chore(deps): upgrade dependencies

[aws-cdk-automation]

Upgrades project dependencies. See details in workflow run.

---

Automatically created by projen via the "upgrade" workflow

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

packages/@aws-cdk-testing/cli-integ/package.json

Package	Version	License	Issue Type
@cdklabs/cdk-atmosphere-client	^0.0.104	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/cdk-atmosphere-client	^0.0.104	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/jsii-diff	^1.133.0	Unknown	Unknown
npm/jsii-pacmak	^1.133.0	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/node-backpack	^1.1.36	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/@smithy/util-stream	^4.6.6	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/node-backpack	^1.1.36	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/node-backpack	^1.1.36	Unknown	Unknown
npm/@cdklabs/eslint-plugin	^2.0.8	Unknown	Unknown
npm/eslint-import-resolver-typescript	^4.4.5	Unknown	Unknown
npm/@aws-sdk/client-cognito-identity	3.1058.0	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 5 detected GitHub workflow tokens with excessive permissions Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-ini	3.972.46	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 5 detected GitHub workflow tokens with excessive permissions Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-node	3.972.48	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 5 detected GitHub workflow tokens with excessive permissions Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-providers	3.1058.0	🟢 5.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 5 detected GitHub workflow tokens with excessive permissions Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing ⚠️ 0 project is not fuzzed
npm/@cdklabs/cdk-atmosphere-client	0.0.104	Unknown	Unknown
npm/@cdklabs/eslint-plugin	2.0.8	Unknown	Unknown
npm/@smithy/credential-provider-imds	4.3.7	Unknown	Unknown
npm/@smithy/util-stream	4.6.6	Unknown	Unknown
npm/@typescript-eslint/project-service	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/scope-manager	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/tsconfig-utils	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/types	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/typescript-estree	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/utils	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@typescript-eslint/visitor-keys	8.60.1	🟢 6.7	Details Check Score Reason Code-Review 🟢 9 Found 24/26 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/codemaker	1.133.0	🟢 7.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/eslint-import-resolver-typescript	4.4.5	🟢 5.6	Details Check Score Reason Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 4 Found 7/16 approved changesets -- score normalized to 4 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6
npm/jsii-diff	1.133.0	🟢 7.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/jsii-pacmak	1.133.0	🟢 7.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/node-backpack	1.1.36	Unknown	Unknown

Scanned Files

• package.json
• packages/@aws-cdk-testing/cli-integ/package.json
• packages/@aws-cdk/cdk-assets-lib/package.json
• packages/@aws-cdk/cli-plugin-contract/package.json
• packages/@aws-cdk/cloud-assembly-api/package.json
• packages/@aws-cdk/cloud-assembly-schema/package.json
• packages/@aws-cdk/cloudformation-diff/package.json
• packages/@aws-cdk/integ-runner/package.json
• packages/@aws-cdk/toolkit-lib/package.json
• packages/@aws-cdk/user-input-gen/package.json
• packages/@aws-cdk/yarn-cling/package.json
• packages/aws-cdk/package.json
• packages/cdk-assets/package.json
• packages/cdk/package.json
• yarn.lock

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.20%. Comparing base (b63b543) to head (8dc9c4b).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1599      +/-   ##
==========================================
+ Coverage   88.09%   88.20%   +0.11%     
==========================================
  Files          76       76              
  Lines       10864    10864              
  Branches     1497     1502       +5     
==========================================
+ Hits         9571     9583      +12     
+ Misses       1265     1253      -12     
  Partials       28       28              

Flag	Coverage Δ
suite.unit	88.20% <ø> (+0.11%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.