v3.3.17

What's Changed

• Release 3.3.17 by @gsingh04 in #152

Security

• Bump webpack-dev-server to mitigate CVE-2025-30360

Changed

• Remove requirements.txt in favor of poetry.lock for dependency management with poetry
• Refactor lambda as standard python package with poetry

Full Changelog: v3.3.16...v3.3.17

v3.3.16

What's Changed

• Release 3.3.16 by @gsingh04 in #151

Security

• Bump http-proxy-middleware to 2.0.9 to mitigate CVE-2025-32997

Fixed

• Remove setuptools and pkg_resources from lambda packaging
• Remove event verbose log at INFO level
• Respect tag case when copying vpc tags on TGW attachments
• Add dependency for CSP resource on DeployWebUiCondition

Full Changelog: v3.3.15...v3.3.16

v3.3.15

What's Changed

• Release 3.3.15 by @gsingh04 in #148

Security

• Bump aws-amplify to 5.3.27
• Allow only TLS requests on S3 bucket through bucket policy
• Add CSP security headers on CloudFront
• Enable MFA for authentication by default
• Add AWS Managed WAF rules to ACL
• Disable introspection queries on AppSync endpoint

Changed

• Disable verbose logging on the AppSync endpoint
• AppRegistry application tags at resource level

Fixed

• Remove unused http methods from cache behavior, Cloudfront only needs to process and forward GET/HEAD requests to S3 origin
• Improve error response for UpdateTransitNetworkOrchestratorTable API path

Full Changelog: v3.3.14...v3.3.15

v3.3.14

What's Changed

• Bump versions for 3.3.14 by @gsingh04 in #146

Security

• Bumped axios to 1.8.2 to mitigate CVE-2025-27152
• Bumped @babel/runtime, @babel/helpers to 7.26.10 to mitigate CVE-2025-27789

Full Changelog: v3.3.13...v3.3.14

v3.3.13

What's Changed

• Release 3.3.13 by @gsingh04 in #144

Security

• Bumped path-to-regexp to 0.1.12 to mitigate CVE-2024-52798
• Bumped nanoid to 3.3.8 to mitigate CVE-2024-55565

Full Changelog: v3.3.12...v3.3.13

v3.3.12

What's Changed

• Release 3.3.12 by @gsingh04 in #142

Security

• Bumped cross-spawn to 7.0.6 to mitigate CVE-2024-21538

Full Changelog: v3.3.11...v3.3.12

v3.3.11

What's Changed

• Release 3.3.11 by @gsingh04 in #139

[3.3.11] - 2024-10-31

Security

• Bumped http-proxy-middleware to 2.0.7 to mitigate CVE-2024-21536

Changed

• Moved spoke service linked role template as conditional nested stack under spoke stack

Full Changelog: v3.3.10...v3.3.11

Contributors

@cheng514
@nishikkr

v3.3.10

What's Changed

• Bump rollup to 2.79.2 by @gsingh04 in #134

[3.3.10] - 2024-10-10

Security

• Bumped rollup to 2.79.2 to mitigate CVE-2024-47068

Full Changelog: v3.3.9...v3.3.10

v3.3.9

What's Changed

• Release 3.3.9 by @gsingh04 in #132

[3.3.9] - 2024-09-16

Security

• Bumped micromatch to 4.0.8 to mitigate CVE-2024-4067
• Bumped webpack to 5.94.0 to mitigate CVE-2024-43788
• Bumped express to 4.21.0 to mitigate CVEs in sub-dependencies
• Bump path-to-regexp to 6.3.0 to address CVE-2024-45296

Full Changelog: v3.3.8...v3.3.9

v3.3.8

What's Changed

• Release 3.3.8 by @gsingh04 in #125

[3.3.8] - 2024-08-15

Fixed

• #116
• #117
• IAM policy for StateMachineLambdaFunctionRole

Changed

• resource_exception_handler decorator does not catch IncorrectState botocore client errror, allowing the error to be raised as ResourceBusyException by service_exception_handler decorator

Security

• Bumped axios to 1.7.4 to mitigate CVE-2024-39338

Contributors

@ckamps

Full Changelog: v3.3.7...v3.3.8