Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the all group in /cdk with 3 updates #843

Merged
merged 1 commit into from
Feb 27, 2024
Merged

chore(deps): bump the all group in /cdk with 3 updates #843

merged 1 commit into from
Feb 27, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 26, 2024
edited
Loading

Bumps the all group in /cdk with 3 updates: @guardian/cdk, @types/node and eslint.

Updates @guardian/cdk from 53.1.1 to 54.1.0

Release notes

Sourced from @​guardian/cdk's releases.

v54.1.0

Minor Changes

  • edf5c7a: - Add readonlyRootFilesystem prop to specify whether the container is given read-only access to its root file system

    • Add containerInsights prop to enable CloudWatch insights
    • Replace deprecated state machine definition

v54.0.0

Major Changes

This change includes some potentially breaking changes for consumers of:

Since v49.0.2, the EC2 instance profile created in GuEc2App, and it's subclasses, used the AmazonSSMManagedInstanceCore AWS Managed Policy to enable the SSM+SSH capability.

In addition to enabling SSM+SSH, this Managed Policy also provided read access to all SSM Parameters.

This is not least privilege.

In this version, usage of the AmazonSSMManagedInstanceCore Managed Policy is swapped for a custom, more minimal, policy.

[!IMPORTANT] Before upgrading to this version, ensure your application is not relying on the IAM Policy behaviour provided by AmazonSSMManagedInstanceCore.

If your application is reading SSM Parameters outside the /STAGE/STACK/APP/* namespace, you will need to add an explicit policy.

An IAM Policy to read SSM Parameters in the /STAGE/STACK/APP/* namespace is already provided by the GuEc2App construct, via GuParameterStoreReadPolicy

To understand if your application is impacted, consult this Service Catalogue query showing CloudFormation stacks using the above and using GuCDK v49.0.2 or above.

```sql
with data as (
    select cfn.account_id
         , acc.name as account_name
         , tml.stack_id
         , cfn.last_updated_time
         , cfn.region
         , cfn.stack_name
         , tml.metadata ->> 'gu:cdk:version' as gucdk_version
         , cfn.tags ->> 'gu:repo' as repository
         , cfn.tags ->> 'Stack' as stack
         , cfn.tags ->> 'Stage' as stage

... (truncated)

Changelog

Sourced from @​guardian/cdk's changelog.

54.1.0

Minor Changes

  • edf5c7a: - Add readonlyRootFilesystem prop to specify whether the container is given read-only access to its root file system

    • Add containerInsights prop to enable CloudWatch insights
    • Replace deprecated state machine definition

54.0.0

Major Changes

  • 4548884: This change includes some potentially breaking changes for consumers of:

    Since v49.0.2, the EC2 instance profile created in GuEc2App, and it's subclasses, used the AmazonSSMManagedInstanceCore AWS Managed Policy to enable the SSM+SSH capability.

    In addition to enabling SSM+SSH, this Managed Policy also provided read access to all SSM Parameters. This is not least privilege.

    In this version, usage of the AmazonSSMManagedInstanceCore Managed Policy is swapped for a custom, more minimal, policy.

    [!IMPORTANT] Before upgrading to this version, ensure your application is not relying on the IAM Policy behaviour provided by AmazonSSMManagedInstanceCore.

    If your application is reading SSM Parameters outside the /STAGE/STACK/APP/* namespace, you will need to add an explicit policy.

    An IAM Policy to read SSM Parameters in the /STAGE/STACK/APP/* namespace is already provided by the GuEc2App construct, via GuParameterStoreReadPolicy

    To understand if your application is impacted, consult this Service Catalogue query showing CloudFormation stacks using the above and using GuCDK v49.0.2 or above.

    with data as (

... (truncated)

Commits
  • 020b208 Merge pull request #2229 from guardian/changeset-release/main
  • 22ce9c6 Bump package version
  • a6ee682 Merge pull request #2228 from guardian/ms-ecs-task-improvements
  • c4bc265 test: Update snapshot
  • edf5c7a feat: add readonlyRootFilesystem prop to specify whether the container is g...
  • 42c6bd1 Merge pull request #2226 from guardian/dependabot/npm_and_yarn/oclif/core-3.19.5
  • 5cf85b4 chore(deps): bump @​oclif/core from 3.19.1 to 3.19.5
  • 14f49f0 Merge pull request #2227 from guardian/dependabot/npm_and_yarn/types/node-20....
  • 4231d3f chore(deps): bump @​types/node from 20.11.17 to 20.11.20
  • 63245bb Merge pull request #2225 from guardian/dependabot/npm_and_yarn/aws-sdk-2.1563.0
  • Additional commits viewable in compare view

Updates @types/node from 20.11.19 to 20.11.20

Commits

Updates eslint from 8.56.0 to 8.57.0

Release notes

Sourced from eslint's releases.

v8.57.0

Features

  • 1120b9b feat: Add loadESLint() API method for v8 (#18098) (Nicholas C. Zakas)
  • dca7d0f feat: Enable eslint.config.mjs and eslint.config.cjs (#18066) (Nitin Kumar)

Bug Fixes

  • 2196d97 fix: handle absolute file paths in FlatRuleTester (#18064) (Nitin Kumar)
  • 69dd1d1 fix: Ensure config keys are printed for config errors (#18067) (Nitin Kumar)
  • 9852a31 fix: deep merge behavior in flat config (#18065) (Nitin Kumar)
  • 4c7e9b0 fix: allow circular references in config (#18056) (Milos Djermanovic)

Documentation

  • 84922d0 docs: Show prerelease version in dropdown (#18139) (Nicholas C. Zakas)
  • 5b8c363 docs: Switch to Ethical Ads (#18117) (Milos Djermanovic)
  • 77dbfd9 docs: show NEXT in version selectors (#18052) (Milos Djermanovic)

Chores

  • 1813aec chore: upgrade @​eslint/js@​8.57.0 (#18143) (Milos Djermanovic)
  • 5c356bb chore: package.json update for @​eslint/js release (Jenkins)
  • f4a1fe2 test: add more tests for ignoring files and directories (#18068) (Nitin Kumar)
  • 42c0aef ci: Enable CI for v8.x branch (#18047) (Milos Djermanovic)
Changelog

Sourced from eslint's changelog.

v8.57.0 - February 23, 2024

  • 1813aec chore: upgrade @​eslint/js@​8.57.0 (#18143) (Milos Djermanovic)
  • 5c356bb chore: package.json update for @​eslint/js release (Jenkins)
  • 84922d0 docs: Show prerelease version in dropdown (#18139) (Nicholas C. Zakas)
  • 1120b9b feat: Add loadESLint() API method for v8 (#18098) (Nicholas C. Zakas)
  • 5b8c363 docs: Switch to Ethical Ads (#18117) (Milos Djermanovic)
  • 2196d97 fix: handle absolute file paths in FlatRuleTester (#18064) (Nitin Kumar)
  • f4a1fe2 test: add more tests for ignoring files and directories (#18068) (Nitin Kumar)
  • 69dd1d1 fix: Ensure config keys are printed for config errors (#18067) (Nitin Kumar)
  • 9852a31 fix: deep merge behavior in flat config (#18065) (Nitin Kumar)
  • dca7d0f feat: Enable eslint.config.mjs and eslint.config.cjs (#18066) (Nitin Kumar)
  • 4c7e9b0 fix: allow circular references in config (#18056) (Milos Djermanovic)
  • 77dbfd9 docs: show NEXT in version selectors (#18052) (Milos Djermanovic)
  • 42c0aef ci: Enable CI for v8.x branch (#18047) (Milos Djermanovic)

v9.0.0-beta.0 - February 9, 2024

  • e40d1d7 chore: upgrade @​eslint/js@​9.0.0-beta.0 (#18108) (Milos Djermanovic)
  • 9870f93 chore: package.json update for @​eslint/js release (Jenkins)
  • 2c62e79 chore: upgrade @​eslint/eslintrc@​3.0.1 (#18107) (Milos Djermanovic)
  • 81f0294 chore: upgrade espree@10.0.1 (#18106) (Milos Djermanovic)
  • 5e2b292 chore: upgrade eslint-visitor-keys@4.0.0 (#18105) (Milos Djermanovic)
  • 9163646 feat!: Rule Tester checks for missing placeholder data in the message (#18073) (fnx)
  • 53f0f47 feat: Add loadESLint() API method for v9 (#18097) (Nicholas C. Zakas)
  • f1c7e6f docs: Switch to Ethical Ads (#18090) (Strek)
  • 15c143f docs: JS Foundation -> OpenJS Foundation in PR template (#18092) (Nicholas C. Zakas)
  • c4d26fd fix: use-isnan doesn't report on SequenceExpressions (#18059) (StyleShit)
  • 6ea339e docs: add stricter rule test validations to v9 migration guide (#18085) (Milos Djermanovic)
  • ce838ad chore: replace dependency npm-run-all with npm-run-all2 ^5.0.0 (#18045) (renovate[bot])
  • 3c816f1 docs: use relative link from CLI to core concepts (#18083) (Milos Djermanovic)
  • 54df731 chore: update dependency markdownlint-cli to ^0.39.0 (#18084) (renovate[bot])
  • 9458735 docs: fix malformed eslint config comments in rule examples (#18078) (Francesco Trotta)
  • 07a1ada docs: link from --fix CLI doc to the relevant core concept (#18080) (Bryan Mishkin)
  • 8f06a60 chore: update dependency shelljs to ^0.8.5 (#18079) (Francesco Trotta)
  • b844324 docs: Update team responsibilities (#18048) (Nicholas C. Zakas)
  • aadfb60 docs: document languageOptions and other v9 changes for context (#18074) (fnx)
  • 3c4d51d feat!: default for enforceForClassMembers in no-useless-computed-key (#18054) (Francesco Trotta)
  • 47e60f8 feat!: Stricter rule test validations (#17654) (fnx)
  • 1a94589 feat!: no-unused-vars default caughtErrors to 'all' (#18043) (Josh Goldberg ✨)
  • 857e242 docs: tweak explanation for meta.docs rule properties (#18057) (Bryan Mishkin)
  • 10485e8 docs: recommend messageId over message for reporting rule violations (#18050) (Bryan Mishkin)
  • 98b5ab4 docs: Update README (GitHub Actions Bot)
  • 93ffe30 chore: update dependency file-entry-cache to v8 (#17903) (renovate[bot])
  • 505fbf4 docs: update no-restricted-imports rule (#18015) (Tanuj Kanti)
  • 2d11d46 feat: add suggestions to use-isnan in binary expressions (#17996) (StyleShit)
  • c25b4af docs: Update README (GitHub Actions Bot)

v9.0.0-alpha.2 - January 26, 2024

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @akash1810.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 26, 2024
@akash1810
Copy link
Member

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cdk/all-481a6767d6 branch from bcffff1 to aacba5e Compare February 27, 2024 09:10
@dependabot @akash1810
chore(deps): bump the all group in /cdk with 3 updates
b7a923d 
Bumps the all group in /cdk with 3 updates: [@guardian/cdk](https://github.com/guardian/cdk), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [eslint](https://github.com/eslint/eslint).

Updates `@guardian/cdk` from 53.1.1 to 54.1.0
- [Release notes](https://github.com/guardian/cdk/releases)
- [Changelog](https://github.com/guardian/cdk/blob/main/CHANGELOG.md)
- [Commits](guardian/cdk@v53.1.1...v54.1.0)

Updates `@types/node` from 20.11.19 to 20.11.20
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `eslint` from 8.56.0 to 8.57.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v8.56.0...v8.57.0)

---
updated-dependencies:
- dependency-name: "@guardian/cdk"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@akash1810 akash1810 force-pushed the dependabot/npm_and_yarn/cdk/all-481a6767d6 branch from aacba5e to b7a923d Compare February 27, 2024 09:32
akash1810
akash1810 approved these changes Feb 27, 2024
View reviewed changes
Copy link
Member

@akash1810 akash1810 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot dependabot bot merged commit 9a63b0f into main Feb 27, 2024
1 check passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/cdk/all-481a6767d6 branch February 27, 2024 09:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akash1810 akash1810 akash1810 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@akash1810