search

guardian / security-hq

Centralised security information for AWS accounts
https://security-hq.gutools.co.uk/
12 stars 4 forks source link

chore(deps): Bump the all group in /cdk with 5 updates #1117

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the all group in /cdk with 5 updates:

Package From To
@guardian/cdk 54.1.0 57.0.0
@guardian/eslint-config-typescript 9.0.3 10.0.0
@types/node 20.11.24 20.12.7
eslint 8.57.0 9.1.1
typescript 5.3.3 5.4.5

Updates @guardian/cdk from 54.1.0 to 57.0.0

Release notes

Sourced from @​guardian/cdk's releases.

v57.0.0

Major Changes

  • 7cc8591: BREAKING CHANGE:

    Users of the GuDatabaseInstance class now need to explicitly opt-in/out of DevX Backups via the devXBackups prop.

Minor Changes

  • 197228b: GuLambdaFunction uses JSON logging by default, for compatibility with ApplicationLogLevel

v56.0.3

Patch Changes

  • 89a22f1: Update aws-cdk to 2.136.1, aws-cdk-lib to 2.136.1, constructs to 10.3.0

v56.0.2

Patch Changes

  • a98acf3: Update aws-cdk to 2.134.0, aws-cdk-lib to 2.134.0, constructs to 10.3.0

v56.0.1

Patch Changes

  • 44788e5: Update aws-cdk to 2.132.0, aws-cdk-lib to 2.132.0, constructs to 10.3.0

v56.0.0

Major Changes

  • 5fead41: - Load balancers now add headers with information about the TLS version and cipher suite used during negotiation
    • Load balancers now drop invalid headers before forwarding requests to the target. Invalid headers are described as HTTP header names that do not conform to the regular expression [-A-Za-z0-9]+

Patch Changes

  • a551119: Apply the App tag to the launch template created in the EC2 App pattern.

  • de7c472: Update dependencies

  • e1f3751: Fixes a bug where this.app on a GuStack is always undefined, as it is never set.

    See guardian/cdk#1497.

v55.0.0

Major Changes

  • 6c5e701: Use PROD version of cognito-auth-lambdas instead of INFRA.

    We no longer update/use the INFRA version of cognito-auth-lambdas, although we won't be making any breaking changes to these lambdas there may be a situation if a user of CDK does not update for a long while, when they switch from INFRA to PROD they will suddenly receive a lot of updates to their lambdas.

    Users should take care to verify that any applications use Google Auth are still functional.

Changelog

Sourced from @​guardian/cdk's changelog.

57.0.0

Major Changes

  • 7cc8591: BREAKING CHANGE:

    Users of the GuDatabaseInstance class now need to explicitly opt-in/out of DevX Backups via the devXBackups prop.

Minor Changes

  • 197228b: GuLambdaFunction uses JSON logging by default, for compatibility with ApplicationLogLevel

56.0.3

Patch Changes

  • 89a22f1: Update aws-cdk to 2.136.1, aws-cdk-lib to 2.136.1, constructs to 10.3.0

56.0.2

Patch Changes

  • a98acf3: Update aws-cdk to 2.134.0, aws-cdk-lib to 2.134.0, constructs to 10.3.0

56.0.1

Patch Changes

  • 44788e5: Update aws-cdk to 2.132.0, aws-cdk-lib to 2.132.0, constructs to 10.3.0

56.0.0

Major Changes

  • 5fead41: - Load balancers now add headers with information about the TLS version and cipher suite used during negotiation
    • Load balancers now drop invalid headers before forwarding requests to the target. Invalid headers are described as HTTP header names that do not conform to the regular expression [-A-Za-z0-9]+

Patch Changes

  • a551119: Apply the App tag to the launch template created in the EC2 App pattern.

  • de7c472: Update dependencies

  • e1f3751: Fixes a bug where this.app on a GuStack is always undefined, as it is never set.

    See guardian/cdk#1497.

55.0.0

Major Changes

... (truncated)

Commits
  • 02695ec Bump package version (#2279)
  • 197228b add changeset that was missed in #2260 (#2277)
  • 7cc8591 feat!: Add DevX Backups support to RDS instance construct (#2276)
  • 5e59797 feat: GuLambdaFunction should use JSON logging by default (#2260)
  • f11bf2f Merge pull request #2275 from guardian/changeset-release/main
  • 70164c1 Empty commit to trigger build?
  • a5bb31c Bump package version
  • 67ae32e Merge pull request #2272 from guardian/dependabot/npm_and_yarn/types/node-20....
  • 47edf4a chore(deps): bump @​types/node from 20.12.3 to 20.12.7
  • 63bdb52 Merge pull request #2270 from guardian/dependabot/npm_and_yarn/aws-sdk-2.1596.0
  • Additional commits viewable in compare view


Updates @guardian/eslint-config-typescript from 9.0.3 to 10.0.0

Release notes

Sourced from @​guardian/eslint-config-typescript's releases.

@​guardian/eslint-config-typescript@​10.0.0

Major Changes

  • cc7aa7d: Requires curly braces in all circumstances.

    This should help reduce noise in diffs, and remove ambiguity about when you should use curly braces (and possibly when a block starts and ends), especially for people unfamiliar with the language.

    Note that this rule is fixable, so running eslint with the --fix flag will automatically update your code to comply with the new setting.

Patch Changes

  • Updated dependencies [cc7aa7d]
    • @​guardian/eslint-config@​8.0.0

@​guardian/eslint-config-typescript@​9.0.4

Patch Changes

  • 2e530a6: Update deps to @​typescript-eslint/eslint-plugin@​7.31 and @​typescript-eslint/parser@​7.31
Commits


Updates @types/node from 20.11.24 to 20.12.7

Commits


Updates eslint from 8.57.0 to 9.1.1

Release notes

Sourced from eslint's releases.

v9.1.1

Bug Fixes

  • a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

  • 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
  • 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
  • 4d11e56 feat: add name to eslint configs (#18289) (唯然)
  • 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
  • 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

  • 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
  • 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
  • 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
  • e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
  • 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

  • fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
  • 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
  • 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
  • 16b6a8b docs: Update README (GitHub Actions Bot)
  • df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
  • c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
  • e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
  • 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
  • 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

Build Related

  • 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

Chores

  • d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
  • 50d406d chore: package.json update for @​eslint/js release (Jenkins)
  • 155c71c chore: package.json update for @​eslint/js release (Jenkins)
  • 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
  • 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
  • 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
  • 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
  • 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
  • a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
  • 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
  • 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)

v9.0.0

Breaking Changes

  • b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
  • 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.1.1 - April 22, 2024

  • a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

  • d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
  • 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
  • 50d406d chore: package.json update for @​eslint/js release (Jenkins)
  • 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
  • 155c71c chore: package.json update for @​eslint/js release (Jenkins)
  • 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
  • 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
  • fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
  • 4d11e56 feat: add name to eslint configs (#18289) (唯然)
  • 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
  • 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
  • 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
  • e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
  • 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
  • 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
  • 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
  • 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
  • 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
  • 0db676f feat: add Intl in es6 globals (#18318) (唯然)
  • 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
  • 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
  • 16b6a8b docs: Update README (GitHub Actions Bot)
  • a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
  • df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
  • c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
  • 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
  • 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
  • e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
  • 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
  • 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)
  • 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

v9.0.0 - April 5, 2024

  • 19f9a89 chore: Update dependencies for v9.0.0 (#18275) (Nicholas C. Zakas)
  • 7c957f2 chore: package.json update for @​eslint/js release (Jenkins)
  • d73a33c chore: ignore /docs/v8.x in link checker (#18274) (Milos Djermanovic)
  • d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
  • e151050 docs: update get-started to the new @eslint/create-config (#18217) (唯然)
  • 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
  • 44a81c6 chore: upgrade knip (#18272) (Lars Kappert)
  • 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
  • 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
  • e80b60c chore: remove code for testing version selectors (#18266) (Milos Djermanovic)

... (truncated)

Commits


Updates typescript from 5.3.3 to 5.4.5

Release notes

Sourced from typescript's releases.

TypeScript 5.4.5

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4.4

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

... (truncated)

Commits
  • 27bcd4c Update LKG
  • 9f33bf1 🤖 Pick PR #58098 (Fix constraints of nested homomorph...) into release-5.4 (#...
  • 71b2f84 Bump version to 5.4.5 and LKG
  • 892936f 🤖 Pick PR #58083 (Don't propagate partial union/inter...) into release-5.4 (#...
  • 38a7c05 release-5.4: Always set node-version for setup-node (#58117)
  • b754fc3 🤖 Pick PR #57778 (fix type import check for default-i...) into release-5.4 (#...
  • 8eb3367 Bump version to 5.4.4 and LKG
  • de9096b 🤖 Pick PR #57871 (Divide-and-conquer strategy for int...) into release-5.4 (#...
  • 06aae98 🤖 Pick PR #57973 (Compare package.json paths with cor...) into release-5.4 (#...
  • 6d8134e 🤖 Pick PR #57637 (Fixed a regression related to deter...) into release-5.4 (#...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 6 months ago

Superseded by #1121.