Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: github-aws-runners/terraform-aws-github-runner
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v7.3.0
Choose a base ref
...
head repository: github-aws-runners/terraform-aws-github-runner
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v7.4.0
Choose a head ref
  • 13 commits
  • 44 files changed
  • 13 contributors

Commits on Jan 30, 2026

  1. feat(control-plane): tag control plane created SSM Parameters (#4833) ( 

    …#4834)

Introducing a new variable `parameter_store_tags` to add tags for all
the SSM Parameter Store resources created via Scale-Up and Pool lambda
function.

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
Co-authored-by: Brend Smits <brend.smits@philips.com>
    @wadherv @github-actions
    @npalm @Brend-Smits
    4 people authored Jan 30, 2026
    Configuration menu
    Copy the full SHA
    7e1a0a1 View commit details
    Browse the repository at this point in the history

  2. feat: use prefix variable for POWERTOOLS_SERVICE_NAME in Lambda funct… 

    …ions (#4948)

Updates `POWERTOOLS_SERVICE_NAME` to use the `prefix` variable instead
of hardcoded values in pool, ami-housekeeper, scale-down, scale-up,
webhook and dispatcher Lambda functions.

## Why
- function names already include prefix, `POWERTOOLS_SERVICE_NAME`
should too

Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
    @alexalbu001 @npalm
    alexalbu001 and npalm authored Jan 30, 2026
    Configuration menu
    Copy the full SHA
    8bd61d2 View commit details
    Browse the repository at this point in the history

  3. fix(lambda): bump the aws group in /lambdas with 7 updates (#4998) 

    Bumps the aws group in /lambdas with 7 updates:

| Package | From | To |
| --- | --- | --- |
|
[@aws-sdk/client-ec2](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ec2)
| `3.964.0` | `3.965.0` |
|
[@aws-sdk/client-ssm](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ssm)
| `3.964.0` | `3.965.0` |
|
[@aws-sdk/types](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/types)
| `3.957.0` | `3.965.0` |
|
[@aws-sdk/client-sqs](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sqs)
| `3.964.0` | `3.965.0` |
|
[@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3)
| `3.964.0` | `3.965.0` |
|
[@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage)
| `3.964.0` | `3.965.0` |
|
[@aws-sdk/client-eventbridge](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-eventbridge)
| `3.964.0` | `3.965.0` |

Updates `@aws-sdk/client-ec2` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-ec2</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ec2/CHANGELOG.md"><code>@​aws-sdk/client-ec2</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-ec2</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ec2/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/clients/client-ec2">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-ssm` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-ssm</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ssm/CHANGELOG.md"><code>@​aws-sdk/client-ssm</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-ssm</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ssm/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/clients/client-ssm">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/types` from 3.957.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/types</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
<h2>v3.964.0</h2>
<h4>3.964.0(2026-01-06)</h4>
<h5>Chores</h5>
<ul>
<li><strong>core:</strong> ensure package build order (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7623">#7623</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/3fa6ead66c30328f402461afda44f8ea769d0b79">3fa6ead6</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>client-cost-explorer:</strong> This release updates existing
reservation recommendations API to support deployment model. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/c9e728da65fc98ee3da8d145c0c39a37f327f7dd">c9e728da</a>)</li>
<li><strong>client-emr-serverless:</strong> Added support for enabling
disk encryption using customer managed AWS KMS keys to
CreateApplication, UpdateApplication and StartJobRun APIs. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9d932c38fdfacf45989a4bb733e10d9dddb91824">9d932c38</a>)</li>
</ul>
<h5>Bug Fixes</h5>
<ul>
<li><strong>core:</strong> make CREDENTIALS_CODE mutually exclusive with
other credential sources (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7615">#7615</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/05e017ef8879b33a3fbe8a27df7a5b662831178d">05e017ef</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.964.0.zip</strong></p>
<h2>v3.963.0</h2>
<h4>3.963.0(2026-01-05)</h4>
<h5>New Features</h5>
<ul>
<li><strong>client-cleanroomsml:</strong> AWS Clean Rooms ML now
supports advanced Spark configurations to optimize SQL performance when
creating an MLInputChannel or an audience generation job. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/5e2a5e9ee5f2fe62244ed7f83820d0421e3188fb">5e2a5e9e</a>)</li>
</ul>
<h5>Tests</h5>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/packages/types/CHANGELOG.md"><code>@​aws-sdk/types</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/types</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/packages/types/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/packages/types">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-sqs` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-sqs</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-sqs/CHANGELOG.md"><code>@​aws-sdk/client-sqs</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-sqs</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sqs/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/clients/client-sqs">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-s3` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-s3</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md"><code>@​aws-sdk/client-s3</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-s3</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/clients/client-s3">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/lib-storage` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/lib-storage</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md"><code>@​aws-sdk/lib-storage</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/lib-storage</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/lib/lib-storage">compare
view</a></li>
</ul>
</details>
<br />

Updates `@aws-sdk/client-eventbridge` from 3.964.0 to 3.965.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/releases"><code>@​aws-sdk/client-eventbridge</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.965.0</h2>
<h4>3.965.0(2026-01-07)</h4>
<h5>Chores</h5>
<ul>
<li>upgrade rimraf (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7626">#7626</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e">9a090faf</a>)</li>
</ul>
<h5>New Features</h5>
<ul>
<li><strong>clients:</strong> update client endpoints as of 2026-01-07
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/a77238b48a6ff8c6d3889533a6b23e3c4815fc4e">a77238b4</a>)</li>
<li><strong>client-workspaces:</strong> Add StateMessage and
ProgressPercentage fields to DescribeCustomWorkspaceImageImport API
response. (<a
href="https://github.com/aws/aws-sdk-js-v3/commit/fe652fb5ea11048f611a06e03b9181ef85614e5d">fe652fb5</a>)</li>
</ul>
<h5>Tests</h5>
<ul>
<li><strong>core:</strong> reduce nesting depth of test structures (<a
href="https://redirect.github.com/aws/aws-sdk-js-v3/pull/7624">#7624</a>)
(<a
href="https://github.com/aws/aws-sdk-js-v3/commit/552e8329cb40fbcf6e91591562080a3939441aa2">552e8329</a>)</li>
</ul>
<hr />
<p>For list of updated packages, view
<strong>updated-packages.md</strong> in
<strong>assets-3.965.0.zip</strong></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-eventbridge/CHANGELOG.md"><code>@​aws-sdk/client-eventbridge</code>'s
changelog</a>.</em></p>
<blockquote>
<h1><a
href="https://github.com/aws/aws-sdk-js-v3/compare/v3.964.0...v3.965.0">3.965.0</a>
(2026-01-07)</h1>
<p><strong>Note:</strong> Version bump only for package
<code>@​aws-sdk/client-eventbridge</code></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/1eea89d8b4afcdf3fc9453f8a91682697d0e930c"><code>1eea89d</code></a>
Publish v3.965.0</li>
<li><a
href="https://github.com/aws/aws-sdk-js-v3/commit/9a090faf93be689bb2d5e46ec15e5bda8ba16f4e"><code>9a090fa</code></a>
chore: upgrade rimraf (<a
href="https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-eventbridge/issues/7626">#7626</a>)</li>
<li>See full diff in <a
href="https://github.com/aws/aws-sdk-js-v3/commits/v3.965.0/clients/client-eventbridge">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 30, 2026
    Configuration menu
    Copy the full SHA
    d373bcc View commit details
    Browse the repository at this point in the history

  4. chore(lambda): bump @swc/core from 1.15.1 to 1.15.8 in /lambdas (#5000) 

    Bumps [@swc/core](https://github.com/swc-project/swc) from 1.15.1 to
1.15.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/swc-project/swc/blob/main/CHANGELOG.md"><code>@​swc/core</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>[1.15.8] - 2025-12-30</h2>
<h3>Bug Fixes</h3>
<ul>
<li>
<p><strong>(es/minifier)</strong> Remove unused webpack-related code (<a
href="https://redirect.github.com/swc-project/swc/issues/11397">#11397</a>)
(<a
href="https://github.com/swc-project/swc/commit/8e4eab4c900d5a870788388cd32c35a32104643d">8e4eab4</a>)</p>
</li>
<li>
<p><strong>(es/minifier)</strong> Evaluate TemplateLiteral in
BinaryExpression (<a
href="https://redirect.github.com/swc-project/swc/issues/11406">#11406</a>)
(<a
href="https://github.com/swc-project/swc/commit/8d1b6f613e61b7d7cf9ac9b9071bbe671b8baa8c">8d1b6f6</a>)</p>
</li>
<li>
<p><strong>(es/minifier)</strong> More strict check if cannot add ident
when invoking IIFE (<a
href="https://redirect.github.com/swc-project/swc/issues/11399">#11399</a>)
(<a
href="https://github.com/swc-project/swc/commit/03642aafd32af9d07803603795ae13b0fc80bf3a">03642aa</a>)</p>
</li>
</ul>
<h3>Features</h3>
<ul>
<li>
<p><strong>(es/minifier)</strong> Support BinaryExpression for Evaluator
(<a
href="https://redirect.github.com/swc-project/swc/issues/11390">#11390</a>)
(<a
href="https://github.com/swc-project/swc/commit/6c76f0adc39cbc72cbf3b81fdc2f521a5d0b6f7b">6c76f0a</a>)</p>
</li>
<li>
<p><strong>(es/transformer)</strong> Merge <code>static_blocks</code>
(<a
href="https://redirect.github.com/swc-project/swc/issues/11403">#11403</a>)
(<a
href="https://github.com/swc-project/swc/commit/55a5083f02e2eabd79e0839268f0a74aff2f69a4">55a5083</a>)</p>
</li>
</ul>
<h3>Performance</h3>
<ul>
<li>
<p><strong>(es/parser)</strong> Remove <code>Iterator</code>
implementation for <code>Lexer</code> (<a
href="https://redirect.github.com/swc-project/swc/issues/11393">#11393</a>)
(<a
href="https://github.com/swc-project/swc/commit/59410188a2037ab88b516cddf4401149cc739ee8">5941018</a>)</p>
</li>
<li>
<p><strong>(es/parser)</strong> Optimize
<code>do_outside_of_context</code> and <code>do_inside_of_context</code>
(<a
href="https://redirect.github.com/swc-project/swc/issues/11394">#11394</a>)
(<a
href="https://github.com/swc-project/swc/commit/4210cf1ca1ec37a624cbeb36d8821855c3f56d41">4210cf1</a>)</p>
</li>
<li>
<p><strong>(es/parser)</strong> Remove <code>is_first</code> in lexer
state (<a
href="https://redirect.github.com/swc-project/swc/issues/11395">#11395</a>)
(<a
href="https://github.com/swc-project/swc/commit/97d903b4e580e99d0a02463c0a38e780f76bd274">97d903b</a>)</p>
</li>
<li>
<p><strong>(es/parser)</strong> Use <code>byte_search</code> to optimize
<code>scan_jsx_token</code> (<a
href="https://redirect.github.com/swc-project/swc/issues/11398">#11398</a>)
(<a
href="https://github.com/swc-project/swc/commit/f9b4da2bd85d160b3ee4b3296ed520388675b90e">f9b4da2</a>)</p>
</li>
<li>
<p>Reduce binary size with panic=abort and ICU optimizations (<a
href="https://redirect.github.com/swc-project/swc/issues/11401">#11401</a>)
(<a
href="https://github.com/swc-project/swc/commit/18088b29826acd0948e9682e0de5ab47db399d32">18088b2</a>)</p>
</li>
</ul>
<h3>Refactor</h3>
<ul>
<li>
<p><strong>(es/compiler)</strong> Drop the crate (<a
href="https://redirect.github.com/swc-project/swc/issues/11407">#11407</a>)
(<a
href="https://github.com/swc-project/swc/commit/8faa14ec0882dc20780fdc2c1fdba93d6cde7772">8faa14e</a>)</p>
</li>
<li>
<p><strong>(es/minifier)</strong> Move drop_console and unsafes from
Pure to Optimizer (<a
href="https://redirect.github.com/swc-project/swc/issues/11388">#11388</a>)
(<a
href="https://github.com/swc-project/swc/commit/ee408042547f0c3fe4d3a5dd2599a7846b619852">ee40804</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/swc-project/swc/commit/f2432fe916bab3dc068768e96295d8e30e6de53a"><code>f2432fe</code></a>
chore: Publish <code>1.15.8</code> with <code>swc_core</code>
<code>v54.0.0</code></li>
<li><a
href="https://github.com/swc-project/swc/commit/9aa8df0ff084ab244e2b5da444d5f14516b5a07a"><code>9aa8df0</code></a>
chore: Update changelog</li>
<li><a
href="https://github.com/swc-project/swc/commit/a836b39f006355314a1de67715d1214c8ea3e931"><code>a836b39</code></a>
chore: Publish <code>1.15.8-nightly-20251230.1</code> with
<code>swc_core</code> <code>v54.0.0</code></li>
<li><a
href="https://github.com/swc-project/swc/commit/67b28d9637af2f243c34967a07aba33e57867060"><code>67b28d9</code></a>
chore: Publish crates with <code>swc_core</code>
<code>v54.0.0</code></li>
<li><a
href="https://github.com/swc-project/swc/commit/03642aafd32af9d07803603795ae13b0fc80bf3a"><code>03642aa</code></a>
fix(es/minifier): More strict check if cannot add ident when invoking
IIFE (#...</li>
<li><a
href="https://github.com/swc-project/swc/commit/8faa14ec0882dc20780fdc2c1fdba93d6cde7772"><code>8faa14e</code></a>
refactor(es/compiler): Drop the crate (<a
href="https://redirect.github.com/swc-project/swc/issues/11407">#11407</a>)</li>
<li><a
href="https://github.com/swc-project/swc/commit/8d1b6f613e61b7d7cf9ac9b9071bbe671b8baa8c"><code>8d1b6f6</code></a>
fix(es/minifier): Evaluate TemplateLiteral in BinaryExpression (<a
href="https://redirect.github.com/swc-project/swc/issues/11406">#11406</a>)</li>
<li><a
href="https://github.com/swc-project/swc/commit/55a5083f02e2eabd79e0839268f0a74aff2f69a4"><code>55a5083</code></a>
feat(es/transformer): Merge <code>static_blocks</code> (<a
href="https://redirect.github.com/swc-project/swc/issues/11403">#11403</a>)</li>
<li><a
href="https://github.com/swc-project/swc/commit/18088b29826acd0948e9682e0de5ab47db399d32"><code>18088b2</code></a>
perf: Reduce binary size with panic=abort and ICU optimizations (<a
href="https://redirect.github.com/swc-project/swc/issues/11401">#11401</a>)</li>
<li><a
href="https://github.com/swc-project/swc/commit/f9b4da2bd85d160b3ee4b3296ed520388675b90e"><code>f9b4da2</code></a>
perf(es/parser): Use <code>byte_search</code> to optimize
<code>scan_jsx_token</code> (<a
href="https://redirect.github.com/swc-project/swc/issues/11398">#11398</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/swc-project/swc/compare/v1.15.1...v1.15.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@swc/core&package-manager=npm_and_yarn&previous-version=1.15.1&new-version=1.15.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Jan 30, 2026
    Configuration menu
    Copy the full SHA
    e80baa2 View commit details
    Browse the repository at this point in the history

Commits on Feb 3, 2026

  1. fix: job retry mechanism not triggering (#4961) 

    This pull request adds comprehensive tests for the retry mechanism in
the `scaleUp` functionality and **re**introduces the
`publishRetryMessage` call to the scale-up process. The tests ensure
that the retry logic works correctly under various scenarios, such as
when jobs are queued, when the maximum number of runners is reached, and
when queue checks are disabled.

**Testing and Retry Mechanism Enhancements:**

* Added a new test suite "Retry mechanism tests" in `scale-up.test.ts`
to cover scenarios where `publishRetryMessage` should be called,
including: when jobs are queued, when maximum runners are reached, with
correct message structure, and when job queue checks are disabled.

**Other code Updates:**

* Fixed logic to skip runner creation if no new runners are needed by
checking if `newRunners <= 0` instead of comparing counts, improving
clarity and correctness.

<details><summary>Example scenarios for the above bug</summary>
<p>

Scenario 1
- Admin sets RUNNERS_MAXIMUM_COUNT=20
- System scales up to 15 active runners
- Admin reduces RUNNERS_MAXIMUM_COUNT=10 (cost control, policy change)
- Before those 15 runners terminate, new jobs arrive
- Bug triggers: newRunners = Math.min(scaleUp, 10-15) = -5
- Code tries to call createRunners({numberOfRunners: -5}) and fails

Scenario 2
- RUNNERS_MAXIMUM_COUNT=5
- Someone manually launches 8 EC2 instances with runner tags
- New jobs arrive
- Bug triggers: newRunners = Math.min(2, 5-8) = -3
- Code tries to call createRunners({numberOfRunners: -3}) and fails

Scenario 3
- Admin sets RUNNERS_MAXIMUM_COUNT=20
- System scales up to 15 active runners
- Admin reduces RUNNERS_MAXIMUM_COUNT=10 (cost control, policy change)
- Before those 15 runners terminate, new jobs arrive
- Bug triggers: newRunners = Math.min(scaleUp, 10-15) = -5
- Code tries to call createRunners({numberOfRunners: -5}) and fails

</p>
</details> 


We tested this in our staging environment and verified it's working.

Closes #4960

---------

Co-authored-by: Brend Smits <brend.smits@philips.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: npalm <11609620+npalm@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Brend-Smits <15904543+Brend-Smits@users.noreply.github.com>
Co-authored-by: Niek Palm <npalm@users.noreply.github.com>
    @stuartp44 @Brend-Smits
    @npalm
    7 people authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    5039ae5 View commit details
    Browse the repository at this point in the history

  2. fix(lambda): bump diff from 4.0.2 to 4.0.4 in /lambdas (#5004) 

    Bumps [diff](https://github.com/kpdecker/jsdiff) from 4.0.2 to 4.0.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5"><code>f06f3e4</code></a>
v4.0.4</li>
<li><a
href="https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75"><code>0179a48</code></a>
v4.0.3</li>
<li><a
href="https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683"><code>4568cae</code></a>
Backport <a
href="https://redirect.github.com/kpdecker/jsdiff/pull/649">kpdecker/jsdiff#649</a></li>
<li><a
href="https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a"><code>4de0ffa</code></a>
Backport <a
href="https://redirect.github.com/kpdecker/jsdiff/pull/647">kpdecker/jsdiff#647</a></li>
<li>See full diff in <a
href="https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~explodingcabbage">explodingcabbage</a>, a
new releaser for diff since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=diff&package-manager=npm_and_yarn&previous-version=4.0.2&new-version=4.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/github-aws-runners/terraform-aws-github-runner/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    cd86fe6 View commit details
    Browse the repository at this point in the history

  3. chore(deps): bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1 (#5012) 

    Bumps
[zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action)
from 0.3.0 to 0.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.1</h2>
<p>This version fixes an error in the 0.4.0 release that prevented
non-relative use
of the action.</p>
<h2>What's Changed</h2>
<ul>
<li>Fix version file path by <a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/83">zizmorcore/zizmor-action#83</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1">https://github.com/zizmorcore/zizmor-action/compare/v0.4.0...v0.4.1</a></p>
<h2>v0.4.0</h2>
<p>This new version of <code>zizmor-action</code> brings two major
changes:</p>
<ul>
<li>
<p>The new <code>fail-on-no-inputs</code> option can be used to control
whether
<code>zizmor-action</code> fails if no inputs were collected by
<code>zizmor</code>. The default
remains <code>true</code>, reflecting the pre-existing behavior.</p>
</li>
<li>
<p>The action's use of the official <code>zizmor</code> Docker images is
now fully
hash-checked internally, preventing accidental or malicious modification
to the images. This also means that subsequent releases of
<code>zizmor</code>
will induce a release of this action, rather than the action always
picking
up the latest version by default.</p>
</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>docs: extended permissions required for internal repos by <a
href="https://github.com/AntoineSebert"><code>@​AntoineSebert</code></a>
in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61">zizmorcore/zizmor-action#61</a></li>
<li>docs: clarify description of &quot;token&quot; to indicate it is
only used for online audits by <a
href="https://github.com/rmuir"><code>@​rmuir</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63">zizmorcore/zizmor-action#63</a></li>
<li>Hash-check zizmor Docker images by <a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/68">zizmorcore/zizmor-action#68</a></li>
<li>Add <code>fail-on-no-inputs</code> option by <a
href="https://github.com/woodruffw"><code>@​woodruffw</code></a> in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/67">zizmorcore/zizmor-action#67</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/AntoineSebert"><code>@​AntoineSebert</code></a>
made their first contribution in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/61">zizmorcore/zizmor-action#61</a></li>
<li><a href="https://github.com/rmuir"><code>@​rmuir</code></a> made
their first contribution in <a
href="https://redirect.github.com/zizmorcore/zizmor-action/pull/63">zizmorcore/zizmor-action#63</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0">https://github.com/zizmorcore/zizmor-action/compare/v0.3.0...v0.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/135698455da5c3b3e55f73f4419e481ab68cdd95"><code>1356984</code></a>
Fix version file path (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/83">#83</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/72469cf6cc7fbd7801d9b361f11f25c0b5fc9d42"><code>72469cf</code></a>
Bump pins in README (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/80">#80</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/3aa7e2f1ad15075829ef5158ee06938ae12e1769"><code>3aa7e2f</code></a>
Add fail-on-no-inputs tests (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/79">#79</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/92fc377b741151b893e77df75819fb34a198f677"><code>92fc377</code></a>
Sync zizmor versions (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/78">#78</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/5aff8efe9fc7bea2f977d55dcc7c98923f22d887"><code>5aff8ef</code></a>
Add <code>fail-on-no-inputs</code> option (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/67">#67</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/4d497b9cc8b9f59f4154478dffc4bab6a783fc69"><code>4d497b9</code></a>
Sync zizmor versions (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/75">#75</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/5fa0711fa51dd83a19dbfcf0195cfb02e61571ef"><code>5fa0711</code></a>
Fix sync-zizmor-versions (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/69">#69</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/c823f2c8e66ceac799af6d2d17b1d83b6d5a0177"><code>c823f2c</code></a>
Hash-check zizmor Docker images (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/68">#68</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/706c51b5bce7adb027de71ab36d865f5d3fcc7b7"><code>706c51b</code></a>
chore(deps): bump github/codeql-action in the github-actions group (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/66">#66</a>)</li>
<li><a
href="https://github.com/zizmorcore/zizmor-action/commit/cb3d8e846e148d1111d90b03375b9c03deceda37"><code>cb3d8e8</code></a>
chore(deps): bump actions/checkout in the github-actions group (<a
href="https://redirect.github.com/zizmorcore/zizmor-action/issues/65">#65</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...135698455da5c3b3e55f73f4419e481ab68cdd95">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zizmorcore/zizmor-action&package-manager=github_actions&previous-version=0.3.0&new-version=0.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    b780f2c View commit details
    Browse the repository at this point in the history

  4. chore(deps): bump the github group across 1 directory with 3 updates (#… 

    …5014)

Bumps the github group with 3 updates in the / directory:
[actions/checkout](https://github.com/actions/checkout),
[actions/setup-node](https://github.com/actions/setup-node) and
[actions/setup-python](https://github.com/actions/setup-python).

Updates `actions/checkout` from 6.0.1 to 6.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a>
Fix tag handling: preserve annotations and explicit fetch-tags (<a
href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a>
Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is
set (...</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-node` from 6.1.0 to 6.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.0</h2>
<h2>What's Changed</h2>
<h3>Documentation</h3>
<ul>
<li>Documentation update related to absence of Lockfile by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1454">actions/setup-node#1454</a></li>
<li>Correct mirror option typos by <a
href="https://github.com/MikeMcC399"><code>@​MikeMcC399</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1442">actions/setup-node#1442</a></li>
<li>Readme update on checkout version v6 by <a
href="https://github.com/deining"><code>@​deining</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1446">actions/setup-node#1446</a></li>
<li>Readme typo fixes <a
href="https://github.com/munyari"><code>@​munyari</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1226">actions/setup-node#1226</a></li>
<li>Advanced document update on checkout version v6 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1468">actions/setup-node#1468</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> to v5.0.1 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1449">actions/setup-node#1449</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1454">actions/setup-node#1454</a></li>
<li><a
href="https://github.com/MikeMcC399"><code>@​MikeMcC399</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1442">actions/setup-node#1442</a></li>
<li><a href="https://github.com/deining"><code>@​deining</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1446">actions/setup-node#1446</a></li>
<li><a href="https://github.com/munyari"><code>@​munyari</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1226">actions/setup-node#1226</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v6...v6.2.0">https://github.com/actions/setup-node/compare/v6...v6.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238"><code>6044e13</code></a>
Docs: bump actions/checkout from v5 to v6 (<a
href="https://redirect.github.com/actions/setup-node/issues/1468">#1468</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657"><code>8e49463</code></a>
Fix README typo (<a
href="https://redirect.github.com/actions/setup-node/issues/1226">#1226</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/621ac41091d4227ef8fda5009c1ced96d8d36f7e"><code>621ac41</code></a>
README.md: bump to latest released checkout version v6 (<a
href="https://redirect.github.com/actions/setup-node/issues/1446">#1446</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/2951748f4c016b747952f8ca7e75fc64f2f62b53"><code>2951748</code></a>
Bump <code>@​actions/cache</code> to v5.0.1 (<a
href="https://redirect.github.com/actions/setup-node/issues/1449">#1449</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/21ddc7bc1fef4bd313efce0335fdcbf81827182c"><code>21ddc7b</code></a>
Correct mirror option typos (<a
href="https://redirect.github.com/actions/setup-node/issues/1442">#1442</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/65d868f8d4d85d7d4abb7de0875cde3fcc8798f5"><code>65d868f</code></a>
Update Documentation for Lockfile (<a
href="https://redirect.github.com/actions/setup-node/issues/1454">#1454</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/395ad3262231945c25e8478fd5baf05154b1d79f...6044e13b5dc448c55e2357c09f80417699197238">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-python` from 6.1.0 to 6.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-python/releases">actions/setup-python's
releases</a>.</em></p>
<blockquote>
<h2>v6.2.0</h2>
<h2>What's Changed</h2>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade dependencies to Node 24 compatible versions by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-python/pull/1259">actions/setup-python#1259</a></li>
<li>Upgrade urllib3 from 2.5.0 to 2.6.3 in <code>/__tests__/data</code>
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/actions/setup-python/pull/1253">actions/setup-python#1253</a>
and <a
href="https://redirect.github.com/actions/setup-python/pull/1264">actions/setup-python#1264</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-python/compare/v6...v6.2.0">https://github.com/actions/setup-python/compare/v6...v6.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405"><code>a309ff8</code></a>
Bump urllib3 from 2.6.0 to 2.6.3 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1264">#1264</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755"><code>bfe8cc5</code></a>
Upgrade <a href="https://github.com/actions"><code>@​actions</code></a>
dependencies to Node 24 compatible versions (<a
href="https://redirect.github.com/actions/setup-python/issues/1259">#1259</a>)</li>
<li><a
href="https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae"><code>4f41a90</code></a>
Bump urllib3 from 2.5.0 to 2.6.0 in /<strong>tests</strong>/data (<a
href="https://redirect.github.com/actions/setup-python/issues/1253">#1253</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...a309ff8b426b58ec0e2a45f0f869d46889d02405">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    0fa15d6 View commit details
    Browse the repository at this point in the history

  5. chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 ( 

    …#5013)

Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 8.0.0 to 8.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v8.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>README.md: bump given GitHub actions to their latest versions by <a
href="https://github.com/deining"><code>@​deining</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4265">peter-evans/create-pull-request#4265</a></li>
<li>build(deps): bump the github-actions group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4273">peter-evans/create-pull-request#4273</a></li>
<li>build(deps-dev): bump the npm group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4274">peter-evans/create-pull-request#4274</a></li>
<li>build(deps-dev): bump undici from 6.22.0 to 6.23.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4284">peter-evans/create-pull-request#4284</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4289">peter-evans/create-pull-request#4289</a></li>
<li>fix: Handle remote prune failures gracefully on self-hosted runners
by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4295">peter-evans/create-pull-request#4295</a></li>
<li>feat: add <code>@​octokit/plugin-retry</code> to handle retriable
server errors by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4298">peter-evans/create-pull-request#4298</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/deining"><code>@​deining</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4265">peter-evans/create-pull-request#4265</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v8.0.0...v8.1.0">https://github.com/peter-evans/create-pull-request/compare/v8.0.0...v8.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/c0f553fe549906ede9cf27b5156039d195d2ece0"><code>c0f553f</code></a>
feat: add <code>@​octokit/plugin-retry</code> to handle retriable server
errors (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4298">#4298</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/70001242bfa9ec7844891e620fdda69a2a2a06c7"><code>7000124</code></a>
fix: Handle remote prune failures gracefully (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4295">#4295</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/34aa40e9cf0bb8b5be745a552003fdeb25e4dd3a"><code>34aa40e</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4289">#4289</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/641099ddca097df58c3369dd5e1f33322b223029"><code>641099d</code></a>
build(deps-dev): bump undici from 6.22.0 to 6.23.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4284">#4284</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/2271f1ddcf09437ed8f019733eb5cfba58ac76f0"><code>2271f1d</code></a>
build(deps-dev): bump the npm group with 2 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4274">#4274</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/437c31a11dd02128dd37633ad8d3832853477e7a"><code>437c31a</code></a>
build(deps): bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4273">#4273</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/0979079bc20c05bbbb590a56c21c4e2b1d1f1bbe"><code>0979079</code></a>
docs: update readme</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5b751cdf403b4f0314c656b2618939e4c8bdf824"><code>5b751cd</code></a>
README.md: bump given GitHub actions to their latest versions (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/4265">#4265</a>)</li>
<li>See full diff in <a
href="https://github.com/peter-evans/create-pull-request/compare/98357b18bf14b5342f975ff684046ec3b2a07725...c0f553fe549906ede9cf27b5156039d195d2ece0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=8.0.0&new-version=8.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    1ae6738 View commit details
    Browse the repository at this point in the history

  6. chore(deps): bump google/osv-scanner-action/.github/workflows/osv-sca… 

    …nner-reusable-pr.yml from 2.3.1 to 2.3.2 (#5009)

Bumps
[google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action)
from 2.3.1 to 2.3.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/osv-scanner-action/releases">google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.2</h2>
<p>This updates OSV-Scanner to v2.3.2</p>
<p>This release includes performance improvements for local scanning,
reducing memory usage and avoiding unnecessary advisory loading. It also
fixes issues with MCP's get_vulnerability_details tool, git queries in
<code>osv-scanner.json</code>, and ignore entry tracking, along with
documentation updates.</p>
<h3>Fixes:</h3>
<ul>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2415">#2415</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2415">google/osv-scanner#2415</a>)
Add more PURL-to-ecosystem mappings</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2422">#2422</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2422">google/osv-scanner#2422</a>)
MCP error for get_vulnerability_id because type definition is
incorrect.</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2460">#2460</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2460">google/osv-scanner#2460</a>)
Enable osv-scanner.json git queries</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2456">#2456</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2456">google/osv-scanner#2456</a>)
Properly track if an ignore entry has been used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2450">#2450</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2450">google/osv-scanner#2450</a>)
<strong>Performance:</strong> Avoid loading the entire advisory unless
it will actually be used</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2445">#2445</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2445">google/osv-scanner#2445</a>)
<strong>Performance:</strong> Don't read the entire zip into memory</li>
<li>[Bug <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2433">#2433</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2433">google/osv-scanner#2433</a>)
Allow specifying user agent in v2 osvscanner package</li>
</ul>
<h3>Misc:</h3>
<ul>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2453">#2453</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2453">google/osv-scanner#2453</a>)
Switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2447">#2447</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2447">google/osv-scanner#2447</a>)
Include <code>bun.lock</code> as a supported lockfile</li>
<li>[Misc <a
href="https://redirect.github.com/google/osv-scanner-action/issues/2444">#2444</a>](<a
href="https://redirect.github.com/google/osv-scanner/pull/2444">google/osv-scanner#2444</a>)
Document GoVersionOverride in configuration.md</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2">https://github.com/google/osv-scanner/compare/v2.3.1...v2.3.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/google/osv-scanner-action/commit/2a387edfbe02a11d856b89172f6e978100177eb4"><code>2a387ed</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/116">#116</a>
from google/update-to-v2.3.2</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/f75042f618bfd7101a0a359f9ab4f186e78236ec"><code>f75042f</code></a>
Update unified workflow example to point to v2.3.2 reusable
workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/17ad728b580c3ea9fb48db7c0e93df5ad9edf9b3"><code>17ad728</code></a>
Update reusable workflows to point to v2.3.2 actions</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/9eebeaea7417372f39d21f50ad5ef4e6b3358566"><code>9eebeae</code></a>
&quot;Update actions to use v2.3.2 osv-scanner image&quot;</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/dcf7b89adad618874992e9033c80a024bc1eaf02"><code>dcf7b89</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/114">#114</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/6bcc4fad212794a89e23384e1ebf421c0503b430"><code>6bcc4fa</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/113">#113</a>
from renovate-bot/renovate/workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/70f73952d447f03b17045406155bae21ac1db5d7"><code>70f7395</code></a>
chore(deps): update github/codeql-action action to v4.31.9</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/7c3c2a712c77577eeea178a075d3bb34a56f61c9"><code>7c3c2a7</code></a>
chore(deps): update workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/a239d862e4b89217f3fb52de083506b2265c80f4"><code>a239d86</code></a>
Merge pull request <a
href="https://redirect.github.com/google/osv-scanner-action/issues/109">#109</a>
from renovate-bot/renovate/major-workflows</li>
<li><a
href="https://github.com/google/osv-scanner-action/commit/5345c883711cb9760ea55b8efe94d0af4c752df5"><code>5345c88</code></a>
chore(deps): update actions/checkout action to v6</li>
<li>See full diff in <a
href="https://github.com/google/osv-scanner-action/compare/375a0e8ebdc98e99b02ac4338a724f5750f21213...2a387edfbe02a11d856b89172f6e978100177eb4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml&package-manager=github_actions&previous-version=2.3.1&new-version=2.3.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    4eae5d9 View commit details
    Browse the repository at this point in the history

  7. fix(lambda): bump lodash-es from 4.17.21 to 4.17.23 in /lambdas (#5006) 

    Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.21 to
4.17.23.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lodash/lodash/commit/dec55b7a3b382da075e2eac90089b4cd00a26cbb"><code>dec55b7</code></a>
Bump main to v4.17.23 (<a
href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/19c9251b3631d7cf220b43bc757eb33f1084f117"><code>19c9251</code></a>
fix: setCacheHas JSDoc return type should be boolean (<a
href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/b5e672995ae26929d111a6e94589f8d03fb8e578"><code>b5e6729</code></a>
jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a
href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/edadd452146f7e4bad4ea684e955708931d84d81"><code>edadd45</code></a>
Prevent prototype pollution on baseUnset function</li>
<li><a
href="https://github.com/lodash/lodash/commit/4879a7a7d0a4494b0e83c7fa21bcc9fc6e7f1a6d"><code>4879a7a</code></a>
doc: fix autoLink function, conversion of source links (<a
href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/9648f692b0fc7c2f6a7a763d754377200126c2e8"><code>9648f69</code></a>
chore: remove <code>yarn.lock</code> file (<a
href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/dfa407db0bf5b200f2c7a9e4f06830ceaf074be9"><code>dfa407d</code></a>
ci: remove legacy configuration files (<a
href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/156e1965ae78b121a88f81178ab81632304e8d64"><code>156e196</code></a>
feat: add renovate setup (<a
href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/933e1061b8c344d3fc742cdc400175d5ffc99bce"><code>933e106</code></a>
ci: add pipeline for Bun (<a
href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li>
<li><a
href="https://github.com/lodash/lodash/commit/072a807ff7ad8ffc7c1d2c3097266e815d138e20"><code>072a807</code></a>
docs: update links related to Open JS Foundation (<a
href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lodash-es&package-manager=npm_and_yarn&previous-version=4.17.21&new-version=4.17.23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/github-aws-runners/terraform-aws-github-runner/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Feb 3, 2026
    Configuration menu
    Copy the full SHA
    c638e38 View commit details
    Browse the repository at this point in the history

Commits on Feb 4, 2026

  1. fix: add SSM AMI parameter permissions and environment-based naming (#… 

    …5016)

This pull request introduces environment-specific configuration
improvements and updates IAM policy resources to support new SSM
parameters. The main changes focus on making resource naming more
flexible and ensuring the Lambda scale-up policy has access to the
necessary SSM parameters.

Configuration improvements:

* Updated the `al2023_arm64_name` local in
`examples/multi-runner/main.tf` to include the environment variable,
making AMI name paths environment-specific for better isolation and
flexibility.

IAM policy updates:

* Added `${ssm_ami_id_parameter_arn}` to the resource list in
`modules/runners/policies/lambda-scale-up.json`, allowing Lambda
scale-up operations to access the new SSM parameter for AMI IDs. This
solve errors related handling batches

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
    @npalm @claude
    npalm and claude authored Feb 4, 2026
    Configuration menu
    Copy the full SHA
    1a7158b View commit details
    Browse the repository at this point in the history

  2. chore(main): release 7.4.0 (#5015) 

    🤖 I have created a release *beep* *boop*
---


##
[7.4.0](v7.3.0...v7.4.0)
(2026-02-04)


### Features

* **control-plane:** tag control plane created SSM Parameters
([#4833](#4833))
([#4834](#4834))
([7e1a0a1](7e1a0a1))
@wadherv
* use prefix variable for POWERTOOLS_SERVICE_NAME in Lambda functions
([#4948](#4948))
([8bd61d2](8bd61d2))
@alexalbu001


### Bug Fixes

* add SSM AMI parameter permissions and environment-based naming
([#5016](#5016))
([1a7158b](1a7158b))
* job retry mechanism not triggering
([#4961](#4961))
([5039ae5](5039ae5))
* **lambda:** bump diff from 4.0.2 to 4.0.4 in /lambdas
([#5004](#5004))
([cd86fe6](cd86fe6))
* **lambda:** bump lodash-es from 4.17.21 to 4.17.23 in /lambdas
([#5006](#5006))
([c638e38](c638e38))
* **lambda:** bump the aws group in /lambdas with 7 updates
([#4998](#4998))
([d373bcc](d373bcc))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: runners-releaser[bot] <194412594+runners-releaser[bot]@users.noreply.github.com>
    @runners-releaser
    runners-releaser[bot] authored Feb 4, 2026
    Configuration menu
    Copy the full SHA
    b3b067a View commit details
    Browse the repository at this point in the history
Loading