chore(deps-dev): bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by dependabot[bot] · Pull Request #38 · fast-ish/cdk-common

dependabot · 2026-01-26T21:56:54Z

Bumps org.assertj:assertj-core from 3.27.6 to 3.27.7.

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.7

🔒 Security

Core

Fix XXE vulnerability in isXmlEqualTo assertion (CVE-2026-24400)

See GHSA-rqfh-9r24-8c9r for details; many thanks to @wxt201 and @Song-Li for responsibly reporting it!

🚫 Deprecated

Core

Deprecate XmlStringPrettyFormatter with no replacement

🐛 Bug Fixes

Guava

Navigation to assertj-core or guava types from assertj-guava Javadoc site has unnecessary header #3478

🔨 Dependency Upgrades

Core

Upgrade to Byte Buddy 1.18.3

Upgrade to JUnit BOM 5.14.1

Guava

Upgrade to Guava 33.5.0-jre

Commits

e840716 [maven-release-plugin] prepare release assertj-build-3.27.7
85ca7eb Deprecate XmlStringPrettyFormatter
77081dc Merge commit from fork
b68fc24 Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...
0cf5bb6 Bump kotlin.version from 2.1.0 to 2.2.21
d393ef1 Abort tests when symbolic links cannot be created (#3788)
2212433 Add IntelliJ custom inspection for test class names
5717d02 Update JetBrains icon
a8ec20b Add icon for JetBrains products
c05fb3d Bump Maven to 3.9.12 and Wrapper to 3.3.4
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

this repository provides reusable components for aws cdk infrastructure: - java models for aws codebuild pipelines and environments - maven build system with aws cdk v2 dependencies - github actions workflow for automated testing and code analysis - architectural decision records documenting design choices - spotbugs and sonarqube integration for code quality - comprehensive gitignore covering java, maven, cdk, and ide artifacts

Bumps `log4j2.version` from 2.25.1 to 2.25.2. Updates `org.apache.logging.log4j:log4j-core` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-api` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.25.1 to 2.25.2 --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.logging.log4j:log4j-api dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the aws-dependencies group with 4 updates: [software.amazon.awscdk:aws-cdk-lib](https://github.com/aws/aws-cdk), software.amazon.awssdk:sso, software.amazon.awssdk:ssooidc and software.amazon.awssdk:secretsmanager. Updates `software.amazon.awscdk:aws-cdk-lib` from 2.214.0 to 2.219.0 - [Release notes](https://github.com/aws/aws-cdk/releases) - [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md) - [Commits](aws/aws-cdk@v2.214.0...v2.219.0) Updates `software.amazon.awssdk:sso` from 2.33.4 to 2.34.9 Updates `software.amazon.awssdk:ssooidc` from 2.33.4 to 2.34.9 Updates `software.amazon.awssdk:secretsmanager` from 2.33.4 to 2.34.9 Updates `software.amazon.awssdk:ssooidc` from 2.33.4 to 2.34.9 Updates `software.amazon.awssdk:secretsmanager` from 2.33.4 to 2.34.9 --- updated-dependencies: - dependency-name: software.amazon.awscdk:aws-cdk-lib dependency-version: 2.219.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:sso dependency-version: 2.34.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.34.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.34.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.34.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.34.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the jackson-dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.19.2` | `2.20.0` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20.0` | | com.fasterxml.jackson.core:jackson-annotations | `2.19.2` | `2.20.0` | | [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.19.2` | `2.20.0` | | [com.fasterxml.jackson.dataformat:jackson-dataformat-yaml](https://github.com/FasterXML/jackson-dataformats-text) | `2.19.2` | `2.20.0` | | com.fasterxml.jackson.datatype:jackson-datatype-jdk8 | `2.19.2` | `2.20.0` | Updates `com.fasterxml.jackson:jackson-bom` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-bom@jackson-bom-2.19.2...jackson-bom-2.20.0) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.20.0 Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-core@jackson-core-2.19.2...jackson-core-2.20.0) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.19.2...jackson-dataformats-text-2.20.0) Updates `com.fasterxml.jackson.datatype:jackson-datatype-jdk8` from 2.19.2 to 2.20.0 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.20.0 Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-core@jackson-core-2.19.2...jackson-core-2.20.0) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.19.2 to 2.20.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.19.2...jackson-dataformats-text-2.20.0) Updates `com.fasterxml.jackson.datatype:jackson-datatype-jdk8` from 2.19.2 to 2.20.0 --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jdk8 dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jdk8 dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: jackson-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the test-dependencies group with 3 updates: [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework), [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) and [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework). Updates `org.junit.jupiter:junit-jupiter` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r5.14.0) Updates `org.junit.jupiter:junit-jupiter-api` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r5.14.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r5.14.0) Updates `org.junit.jupiter:junit-jupiter-api` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r5.14.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.4 to 5.14.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r5.14.0) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: test-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the maven-plugins group with 3 updates: [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin), [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) and [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin). Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.14.1 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.14.1) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.4.1 to 4.9.6.0 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.4.1...spotbugs-maven-plugin-4.9.6.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-plugins - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-plugins - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.9.6.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-plugins ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [io.fabric8:kubernetes-client](https://github.com/fabric8io/kubernetes-client) from 7.3.1 to 7.4.0. - [Release notes](https://github.com/fabric8io/kubernetes-client/releases) - [Changelog](https://github.com/fabric8io/kubernetes-client/blob/main/CHANGELOG.md) - [Commits](fabric8io/kubernetes-client@v7.3.1...v7.4.0) --- updated-dependencies: - dependency-name: io.fabric8:kubernetes-client dependency-version: 7.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the aws-dependencies group with 4 updates in the / directory: [software.amazon.awscdk:aws-cdk-lib](https://github.com/aws/aws-cdk), software.amazon.awssdk:sso, software.amazon.awssdk:ssooidc and software.amazon.awssdk:secretsmanager. Updates `software.amazon.awscdk:aws-cdk-lib` from 2.219.0 to 2.220.0 - [Release notes](https://github.com/aws/aws-cdk/releases) - [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md) - [Commits](aws/aws-cdk@v2.219.0...v2.220.0) Updates `software.amazon.awssdk:sso` from 2.34.9 to 2.35.10 Updates `software.amazon.awssdk:ssooidc` from 2.34.9 to 2.35.10 Updates `software.amazon.awssdk:secretsmanager` from 2.34.9 to 2.35.10 Updates `software.amazon.awssdk:ssooidc` from 2.34.9 to 2.35.10 Updates `software.amazon.awssdk:secretsmanager` from 2.34.9 to 2.35.10 --- updated-dependencies: - dependency-name: software.amazon.awscdk:aws-cdk-lib dependency-version: 2.220.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:sso dependency-version: 2.35.10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.35.10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.35.10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.35.10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.35.10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.projectlombok:lombok](https://github.com/projectlombok/lombok) from 1.18.40 to 1.18.42. - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](projectlombok/lombok@v1.18.40...v1.18.42) --- updated-dependencies: - dependency-name: org.projectlombok:lombok dependency-version: 1.18.42 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the maven-plugins group with 2 updates: [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) and [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin). Updates `org.apache.maven.plugins:maven-pmd-plugin` from 3.27.0 to 3.28.0 - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](apache/maven-pmd-plugin@maven-pmd-plugin-3.27.0...maven-pmd-plugin-3.28.0) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.6.0 to 4.9.8.1 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.6.0...spotbugs-maven-plugin-4.9.8.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-version: 3.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-plugins - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.9.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-plugins ... Signed-off-by: dependabot[bot] <support@github.com>

update core dependencies to latest stable versions and improve dependency version management to prevent version conflicts. key changes: - fix jackson version consistency by removing explicit versions from individual jackson dependencies and relying on jackson-bom for centralized version management. this prevents mismatches between jackson-annotations (2.20) and other jackson modules (2.20.0). - add mockito.version property for consistent version management across mockito-core and mockito-junit-jupiter dependencies documentation: - add .github/ai_context.md to provide ai assistants with quick codebase orientation covering architecture patterns, naming conventions, directory structure, and common development workflows

- add tags field to pipeline model for resource tagging support - implement tags support in pipelineconstruct with tags.of() integration - update all pipeline constructor calls in tests with tags parameter - add comprehensive test coverage for pipeline tags field - fix sqs package coverage with testsqsconstructwithrules - fix api gateway package coverage with 6 new construct tests - increase test count from 855 to 862, all passing - resolve all jacoco coverage warnings (codebuild, sqs, apigw packages)

- add codeql workflow for java security scanning - add dependency review for vulnerability detection on prs - remove codecov integration, use github artifacts for coverage reports - remove sonarcloud analysis, replaced by codeql

- remove auto-approval step (fails with GITHUB_TOKEN permissions) - remove auto-merge functionality (requires manual review for safety) - add proper labeling: patch-update, minor-update, major-update - update summary messages for manual merge workflow

Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.19.0 to 1.20.0. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-codec@rel/commons-codec-1.19.0...rel/commons-codec-1.20.0) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-version: 1.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) from 0.8.13 to 0.8.14. - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.13...v0.8.14) --- updated-dependencies: - dependency-name: org.jacoco:jacoco-maven-plugin dependency-version: 0.8.14 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the aws-dependencies group with 4 updates: [software.amazon.awscdk:aws-cdk-lib](https://github.com/aws/aws-cdk), software.amazon.awssdk:sso, software.amazon.awssdk:ssooidc and software.amazon.awssdk:secretsmanager. Updates `software.amazon.awscdk:aws-cdk-lib` from 2.221.0 to 2.222.0 - [Release notes](https://github.com/aws/aws-cdk/releases) - [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md) - [Commits](aws/aws-cdk@v2.221.0...v2.222.0) Updates `software.amazon.awssdk:sso` from 2.36.3 to 2.38.2 Updates `software.amazon.awssdk:ssooidc` from 2.36.3 to 2.38.2 Updates `software.amazon.awssdk:secretsmanager` from 2.36.3 to 2.38.2 Updates `software.amazon.awssdk:ssooidc` from 2.36.3 to 2.38.2 Updates `software.amazon.awssdk:secretsmanager` from 2.36.3 to 2.38.2 --- updated-dependencies: - dependency-name: software.amazon.awscdk:aws-cdk-lib dependency-version: 2.222.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:sso dependency-version: 2.38.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.38.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.38.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:ssooidc dependency-version: 2.38.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies - dependency-name: software.amazon.awssdk:secretsmanager dependency-version: 2.38.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: aws-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the jackson-dependencies group with 1 update: [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom). Updates `com.fasterxml.jackson:jackson-bom` from 2.20.0 to 2.20.1 - [Commits](FasterXML/jackson-bom@jackson-bom-2.20.0...jackson-bom-2.20.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson:jackson-bom dependency-version: 2.20.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: jackson-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the test-dependencies group with 3 updates: [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework), [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) and [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework). Updates `org.junit.jupiter:junit-jupiter` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.14.0...r5.14.1) Updates `org.junit.jupiter:junit-jupiter-api` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.14.0...r5.14.1) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.14.0...r5.14.1) Updates `org.junit.jupiter:junit-jupiter-api` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.14.0...r5.14.1) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.14.0 to 5.14.1 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.14.0...r5.14.1) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: test-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.14.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: test-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

remove .github/dependabot.yml as renovate now handles all version updates (maven, npm, github actions, and eks addons). dependabot security updates remain enabled via repository settings managed by ok-cli config. this eliminates duplicate dependency update prs while maintaining free security vulnerability scanning through dependabot.

replace deprecated deny-licenses option in dependency-review workflow with the modern license-check and allow-licenses format. this removes the deprecation warning while maintaining the same license restrictions (blocking GPL-2.0 and GPL-3.0 by only allowing permissive licenses).

…flicts add configurable bootstrapSelfManagedAddons parameter to control whether AWS EKS automatically installs self-managed versions of VPC CNI, kube-proxy, and CoreDNS during cluster creation. fixes CRD conflicts where self-managed addons (auto-installed by EKS) conflict with managed addons defined in addons.mustache. specifically resolves policyendpoints.networking.k8s.aws conflict that prevented VPC CNI installation and caused node group failures.

model rename: - rename Deployment<T> → Release<T> for tenant/subscriber workload stacks - release model represents infrastructure deployed ON the platform for subscribers - maintains distinction from Platform<T> model for platform subsystems - accessor methods: platform() returns platform metadata, release() returns workload config terminology alignment: - aligns with portal terminology where tenant workloads are called "releases" - workload types: webapp releases, eks releases, druid releases - each release deployed to a platform (public, enterprise1, enterprise2, etc.) yaml structure: - platform: section identifies which platform hosts the release - release: section contains tenant-specific configuration - backwards compatible with existing conf.mustache files documentation updates: - updated all references from "deployment" to "release" in javadocs - clarified multi-platform support and tenant isolation model - updated examples to use Release<T> pattern model refactoring: - removed deprecated Host and Hosted models - consolidated platform and release model patterns - improved type safety and semantic clarity

… to stable - add non-vpc constructor overloads to LambdaConstruct and LambdaIntegrationConstruct - migrate cognito identitypool imports from alpha to stable aws-cdk-lib package - remove deprecated cognito-identitypool-alpha dependency

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

- add template validation workflow for automated quality checks - move lombok config to root - add test infrastructure - update pom.xml with latest dependencies

@param

- remove spurious javadoc @param tags from lombok records - update s3origin to use s3bucketorigin with origin access control - remove sensitive data from debug logs - replace deprecated mapperbuilder.serializationinclusion - reuse securerandom instance instead of creating each time

removed jobs: - cleanup-artifacts: github handles workflow run retention automatically - cache-cleanup: github manages cache eviction automatically - health-check: redundant with test-and-analyze.yml quality checks scheduled-maintenance now focuses on: - check-stale-issues: manage stale issue lifecycle - repository-stats: gather repository metrics

- implement guardduty construct for threat detection - add security hub construct for centralized findings - create cloudtrail construct with multi-region support - add aws config construct with compliance rules - implement stackset construct for cross-account deployments - add stackset instance management - create organization unit integration

- create alarm construct for monitoring integration - update alarmconf model with enhanced configuration - add comprehensive caching strategy documentation - document redis lifecycle and optimization patterns

- add storage transition model for s3 lifecycle rules - update bucket lifecycle rule configuration - enhance s3 bucket model with lifecycle support - add lambda deserializer for flexible configuration - update lambda models with enhanced properties

- update api gateway construct with enhanced configuration - improve cloudfront construct with modern patterns - enhance elasticache construct with alarm support - update lambda constructs with observability - improve vpc construct with security features - update model classes with latest properties

- update AsyncLambdaConstruct.java for improved async handling - update LambdaConstruct.java with enhanced configuration - update StackSetConstruct.java for better stackset management - update LambdaDeserializer.java for improved serialization

@builder

- add @builder annotation to lambda and iamrole records - add @builder annotation to principal record - add rustlambdaconstruct for rust lambda functions - remove code signing support from rustlambdaconstruct (not available in cdk 2.229.1)

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.6 to 3.27.7. - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.6...assertj-build-3.27.7) --- updated-dependencies: - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-01-26T21:57:04Z

📊 PR Statistics

✅ PR Size: XS (<50 lines)

Metric	Value
Files Changed	1
Lines Added	+1
Lines Deleted	-1
Total Changes	2

github-actions · 2026-01-26T21:57:06Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.assertj:assertj-core	3.27.7	Unknown	Unknown

Scanned Files

pom.xml

github-actions · 2026-03-03T19:59:47Z

📊 PR Statistics

✅ PR Size: XS (<50 lines)

Metric	Value
Files Changed	1
Lines Added	+1
Lines Deleted	-1
Total Changes	2

github-actions · 2026-03-03T19:59:54Z

📊 PR Statistics

✅ PR Size: XS (<50 lines)

Metric	Value
Files Changed	1
Lines Added	+1
Lines Deleted	-1
Total Changes	2

dependabot · 2026-03-26T23:14:31Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

stxkxs and others added 30 commits October 2, 2025 19:25

migrate to github-native security and quality scanning

0563d08

- add codeql workflow for java security scanning - add dependency review for vulnerability detection on prs - remove codecov integration, use github artifacts for coverage reports - remove sonarcloud analysis, replaced by codeql

ci: fix dependency workflow to use correct label names

2bf6de8

delete broken dynamodb and format tests after release model migration

908cbc5

chore: enable renovate automerge

28b4310

chore(deps): update actions/github-script action to v8 (#27)

49ecb6d

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

stxkxs and others added 12 commits December 23, 2025 18:43

chore: add build validation workflow and standardize config

988446b

- add template validation workflow for automated quality checks - move lombok config to root - add test infrastructure - update pom.xml with latest dependencies

fix: upgrade log4j to 2.25.3 to address cve-2025-68161

b803b79

feat: add cloudwatch alarms and caching strategy

138a129

- create alarm construct for monitoring integration - update alarmconf model with enhanced configuration - add comprehensive caching strategy documentation - document redis lifecycle and optimization patterns

chore: consistent formatting

6fa289f

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code patch Patch version update labels Jan 26, 2026

github-actions bot added the size/xs label Jan 26, 2026

github-actions bot added build config and removed size/xs labels Jan 26, 2026

stxkxs force-pushed the dependabot/maven/org.assertj-assertj-core-3.27.7 branch from 3dab8df to 56bfb53 Compare March 3, 2026 19:51

stxkxs force-pushed the main branch from ad91fc7 to 4b12944 Compare March 3, 2026 19:51

github-actions bot added the size/xs label Mar 3, 2026

stxkxs closed this Mar 26, 2026

stxkxs force-pushed the main branch from 80e076c to 79b6c12 Compare March 26, 2026 23:14

dependabot bot deleted the dependabot/maven/org.assertj-assertj-core-3.27.7 branch March 26, 2026 23:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump org.assertj:assertj-core from 3.27.6 to 3.27.7#38

chore(deps-dev): bump org.assertj:assertj-core from 3.27.6 to 3.27.7#38
dependabot[bot] wants to merge 72 commits intomainfrom
dependabot/maven/org.assertj-assertj-core-3.27.7

dependabot bot commented on behalf of github Jan 26, 2026

Uh oh!

github-actions bot commented Jan 26, 2026

Uh oh!

github-actions bot commented Jan 26, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Mar 3, 2026

Uh oh!

github-actions bot commented Mar 3, 2026

Uh oh!

dependabot bot commented on behalf of github Mar 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Jan 26, 2026

v3.27.7

🔒 Security

Core

🚫 Deprecated

Core

🐛 Bug Fixes

Guava

🔨 Dependency Upgrades

Core

Guava

Uh oh!

github-actions bot commented Jan 26, 2026

📊 PR Statistics

Uh oh!

github-actions bot commented Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

github-actions bot commented Mar 3, 2026

📊 PR Statistics

Uh oh!

github-actions bot commented Mar 3, 2026

📊 PR Statistics

Uh oh!

dependabot bot commented on behalf of github Mar 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

github-actions bot commented Jan 26, 2026 •

edited

Loading