Bump Amazon.CDK.Lib and 13 others #425

dependabot · 2025-08-01T13:10:37Z

Updated Amazon.CDK.Lib from 2.203.0 to 2.208.0.

Release notes

Sourced from Amazon.CDK.Lib's releases.

2.208.0

Features

update L1 CloudFormation resource definitions (#35054) (a2b3e78)
region-info: add support for region ap-southeast-6 (#35036)

Bug Fixes

core: Tag must have a value error is impossible to attribute to a specific tag (#35091) (6c4181b)
custom-resources: use loggingFormat instead of deprecated logFormat (#35015) (81fe660), closes #35002
logs: query strings can have multiple stats commands (#34590) (57ae6f9), closes #34578 #34578
logs: revert "exposed metric from the metric filter will now include the dimension map (#34648)" (#35102) (24bbced), closes #35097

Alpha modules (2.208.0-alpha.0)

Features

glue: throw ValidationError instead of untyped errors (#35084) (1e20df6)

2.207.0

Features

core: allow validation report multi-write based on context keys (#34927) (9571599)
update L1 CloudFormation resource definitions (#35020) (3f695b3)
bedrockprompt: add prompt management to bedrock agents (#34754) (c0d27ee)
cloudwatch: add search expression to graph widget in cloudwatch dashboard (#34933) (e3f505e), closes #7237
core: addInfoV2 method for suppressible info Annotations (#34872) (fb1792c), closes #34871
logs: support ADC regions for infrequent access log class (#34999) (1c57d69)
rds: support Database Insights for RDS instances (#34854) (304e2db), closes #34743 #32851
cloudwatch logs transformer support (#34996) (ba61463), closes #34861

Bug Fixes

autoscaling: add an option to run validation when migrating to launch template (#34832) (c8d62f3), closes #34283
core: fix asset bundling for nested stack with exclusive flag (#30983) (992b0a5), closes #30967 #30967
kinesisfirehose: can't call grantPrincipal multiple times (#34682) (ea226b5)
s3-deployment: broken cross stack reference when using Source.data (#34916) (0591c44), closes #22843 #22843

Alpha modules (2.207.0-alpha.0)

2.206.0

Features

custom-resource: Added async custom resource provider framework logging off by default (1302e3d)
ecs: add L1 native blue/green deployment support for ECS services (3ef87e4)

Alpha modules (2.206.0-alpha.0)

2.205.0

Features

kinesisfirehose: support custom time zone settings for S3 destination (#34738) (2bbe762), closes #34737
update L1 CloudFormation resource definitions (#34979) (2e0e536)
codebuild: cache sharing of CodeBuild projects (#34257) (21e2d1e), closes /docs.aws.amazon.com/codebuild/latest/userguide/caching-s3.html#caching-s3
update L1 CloudFormation resource definitions (#34915) (748d03c)
cloudwatch-dashboards: add support for queryLanguage property (#34547) (8a77828), closes #34482 /github.com/aws/aws-cdk/issues/34482#issuecomment-2887841701
ec2: add c8gn instance class (#34866) (aaf442b)
events: add arnForPolicy attribute for api destination (#34315) (e0ac9f8)
rds: add fromLookup method for Amazon Aurora Database Cluster (#34849) (23ca6fc), closes #34848 #33258
synthetics: add maxRetries prop to configure automatic retries on canary runs (#34541) (54d8a84), closes #34511
synthetics: add support for tag replication for aws synthetics (#34830) (5ff59d9)
core: report feature flag info into Cloud Assembly (#34919) (72733ea)

Bug Fixes

codecov: update codecov-upload.yml with a git checkout step (#34929) (0a0adf7)
lambda: handle token resolution issues in addToRolePolicy (#34904) (6cd1802), closes #34894
pipelines: ensure assets with same hash but different destinations are published separately (#34790) (05afab3), closes #31070 #31070
region-info: integ use standalone package (#34782) (6d1bcb3), closes #34692 /github.com/aws/aws-cdk/blob/1ae14635cbbc8ba0f2dab8cbeb72c4af0fddce7a/packages/aws-cdk-lib/package.json#L507-L511
tags: excludeResourceTypes does not work for tags applied at stack level (under feature flag) (#31443) (4c7d9f4), closes #28017 #33945 #30055

⚠ CHANGES TO L1 RESOURCES

L1 resources are automatically generated from public CloudFormation Resource Schemas. They are build to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-cdk-lib.aws_ec2.CfnTrafficMirrorFilterRule: Id attribute was removed
aws-cdk-lib.aws_kinesis.StreamConsumer: Id attribute was removed
aws-cdk-lib.aws_neptune.DBInstance: Id attribute was removed

Alpha modules (2.205.0-alpha.0)

2.204.0

Features

apigatewayv2: add stage variables support for HTTP and WebSocket API (#34548) (965e055)
cloudwatch: add id and visible properties for CloudWatch Metric (#34870) (879afd6), closes #19876
report feature flags into Cloud Assembly (#34884) (f70e46c), closes #34798
region-info: add support for region eusc-de (#34860)

Bug Fixes

ecr-assets: incorrect handling of nested excludes in .dockerignore (#34810) (8328c79), closes #13636 #13636
"Invalid Assembly Manifest" when used with CLI 2.1017.0 and 2.1018.0 (#34880) (741b0a7), closes aws/aws-cdk#34798

Alpha modules (2.204.0-alpha.0)

Features

lambda-python-alpha: support uv (#33880) (ac6f136), closes #31238 #32413

2.203.1

Bug Fixes

"Invalid Assembly Manifest" when used with CLI 2.1017.0 and 2.1018.0 (#34880) (32ee050), closes aws/aws-cdk#34798

Alpha modules (2.203.1-alpha.0)

Commits viewable in compare view.

Updated Amazon.Lambda.Core from 2.6.0 to 2.7.0.

Release notes

Sourced from Amazon.Lambda.Core's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Aspire.Hosting.Testing from 9.3.1 to 9.4.0.

Release notes

Sourced from Aspire.Hosting.Testing's releases.

9.4.0

We are excited to share that our 9.4.0 release of Aspire has shipped! All of the packages are available in NuGet.org now. Head over to https://learn.microsoft.com/en-us/dotnet/aspire/whats-new/dotnet-aspire-9.4 to find what's new in 9.4.0!

What's Changed

API review: Add Services property to ResourceEndpointsAllocatedEvent by @DamianEdwards in API review: Add Services property to ResourceEndpointsAllocatedEvent dotnet/aspire#9270
Fix visibility updates during resource upserts by @adamint in Fix visibility updates during resource upserts dotnet/aspire#9264
Accept null value in Redis WithPassword to ensure password dosen't set in redis-server by @Alirexaa in Accept null value in Redis WithPassword to ensure password dosen't set in redis-server dotnet/aspire#9278
Make sure the publisher example supports azd by @davidfowl in Make sure the publisher example supports azd dotnet/aspire#9277
API review: WithHostPort should accept null for port param by @Alirexaa in API review: WithHostPort should accept null for port param dotnet/aspire#9282
Refactor database explorer resource builders to not prefix their names the name of the first resource they are added to. by @paulomorgado in Refactor database explorer resource builders to not prefix their names the name of the first resource they are added to. dotnet/aspire#8237
Test that ensures legacy dashboard token env var is honored by @DamianEdwards in Test that ensures legacy dashboard token env var is honored dotnet/aspire#9296
Refactor solution file from .sln to .slnx format and update related d… by @davidfowl in Refactor solution file from .sln to .slnx format and update related d… dotnet/aspire#9295
Minor dashboard improvements and clean up by @JamesNK in Minor dashboard improvements and clean up dotnet/aspire#9301
Minor improvements to resource changed log by @JamesNK in Minor improvements to resource changed log dotnet/aspire#9303
Fix Blazor error logging to telemetry by @JamesNK in Fix Blazor error logging to telemetry dotnet/aspire#9304
Don't throw from component telemetry context dispose if not initialized by @JamesNK in Don't throw from component telemetry context dispose if not initialized dotnet/aspire#9306
[CI] Add PR validation on macOS by @radical in [CI] Add PR validation on macOS dotnet/aspire#9287
Localized file check-in by OneLocBuild Task: Build definition ID 1309: Build ID 2709142 by @dotnet-bot in Localized file check-in by OneLocBuild Task: Build definition ID 1309: Build ID 2709142 dotnet/aspire#9302
Ignore case on FormatDateTime_WithMilliseconds_NewZealandCulture by @adamint in Ignore case on FormatDateTime_WithMilliseconds_NewZealandCulture dotnet/aspire#9316
Changing default SKU for App Service Plan to P0V3 by @ShilpiRachna1 in Changing default SKU for App Service Plan to P0V3 dotnet/aspire#9280
Branding updates for 9.4 by @joperezr in Branding updates for 9.4 dotnet/aspire#9331
Increase retry time in AppBar_Change_Theme_ReloadPage by @adamint in Increase retry time in AppBar_Change_Theme_ReloadPage dotnet/aspire#9317
Update xUnit.v3 to support MTP tests by @peterwald in Update xUnit.v3 to support MTP tests dotnet/aspire#9261
[main] Update dependencies from microsoft/usvc-apiserver by @dotnet-maestro[bot] in [main] Update dependencies from microsoft/usvc-apiserver dotnet/aspire#9333
Add tracing support for Azure App Configuration component by @zhiyuanliang-ms in Add tracing support for Azure App Configuration component dotnet/aspire#9323
Revert "Update xUnit.v3 to support MTP tests (#9261)" by @radical in Revert "Update xUnit.v3 to support MTP tests (#9261)" dotnet/aspire#9336
Remove the workaround to explicitly set the container runtime for tests now that the orchestrator is updated by @danegsta in Remove the workaround to explicitly set the container runtime for tests now that the orchestrator is updated dotnet/aspire#9339
[Automated] Update API Surface Area by @github-actions[bot] in [Automated] Update API Surface Area dotnet/aspire#8736
Revert "Revert "Update xUnit.v3 to support MTP tests (#9261)" (#9336)" by @radical in Revert "Revert "Update xUnit.v3 to support MTP tests (#9261)" (#9336)" dotnet/aspire#9337
TestsReportGenerator: Always show the error message, and truncate only the stdout by @radical in TestsReportGenerator: Always show the error message, and truncate only the stdout dotnet/aspire#9335
[CI] Fix azdo builds for main by @radical in [CI] Fix azdo builds for main dotnet/aspire#9338
[main] Update dependencies from microsoft/usvc-apiserver by @dotnet-maestro[bot] in [main] Update dependencies from microsoft/usvc-apiserver dotnet/aspire#9347
Fully qualify OutputPath for PublishingContext by @captainsafia in Fully qualify OutputPath for PublishingContext dotnet/aspire#9351
Fix typo in doccomment in ContainerResourceBuilderExtensions.cs by @KuraiAndras in Fix typo in doccomment in ContainerResourceBuilderExtensions.cs dotnet/aspire#9342
Update health check to ensure blob containers created at right time by @RussKie in Update health check to ensure blob containers created at right time dotnet/aspire#9159
Re-apply quarantined test for validation by @sebastienros in Re-apply quarantined test for validation dotnet/aspire#9364
Update telemetry doc for AzureAppConfiguration by @sebastienros in Update telemetry doc for AzureAppConfiguration dotnet/aspire#9365
Enable MTP tests via MSBuild property by @captainsafia in Enable MTP tests via MSBuild property dotnet/aspire#9361
catch json error by @danmoseley in catch json error dotnet/aspire#9369
Refactor a common TempDirectory test class by @eerhardt in Refactor a common TempDirectory test class dotnet/aspire#9370
Centralize Verify convention by @sebastienros in Centralize Verify convention dotnet/aspire#9371
Update Aspire to stable Microsoft.Extensions.AI.Abstractions by @stephentoub in Update Aspire to stable Microsoft.Extensions.AI.Abstractions dotnet/aspire#9356
Update RunCommand.cs by @IEvangelist in Update RunCommand.cs dotnet/aspire#9360
Add support for copying existing files via WithContainerFiles API by @danegsta in Add support for copying existing files via WithContainerFiles API dotnet/aspire#8908
Do not fail on partial trust warning. by @mitchdenny in Do not fail on partial trust warning. dotnet/aspire#9384
markdown lint by @danmoseley in markdown lint dotnet/aspire#9389
Merge branch release/9.3 into main by @joperezr in Merge branch release/9.3 into main dotnet/aspire#9394
Fix failure in MongoDbFunctionalTests.VerifyWithInitFiles by @danegsta in Fix failure in MongoDbFunctionalTests.VerifyWithInitFiles dotnet/aspire#9391
Ensure all grid columns have tooltips by @adamint in Ensure all grid columns have tooltips dotnet/aspire#9401
Remove test from quarantine by @danegsta in Remove test from quarantine dotnet/aspire#9402
copilot setup steps by @danmoseley in copilot setup steps dotnet/aspire#9409
... (truncated)

9.3.2 What's Changed

[release/9.3] Fix SqlServer PowerShell module version to avoid breaking changes in 22.4.5.1 by @sebastienros in [release/9.3] Fix SqlServer PowerShell module version to avoid breaking changes in 22.4.5.1 dotnet/aspire#9958
Bumping patch version for 9.3.2 by @joperezr in Bumping patch version for 9.3.2 dotnet/aspire#9963

Full Changelog: dotnet/aspire@v9.3.1...v9.3.2

Commits viewable in compare view.

Updated AWS.Lambda.Powertools.Logging from 2.0.0 to 2.0.1.

Release notes

Sourced from AWS.Lambda.Powertools.Logging's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.DynamoDBv2 from 3.7.408.1 to 4.0.3.1.

Release notes

Sourced from AWSSDK.DynamoDBv2's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.EventBridge from 3.7.406.1 to 4.0.3.1.

Release notes

Sourced from AWSSDK.EventBridge's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleNotificationService from 3.7.400.172 to 4.0.0.15.

Release notes

Sourced from AWSSDK.SimpleNotificationService's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.SimpleSystemsManagement from 3.7.406.1 to 4.0.2.5.

Release notes

Sourced from AWSSDK.SimpleSystemsManagement's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated AWSSDK.StepFunctions from 3.7.403.115 to 4.0.0.17.

Release notes

Sourced from AWSSDK.StepFunctions's releases.

No release notes found for this version range.

Commits viewable in compare view.

Updated Datadog.Trace from 3.20.0 to 3.22.0.

Release notes

Sourced from Datadog.Trace's releases.

3.22.0 Summary

[Azure Functions] Support for Azure Functions is GA
[Azure Functions] Optimized support for Azure Functions with the Datadog.AzureFunctions NuGet package
[TestOptimization] Add support for pr.number and additional CI variables
[TestOptimization] Add support for xunit.v3 version 3.x.x
[Data Streams Monitoring] Initial support for the default experience

Changes

Tracer

Integrations: Disable AWS Kinesis injection when the integration is disabled (#7239)
Refactor SpanContextInjector and SpanContextExtractor and improve tests (#7258)

CI Visibility

[TestOptimization] Update the CI Environment Values parser (#7242)
Add support for xunit.v3 v3 (#7245)
[Test Optimization] Add pr.number tag to Github provider (#7262)

ASM

[AAP] Update WAF to V1.26 (#7216)

Continuous Profiler

[Profiler] Add ringbuffer (#7025)

Debugger

Reduce log level for ConcurrentAdaptiveCache capacity (#7213)

Serverless

[Serverless] Remove "preview" version suffix from Datadog.AzureFunctions (#7229)
[Azure Functions] Bump Datadog.Serverless.Compat package reference version (#7238)
[Azure Functions] Fixes, refactoring, and clean-up (#7256)
[Azure Functions] Ignore additional URLs in outgoing HTTP client requests (#7271)
[Azure Functions] Fix operation name (#7272)
[Serverless] add serverless teams as co-owners on additional files (#7273)
[Serverless] GA nuget package Datadog.AzureFunctions (#7283)

Miscellaneous

Add documentation on how to perform a major version update (#7152)
[IAST] Added compatibility for stable config (#7164)
Only enable Schema extraction when DSM explicitly enabled (#7175)
remove redundant dependency check for dynamic assemblies (#7222)
Bump libdatadog from 19.0.1 to 19.1.0. (#7232)
feat: add injection metadata fields to telemetry forwarder (#7237)
DSM default state reversal (#7244)
chore: add malformed baggage header telemetry (#7254)
Fix SSI injection telemetry (#7288)
Increase rejit timeout from 100ms to 150ms (#7289)
Add agent response handling to native interop (#7201)
Prevent and remove double-disposal in DiscoveryService and RemoteConfigurationManager (#7240)
... (truncated)

3.21.0 Summary

[Tracing] Add support for NLog 6.x.x
[Test Optimization] Improve the CodeOwners parser
[Data stream Monitoring] Various fixes for Kinesis, SQS, SNS, and RabbitMQ integrations
[Serverless] Add preview support for Datadog.AzureFunctions NuGet package

Changes

Tracer

Add support for NLog 6.0 (#7131)
Show correct agent_uri path in startup log for named pipes (#7199)
Try removing exceptions from the shutdown path (#7200)
Use non-BOM version of Encoding.UTF8 in Libdatadog interop code (#7204)
feat(libdatadog-logger): integrate libdatadog logging (#7075)

CI Visibility

[Test Optimization] Improve the CodeOwners parser (#7155)

ASM

[AAP] Report ASM RC status to Telemetry Config (#7141)
[AAP] Send WAF config errors to Telemetry Logs (#7142)

Continuous Profiler

Don't load the profiler on arm64 (#7169)
[Profiler] Remove ssi telemetry (#7176)
[Profiler] Protect against thread abort (#7187)

Debugger

[Exception Replay] Groundwork to support Test Optimization (#7085)
[Dynamic Instrumentaiton] Marking instrumentation as failure if IsReEntryField is absent (#7188)
[Dynamic Instrumentation] Reducing noisy log lines (#7198)

Serverless

Add new Datadog.AzureFunctions nuget package (#7111)
[Serverless] Update nuget package reference (#7203)
Add support for writing managed logs to the console (stdout) (#7160)

Fixes

fix: Handle both SQS StringValue and SNS BinaryValue in context extraction (#7205)

Build / Test

[Profiler] Fix flacky tests (#7161)
Adding Throughput Test for Kafka & DSM (#7133)
ServiceBus.Minimal.Rebus SQL connection error (#7146)
[Test Optimization] Remove impacted tests backend tests (#7151)
[Test Package Versions Bump] Updating package versions (#7156)
Fix test InitializesTracerWhenTracingIsDisabled Flakiness (#7163)
Bump the gh-actions-packages group across 2 directories with 3 updates (#7166)
Add retry to smoke crash tracking tests (#7172)
... (truncated)

3.20.1 Summary

Ensures we never load the Continuous Profiler on linux arm64, as it's unsupported. Loading an unloading the Continuous Profiler can trigger crash conditions on some old versions of glibc.

Changes

Continuous Profiler

Don't load the profiler on arm64 (#7169)

Miscellaneous

[fleet installer] Remove the global instrumentation commands (#7182)

Build / Test

Fix release process by removing check for SSI artifacts (#7180)
Add workaround for messed up execution_benchmark results (#7181)

Changes since 3.20.0

Commits viewable in compare view.

Updated FluentValidation from 11.11.0 to 12.0.0.

Release notes

Sourced from FluentValidation's releases.

12.0.0

Release notes

Please read the upgrade guide if you are moving from 11.x to 12.x

Changes in 12.0.0

Drops support for netstandard2.0, netstandard2.1, .net 5, .net 6 and .net 7. Minimum supported platform is now .net 8.
Add support for dependent rules for custom rules (#2170)
Removes deprecated DI extensions
Removes deprecated transform methods (#2027)
Remove the ability to disable the root-model null check (#2069)
Use Zomp.SyncMethodGenerator to clean up internal sync/async code paths and increase performance (#2136)
Add Serbian (Cyrillic) language; rename existing Serbian to Serbian (Latin) (#2283)

Downloads

Binaries can be downloaded from nuget:

FluentValidation - Main package

Commits viewable in compare view.

Updated Microsoft.Extensions.DependencyInjection.Abstractions from 9.0.6 to 9.0.7.

Release notes

Sourced from Microsoft.Extensions.DependencyInjection.Abstractions's releases.

9.0.7

Release

What's Changed

[release/9.0-staging] Fix crash during Async Break when APC and CET are enabled by @thaystg in [release/9.0-staging] Fix crash during Async Break when APC and CET are enabled dotnet/runtime#114932
[release/9.0-staging] [STJ] Account for F# CompilationMappingAttribute now supporting multiple declarations. by @github-actions in [release/9.0-staging] [STJ] Account for F# CompilationMappingAttribute now supporting multiple declarations. dotnet/runtime#115076
[release/9.0-staging][wasm][interpreter] Fix PackedSimd interpreter intrinsics by @lewing in [release/9.0-staging][wasm][interpreter] Fix PackedSimd interpreter intrinsics dotnet/runtime#114218
[release/9.0-staging] JIT: Fix invalid removal of explicit zeroing in methods without .localsinit by @jakobbotsch in [release/9.0-staging] JIT: Fix invalid removal of explicit zeroing in methods without .localsinit dotnet/runtime#115568
[release/9.0-staging] throw an exception instead of infinite loop in sort_mark_list by @github-actions in [release/9.0-staging] throw an exception instead of infinite loop in sort_mark_list dotnet/runtime#115529
[release/9.0-staging] [DNS] Ignore ObjectDisposedException on CancellationToken Callback by @github-actions in [release/9.0-staging] [DNS] Ignore ObjectDisposedException on CancellationToken Callback dotnet/runtime#115840
Revert "[release/9.0-staging] Fix crash during Async Break when APC and CET are enabled" by @thaystg in Revert "[release/9.0-staging] Fix crash during Async Break when APC and CET are enabled" dotnet/runtime#116015
[release/9.0-staging] Fix SysV first/second return register GC info mismatch by @jakobbotsch in [release/9.0-staging] Fix SysV first/second return register GC info mismatch dotnet/runtime#116206
[release/9.0-staging] Fix PipeStream leak on Windows when pipe is disposed with a pending operation by @github-actions in [release/9.0-staging] Fix PipeStream leak on Windows when pipe is disposed with a pending operation dotnet/runtime#116188
[release/9.0] Fix edge cases in Tarjan GC bridge (Android) by @filipnavara in [release/9.0] Fix edge cases in Tarjan GC bridge (Android) dotnet/runtime#114682
[release/9.0-staging] Revert change to follow symlinks of dotnet host by @github-actions in [release/9.0-staging] Revert change to follow symlinks of dotnet host dotnet/runtime#116244
Update branding to 9.0.7 by @vseanreesermsft in Update branding to 9.0.7 dotnet/runtime#116312
[release/9.0-staging] Fix generation of minidump by @github-actions in [release/9.0-staging] Fix generation of minidump dotnet/runtime#115738
[release/9.0-staging] fix: in rsa signatures, configure digest before padding mode by @github-actions in [release/9.0-staging] fix: in rsa signatures, configure digest before padding mode dotnet/runtime#115695
[release/9.0-staging] JIT: Fix possible heap corruption in outlined composite SSA storage by @github-actions in [release/9.0-staging] JIT: Fix possible heap corruption in outlined composite SSA storage dotnet/runtime#116132
[release/9.0-staging] Update dependencies from dotnet/roslyn by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/roslyn dotnet/runtime#115984
[release/9.0-staging] Update dependencies from dotnet/arcade by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/arcade dotnet/runtime#115855
[release/9.0-staging] Update dependencies from dotnet/icu by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/icu dotnet/runtime#115597
[release/9.0-staging] Update dependencies from dotnet/sdk by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/sdk dotnet/runtime#115710
[release/9.0-staging] Update dependencies from dotnet/cecil by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/cecil dotnet/runtime#115504
[release/9.0-staging] Update dependencies from dotnet/xharness by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/xharness dotnet/runtime#115589
[release/9.0] Update dependencies from dotnet/emsdk by @dotnet-maestro in [release/9.0] Update dependencies from dotnet/emsdk dotnet/runtime#115537
Bump SDK version used by WASM since it was broken by dotnet/arcade codeflow by @jozkee in Bump SDK version used by WASM since it was broken by dotnet/arcade codeflow dotnet/runtime#116450
[automated] Merge branch 'release/9.0' => 'release/9.0-staging' by @github-actions in [automated] Merge branch 'release/9.0' => 'release/9.0-staging' dotnet/runtime#115576
[release/9.0-staging] Link peer's X509 stack handle to parent SSL safe handle by @github-actions in [release/9.0-staging] Link peer's X509 stack handle to parent SSL safe handle dotnet/runtime#115380
[release/9.0-staging] [mono][interp] Minor SSA fixes by @BrzVlad in [release/9.0-staging] [mono][interp] Minor SSA fixes dotnet/runtime#116428
[release/9.0-staging] Update dependencies from dotnet/runtime-assets by @dotnet-maestro in [release/9.0-staging] Update dependencies from dotnet/runtime-assets dotnet/runtime#115677
[release/9.0-staging] Disable the UTFStringConversionFailures test on CI runs by @github-actions in [release/9.0-staging] Disable the UTFStringConversionFailures test on CI runs dotnet/runtime#116460
[manual] Merge release/9.0-staging into release/9.0 by @jozkee in [manual] Merge release/9.0-staging into release/9.0 dotnet/runtime#116459
Merging internal commits for release/9.0 by @vseanreesermsft in Merging internal commits for release/9.0 dotnet/runtime#116499
[release/9.0] Delete s390x and ppc64le helix queues by @github-actions in [release/9.0] Delete s390x and ppc64le helix queues dotnet/runtime#116537

Full Changelog: dotnet/runtime@v9.0.6...v9.0.7

Commits viewable in compare view.

Updated NJsonSchema from 11.3.2 to 11.4.0.

Release notes

Sourced from NJsonSchema's releases.

11.4.0 What's Changed

Cache NJsonSchema properties in JsonReferenceResolver by @lahma in Cache NJsonSchema properties in JsonReferenceResolver RicoSuter/NJsonSchema#1817
Avoid trying JsonSchema construction for object having boolean required by @lahma in Avoid trying JsonSchema construction for object having boolean required RicoSuter/NJsonSchema#1818
Optimize AsyncJsonReferenceVisitorBase.Visit by @lahma in Optimize AsyncJsonReferenceVisitorBase.Visit RicoSuter/NJsonSchema#1819
Allow customizing FluidParser construction by @lahma in Allow customizing FluidParser construction RicoSuter/NJsonSchema#1822
Add support for testing whether TS code compiles with tsc by @lahma in Add support for testing whether TS code compiles with tsc RicoSuter/NJsonSchema#1824
Fix ApplyRangeAttribute failing when min/max is specified as string by @sindrekroknes in fix ApplyRangeAttribute failing when min/max is specified as string RicoSuter/NJsonSchema#1831
Add ability to overwrite templates multiple times using templateFolder by @Georgy-Losenkov in Add ability to overwrite templates multiple times using templateFolder RicoSuter/NJsonSchema#1835
Convert to using TS as TYPE instead cast with <TYPE> by @lahma in Convert to using TS "as TYPE" instead cast with <TYPE> RicoSuter/NJsonSchema#1837
Convert to using proper Verify tests in TypeScript testing by @lahma in Convert to using proper Verify tests in TypeScript testing RicoSuter/NJsonSchema#1838
Convert to using proper Verify tests in C# testing by @lahma in Convert to using proper Verify tests in C# testing RicoSuter/NJsonSchema#1839
Upgrade testing related NuGet packages by @lahma in Upgrade testing related NuGet packages RicoSuter/NJsonSchema#1840
Upgrade to Fluid 2.25 by @lahma in Upgrade to Fluid 2.25 RicoSuter/NJsonSchema#1842
Use ValueStringBuilder in ConvertDashesToCamelCase by @lahma in Use ValueStringBuilder in ConvertDashesToCamelCase RicoSuter/NJsonSchema#1844
C# generator: create anonymous types with camel casing (3rd attempt) by @WolfgangHG in C# generator: create anoymous types with camel casing (3rd attempt) RicoSuter/NJsonSchema#1828
Support configuring whether constructor parameter are sorted by @manfred-brands in Support configuring whether constructor parameter are sorted RicoSuter/NJsonSchema#1399
Fixed validation of JTokens with type Uri by @ertrumbl in Fixed validation of JTokens with type Uri RicoSuter/NJsonSchema#1403
Convert more tests to use verify by @lahma in Convert more tests to use verify RicoSuter/NJsonSchema#1845
Replace remaining any cast with as any by @lahma in Replace remaining any cast with as any RicoSuter/NJsonSchema#1846
Convert to xUnit v3 by @lahma in Convert to xUnit v3 RicoSuter/NJsonSchema#1848
Support description for each x-enumNames value by @lekhmanrus in Support description for each x-enumNames value RicoSuter/NJsonSchema#1789
Remove some unnecessary LINQ usage by @lahma in Remove some unnecessary LINQ usage RicoSuter/NJsonSchema#1849
Optimize camel-casing logic by @lahma in Optimize camel-casing logic RicoSuter/NJsonSchema#1850

New Contributors

@sindrekroknes made their first contribution in fix ApplyRangeAttribute failing when min/max is specified as string RicoSuter/NJsonSchema#1831
@manfred-brands made their first contribution in Support configuring whether constructor parameter are sorted RicoSuter/NJsonSchema#1399
@ertrumbl made their first contribution in Fixed validation of JTokens with type Uri RicoSuter/NJsonSchema#1403

Full Changelog: RicoSuter/NJsonSchema@v11.3.2...v11.4.0

Commits viewable in compare view.

Updated Polly from 8.6.1 to 8.6.2.

Release notes

Sourced from Polly's releases.

8.6.2 What's Changed

Performance tweaks by @martincostello in Performance tweaks App-vNext/Polly#2667
Update dependencies by @martincostello in Update dependencies App-vNext/Polly#2668
Update benchmark results by @martincostello in Update benchmark results App-vNext/Polly#2669

New Contributors

@pentp made their first contribution in Performance tweaks App-vNext/Polly#2667

Full Changelog: App-vNext/Polly@8.6.1...8.6.2

Commits viewable in compare view.

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps Amazon.CDK.Lib from 2.203.0 to 2.208.0 Bumps Amazon.Lambda.Core to 2.7.0 Bumps Aspire.Hosting.Testing from 9.3.1 to 9.4.0 Bumps AWS.Lambda.Powertools.Logging to 2.0.1 Bumps AWSSDK.DynamoDBv2 to 4.0.3.1 Bumps AWSSDK.EventBridge from 3.7.406.1 to 4.0.3.1 Bumps AWSSDK.SimpleNotificationService from 3.7.400.172 to 4.0.0.15 Bumps AWSSDK.SimpleSystemsManagement to 4.0.2.5 Bumps AWSSDK.StepFunctions from 3.7.403.115 to 4.0.0.17 Bumps Datadog.Trace to 3.22.0 Bumps FluentValidation from 11.11.0 to 12.0.0 Bumps Microsoft.Extensions.DependencyInjection.Abstractions from 9.0.6 to 9.0.7 Bumps NJsonSchema to 11.4.0 Bumps Polly to 8.6.2 --- updated-dependencies: - dependency-name: Amazon.CDK.Lib dependency-version: 2.208.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Amazon.Lambda.Core dependency-version: 2.7.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Amazon.Lambda.Core dependency-version: 2.7.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Aspire.Hosting.Testing dependency-version: 9.4.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: AWS.Lambda.Powertools.Logging dependency-version: 2.0.1 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: AWS.Lambda.Powertools.Logging dependency-version: 2.0.1 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: AWSSDK.DynamoDBv2 dependency-version: 4.0.3.1 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.DynamoDBv2 dependency-version: 4.0.3.1 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.DynamoDBv2 dependency-version: 4.0.3.1 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.EventBridge dependency-version: 4.0.3.1 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.SimpleNotificationService dependency-version: 4.0.0.15 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.SimpleSystemsManagement dependency-version: 4.0.2.5 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.SimpleSystemsManagement dependency-version: 4.0.2.5 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: AWSSDK.StepFunctions dependency-version: 4.0.0.17 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: Datadog.Trace dependency-version: 3.22.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Datadog.Trace dependency-version: 3.22.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Datadog.Trace dependency-version: 3.22.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: FluentValidation dependency-version: 12.0.0 dependency-type: direct:production update-type: version-update:semver-major - dependency-name: Microsoft.Extensions.DependencyInjection.Abstractions dependency-version: 9.0.7 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: NJsonSchema dependency-version: 11.4.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: NJsonSchema dependency-version: 11.4.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: NJsonSchema dependency-version: 11.4.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: Polly dependency-version: 8.6.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: Polly dependency-version: 8.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…-4c875176d4

claude · 2025-09-02T10:28:30Z

Claude finished @dependabot[bot]'s task —— View job

PR Review: Dependency Updates

Reviewing this dependency update PR with focus on code quality, security, and compatibility.

Todo List:

Read repository guidelines (CLAUDE.md)
Analyze changed .csproj files
Review major version updates for breaking changes
Assess security implications
Check for potential compatibility issues
Provide comprehensive feedback and recommendations

🔍 Review Summary

This PR updates 14 NuGet packages across 3 projects in the order service. While most updates are patch/minor versions, there are several major version bumps that require careful attention.

⚠️ Critical Issues & Breaking Changes

1. FluentValidation 11.11.0 → 12.0.0 (MAJOR)

Breaking Change: FluentValidation 12.x drops support for .NET 6, .NET 7, and .NET Standard 2.x
Issue: The main projects target .NET 8, but this is still a major version change with potential API changes
Risk: Medium - Could break existing validation logic
Recommendation: Review validation code and test thoroughly

2. AWS SDK Packages 3.x → 4.x (MAJOR)

Multiple AWS SDK packages were upgraded from v3 to v4:

AWSSDK.DynamoDBv2: 3.7.408.1 → 4.0.3.1
AWSSDK.EventBridge: 3.7.406.1 → 4.0.3.1
AWSSDK.SimpleNotificationService: 3.7.400.172 → 4.0.0.15
AWSSDK.SimpleSystemsManagement: 3.7.406.1 → 4.0.2.5
AWSSDK.StepFunctions: 3.7.403.115 → 4.0.0.17
Breaking Change: AWS SDK v4 includes significant API changes
Issue: These are major version updates with potential breaking changes
Risk: High - Could break AWS service integrations
Recommendation: Critical - Test all AWS integrations thoroughly

3. Aspire.Hosting.Testing 9.3.1 → 9.4.0 (MINOR)

Issue: Minor version update, but Aspire is still evolving rapidly
Risk: Low-Medium - Could affect testing infrastructure
Note: Only used in unit tests

🔧 Configuration Issues

1. Target Framework Mismatch

Issue: CLAUDE.md specifies .NET 9 and C# 12+, but projects target .NET 8
Impact: Not using latest language features and runtime improvements
Recommendation: Consider upgrading to .NET 9 to align with guidelines

2. FluentAssertions Version Conflict

Issue: CLAUDE.md specifies "FluentAssertions no higher than version 7", but unit tests use v8.4.0
Impact: Violates established guidelines
Recommendation: Downgrade FluentAssertions or update guidelines

3. Integration Test Dependencies

Issue: Integration tests still use AWS SDK v3 packages while main projects use v4
Files: Orders.IntegrationTests.csproj (lines 12, 24)
Impact: Version mismatch could cause test failures
Recommendation: Update integration test dependencies to match main projects

✅ Positive Updates

Security & Performance Improvements:

Datadog.Trace: 3.20.0 → 3.22.0 - Includes security fixes and performance improvements
Polly: 8.6.1 → 8.6.2 - Performance optimizations
Microsoft.Extensions.DependencyInjection.Abstractions: 9.0.6 → 9.0.7 - Bug fixes
NJsonSchema: 11.3.2 → 11.4.0 - Performance optimizations and caching improvements

📋 Testing & Quality Concerns

1. Missing Migration Testing

Issue: No evidence of testing for major version API changes
Risk: Runtime failures in production
Recommendation: Run comprehensive integration tests

2. Test Coverage for Breaking Changes

Issue: Major version updates should include regression testing
Recommendation: Focus testing on:
- FluentValidation rule behavior
- AWS SDK API calls
- DynamoDB operations
- EventBridge publishing
- SNS messaging

🚨 Immediate Action Required

Test AWS SDK v4 Integration - Critical priority
- Verify DynamoDB operations work correctly
- Test EventBridge event publishing
- Validate SNS messaging functionality
- Check Step Functions integration
Fix Version Inconsistencies
- Update integration test AWS SDK versions
- Resolve FluentAssertions version conflict
Review FluentValidation Usage
- Check for deprecated APIs
- Verify validation behavior hasn't changed

💡 Recommendations

Short Term:

Run full integration test suite focusing on AWS services
Update integration test dependencies to match main projects
Review and test FluentValidation rules

Long Term:

Consider upgrading to .NET 9 per CLAUDE.md guidelines
Establish dependency update testing procedures
Implement automated compatibility testing

📊 Risk Assessment

High Risk: AWS SDK v4 major version changes
Medium Risk: FluentValidation v12 breaking changes
Low Risk: Other minor/patch updates

Overall Assessment: This PR contains significant breaking changes that require thorough testing before deployment.

dependabot bot added .NET dependencies Pull requests that update a dependency file labels Aug 1, 2025

dependabot bot requested a review from jeastham1993 as a code owner August 1, 2025 13:10

dependabot bot added .NET dependencies Pull requests that update a dependency file labels Aug 1, 2025

Merge branch 'main' into dependabot/nuget/src/order-service/cdk/multi…

9582332

…-4c875176d4

jeastham1993 merged commit 1326b22 into main Sep 2, 2025
8 of 10 checks passed

jeastham1993 deleted the dependabot/nuget/src/order-service/cdk/multi-4c875176d4 branch September 2, 2025 10:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump Amazon.CDK.Lib and 13 others #425

Bump Amazon.CDK.Lib and 13 others #425

Uh oh!

dependabot bot commented on behalf of github Aug 1, 2025 •

edited

Loading

Uh oh!

Uh oh!

claude bot commented Sep 2, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump Amazon.CDK.Lib and 13 others #425

Bump Amazon.CDK.Lib and 13 others #425

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

2.208.0

Features

Bug Fixes

Alpha modules (2.208.0-alpha.0)

Features

2.207.0

Features

Bug Fixes

Alpha modules (2.207.0-alpha.0)

2.206.0

Features

Alpha modules (2.206.0-alpha.0)

2.205.0

Features

Bug Fixes

⚠ CHANGES TO L1 RESOURCES

Alpha modules (2.205.0-alpha.0)

2.204.0

Features

Bug Fixes

Alpha modules (2.204.0-alpha.0)

Features

2.203.1

Bug Fixes

Alpha modules (2.203.1-alpha.0)

9.4.0

What's Changed

9.3.2

What's Changed

3.22.0

Summary

Changes

Tracer

CI Visibility

ASM

Continuous Profiler

Debugger

Serverless

Miscellaneous

3.21.0

Summary

Changes

Tracer

CI Visibility

ASM

Continuous Profiler

Debugger

Serverless

Fixes

Build / Test

3.20.1

Summary

Changes

Continuous Profiler

Miscellaneous

Build / Test

12.0.0

Release notes

Changes in 12.0.0

Downloads

9.0.7

What's Changed

11.4.0

What's Changed

New Contributors

8.6.2

What's Changed

New Contributors

Uh oh!

Uh oh!

claude bot commented Sep 2, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

PR Review: Dependency Updates

Todo List:

dependabot bot commented on behalf of github Aug 1, 2025 •

edited

Loading

claude bot commented Sep 2, 2025 •

edited

Loading