Skip to content

New: [AEA-6256] - StateMachine construct#604

Merged
tstephen-nhs merged 47 commits intomainfrom
aea-6256-cdk-statemachine
Mar 27, 2026
Merged

New: [AEA-6256] - StateMachine construct#604
tstephen-nhs merged 47 commits intomainfrom
aea-6256-cdk-statemachine

Conversation

@tstephen-nhs
Copy link
Copy Markdown
Contributor

@tstephen-nhs tstephen-nhs commented Mar 19, 2026

Summary

  • ✨ New Feature

Details

Reusable state machine construct
Note this is stacked on PR 547

@tstephen-nhs tstephen-nhs changed the title New: [AEA-6256] cdk statemachine construct New: [AEA-6256] StateMachine construct Mar 25, 2026
@tstephen-nhs tstephen-nhs changed the title New: [AEA-6256] StateMachine construct New: [AEA-6256] - StateMachine construct Mar 25, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 25, 2026

This PR is linked to a ticket in an NHS Digital JIRA Project. Here's a handy link to the ticket:

AEA-6256

github-advanced-security[bot]
github-advanced-security AI found potential problems Mar 25, 2026
View reviewed changes
Comment thread packages/cdkConstructs/tests/constructs/RestApiGateway.test.ts Fixed
Comment thread packages/cdkConstructs/tests/constructs/RestApiGateway.test.ts Fixed
Comment thread packages/cdkConstructs/tests/constructs/RestApiGateway.test.ts Fixed
@tstephen-nhs tstephen-nhs force-pushed the aea-6256-cdk-statemachine branch from 197af08 to f701083 Compare March 25, 2026 11:24
tstephen-nhs and others added 7 commits March 26, 2026 14:16
@tstephen-nhs
docs: example of ApiGateway use
f4d4506
@tstephen-nhs
refactor: centralise constants
e35ce32
@tstephen-nhs
refactor: centralise constants
c734151
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump NHSDigital/eps-common-workflows/.github/…
d464766 
…workflows/pr_title_check.yml from 5.8.1 to 5.8.8 (#621)

Bumps
[NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml](https://github.com/nhsdigital/eps-common-workflows)
from 5.8.1 to 5.8.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nhsdigital/eps-common-workflows/releases">NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.8</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.7...v5.8.8">5.8.8</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd">9705940</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23602683628">Release
workflow run</a> - Workflow ID: 23602683628</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.7</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.6...v5.8.7">5.8.7</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9">d2812c6</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23599211990">Release
workflow run</a> - Workflow ID: 23599211990</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.6</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.5...v5.8.6">5.8.6</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603">132c0f2</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23437466172">Release
workflow run</a> - Workflow ID: 23437466172</p>
<p>It was initialized by <a
href="https://github.com/anthony-nhs">anthony-nhs</a></p>
<h2>v5.8.5</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.4...v5.8.5">5.8.5</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333">d2a4595</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23432605463">Release
workflow run</a> - Workflow ID: 23432605463</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd"><code>9705940</code></a>
Upgrade: [dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9"><code>d2812c6</code></a>
Upgrade: [dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603"><code>132c0f2</code></a>
Chore: [AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333"><code>d2a4595</code></a>
Chore: [AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/b2b76a11cc6da8236ebd71f5d78b9dffc3976eaa"><code>b2b76a1</code></a>
Chore: [AEA-0000] - use cjs for semantic_releaese_jira (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/102">#102</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/66fbc033aecc0c2f727c763d5071cb555745db7f"><code>66fbc03</code></a>
Upgrade: [dependabot] - bump actions/create-github-app-token from 2.2.1
to 3....</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/5ac2707dd9cd60ad127275179495b9c890d74711"><code>5ac2707</code></a>
Upgrade: [dependabot] - bump aws-actions/configure-aws-credentials from
5.1.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/cbf6accf7046caab1ac27f94ed64ed90086abb11"><code>cbf6acc</code></a>
Upgrade: [dependabot] - bump <code>@​aws-sdk/client-lambda</code> from
3.1011.0 to 3.1013.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d11a9abb6061c8876572c464b042e68aa3b52a35"><code>d11a9ab</code></a>
Upgrade: [dependabot] - bump
<code>@​aws-sdk/client-cloudformation</code> from 3.1011.0 to ...</li>
<li>See full diff in <a
href="https://github.com/nhsdigital/eps-common-workflows/compare/3ce609c510fc4cf1e8cda1a8b59eb937ff57c79d...97059401fbec4c0914532277dfe8ce95dd3213fd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml&package-manager=github_actions&previous-version=5.8.1&new-version=5.8.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump NHSDigital/eps-common-workflows/.github/…
831746b 
…workflows/get-repo-config.yml from 5.8.1 to 5.8.8 (#625)

Bumps
[NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml](https://github.com/nhsdigital/eps-common-workflows)
from 5.8.1 to 5.8.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nhsdigital/eps-common-workflows/releases">NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.8</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.7...v5.8.8">5.8.8</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd">9705940</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23602683628">Release
workflow run</a> - Workflow ID: 23602683628</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.7</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.6...v5.8.7">5.8.7</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9">d2812c6</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23599211990">Release
workflow run</a> - Workflow ID: 23599211990</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.6</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.5...v5.8.6">5.8.6</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603">132c0f2</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23437466172">Release
workflow run</a> - Workflow ID: 23437466172</p>
<p>It was initialized by <a
href="https://github.com/anthony-nhs">anthony-nhs</a></p>
<h2>v5.8.5</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.4...v5.8.5">5.8.5</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333">d2a4595</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23432605463">Release
workflow run</a> - Workflow ID: 23432605463</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd"><code>9705940</code></a>
Upgrade: [dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9"><code>d2812c6</code></a>
Upgrade: [dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603"><code>132c0f2</code></a>
Chore: [AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333"><code>d2a4595</code></a>
Chore: [AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/b2b76a11cc6da8236ebd71f5d78b9dffc3976eaa"><code>b2b76a1</code></a>
Chore: [AEA-0000] - use cjs for semantic_releaese_jira (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/102">#102</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/66fbc033aecc0c2f727c763d5071cb555745db7f"><code>66fbc03</code></a>
Upgrade: [dependabot] - bump actions/create-github-app-token from 2.2.1
to 3....</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/5ac2707dd9cd60ad127275179495b9c890d74711"><code>5ac2707</code></a>
Upgrade: [dependabot] - bump aws-actions/configure-aws-credentials from
5.1.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/cbf6accf7046caab1ac27f94ed64ed90086abb11"><code>cbf6acc</code></a>
Upgrade: [dependabot] - bump <code>@​aws-sdk/client-lambda</code> from
3.1011.0 to 3.1013.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d11a9abb6061c8876572c464b042e68aa3b52a35"><code>d11a9ab</code></a>
Upgrade: [dependabot] - bump
<code>@​aws-sdk/client-cloudformation</code> from 3.1011.0 to ...</li>
<li>See full diff in <a
href="https://github.com/nhsdigital/eps-common-workflows/compare/3ce609c510fc4cf1e8cda1a8b59eb937ff57c79d...97059401fbec4c0914532277dfe8ce95dd3213fd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml&package-manager=github_actions&previous-version=5.8.1&new-version=5.8.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump NHSDigital/eps-common-workflows/.github/…
90c37b7 
…workflows/tag-release-devcontainer.yml from 5.8.1 to 5.8.8 (#623)

Bumps
[NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml](https://github.com/nhsdigital/eps-common-workflows)
from 5.8.1 to 5.8.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nhsdigital/eps-common-workflows/releases">NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.8</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.7...v5.8.8">5.8.8</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd">9705940</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23602683628">Release
workflow run</a> - Workflow ID: 23602683628</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.7</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.6...v5.8.7">5.8.7</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9">d2812c6</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23599211990">Release
workflow run</a> - Workflow ID: 23599211990</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.6</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.5...v5.8.6">5.8.6</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603">132c0f2</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23437466172">Release
workflow run</a> - Workflow ID: 23437466172</p>
<p>It was initialized by <a
href="https://github.com/anthony-nhs">anthony-nhs</a></p>
<h2>v5.8.5</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.4...v5.8.5">5.8.5</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333">d2a4595</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23432605463">Release
workflow run</a> - Workflow ID: 23432605463</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd"><code>9705940</code></a>
Upgrade: [dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9"><code>d2812c6</code></a>
Upgrade: [dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603"><code>132c0f2</code></a>
Chore: [AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333"><code>d2a4595</code></a>
Chore: [AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/b2b76a11cc6da8236ebd71f5d78b9dffc3976eaa"><code>b2b76a1</code></a>
Chore: [AEA-0000] - use cjs for semantic_releaese_jira (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/102">#102</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/66fbc033aecc0c2f727c763d5071cb555745db7f"><code>66fbc03</code></a>
Upgrade: [dependabot] - bump actions/create-github-app-token from 2.2.1
to 3....</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/5ac2707dd9cd60ad127275179495b9c890d74711"><code>5ac2707</code></a>
Upgrade: [dependabot] - bump aws-actions/configure-aws-credentials from
5.1.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/cbf6accf7046caab1ac27f94ed64ed90086abb11"><code>cbf6acc</code></a>
Upgrade: [dependabot] - bump <code>@​aws-sdk/client-lambda</code> from
3.1011.0 to 3.1013.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d11a9abb6061c8876572c464b042e68aa3b52a35"><code>d11a9ab</code></a>
Upgrade: [dependabot] - bump
<code>@​aws-sdk/client-cloudformation</code> from 3.1011.0 to ...</li>
<li>See full diff in <a
href="https://github.com/nhsdigital/eps-common-workflows/compare/3ce609c510fc4cf1e8cda1a8b59eb937ff57c79d...97059401fbec4c0914532277dfe8ce95dd3213fd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml&package-manager=github_actions&previous-version=5.8.1&new-version=5.8.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump NHSDigital/eps-common-workflows/.github/…
4f7415c 
…workflows/quality-checks-devcontainer.yml from 5.8.1 to 5.8.8 (#622)

Bumps
[NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml](https://github.com/nhsdigital/eps-common-workflows)
from 5.8.1 to 5.8.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nhsdigital/eps-common-workflows/releases">NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.8</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.7...v5.8.8">5.8.8</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd">9705940</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23602683628">Release
workflow run</a> - Workflow ID: 23602683628</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.7</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.6...v5.8.7">5.8.7</a>
(2026-03-26)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9">d2812c6</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23599211990">Release
workflow run</a> - Workflow ID: 23599211990</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.8.6</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.5...v5.8.6">5.8.6</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603">132c0f2</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23437466172">Release
workflow run</a> - Workflow ID: 23437466172</p>
<p>It was initialized by <a
href="https://github.com/anthony-nhs">anthony-nhs</a></p>
<h2>v5.8.5</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.8.4...v5.8.5">5.8.5</a>
(2026-03-23)</h2>
<h3>Chore</h3>
<ul>
<li>[AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333">d2a4595</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/23432605463">Release
workflow run</a> - Workflow ID: 23432605463</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/97059401fbec4c0914532277dfe8ce95dd3213fd"><code>9705940</code></a>
Upgrade: [dependabot] - bump picomatch from 2.3.1 to 2.3.2 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/108">#108</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2812c65049a94ec073dbeb38c16ee494fd74ae9"><code>d2812c6</code></a>
Upgrade: [dependabot] - bump requests from 2.32.5 to 2.33.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/107">#107</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/132c0f2db404cf1eab727ea659fe384826878603"><code>132c0f2</code></a>
Chore: [AEA-0000] - only use first line of commit to get ticket (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/104">#104</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d2a4595b1bfa59f04c7cecb080a126321d42a333"><code>d2a4595</code></a>
Chore: [AEA-0000] - fix jira lambda call another way (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/103">#103</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/b2b76a11cc6da8236ebd71f5d78b9dffc3976eaa"><code>b2b76a1</code></a>
Chore: [AEA-0000] - use cjs for semantic_releaese_jira (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/102">#102</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/66fbc033aecc0c2f727c763d5071cb555745db7f"><code>66fbc03</code></a>
Upgrade: [dependabot] - bump actions/create-github-app-token from 2.2.1
to 3....</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/5ac2707dd9cd60ad127275179495b9c890d74711"><code>5ac2707</code></a>
Upgrade: [dependabot] - bump aws-actions/configure-aws-credentials from
5.1.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/cbf6accf7046caab1ac27f94ed64ed90086abb11"><code>cbf6acc</code></a>
Upgrade: [dependabot] - bump <code>@​aws-sdk/client-lambda</code> from
3.1011.0 to 3.1013.0...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d11a9abb6061c8876572c464b042e68aa3b52a35"><code>d11a9ab</code></a>
Upgrade: [dependabot] - bump
<code>@​aws-sdk/client-cloudformation</code> from 3.1011.0 to ...</li>
<li>See full diff in <a
href="https://github.com/nhsdigital/eps-common-workflows/compare/3ce609c510fc4cf1e8cda1a8b59eb937ff57c79d...97059401fbec4c0914532277dfe8ce95dd3213fd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml&package-manager=github_actions&previous-version=5.8.1&new-version=5.8.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot Bot and others added 7 commits March 27, 2026 12:31
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump @aws-sdk/client-route-53 from 3.1013.0 t…
5080ce5 
…o 3.1018.0 (#627)

Bumps
[@aws-sdk/client-route-53](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-route-53)
from 3.1013.0 to 3.1018.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-route-53</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.1018.0</h2>
<h4>3.1018.0(2026-03-26)</h4>
<h5>Chores</h5>
<ul>
<li><strong>lib-storage:</strong> change default AbortController in
Upload to the global implementation (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7880">#7880</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/31c06fb02f56233c37d3aeb53a87847bb7276d64">31c06fb0</a>)</li>
</ul>
<h5>Documentation Changes</h5>
<ul>
<li><strong>packages-internal:</strong> readme updates for internal
packages (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7885">#7885</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2da8b4cd3ee660dcb14ca79d77cf942bd3405349">2da8b4cd</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-03-26
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/bc19bda4a875239b26e5d624d0e8809f40290e13">bc19bda4</a>)</li>
<li><strong>client-emr:</strong> Add StepExecutionRoleArn to RunJobFlow
API (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/59a0577f97bf21a8cce255d97bb9cd57e1ee60a1">59a0577f</a>)</li>
<li><strong>client-timestream-influxdb:</strong> Timestream for InfluxDB
adds support for customer defined maintenance windows. This allows
customers to define maintenance schedule during resource creation and
updates (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/22d9a2c89b71410267d00164d0abce2b1ed129a3">22d9a2c8</a>)</li>
<li><strong>client-cloudwatch-logs:</strong> This release adds parameter
support to saved queries in CloudWatch Logs Insights. Define reusable
query templates with named placeholders, invoke them using start query.
Available in Console, CLI and SDK (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/2c09ac48f254ea7b0f5915cad5d387197e589bb7">2c09ac48</a>)</li>
<li><strong>client-bcm-data-exports:</strong> With this release we are
providing an option to accounts to have their export delivered to an S3
bucket that is not owned by the account. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/ec48160efacd618fb6624fb76c379bcbd88e8192">ec48160e</a>)</li>
<li><strong>client-sagemaker:</strong> Release support for
ml.r5d.16xlarge instance types for SageMaker HyperPod (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/db6db4e38b768b849146ecf1eee964457be37887">db6db4e3</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>client-ses:</strong> turn off email verification e2e test
(<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7886">#7886</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/ae42308f2f5d7c7c99a092d89bba2f33b89780d2">ae42308f</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.1018.0.zip</strong></p>
<h2>v3.1017.0</h2>
<h4>3.1017.0(2026-03-25)</h4>
<h5>Chores</h5>
<ul>
<li><strong>middleware-sdk-s3:</strong> custom request validation for s3
client (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7882">#7882</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/dfeae958cfe7d7c3ab43dc126b4fa8ab8787c085">dfeae958</a>)</li>
<li><strong>lib:</strong> add dependency validation coverage for lib
folder (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7884">#7884</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/d231e3c23142947a3fac74e124530705ad215156">d231e3c2</a>)</li>
</ul>
<h5>Documentation Changes</h5>
<ul>
<li><strong>client-batch:</strong> Documentation-only update for AWS
Batch. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/8e507c03f2f87f7c495573f5881450784cf96e9b">8e507c03</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-03-25
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/289b4f177ac1d54c450910eb7ad941f5b45e8141">289b4f17</a>)</li>
<li><strong>client-marketplace-agreement:</strong> The Variable Payments
APIs enable AWS Marketplace Sellers to perform manage their payment
requests (send, get, list, cancel). (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/b9f85b12b18b5155027e8d3da25e52ef1c416ecd">b9f85b12</a>)</li>
<li><strong>client-polly:</strong> Add support for Mu-law and A-law
codecs for output format (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/16b8ce279c691ad1019df73336cf6560bf4a38fa">16b8ce27</a>)</li>
<li><strong>client-application-signals:</strong> This release adds
support for creating SLOs on RUM appMonitors, Synthetics canaries and
services. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/324daaeb9be6a45898df9add3235616b1dea914e">324daaeb</a>)</li>
<li><strong>client-uxc:</strong> GA release of AccountCustomizations,
used to manage account color, visible services, and visible regions
settings in the AWS Management Console. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/025844285b406c33a2b3d35f62208778454dd33b">02584428</a>)</li>
<li><strong>client-apigatewayv2:</strong> Added DISABLE IN PROGRESS and
DISABLE FAILED Portal statuses. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/1dc7ba26bbc78b1b6582af30da6e1b281bc14d86">1dc7ba26</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-route-53/CHANGELOG.md"><code>@​aws-sdk/client-route-53</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1017.0...v3.1018.0">3.1018.0</a>
(2026-03-26)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-route-53</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1016.0...v3.1017.0">3.1017.0</a>
(2026-03-25)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-route-53</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1015.0...v3.1016.0">3.1016.0</a>
(2026-03-24)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-route-53</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1014.0...v3.1015.0">3.1015.0</a>
(2026-03-23)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-route-53</code></p>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.1013.0...v3.1014.0">3.1014.0</a>
(2026-03-20)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-route-53</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/a3a34e38278f3d1fa1e8ee078d6d85d7cbe3dd56"><code>a3a34e3</code></a>
Publish v3.1018.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/32dfe7f4f724e639381e985dbdbfd1fc948f2ffa"><code>32dfe7f</code></a>
Publish v3.1017.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/7ca64d5730b05af55326d9979ea234bfc4cc8594"><code>7ca64d5</code></a>
Publish v3.1016.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/09b1455b9d2c10039e80195e01756d6a86e02b22"><code>09b1455</code></a>
Publish v3.1015.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/577a87434353a0608398bee6e6b7d91f5f42b596"><code>577a874</code></a>
Publish v3.1014.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/414aa0d1c8ded23c68c6652e494078eae6a3a1d9"><code>414aa0d</code></a>
chore: bump smithy versions</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/a17511fed4a12fd90feb6a923ea7108b53a4c987"><code>a17511f</code></a>
test(snapshot-testing): fix structure of XML errors from mock service
(<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-route-53/issues/7874">#7874</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.1018.0/clients/client-route-53">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @tstephen-nhs
Upgrade: [dependabot] - bump handlebars from 4.7.8 to 4.7.9 (#639)
602b2f0 
Bumps [handlebars](https://github.com/handlebars-lang/handlebars.js)
from 4.7.8 to 4.7.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/handlebars-lang/handlebars.js/releases">handlebars's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.9</h2>
<ul>
<li>fix: enable shell mode for spawn to resolve Windows EINVAL issue -
e0137c2</li>
<li>fix type &quot;RuntimeOptions&quot; also accepting string partials -
eab1d14</li>
<li>feat(types): set <code>hash</code> to be a <code>Record&lt;string,
any&gt;</code> - de4414d</li>
<li>fix non-contiguous program indices - 4512766</li>
<li>refactor: rename i to startPartIndex - e497a35</li>
<li>security: fix security issues - 68d8df5
<ul>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2w6w-674q-4c4q</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-3mfm-83xf-c92r</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xhpv-hc6g-r9c6</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-xjpj-3mr7-gcpf</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-9cx6-37pm-9jff</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-2qvq-rjwj-gvw9</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-7rx3-28cr-v5wh</a></li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2">https://github.com/handlebars-lang/handlebars.js/security/advisories/GHSA-442j-39wm-28r2</a></li>
</ul>
</li>
</ul>
<p><a
href="https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9">Commits</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md">handlebars's
changelog</a>.</em></p>
<blockquote>
<h2>v4.7.9 - March 26th, 2026</h2>
<ul>
<li>fix: enable shell mode for spawn to resolve Windows EINVAL issue -
e0137c2</li>
<li>fix type &quot;RuntimeOptions&quot; also accepting string partials -
eab1d14</li>
<li>feat(types): set <code>hash</code> to be a <code>Record&lt;string,
any&gt;</code> - de4414d</li>
<li>fix non-contiguous program indices - 4512766</li>
<li>refactor: rename i to startPartIndex - e497a35</li>
<li>security: fix security issues - 68d8df5</li>
</ul>
<p><a
href="https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9">Commits</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/dce542c9a660048d31f0981ac8a45c08b919bddb"><code>dce542c</code></a>
v4.7.9</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/8a41389ba5b2624b6f43a5463d8e2533b843a562"><code>8a41389</code></a>
Update release notes</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/68d8df5a88e0a26fe9e6084c5c6aaebe67b07da2"><code>68d8df5</code></a>
Fix security issues</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/b2a083136b11e1da9f0f47a11f749a9830a49328"><code>b2a0831</code></a>
Fix browser tests</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/9f98c1629834abf8de5a127caff8a2eab03d2c12"><code>9f98c16</code></a>
Fix release script</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/45443b4290475dfb7cec32a85d344f12ab345eb9"><code>45443b4</code></a>
Revert &quot;Improve partial indenting performance&quot;</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/8841a5f6d35096aee95d68e1e49636a4cb5c661e"><code>8841a5f</code></a>
Fix CI errors with linting</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/e0137c26f2202593bca7cc25184e733e87d54709"><code>e0137c2</code></a>
fix: enable shell mode for spawn to resolve Windows EINVAL issue</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/e914d6037ffb0dd371f7e4823cdb019732ae66d7"><code>e914d60</code></a>
Improve rendering performance</li>
<li><a
href="https://github.com/handlebars-lang/handlebars.js/commit/7de4b41c344a5d702edca93d1841b59642fa32bd"><code>7de4b41</code></a>
Upgrade GitHub Actions checkout and setup-node on 4.x branch</li>
<li>Additional commits viewable in <a
href="https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@tstephen-nhs
revert git secrets install
dc74bf6
@tstephen-nhs
fix: use postCreate to avoid git-secrets failing on second and subseq…
4ccfaf1 
…uent starts
@tstephen-nhs
docs: add copilot instructions and teach it to write JSDoc
c5d9ba9
@tstephen-nhs
docs: rereview jsdoc in light of new copilot instructions
af7a124
@tstephen-nhs
Merge branch 'main' into aea-6256-cdk-statemachine
6107867
@tstephen-nhs tstephen-nhs marked this pull request as ready for review March 27, 2026 14:24
Copilot AI review requested due to automatic review settings March 27, 2026 14:24
Copilot AI reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds reusable CDK constructs to standardise provisioning and API exposure of Step Functions Express state machines (including logging, optional Splunk forwarding, and API Gateway integration mapping templates).

Changes:

  • Introduces ExpressStateMachine construct (logs, IAM policies, optional Splunk subscription filter).
  • Adds StateMachineEndpoint API Gateway construct plus request/response VTL templates.
  • Adds CatchAllErrorPass helper construct and accompanying Vitest assertions; exports new constructs from src/index.ts.

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 10 comments.

Show a summary per file
File Description
packages/cdkConstructs/src/constructs/StateMachine.ts New ExpressStateMachine construct to provision Express workflows with logging, IAM, and optional Splunk forwarding.
packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts New construct intended to emit a fixed 500 OperationOutcome payload via a Pass state.
packages/cdkConstructs/src/constructs/RestApiGateway/StateMachineEndpoint.ts New API Gateway resource+method construct to start executions via StepFunctions integration.
packages/cdkConstructs/src/constructs/RestApiGateway/templates/stateMachineRequest.ts New request mapping template helper for StartExecution payload shaping.
packages/cdkConstructs/src/constructs/RestApiGateway/templates/stateMachineResponses.ts New response mapping templates/helpers for success/error handling.
packages/cdkConstructs/src/index.ts Re-exports the new constructs/templates entrypoints.
packages/cdkConstructs/tests/constructs/stateMachineConstruct.test.ts New unit tests for ExpressStateMachine and CatchAllErrorPass.
packages/cdkConstructs/tests/constructs/RestApiGateway/StateMachineEndpoint.test.ts New unit tests for StateMachineEndpoint and template helpers.
package-lock.json Lockfile updates.

Comment thread packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/RestApiGateway/templates/stateMachineResponses.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/RestApiGateway/StateMachineEndpoint.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/StateMachine.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/StateMachine.ts
Comment thread packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts
Comment thread packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/RestApiGateway/templates/stateMachineResponses.ts
Comment thread packages/cdkConstructs/src/constructs/StateMachine.ts Outdated
Comment thread packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts Outdated
tstephen-nhs
tstephen-nhs commented Mar 27, 2026
View reviewed changes
Comment thread packages/cdkConstructs/src/constructs/StateMachine/CatchAllErrorPass.ts Outdated
@tstephen-nhs tstephen-nhs enabled auto-merge (squash) March 27, 2026 15:04
@tstephen-nhs
fix: enumerate potential status codes
464dc01 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Mar 27, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
95.7% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@tstephen-nhs tstephen-nhs merged commit 9548de9 into main Mar 27, 2026
16 checks passed
@tstephen-nhs tstephen-nhs deleted the aea-6256-cdk-statemachine branch March 27, 2026 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@wildjames wildjames wildjames approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tstephen-nhs @wildjames @github-advanced-security