Skip to content

chore(deps): bump the production-minor-patch group across 1 directory with 2 updates#208

Merged
Musiker15 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-612a1cdd70
Jul 17, 2026
Merged

chore(deps): bump the production-minor-patch group across 1 directory with 2 updates#208
Musiker15 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/production-minor-patch-612a1cdd70

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-minor-patch group with 2 updates in the / directory: ws and @aws-sdk/client-s3.

Updates ws from 8.21.0 to 8.21.1

Release notes

Sourced from ws's releases.

8.21.1

Bug fixes

  • Empty fragments are now counted toward the limit (a2f4e7c0).
  • The default values of the maxBufferedChunks and maxFragments options have been reduced (f197ac65).
Commits
  • ae1de54 [dist] 8.21.1
  • 8e9511b [ci] Trust Coveralls Homebrew tap
  • f197ac6 [fix] Lower default values of maxBufferedChunks and maxFragments
  • 8df8265 [ci] Update actions/checkout action to v7
  • a2f4e7c [fix] Count empty fragments toward the limit (#2329)
  • e79f912 [pkg] Approve install scripts for bufferutil and utf-8-validate
  • 4ea355d [doc] Document 32-bit signed integer coercion for option values
  • 2120f4c [example] Remove uuid dependency
  • 4c534a6 [security] Add latest vulnerability to SECURITY.md
  • See full diff in compare view

Updates @aws-sdk/client-s3 from 3.1085.0 to 3.1087.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1087.0

3.1087.0(2026-07-14)

Chores
  • codegen: sync for codegen and include OAuthIAM operation for signin list (#8190) (a20c28de)
  • deps-dev: bump yarn to 4.17.1 (#8188) (b2a5750c)
New Features
  • client-mq: This release adds storage size parameter for Amazon MQ for RabbitMQ cluster deployment broker on engine version RabbitMQ 4.2. You can now set a configurable storage size within a range of sizes dependent on broker instance size. (a19e4c8b)
  • client-connect: This release adds SearchRules API which can be used to search for rules within an Amazon Connect instance. (f29288c7)
  • client-ssm: Update AWS Systems Manager Automation Targets to be correct max value. (7506cef1)
  • client-servicediscovery: Fixed Cloud Map endpoint resolution to correctly route to the dualstack endpoint when dualstack is enabled. (f853718e)
  • client-lambda: AWS Lambda now returns a new DependencyError value in StateReasonCode and LastUpdateStatusReasonCode to provide more actionable information when a function reaches a failed state due to an error from an upstream dependency or service. (aa8732a0)
  • client-emr-containers: Introduced 5 new fields across 3 APIs as part of Spark Connect server launch for EMR on EKS. The fields added are sessionIdleTimeoutInMinutes, sessionEnabled, endpointToken, authProxyUrl and encryptionKeyArn. (a62275e3)
  • client-securityhub: AWS Security Hub now provides an AI inventory, giving central security teams a continuously updated, organization-wide view of AI assets and their security posture (e5e2f52e)
  • client-drs: Fast recovery of EC2 based drs workloads by skipping the conversion step (89a090d8)
Bug Fixes
  • scripts: add typesVersions entries for submodules (#8186) (9eade269)
Tests

For list of updated packages, view updated-packages.md in assets-3.1087.0.zip

v3.1086.0

3.1086.0(2026-07-13)

New Features
  • clients: update client endpoints as of 2026-07-13 (22a3bc51)
  • client-guardduty: GuardDuty AI Protection is now publicly available. Findings include Bedrock guardrail details, model details, observation numbers, and continuous scan details. GuardrailArn and GuardrailVersion are deprecated in favor of the guardrails list. (7456befb)
  • client-gamelift: Amazon GameLift Servers now includes fleet expiration for managed fleets. A managed fleet expires one year after creation, transitioning to EXPIRED status, emitting a FLEET EXPIRED event, and scaling to zero instances. Expired fleets cannot host new game sessions or increase capacity. (ca1487ca)
  • client-redshift-serverless: Add support for preserving datasharing, zero-ETL and S3 event integrations on snapshot restore to serverless namespace. (0ed5e330)
  • client-elasticsearch-service: Adds support for the EngineMode and UseCase parameters on Amazon Elasticsearch Service domains, enabling GENERAL or OPTIMIZED engine modes and SEARCH, VECTOR, OBSERVABILITY, or MIXED usecases when creating and updating domain configurations. (f8248f27)
  • client-lambda: Add Java 8, 11 and 17 on AL2023 (java8.al2023, java11.al2023, java17.al2023) support to AWS Lambda. (b9cd8db4)
Bug Fixes
  • credential-providers: memoization in fromNodeProviderChain (#8185) (1f878bad)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1087.0 (2026-07-14)

Note: Version bump only for package @​aws-sdk/client-s3

3.1086.0 (2026-07-13)

Note: Version bump only for package @​aws-sdk/client-s3

Commits
  • ec24bb4 Publish v3.1087.0
  • a20c28d chore(codegen): sync for codegen and include OAuthIAM operation for signin li...
  • 64c3e50 Publish v3.1086.0
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… with 2 updates

Bumps the production-minor-patch group with 2 updates in the / directory: [ws](https://github.com/websockets/ws) and [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3).


Updates `ws` from 8.21.0 to 8.21.1
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.21.0...8.21.1)

Updates `@aws-sdk/client-s3` from 3.1085.0 to 3.1087.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1087.0/clients/client-s3)

---
updated-dependencies:
- dependency-name: ws
  dependency-version: 8.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1087.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 15, 2026
@dependabot
dependabot Bot requested a review from Musiker15 as a code owner July 15, 2026 06:30
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 15, 2026
@Musiker15

Copy link
Copy Markdown
Member

Not a code failure: blocked only by our pnpm minimumReleaseAge policy (18 lockfile entries published today, under the ~24h cutoff). The deploy enforces the same frozen-install check, so merging now would break the deploy until the packages age. Will be mergeable once they age (re-run / Dependabot rebase tomorrow).

@Musiker15
Musiker15 merged commit 646aeda into main Jul 17, 2026
3 of 5 checks passed
@Musiker15
Musiker15 deleted the dependabot/npm_and_yarn/production-minor-patch-612a1cdd70 branch July 17, 2026 08:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant