v2.20.1-beta

2.20.1 (2026-03-24)

Chore

• [AEA-0000] - new script to create jwks and new prod jwks (#1946) (46d3999)

Info

Release workflow run - Workflow ID: 23483481703

It was initialized by anthony-nhs

v2.20.0-beta

2.20.0 (2026-03-23)

Chore

• [AEA-0000] - move to common dev container (#1885) (cb1836c)

New

• [AEA-6360] - Add new RUM log to role confirmation (#1920) (79cd8da)

Upgrade

• [dependabot] - bump @aws-lambda-powertools/commons from 2.31.0 to 2.32.0 (#1938) (6fd92c6)
• [dependabot] - bump @aws-lambda-powertools/logger from 2.31.0 to 2.32.0 (#1937) (51ea898)
• [dependabot] - bump @aws-lambda-powertools/parameters from 2.31.0 to 2.32.0 (#1940) (663b500)
• [dependabot] - bump @aws-sdk/client-dynamodb from 3.1009.0 to 3.1014.0 (#1934) (a22adc3)
• [dependabot] - bump @aws-sdk/client-lambda from 3.1009.0 to 3.1014.0 (#1933) (16dd7af)
• [dependabot] - bump @middy/core from 7.1.7 to 7.2.1 (#1935) (6cf69b7)
• [dependabot] - bump @middy/http-header-normalizer from 7.1.6 to 7.2.1 (#1943) (e3c0f21)
• [dependabot] - bump aws-cdk from 2.1111.0 to 2.1112.0 (#1939) (47e670c)
• [dependabot] - bump aws-cdk-lib from 2.243.0 to 2.244.0 (#1936) (ddd1fe8)
• [dependabot] - bump flatted from 3.3.3 to 3.4.2 (#1922) (ec9c2b5)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.6.7 to 5.8.3 (#1929) (fe49f7d)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml from 5.6.3 to 5.8.3 (#1927) (ee4bc6f)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.6.6 to 5.8.3 (#1928) (898305c)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml from 5.6.6 to 5.8.3 (#1925) (4131260)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml from 5.7.0 to 5.8.3 (#1926) (9e99538)
• [dependabot] - bump typescript-eslint from 8.57.0 to 8.57.1 (#1942) (00004d7)

Info

Release workflow run - Workflow ID: 23430146644

It was initialized by anthony-nhs

v2.19.3-beta

2.19.3 (2026-03-19)

Chore

• [AEA-0000] - stagger dependabot (#1886) (515cd73)

Fix

• [AEA-0000] - Trivy ignore currently recognised risk for fast-xml-parser (#1919) (728584f)
• [AEA-5884] - Part 2: Fix disabling button on press & prevent cross firing (#1884) (f6df0d9)
• [AEA-5884] - timeout modal improvements (#1832) (00e867e)
• [AEA-6003] - patient banner shown on wrong pages (#1862) (718393c)

Upgrade

• [dependabot] - bump @aws-sdk/client-lambda from 3.1002.0 to 3.1003.0 (#1871) (23d075d)
• [dependabot] - bump @aws-sdk/client-lambda from 3.1003.0 to 3.1007.0 (#1896) (87ece95)
• [dependabot] - bump @aws-sdk/client-lambda from 3.1007.0 to 3.1009.0 (#1908) (30e7168)
• [dependabot] - bump @aws-sdk/client-lambda from 3.995.0 to 3.999.0 (#1852) (4ee083f)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.1002.0 to 3.1003.0 (#1881) (123cef8)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.995.0 to 3.999.0 (#1844) (34cfdc9)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.1002.0 to 3.1003.0 (#1880) (1c70ccb)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.1003.0 to 3.1007.0 (#1892) (38f0561)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.1007.0 to 3.1009.0 (#1918) (696b231)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.994.0 to 3.999.0 (#1850) (0323901)
• [dependabot] - bump @middy/core from 7.1.0 to 7.1.3 (#1875) (0feb3d4)
• [dependabot] - bump @middy/http-header-normalizer from 7.1.1 to 7.1.3 (#1870) (e962947)
• [dependabot] - bump @middy/http-header-normalizer from 7.1.3 to 7.1.4 (#1897) (4e76146)
• [dependabot] - bump @middy/http-header-normalizer from 7.1.4 to 7.1.6 (#1915) (1f86efd)
• [dependabot] - bump @types/aws-lambda from 8.10.160 to 8.10.161 (#1846) (a1ec589)
• [dependabot] - bump @types/node from 25.3.0 to 25.3.2 (#1847) (1289d29)
• [dependabot] - bump @types/node from 25.3.3 to 25.3.5 (#1874) (7f419cd)
• [dependabot] - bump @types/node from 25.3.5 to 25.5.0 (#1909) (26f8fcb)
• [dependabot] - bump @typescript-eslint/eslint-plugin from 8.56.0 to 8.56.1 (#1853) (e5c7720)
• [dependabot] - bump @typescript-eslint/parser from 8.56.1 to 8.57.0 (#1905) (5cb2e4c)
• [dependabot] - bump @vitejs/plugin-react-swc from 4.2.3 to 4.3.0 (#1912) (4881d1e)
• [dependabot] - bump @vitest/coverage-v8 from 4.0.18 to 4.1.0 (#1913) (efa9a4b)
• [dependabot] - bump actions/download-artifact from 7.0.0 to 8.0.0 (#1838) (99c56f3)
• [dependabot] - bump actions/download-artifact from 8.0.0 to 8.0.1 (#1891) (1ce2334)
• [dependabot] - bump actions/upload-artifact from 6.0.0 to 7.0.0 (#1835) (7ea10b0)
• [dependabot] - bump aws-amplify from 6.16.2 to 6.16.3 (#1895) (063508c)
• [dependabot] - bump aws-cdk from 2.1106.1 to 2.1108.0 (#1843) (ab792aa)
• [dependabot] - bump aws-cdk from 2.1109.0 to 2.1111.0 (#1899) (9ae470f)
• [dependabot] - bump aws-cdk-lib from 2.239.0 to 2.240.0 (#1841) (9c2a938)
• [dependabot] - bump aws-cdk-lib from 2.241.0 to 2.243.0 (#1902) (b0ab94a)
• [dependabot] - bump axios from 1.13.5 to 1.13.6 (#1877) (a054e1e)
• [dependabot] - bump conventional-changelog-eslint from 6.0.0 to 6.1.0 (#1873) (cc7f38a)
• [dependabot] - bump esbuild from 0.27.3 to 0.27.4 (#1910) (c6df39f)
• [dependabot] - bump globals from 17.3.0 to 17.4.0 (#1879) (292690f)
• [dependabot] - bump jest from 30.2.0 to 30.3.0 (#1894) (70da689)
• [dependabot] - bump jest-environment-jsdom from 30.2.0 to 30.3.0 (#1917) (118cb3d)
• [dependabot] - bump jwks-rsa from 3.2.2 to 4.0.0 (#1851) (cf20682)
• [dependabot] - bump jwks-rsa from 3.2.2 to 4.0.1 (#1898) (7aeba35)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.5.1 to 5.6.3 (#1869) (121a9d7)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.6.3 to 5.6.4 (#1890) (56403f1)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.6.4 to 5.6.6 (#1906) (28fa025)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.5.3 to 5.6.3 (#1868) (c392e38)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.6.3 to 5.6.4 (#1888) (d103a9f)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/quality-checks.yml from 5.5.1 to 5.6.3 (#1867) (1795258)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/quality-checks.yml from 5.6.3 to 5.6.4 (#1887) ([a7b7382](https://github.com/NHSDigital/eps-prescription-tracker-ui...

v2.19.2-beta

2.19.2 (2026-03-05)

Fix

• [AEA-0000] - trivy update (#1828) (01d88f6)
• [AEA-0000] - Update trivy ignore (#1857) (6e6987f)
• [AEA-5081] - fixed skip link focus and updated trivyignore (#1798) (259e4b1)
• [AEA-5350] - removed exit button (#1858) (552bc2f)
• [AEA-6210] - Include delayed information on loading page (#1821) (4f94221)
• [AEA-6210] - Resolve spacing on page (#1859) (b2630ca)

Upgrade

• [dependabot] - bump @typescript-eslint/parser from 8.56.0 to 8.56.1 (#1854) (542001e)
• [dependabot] - bump aws-rum-web from 1.25.0 to 2.0.0 (#1701) (6caa187)
• [dependabot] - bump immutable from 5.1.4 to 5.1.5 (#1863) (916879e)
• [dependabot] - bump minimatch (#1856) (8c220b7)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.5.1 to 5.5.3 (#1834) (ebd2f81)
• [dependabot] - bump rollup from 4.57.0 to 4.59.0 (#1855) (c332747)

Info

Release workflow run - Workflow ID: 22716948750

It was initialized by connoravo-nhs

v2.19.1-beta

2.19.1 (2026-02-25)

Chore

• [AEA-0000] - Add new trivy ignore (#1799) (f839419)
• [AEA-0000] - added new ignore (#1795) (047a871)
• [AEA-6051] - add secrets for api keys (#1749) (4947f7b)
• [AEA-6163] - Add role selection logging (#1748) (3c6b31b)

Fix

• [AEA-6163] - Split log into multiple events (#1794) (832a81c)
• [AEA-6215] - Add an automatic RUM log for users who are on the redirect page too long (#1772) (defe0fe)
• [AEA-6243] - Add additional isSigningOut condition to loading page on select your role (#1751) (7e00c1c)
• [AEA-6266] - Improve wording on loading/redirection screen (#1771) (33e8ec5)

Upgrade

• [dependabot] - bump @aws-amplify/auth from 6.18.0 to 6.19.1 (#1763) (a69cb7a)
• [dependabot] - bump @aws-lambda-powertools/commons from 2.30.2 to 2.31.0 (#1788) (c16f156)
• [dependabot] - bump @aws-lambda-powertools/logger from 2.30.2 to 2.31.0 (#1785) (0a9a679)
• [dependabot] - bump @aws-lambda-powertools/parameters from 2.30.2 to 2.31.0 (#1786) (2adb21e)
• [dependabot] - bump @aws-sdk/client-dynamodb from 3.985.0 to 3.989.0 (#1787) (881c467)
• [dependabot] - bump @aws-sdk/client-dynamodb from 3.990.0 to 3.994.0 (#1807) (f3bfbd1)
• [dependabot] - bump @aws-sdk/client-lambda from 3.978.0 to 3.984.0 (#1766) (dab3a90)
• [dependabot] - bump @aws-sdk/client-lambda from 3.985.0 to 3.989.0 (#1793) (deb4825)
• [dependabot] - bump @aws-sdk/client-lambda from 3.989.0 to 3.994.0 (#1809) (2c56a3f)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.981.0 to 3.984.0 (#1759) (94c067a)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.985.0 to 3.989.0 (#1778) (220357d)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.990.0 to 3.994.0 (#1813) (22e780c)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.980.0 to 3.984.0 (#1761) (69642ab)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.985.0 to 3.989.0 (#1784) (b53f772)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.990.0 to 3.994.0 (#1820) (e00c40c)
• [dependabot] - bump @middy/core from 7.0.2 to 7.1.0 (#1804) (9aba915)
• [dependabot] - bump @middy/http-header-normalizer from 7.0.2 to 7.1.0 (#1814) (bd04e24)
• [dependabot] - bump @middy/input-output-logger from 7.0.2 to 7.1.0 (#1816) (1b5b2e2)
• [dependabot] - bump @types/node from 25.1.0 to 25.2.1 (#1762) (c08b5be)
• [dependabot] - bump @types/node from 25.2.1 to 25.2.3 (#1780) (01eec35)
• [dependabot] - bump @types/node from 25.2.3 to 25.3.0 (#1817) (388e849)
• [dependabot] - bump @typescript-eslint/eslint-plugin from 8.55.0 to 8.56.0 (#1812) (cf66dee)
• [dependabot] - bump @typescript-eslint/parser from 8.55.0 to 8.56.0 (#1806) (c2f73ae)
• [dependabot] - bump @vitejs/plugin-react-swc from 4.2.2 to 4.2.3 (#1765) (4618bc5)
• [dependabot] - bump actions/cache from 5.0.2 to 5.0.3 (#1732) (b67a955)
• [dependabot] - bump ajv from 8.17.1 to 8.18.0 (#1808) (8260a1b)
• [dependabot] - bump aws-actions/configure-aws-credentials from 5.1.1 to 6.0.0 (#1753) (bf1938c)
• [dependabot] - bump aws-amplify from 6.16.0 to 6.16.2 (#1760) (21cf83d)
• [dependabot] - bump aws-cdk from 2.1103.0 to 2.1104.0 (#1738) (0a52438)
• [dependabot] - bump aws-cdk from 2.1104.0 to 2.1106.0 (#1781) (f177c63)
• [dependabot] - bump aws-cdk from 2.1106.0 to 2.1106.1 (#1805) (5327ca2)
• [dependabot] - bump aws-cdk-lib from 2.236.0 to 2.237.1 (#1767) (88f487b)
• [dependabot] - bump aws-cdk-lib from 2.237.1 to 2.238.0 (#1777) (ce28f95)
• [dependabot] - bump aws-cdk-lib from 2.238.0 to 2.239.0 (#1811) (c6e0e2a)
• [dependabot] - bump axios from 1.13.4 to 1.13.5 (#1770) (7d080cb)
• [dependabot] - bump esbuild from 0.27.2 to 0.27.3 (#1768) (e1238a4)
• [dependabot] - bump globals from 17.2.0 to 17.3.0 (#1758) (fe6b9ac)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.3.12 to 5.4.1 (#1776) (69c2be1)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.3.5 to 5.3.12 (#1755) (27d3f89)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.4.1 to 5.5.1 (#1801) (2228670)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.3.12 to 5.4.1 (#1773) (67d564a)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.3.5 to 5.3.12 (#1757) (35ee2c4)
• [dependabot] - bump NHSDigital/eps-common-workflo...

v2.19.0-beta

2.19.0 (2026-02-05)

Fix

• [AEA-5833] - Correct which pages shown on invalid session check (#1747) (3107df5)

New

• [AEA-6209] - Render a loading page if rendering is blocked (#1750) (f74b8d3)

Info

See code diff
Release workflow run - Workflow ID: 21714109108

It was initialized by connoravo-nhs

v2.18.0-beta

2.18.0 (2026-02-04)

Chore

• [AEA-0000] - move some packages to vitest (#1681) (cd41712)

Fix

• [AEA-5935] - privacy notice (#1713) (264a8e8)

New

• [AEA-6072] - Reduce auth session check timing (#1710) (ed2bbe8)

Upgrade

• [dependabot] - bump @aws-sdk/client-dynamodb from 3.975.0 to 3.978.0 (#1737) (2325e1c)
• [dependabot] - bump @aws-sdk/client-lambda from 3.975.0 to 3.978.0 (#1744) (3dbd343)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.975.0 to 3.978.0 (#1741) (11dccd1)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.975.0 to 3.978.0 (#1740) (a54263d)
• [dependabot] - bump @types/node from 25.0.10 to 25.1.0 (#1739) (6060647)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.3.3 to 5.3.5 (#1733) (8af4fd8)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.3.3 to 5.3.5 (#1734) (be980f0)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/quality-checks.yml from 5.3.3 to 5.3.5 (#1735) (caa5a8a)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml from 5.3.3 to 5.3.5 (#1731) (6c9a0ad)

Info

See code diff
Release workflow run - Workflow ID: 21677852283

It was initialized by anthony-nhs

v2.17.18-beta

2.17.18 (2026-01-28)

Fix

• [AEA-0000] - Add Cloudfront KVS escape hatch workaround (#1712) (bbc31aa)
• [AEA-5081] - header plus others (#1709) (52985fd)

Upgrade

• [dependabot] - bump @aws-amplify/auth from 6.17.2 to 6.18.0 (#1722) (b486f01)
• [dependabot] - bump @aws-sdk/client-lambda from 3.972.0 to 3.974.0 (#1719) (358f759)
• [dependabot] - bump @aws-sdk/client-secrets-manager from 3.972.0 to 3.974.0 (#1716) (73b3e33)
• [dependabot] - bump @aws-sdk/lib-dynamodb from 3.972.0 to 3.974.0 (#1724) (1a6a361)
• [dependabot] - bump actions/checkout from 6.0.1 to 6.0.2 (#1718) (deec6ce)
• [dependabot] - bump aws-amplify from 6.15.10 to 6.16.0 (#1725) (6f02bde)
• [dependabot] - bump aws-cdk-lib from 2.234.1 to 2.236.0 (#1726) (6627b97)
• [dependabot] - bump globals from 17.0.0 to 17.1.0 (#1723) (0be6452)
• [dependabot] - bump jwks-rsa from 3.2.1 to 3.2.2 (#1727) (27684e6)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml from 5.3.1 to 5.3.3 (#1721) (f4aac0d)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml from 5.3.1 to 5.3.3 (#1714) (170e74f)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/quality-checks.yml from 5.3.1 to 5.3.3 (#1715) (325fa0f)
• [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml from 5.3.1 to 5.3.3 (#1717) (a59abb4)
• [dependabot] - bump pino from 10.2.1 to 10.3.0 (#1728) (903f5be)

Info

See code diff
Release workflow run - Workflow ID: 21445056732

It was initialized by Orkastrated

v2.17.17-beta

2.17.17 (2026-01-23)

Fix

• [AEA-0000] - Pin CDK version (#1711) (f9e99b3)
• [AEA-5395] - added hover styling back in (#1708) (62d7879)
• [AEA-5821] - Adds PDS call to prescription details (#1682) (24e8086)

Info

See code diff
Release workflow run - Workflow ID: 21283719233

It was initialized by Orkastrated

v2.17.16-beta

2.17.16 (2026-01-21)

Fix

• [AEA-5318] - titles (#1706) (ebd89d5)
• [AEA-5935] - updated privacy notice text (#1683) (5baee6f)

Info

See code diff
Release workflow run - Workflow ID: 21206889658

It was initialized by kieran-wilkinson-4