From 7d24fa0e6f3720bdd8a11f65ada2172a185aa6dc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 6 Jul 2025 20:33:07 -0400 Subject: [PATCH 1/3] Bump github/codeql-action from 3.28.19 to 3.29.2 (#2098) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.19 to 3.29.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...181d5eefc20863364f96762470ba6f862bdef56b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.29.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/semgrep-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/semgrep-analysis.yml b/.github/workflows/semgrep-analysis.yml index 9703e3e52..d13d75635 100644 --- a/.github/workflows/semgrep-analysis.yml +++ b/.github/workflows/semgrep-analysis.yml @@ -35,7 +35,7 @@ jobs: p/owasp-top-ten - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e #v3.28.19 + uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b #v3.29.2 with: sarif_file: semgrep.sarif if: always() From c89c81f240604adada6a7f24dc9ab3a5f97329d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Jul 2025 10:20:52 -0400 Subject: [PATCH 2/3] Bump aws-actions/aws-secretsmanager-get-secrets from 2.0.9 to 2.0.10 (#2099) Bumps [aws-actions/aws-secretsmanager-get-secrets](https://github.com/aws-actions/aws-secretsmanager-get-secrets) from 2.0.9 to 2.0.10. - [Release notes](https://github.com/aws-actions/aws-secretsmanager-get-secrets/releases) - [Commits](https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/5e19ff380d035695bdd56bbad320ca535c9063f2...a9a7eb4e2f2871d30dc5b892576fde60a2ecc802) --- updated-dependencies: - dependency-name: aws-actions/aws-secretsmanager-get-secrets dependency-version: 2.0.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/create-release-pr.yml | 2 +- .github/workflows/sync-master-dev.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/create-release-pr.yml b/.github/workflows/create-release-pr.yml index 352fc6559..f80ab9d45 100644 --- a/.github/workflows/create-release-pr.yml +++ b/.github/workflows/create-release-pr.yml @@ -31,7 +31,7 @@ jobs: aws-region: us-west-2 # Retrieve the Access Token from Secrets Manager - name: Retrieve secret from AWS Secrets Manager - uses: aws-actions/aws-secretsmanager-get-secrets@5e19ff380d035695bdd56bbad320ca535c9063f2 #v2.0.9 + uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 #v2.0.10 with: secret-ids: | AWS_SECRET, ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_NAME }} diff --git a/.github/workflows/sync-master-dev.yml b/.github/workflows/sync-master-dev.yml index b66f0a1c9..2647423a6 100644 --- a/.github/workflows/sync-master-dev.yml +++ b/.github/workflows/sync-master-dev.yml @@ -32,7 +32,7 @@ jobs: aws-region: us-west-2 # Retrieve the Access Token from Secrets Manager - name: Retrieve secret from AWS Secrets Manager - uses: aws-actions/aws-secretsmanager-get-secrets@5e19ff380d035695bdd56bbad320ca535c9063f2 #v2.0.9 + uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 #v2.0.10 with: secret-ids: | AWS_SECRET, ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_NAME }} From 6b08eee1ef7d3e4398e0f49a3c9eb797167b5836 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 11 Jul 2025 11:22:39 -0400 Subject: [PATCH 3/3] chore: ASP.NET Core version update in Dockerfiles (#2103) Co-authored-by: aws-sdk-dotnet-automation --- LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile | 4 ++-- LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile b/LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile index 7bae312b5..1690f3200 100644 --- a/LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile +++ b/LambdaRuntimeDockerfiles/Images/net8/amd64/Dockerfile @@ -1,7 +1,7 @@ # Based on Docker image from: https://github.com/dotnet/dotnet-docker/ -ARG ASPNET_VERSION=8.0.17 -ARG ASPNET_SHA512=b292dea52f70035bb7ccc82c1ed908fb084753eb08f662c7bb2e9206e22f396aa611db6573e827d5c5cff21590810b66eae0ead9b534bc3f8fc695f65f47f28f +ARG ASPNET_VERSION=8.0.18 +ARG ASPNET_SHA512=896e9cab7c3ea5384c174e7e2cffae3c7f8f9ed5d6d2b7434b5a2b0dc3f02b611ff8668f5d70c0b356a6a5d85a28fe40756cf356b168d0306370da11646b4b23 ARG LAMBDA_RUNTIME_NAME=dotnet8 ARG AMAZON_LINUX=public.ecr.aws/lambda/provided:al2023 diff --git a/LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile b/LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile index 8311e5f1c..a22262ccd 100644 --- a/LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile +++ b/LambdaRuntimeDockerfiles/Images/net8/arm64/Dockerfile @@ -1,7 +1,7 @@ # Based on Docker image from: https://github.com/dotnet/dotnet-docker/ -ARG ASPNET_VERSION=8.0.17 -ARG ASPNET_SHA512=4f1a441e400b60f814a161d2718c2599b4d492fffe5df5a5d8a494cec553ad3574c0988e9dc49abf8c928b9e9783a86f5506cbcbdf12d24e562090969aced3c5 +ARG ASPNET_VERSION=8.0.18 +ARG ASPNET_SHA512=997ce36180503fbd4dd86ed43b533f618be1db7cf170f500d0d12f899adff22e5b7714942aa2513eece6c12224761c143fbc91d6e97d83cccaed8a811ebcd835 ARG LAMBDA_RUNTIME_NAME=dotnet8 ARG AMAZON_LINUX=public.ecr.aws/lambda/provided:al2023