fix(deps): update all non-major dependencies

[cu-infra-svc-git]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@aws-sdk/client-cloudwatch (source)	^3.879.0 → ^3.1023.0
@aws-sdk/client-ec2 (source)	^3.879.0 → ^3.1023.0
esbuild	^0.25.9 → ^0.28.0
eslint-plugin-prettier	^5.5.4 → ^5.5.5
jsii-diff (source)	^1.113.0 → ^1.127.0
jsii-pacmak (source)	^1.113.0 → ^1.127.0
jsii-release	^0.2.1013 → ^0.2.1039
prettier (source)	^3.6.2 → ^3.8.1
ts-jest (source)	^29.4.1 → ^29.4.9

---

Release Notes

aws/aws-sdk-js-v3 (@​aws-sdk/client-cloudwatch)

v3.1023.0

Compare Source

Features

• client-cloudwatch: CloudWatch now supports OTel enrichment to make vended metrics for supported AWS resources queryable via PromQL with resource ARN and tag labels, and PromQL alarms for metrics ingested via the OTLP endpoint with multi-contributor evaluation. (c34638a)

v3.1022.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1021.0

Compare Source

Bug Fixes

• codegen: sync for adaptive retry throttling detection fix (#​7905) (03f108d)

v3.1020.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1019.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1018.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1017.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1016.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1015.0

Compare Source

Bug Fixes

• core/protocols: use composite error registry for error handling, revert default error message to "UnknownError" (#​7877) (55f7726)

v3.1014.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1013.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1012.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1011.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1010.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1009.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1008.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1007.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1006.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1005.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1004.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1003.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1002.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1001.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.1000.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.999.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.998.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.997.0

Compare Source

Features

• client-cloudwatch: This release adds the APIs (PutAlarmMuteRule, ListAlarmMuteRules, GetAlarmMuteRule and DeleteAlarmMuteRule) to manage a new Cloudwatch resource, AlarmMuteRules. AlarmMuteRules allow customers to temporarily mute alarm notifications during expected downtime periods. (cc014d1)

v3.996.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.995.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.994.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.993.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.992.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.991.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.990.0

Compare Source

Features

• client-cloudwatch: Adding new evaluation states that provides information about the alarm evaluation process. Evaluation error Indicates configuration errors in alarm setup that require review and correction. Evaluation failure Indicates temporary CloudWatch issues. (5a085a8)

v3.989.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.988.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.987.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.986.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.985.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.984.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.983.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.982.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.981.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.980.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.978.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.975.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.974.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.972.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.971.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.970.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.969.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.968.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.967.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.966.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.965.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.964.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.962.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.958.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.957.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.956.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.955.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.954.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.953.0

Compare Source

Features

• clients: allow protocol selection by class constructor (#​7568) (5c5fd2e)

v3.952.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.949.0

Compare Source

Features

• client-cloudwatch: This release introduces two additional protocols AWS JSON 1.1 and Smithy RPC v2 CBOR, replacing the currently utilized one, AWSQuery. AWS SDKs will prioritize the protocol that is the most performant for each language. (82cfae7)

v3.948.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.947.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.946.0

Compare Source

Bug Fixes

• core/protocols: awsQueryCompatibility error structuring (#​7541) (ab68395)

v3.943.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.940.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.939.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.936.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.935.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.934.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.933.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.932.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.931.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.930.0

Compare Source

Features

• clients: use schema-serde in AWS Query & EC2 Query clients (#​7489) (e9b6da8)

v3.929.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.928.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.927.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.926.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.925.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.922.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.921.0

Compare Source

Features

• client-cloudwatch: Update endpoint ruleset parameters casing (fe5a3c2)

v3.920.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.919.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.918.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.917.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.916.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.914.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.913.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.911.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.910.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.908.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.907.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.906.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.901.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.899.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.896.0

Compare Source

Features

• client-cloudwatch: Fix default dualstack FIPS endpoints in AWS GovCloud(US) regions (b22faff)

v3.895.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.894.0

Compare Source

Features

• xml-builder: use DOMParser for browser XML parsing (#​7347) (af40250)

v3.893.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.891.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.890.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.888.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.887.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.886.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.885.0

Compare Source

Features

• client-cloudwatch: Added a new API - DescribeAlarmContributors API, to retrieve alarm contributors in ALARM state. Added support in DescribeAlarmHistory API to query alarm contributor history (de42572)

v3.883.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

v3.882.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-cloudwatch

aws/aws-sdk-js-v3 (@​aws-sdk/client-ec2)

v3.1023.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1022.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1021.0

Compare Source

Bug Fixes

• codegen: sync for adaptive retry throttling detection fix (#​7905) (03f108d)

v3.1020.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1019.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1018.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1017.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1016.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1015.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1014.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1013.0

Compare Source

Features

• client-ec2: Amazon EC2 Fleet instant mode now supports launching instances into Interruptible Capacity Reservations, enabling customers to use spare capacity shared by Capacity Reservation owners within their AWS Organization. (5ae4a55)

v3.1012.0

Compare Source

Features

• client-ec2: The DescribeInstanceTypes API now returns default connection tracking timeout values for TCP, UDP, and UDP stream via the new connectionTrackingConfiguration field on NetworkInfo. (0ee6f8d)

v3.1011.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1010.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1009.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1008.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1007.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1006.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1005.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1004.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1003.0

Compare Source

Features

• client-ec2: Added metadata field to CapacityAllocation. (d7cce1c)

v3.1002.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1001.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.1000.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-ec2

v3.999.0

Compare Source

Features

• client-ec2: Add c8id, m8id and hpc8a instance types. ([

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "before 2am on Monday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[socket-security]

Caution

Review the following alerts detected in dependencies.

According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Block		Recently published: npm @aws-sdk/client-cloudwatch published 6 hours ago Location: Package overview From: package.json → npm/@aws-sdk/client-cloudwatch@3.1028.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/client-cloudwatch@3.1028.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/client-codeartifact published 6 hours ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-codeartifact@3.1028.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/client-codeartifact@3.1028.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/client-cognito-identity published 6 hours ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-cognito-identity@3.1028.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/client-cognito-identity@3.1028.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/client-ec2 published 6 hours ago Location: Package overview From: package.json → npm/@aws-sdk/client-ec2@3.1028.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/client-ec2@3.1028.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/core published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/core@3.973.27 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/core@3.973.27. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-cognito-identity published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/credential-provider-cognito-identity@3.972.22 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-cognito-identity@3.972.22. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-env published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-env@3.972.25 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-env@3.972.25. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-http published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-http@3.972.27 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-http@3.972.27. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-ini published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-ini@3.972.29 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-ini@3.972.29. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-login published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-login@3.972.29 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-login@3.972.29. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-node published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-node@3.972.30 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-node@3.972.30. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-process published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-process@3.972.25 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-process@3.972.25. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-sso published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-sso@3.972.29 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-sso@3.972.29. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-provider-web-identity published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/credential-provider-web-identity@3.972.29 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-provider-web-identity@3.972.29. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/credential-providers published 6 hours ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/credential-providers@3.1028.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/credential-providers@3.1028.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/middleware-host-header published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/middleware-host-header@3.972.9 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/middleware-host-header@3.972.9. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/middleware-logger published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/middleware-logger@3.972.9 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/middleware-logger@3.972.9. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/middleware-recursion-detection published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/middleware-recursion-detection@3.972.10 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/middleware-recursion-detection@3.972.10. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/middleware-sdk-ec2 published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/middleware-sdk-ec2@3.972.19 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/middleware-sdk-ec2@3.972.19. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/middleware-user-agent published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/middleware-user-agent@3.972.29 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/middleware-user-agent@3.972.29. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/nested-clients published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/nested-clients@3.996.19 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/nested-clients@3.996.19. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/region-config-resolver published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/region-config-resolver@3.972.11 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/region-config-resolver@3.972.11. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/token-providers published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/token-providers@3.1026.0 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/token-providers@3.1026.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/types published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/types@3.973.7 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/types@3.973.7. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Block		Recently published: npm @aws-sdk/util-endpoints published 2 days ago Location: Package overview From: pnpm-lock.yaml → npm/jsii-release@0.2.1040 → npm/@aws-sdk/client-ec2@3.1028.0 → npm/@aws-sdk/client-cloudwatch@3.1028.0 → npm/@aws-sdk/util-endpoints@3.996.6 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@aws-sdk/util-endpoints@3.996.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
See 73 more rows in the dashboard

View full report