fix(lambda): bump @middy/core from 6.4.5 to 7.1.2 in /lambdas

[dependabot]

Description

Bumps @middy/core from 6.4.5 to 7.1.2 in /lambdas.

This PR also updates the affected Lambda handlers to keep the AWS Powertools middleware wiring compatible with Middy v7, and adjusts the webhook config-loader test expectation to match the current combined matcher-config error output.

Test Plan

• Ran yarn nx run @aws-github-runner/webhook:test
• Ran yarn nx run-many --target=test --projects=@aws-github-runner/control-plane,@aws-github-runner/gh-agent-syncer,@aws-github-runner/termination-watcher,@aws-github-runner/webhook
• Ran yarn nx run-many --target=build --projects=@aws-github-runner/control-plane,@aws-github-runner/gh-agent-syncer,@aws-github-runner/termination-watcher,@aws-github-runner/webhook

Related Issues

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.

See the Details below.

License Issues

lambdas/functions/control-plane/package.json

Package	Version	License	Issue Type
@middy/core	^7.1.2	Null	Unknown License

lambdas/functions/gh-agent-syncer/package.json

Package	Version	License	Issue Type
@middy/core	^7.1.2	Null	Unknown License

lambdas/functions/termination-watcher/package.json

Package	Version	License	Issue Type
@middy/core	^7.1.2	Null	Unknown License

lambdas/functions/webhook/package.json

Package	Version	License	Issue Type
@middy/core	^7.1.2	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
npm/@middy/core	^7.1.2	Unknown	Unknown
npm/@middy/core	^7.1.2	Unknown	Unknown
npm/@middy/core	^7.1.2	Unknown	Unknown
npm/@middy/core	^7.1.2	Unknown	Unknown
npm/@middy/core	7.1.3	🟢 10	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned License 🟢 10 license file detected CII-Best-Practices 🟢 10 badge detected: Gold Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 10 branch protection is fully enabled on development and all release branches SAST 🟢 10 SAST tool is run on all commits CI-Tests 🟢 10 7 out of 7 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 29 contributing companies or organizations
npm/@middy/util	7.1.3	🟢 10	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned License 🟢 10 license file detected CII-Best-Practices 🟢 10 badge detected: Gold Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 10 branch protection is fully enabled on development and all release branches SAST 🟢 10 SAST tool is run on all commits CI-Tests 🟢 10 7 out of 7 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 29 contributing companies or organizations

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/functions/gh-agent-syncer/package.json
• lambdas/functions/termination-watcher/package.json
• lambdas/functions/webhook/package.json
• lambdas/yarn.lock

[npalm]

@dependabot rebase

[npalm]

Would be better to test this pr on a deployment due to major bump.

[npalm]

@dependabot rebase

[npalm]

@Brend-Smits @edersonbrilhante I have upgraded manual to Middy 7 with thanks to copilot. Tested (multi-runner) the changes including X-Ray. It looks working smooth. But the middy layer is crucial in Lambda. So would great if one of you can run a double check.

[dependabot]

A newer version of @​middy/core exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[npalm]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[npalm]

@copilot can you fix this pr?

[Copilot]

@copilot can you fix this pr?

Fixed in 8b38581. I updated the webhook test to match the current combined matcher-config error output and re-ran the affected lambda tests.