chore(release): 2.136.0 #29747
Merged
chore(release): 2.136.0 #29747
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Issue #29637 Closes #29637 ### Reason for this change Allow setting the enableExecuteCommand for ECSRunTask in sfn ### Description of changes Add the enableExecuteCommand property to the EcsRunTaskProps, to start the task from step functions with execution command enabled. ### Description of how you validated changes Unit-test added. Existing ones passed. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #27504 ### Reason for this change The current validation of `repoString` in constructor of `CodeStarConnectionSource` does not support nested repository that can appear in GitLab. ### Description of changes The validation is fixed to accept nested repository. ### Description of how you validated changes I added unit tests and confirmed all tests passed. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Some customers have typo'd `--no-changeset` where `--no-change-set` was expected. Make these two aliases of each other since they're easy to mix up, and this flag being valid changes the permissions used by diff, which will cause errors in certain environments. tested manually. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…tion types (#29515) Closes. #29514 ### Reason for this change Adding the same lambda as the action for multiple status changes (alarm, ok, insufficient data) causes an error because of logical id conflicts. ### Description of changes Before adding the `lambda:InvokeFunction` permission to the lambda's resource policy, it checks to see if one already exists. I considered not including this change under the `LAMBDA_PERMISSION_LOGICAL_ID_FOR_LAMBDA_ACTION` feature flag but, it breaks the `throws when multiple alarms are created for the same lambda if feature flag is set to false` test because it no longer throws. I understand that a major goal of the project is to keep behavior consistent however, it seems like it would be beneficial to fix an undesirable behavior without the need of configuring a feature flag. This is my first contribution so I am new to this, could my change warrant its own feature flag? ### Description of how you validated changes Expanded upon existing unit tests. ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ncipals (#29452) ### Issue #24507 ### Reason for this change grantAssumeRole silently fails if a Service Principal or Account Principal is used which led me to a false assumption about the correctness of a role's permission scope ### Description of changes This change will throw an error if a Service Principal is used. I was unable to find a way to accomplish the same behavior for Account Principals. Documentation was updated to help guide a user to the appropriate function usage for Service and Account Principals. ### Description of how you validated changes * Added a unit test * This change required me to re-run two unrelated snapshot tests which were throwing errors outside of the scope of this change. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…roups (under feature flag) (#29513) ### Issue ELBv2 logicalId inconsistency of ApplicationListenerRule logicalIds Mitigates #29496 ### Reason for this change People using ALBs who need to migrate from the `addTargetGroups()` convenience method to the lower level `addAction()` method should not be blocked due to inconsistent logicalId's. Further, the logicalIds should be consistent going forward. ### Description of changes There are two feature flags, one which sets a migration compat mode and another which fixed the behaviour to be consistent. ### Description of how you validated changes Unit testing. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [undici](https://github.com/nodejs/undici) from 5.28.3 to 5.28.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v5.28.4</h2> <h2>:warning: Security Release :warning:</h2> <ul> <li>Fixes <a href="https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7">https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7</a> CVE-2024-30260</li> <li>Fixes <a href="https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672">https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672</a> CVE-2024-30261</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4">https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/fb983069071f52e0a7ea0e71078459c765aae172"><code>fb98306</code></a> Bumped v5.28.4</li> <li><a href="https://github.com/nodejs/undici/commit/2b39440bd9ded841c93dd72138f3b1763ae26055"><code>2b39440</code></a> Merge pull request from GHSA-9qxr-qj54-h672</li> <li><a href="https://github.com/nodejs/undici/commit/64e3402da4e032e68de46acb52800c9a06aaea3f"><code>64e3402</code></a> Merge pull request from GHSA-m4v8-wqvr-p9f7</li> <li><a href="https://github.com/nodejs/undici/commit/723c4e728051aefd5eb5ae7193dfb18046009f83"><code>723c4e7</code></a> Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (<a href="https://github.com/nodejs/undici/issues/2389">#2389</a>)"</li> <li><a href="https://github.com/nodejs/undici/commit/0e9d54b2c2a5ec0b58937114c857a9ed9fe22d5b"><code>0e9d54b</code></a> skip failing test due to Node.js changes</li> <li>See full diff in <a href="https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws/aws-cdk/network/alerts). </details>
By default, stickiness is disabled. The duration _is_ one day if stickiness is enabled, but we don't surface that option to users. If `stickinessCookieDuration` is not supplied, stickiness will not be enabled so the 1 day default doesn't make sense here. Closes #29725. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #29410. ### Reason for this change It was reported that a `Code.fromAsset('')` was creating an infinite loop by including itself through `cdk.out`. This is caused by the following line: https://github.com/aws/aws-cdk/blob/730fe63efc461c14f6e2b4aa9206c10f9b0f4cd9/packages/aws-cdk-lib/aws-s3-assets/lib/asset.ts#L145 If an empty string is given to `path.resolve()`, the current working directory is returned. ### Description of changes I've added a check that verifies that the given `path` property is not empty. ### Description of how you validated changes I've added a test for both the `aws-lambda` package, where the issue was originally reported, and `aws-s3-assets`, where the fix was implemented ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ps (#29686) ### Issue #29687 Closes ##29687 ### Reason for this change Since `instanceProps` is deprecated it is better to allow setting `PreferredMaintenanceWindow` using writer and readers props. ### Description of changes Added optional preferredMaintenanceWindow field to ClusterInstanceOptions and added a unit test. ### Description of how you validated changes - Add a single unit test ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…29718) Closes #29650 ### Description of changes This addresses the issue in two ways: 1. If the describeStacks call errors out, we now catch it and default to classic diff behavior. 2. The describeStacks call now tries to use the lookup role rather than the deploy role. ### Description of how you validated changes Manual testing with a user that could only assume lookup roles. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
aws-cdk-automation
had a problem deploying
to
test-pipeline
GitHub Actions
Failure
scanlonp
added
pr/do-not-merge
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG