Skip to content

deps(deps): bump the npm-production group with 5 updates#422

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/npm-production-71a5a95909
Open

deps(deps): bump the npm-production group with 5 updates#422
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/npm-production-71a5a95909

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps the npm-production group with 5 updates:

Package From To
@aws-sdk/client-s3 3.1019.0 3.1024.0
@aws-sdk/lib-storage 3.1019.0 3.1024.0
bullmq 5.71.1 5.73.0
dd-trace 5.93.0 5.94.0
dotenv 17.3.1 17.4.1

Updates @aws-sdk/client-s3 from 3.1019.0 to 3.1024.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1024.0

3.1024.0(2026-04-03)

Documentation Changes
  • client-organizations: Updates close Account quota for member accounts in an Organization. (4bc933f4)
  • client-bedrock-agentcore-control: Documentation Update for Adds support for three-legged (Authorization Code grant type) OAuth along with predefined MCP tool schema configuration for Amazon Bedrock AgentCore gateway MCP server targets. (96ae995b)
New Features
  • client-bedrock-agent: Added strict parameter to ToolSpecification to allow users to enforce strict JSON schema adherence for tool input schemas. (2d57cd61)
  • client-medialive: AWS Elemental MediaLive released a new features that allows customers to use HLG 2020 as a color space for AV1 video codec. (b9ff368c)
  • client-imagebuilder: Updated pagination token validation for ListContainerRecipes API to support maximum size of 65K characters (0d392c90)
  • client-cloudwatch-logs: Added queryDuration, bytesScanned, and userIdentity fields to the QueryInfo response object returned by DescribeQueries. Customers can now view detailed query cost information including who ran the query, how long it took, and the volume of data scanned. (c4b9df8e)
  • client-payment-cryptography: Adds optional support to retrieve previously generated import and export tokens to simplify import and export functions (76274743)
  • client-bedrock: Amazon Bedrock Guardrails enforcement configuration APIs now support selective guarding controls for system prompts as well as user and assistant messages, along with SDK support for Amazon Bedrock resource policy APIs. (4aa232cc)
  • client-lightsail: Add support for tagging of Alarm resource type (ad9e0d71)

For list of updated packages, view updated-packages.md in assets-3.1024.0.zip

v3.1023.0

3.1023.0(2026-04-02)

Documentation Changes
  • client-geo-places: This release updates API reference documentation for Amazon Location Service Places APIs to reflect regional restrictions for Grab Maps users in ReverseGeocode, Suggest, SearchText, and GetPlace operations (f60237d7)
New Features
  • clients: update client endpoints as of 2026-04-02 (b5ffded0)
  • client-gamelift: Amazon GameLift Servers now includes a ComputeName field in game session API responses, making it easier to identify which compute is hosting a game session without cross-referencing IP addresses. (9eb2723f)
  • client-connect: Include CUSTOMER to evaluation target and participant role. Support Korean, Japanese and Simplified Chinese in evaluation forms. (69be1448)
  • client-bedrock-data-automation: Data Automation Library is a BDA capability that lets you create reusable entity resources to improve extraction accuracy. Libraries support Custom Vocabulary entities that enhance speech recognition for audio and video content with domain-specific terminology shared across projects (b7560ab1)
  • client-pricing: This release increases the MaxResults parameter of the GetAttributeValues API from 100 to 10000. (f3944601)
  • client-cloudwatch: CloudWatch now supports OTel enrichment to make vended metrics for supported AWS resources queryable via PromQL with resource ARN and tag labels, and PromQL alarms for metrics ingested via the OTLP endpoint with multi-contributor evaluation. (c34638a1)
  • client-bedrock-agentcore-control: Adds support for three-legged (Authorization Code grant type) OAuth along with predefined MCP tool schema configuration for Amazon Bedrock AgentCore gateway MCP server targets. (3bf4e650)
  • client-bedrock-runtime: Relax ToolUseId pattern to allow dots and colons (2837c477)
  • client-appstream: Amazon WorkSpaces Applications now supports drain mode for instances in multi-session fleets. This capability allows administrators to instruct individual fleet instances to stop accepting new user sessions while allowing existing sessions to continue uninterrupted. (3644b4c1)
  • client-cloudwatch-logs: We are pleased to announce that our logs transformation csv processor now has a destination field, allowing you to specify under which parent node parsed columns be placed under. (d3d6f2bb)
  • client-deadline: AWS Deadline Cloud now supports configurable scheduling on each queue. The scheduling configuration controls how workers are distributed across jobs. (522c454c)

For list of updated packages, view updated-packages.md in assets-3.1023.0.zip

v3.1022.0

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1024.0 (2026-04-03)

Note: Version bump only for package @​aws-sdk/client-s3

3.1023.0 (2026-04-02)

Note: Version bump only for package @​aws-sdk/client-s3

3.1022.0 (2026-04-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1021.0 (2026-03-31)

Bug Fixes

  • codegen: sync for adaptive retry throttling detection fix (#7905) (03f108d)

Features

  • client-s3: Add Bucket Metrics configuration support to directory buckets (67ff7cc)

3.1020.0 (2026-03-30)

Note: Version bump only for package @​aws-sdk/client-s3

Commits

Updates @aws-sdk/lib-storage from 3.1019.0 to 3.1024.0

Release notes

Sourced from @​aws-sdk/lib-storage's releases.

v3.1024.0

3.1024.0(2026-04-03)

Documentation Changes
  • client-organizations: Updates close Account quota for member accounts in an Organization. (4bc933f4)
  • client-bedrock-agentcore-control: Documentation Update for Adds support for three-legged (Authorization Code grant type) OAuth along with predefined MCP tool schema configuration for Amazon Bedrock AgentCore gateway MCP server targets. (96ae995b)
New Features
  • client-bedrock-agent: Added strict parameter to ToolSpecification to allow users to enforce strict JSON schema adherence for tool input schemas. (2d57cd61)
  • client-medialive: AWS Elemental MediaLive released a new features that allows customers to use HLG 2020 as a color space for AV1 video codec. (b9ff368c)
  • client-imagebuilder: Updated pagination token validation for ListContainerRecipes API to support maximum size of 65K characters (0d392c90)
  • client-cloudwatch-logs: Added queryDuration, bytesScanned, and userIdentity fields to the QueryInfo response object returned by DescribeQueries. Customers can now view detailed query cost information including who ran the query, how long it took, and the volume of data scanned. (c4b9df8e)
  • client-payment-cryptography: Adds optional support to retrieve previously generated import and export tokens to simplify import and export functions (76274743)
  • client-bedrock: Amazon Bedrock Guardrails enforcement configuration APIs now support selective guarding controls for system prompts as well as user and assistant messages, along with SDK support for Amazon Bedrock resource policy APIs. (4aa232cc)
  • client-lightsail: Add support for tagging of Alarm resource type (ad9e0d71)

For list of updated packages, view updated-packages.md in assets-3.1024.0.zip

v3.1023.0

3.1023.0(2026-04-02)

Documentation Changes
  • client-geo-places: This release updates API reference documentation for Amazon Location Service Places APIs to reflect regional restrictions for Grab Maps users in ReverseGeocode, Suggest, SearchText, and GetPlace operations (f60237d7)
New Features
  • clients: update client endpoints as of 2026-04-02 (b5ffded0)
  • client-gamelift: Amazon GameLift Servers now includes a ComputeName field in game session API responses, making it easier to identify which compute is hosting a game session without cross-referencing IP addresses. (9eb2723f)
  • client-connect: Include CUSTOMER to evaluation target and participant role. Support Korean, Japanese and Simplified Chinese in evaluation forms. (69be1448)
  • client-bedrock-data-automation: Data Automation Library is a BDA capability that lets you create reusable entity resources to improve extraction accuracy. Libraries support Custom Vocabulary entities that enhance speech recognition for audio and video content with domain-specific terminology shared across projects (b7560ab1)
  • client-pricing: This release increases the MaxResults parameter of the GetAttributeValues API from 100 to 10000. (f3944601)
  • client-cloudwatch: CloudWatch now supports OTel enrichment to make vended metrics for supported AWS resources queryable via PromQL with resource ARN and tag labels, and PromQL alarms for metrics ingested via the OTLP endpoint with multi-contributor evaluation. (c34638a1)
  • client-bedrock-agentcore-control: Adds support for three-legged (Authorization Code grant type) OAuth along with predefined MCP tool schema configuration for Amazon Bedrock AgentCore gateway MCP server targets. (3bf4e650)
  • client-bedrock-runtime: Relax ToolUseId pattern to allow dots and colons (2837c477)
  • client-appstream: Amazon WorkSpaces Applications now supports drain mode for instances in multi-session fleets. This capability allows administrators to instruct individual fleet instances to stop accepting new user sessions while allowing existing sessions to continue uninterrupted. (3644b4c1)
  • client-cloudwatch-logs: We are pleased to announce that our logs transformation csv processor now has a destination field, allowing you to specify under which parent node parsed columns be placed under. (d3d6f2bb)
  • client-deadline: AWS Deadline Cloud now supports configurable scheduling on each queue. The scheduling configuration controls how workers are distributed across jobs. (522c454c)

For list of updated packages, view updated-packages.md in assets-3.1023.0.zip

v3.1022.0

... (truncated)

Changelog

Sourced from @​aws-sdk/lib-storage's changelog.

3.1024.0 (2026-04-03)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1023.0 (2026-04-02)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1022.0 (2026-04-01)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1021.0 (2026-03-31)

Note: Version bump only for package @​aws-sdk/lib-storage

3.1020.0 (2026-03-30)

Note: Version bump only for package @​aws-sdk/lib-storage

Commits

Updates bullmq from 5.71.1 to 5.73.0

Release notes

Sourced from bullmq's releases.

v5.73.0

5.73.0 (2026-04-03)

Features

  • sandbox: add getDependenciesCount proxy for jobs (#3923) ref #3533 (elixir) (php) (python) (cbfe437)

v5.72.1

5.72.1 (2026-04-02)

Bug Fixes

  • cancellation: use native AbortController implementation if found (#3903) (46880af)

v5.72.0

5.72.0 (2026-04-01)

Features

  • deduplication: add keepLastIfActive option for at-least-once-after-active semantics (#3902) (aa529bc)
Commits
  • cbfe437 feat(sandbox): add getDependenciesCount proxy for jobs (#3923) ref #3533 (eli...
  • 78d8d44 chore(deps): bump the npm_and_yarn group across 4 directories with 1 update (...
  • 634538f chore(deps): bump the npm_and_yarn group across 4 directories with 1 update (...
  • be96151 chore(release): 5.72.1 (#3927)
  • 46880af fix(cancellation): use native AbortController implementation if found (#3903)
  • 220afbf chore(release): 5.72.0 (#3924)
  • aa529bc feat(deduplication): add keepLastIfActive option for at-least-once-after-acti...
  • f6a4435 ci(renovate): support security vulnerability fixes (#3921)
  • 0c9c5fe chore(deps): update dependency node to v24.14.1 (#3846)
  • 4d3dc2f chore(deps): update peaceiris/actions-gh-pages action to v4 (#3918)
  • Additional commits viewable in compare view

Updates dd-trace from 5.93.0 to 5.94.0

Commits

Updates dotenv from 17.3.1 to 17.4.1

Changelog

Sourced from dotenv's changelog.

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(deps): bump the npm-production group with 5 updates
4a6f65b 
Bumps the npm-production group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1019.0` | `3.1024.0` |
| [@aws-sdk/lib-storage](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/lib/lib-storage) | `3.1019.0` | `3.1024.0` |
| [bullmq](https://github.com/taskforcesh/bullmq) | `5.71.1` | `5.73.0` |
| [dd-trace](https://github.com/DataDog/dd-trace-js) | `5.93.0` | `5.94.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `17.3.1` | `17.4.1` |


Updates `@aws-sdk/client-s3` from 3.1019.0 to 3.1024.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1024.0/clients/client-s3)

Updates `@aws-sdk/lib-storage` from 3.1019.0 to 3.1024.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/lib/lib-storage/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1024.0/lib/lib-storage)

Updates `bullmq` from 5.71.1 to 5.73.0
- [Release notes](https://github.com/taskforcesh/bullmq/releases)
- [Commits](taskforcesh/bullmq@v5.71.1...v5.73.0)

Updates `dd-trace` from 5.93.0 to 5.94.0
- [Release notes](https://github.com/DataDog/dd-trace-js/releases)
- [Commits](https://github.com/DataDog/dd-trace-js/commits)

Updates `dotenv` from 17.3.1 to 17.4.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v17.3.1...v17.4.1)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1024.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: "@aws-sdk/lib-storage"
  dependency-version: 3.1024.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: bullmq
  dependency-version: 5.73.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: dd-trace
  dependency-version: 5.94.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
- dependency-name: dotenv
  dependency-version: 17.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 6, 2026

Assignees

The following users could not be added as assignees: RemmyAcee. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 6, 2026

📊 Coverage Report

✅ Coverage thresholds met

Metric Current Threshold Status
Statements 38.57% 20%
Branches 31.3% 15%
Functions 36.99% 25%
Lines 38.21% 20%

Coverage enforcement is configured in jest.config.js. Thresholds only go up — never down.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants