</h3>
<ul>
<li>Remove always-auth configuration handling by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1436">actions/setup-node#1436</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> from 4.0.3 to 4.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1384">actions/setup-node#1384</a></li>
<li>Upgrade actions/checkout from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1439">actions/setup-node#1439</a></li>
<li>Upgrade js-yaml from 3.14.1 to 3.14.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1435">actions/setup-node#1435</a></li>
</ul>
<h3>Documentation update:</h3>
<ul>
<li>Add example for restore-only cache in documentation by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1419">actions/setup-node#1419</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v6...v6.1.0">https://github.com/actions/setup-node/compare/v6...v6.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/395ad3262231945c25e8478fd5baf05154b1d79f"><code>395ad32</code></a>
Bump js-yaml from 3.14.1 to 3.14.2 (<a
href="https://redirect.github.com/actions/setup-node/issues/1435">#1435</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/a4d2e2bbca97c78789c5b6f8b2092769fdd8005c"><code>a4d2e2b</code></a>
Bump actions/checkout from 5 to 6 (<a
href="https://redirect.github.com/actions/setup-node/issues/1439">#1439</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/b9b25d45f70a5d94d88496aa4896bf9ed8f49b67"><code>b9b25d4</code></a>
Remove always-auth configuration handling from action (<a
href="https://redirect.github.com/actions/setup-node/issues/1436">#1436</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/633bb92bc0aabcae06e8ea93b85aecddd374c402"><code>633bb92</code></a>
Bump <code>@​actions/cache</code> from 4.0.3 to 4.1.0 (<a
href="https://redirect.github.com/actions/setup-node/issues/1384">#1384</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/dda4788290998366da86b6a4f497909644397bb2"><code>dda4788</code></a>
Add example for restore-only cache in documentation (<a
href="https://redirect.github.com/actions/setup-node/issues/1419">#1419</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/2028fbc5c25fe9cf00d9f06a71cc4710d4507903...395ad3262231945c25e8478fd5baf05154b1d79f">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/stale` from 10.1.0 to 10.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/stale/releases">actions/stale's
releases</a>.</em></p>
<blockquote>
<h2>v10.1.1</h2>
<h2>What's Changed</h2>
<h3>Bug Fix</h3>
<ul>
<li>Add Missing Input Reading for <code>only-issue-types</code> by <a
href="https://github.com/Bibo-Joshi"><code>@​Bibo-Joshi</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1298">actions/stale#1298</a></li>
</ul>
<h3>Improvement</h3>
<ul>
<li>Improves error handling when rate limiting is disabled on GHES. by
<a
href="https://github.com/chiranjib-swain"><code>@​chiranjib-swain</code></a>
in <a
href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li>
</ul>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade eslint-config-prettier from 8.10.0 to 10.1.8 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1276">actions/stale#1276</a></li>
<li>Upgrade <code>@​types/node</code> from 20.10.3 to 24.2.0 and
document breaking changes in v10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1280">actions/stale#1280</a></li>
<li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1291">actions/stale#1291</a></li>
<li>Upgrade actions/checkout from 4 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/stale/pull/1306">actions/stale#1306</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/chiranjib-swain"><code>@​chiranjib-swain</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/stale/compare/v10...v10.1.1">https://github.com/actions/stale/compare/v10...v10.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/stale/commit/997185467fa4f803885201cee163a9f38240193d"><code>9971854</code></a>
build(deps): bump actions/checkout from 4 to 6 (<a
href="https://redirect.github.com/actions/stale/issues/1306">#1306</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/5611b9defa6b7799a950489b00163db69f7a3ece"><code>5611b9d</code></a>
build(deps): bump actions/publish-action from 0.3.0 to 0.4.0 (<a
href="https://redirect.github.com/actions/stale/issues/1291">#1291</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/fad0de84e50d1aba7b0236cdaf0ea98a43286849"><code>fad0de8</code></a>
Improves error handling when rate limiting is disabled on GHES. (<a
href="https://redirect.github.com/actions/stale/issues/1300">#1300</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/39bea7de61dd70ce4705a976f904f33d5e1e0f49"><code>39bea7d</code></a>
Add Missing Input Reading for <code>only-issue-types</code> (<a
href="https://redirect.github.com/actions/stale/issues/1298">#1298</a>)</li>
<li><a
href="https://github.com/actions/stale/commit/e46bbabb3ede15841d25946157759558dd16306e"><code>e46bbab</code></a>
build(deps-dev): bump <code>@​types/node</code> from 20.10.3 to 24.2.0
and document breakin...</li>
<li><a
href="https://github.com/actions/stale/commit/65d1d4804d3060875fff9f9fa8a49e27f71ce7f0"><code>65d1d48</code></a>
build(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 (<a
href="https://redirect.github.com/actions/stale/issues/1276">#1276</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-aws-runners-pr|bot <github-aws-runners-pr[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] and github-aws-runners-pr|bot authored Dec 13, 2025
    Configuration menu
    Copy the full SHA
    cc608a1 View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump step-security/harden-runner from 2.13.2 to 2.13.3 (#… 

    …4939)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.13.2 to 2.13.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed an issue where process events were not uploaded in certain
edge cases.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a>
from step-security/rc-29</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a>
fix: update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...df199fb7be9f65074067a9eb93f12bb4c5547cf2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.13.2&new-version=2.13.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-aws-runners-pr|bot <github-aws-runners-pr[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] and github-aws-runners-pr|bot authored Dec 13, 2025
    Configuration menu
    Copy the full SHA
    2ebbfae View commit details
    Browse the repository at this point in the history

Commits on Dec 15, 2025

  1. chore(main): release 7.0.0 (#4928)

    @runners-releaser
    runners-releaser[bot] authored Dec 15, 2025
    Configuration menu
    Copy the full SHA
    391a65f View commit details
    Browse the repository at this point in the history
Loading