Releases: aws-solutions/innovation-sandbox-on-aws
Releases · aws-solutions/innovation-sandbox-on-aws
V1.2.2
[1.2.2] - 2026-03-19
Security
- Upgraded
flattedto mitigate CVE-2026-32141 - Updated
fast-xml-parserto address CVE-2026-26278
v1.2.1
[1.2.1] - 2026-03-05
Security
- Upgraded
aws-nuketo mitigate CVE-2025-68121 - Upgraded
minimatchto mitigate: - Upgraded
serialize-javascriptto mitigate GHSA-5c6j-r48x-rmvq - Upgraded
fast-xml-parserto mitigate CVE-2026-27942
v1.2.0
[1.2.0] - 2026-02-25
Added
- Blueprint management for registering, configuring, and tracking CloudFormation StackSets as reusable infrastructure templates (#34)
- Configurable deployment strategies with region targeting, concurrency controls, and failure tolerance
- Automated blueprint deployment to sandbox accounts during lease provisioning, orchestrated through AWS Step Functions
ProvisioningandProvisioningFailedlease statuses to track blueprint deployment progress during lease approval- Deployment history per blueprint with health metrics (successful deployments, deployment history, last deployment time)
- Blueprint management UI with registration wizard, detail view, deployment history visualization, and editing for basic details and deployment configuration
- Blueprint association on lease templates, allowing administrators to attach or detach blueprints during template creation or update
- Dedicated detail and edit pages for leases and lease templates covering duration, budget, cost report, and blueprint settings
- Version update alert in the navigation bar when a newer version of the solution is available (#45)
- AWS WAF logging to Amazon CloudWatch Logs and alarm on blocked requests
- Validation that the
InnovationSandbox-<namespace>-SandboxAccountRolerole exists in a sandbox account before starting cleanup, reducing unnecessary cleanup attempts
Fixed
- Sorting on date and status columns in frontend tables by adding dedicated sorting comparators
- Cross-stack reference issue where updates to the account pool stack were not reflected in the compute stack due to deploy-time resolution
Changed
- Lease approval workflow now supports two paths: immediate access (no blueprint) or deferred access after blueprint deployment completes
- Miscellaneous UX improvements to the frontend application
Security
- Added JWT signature verification at Lambda middleware layer to prevent authentication bypass when API Gateway is bypassed (#93)
- Upgraded
fast-xml-parserto mitigate: - Upgraded
ajvto mitigate CVE-2025-69873 - Upgraded
qsto mitigate CVE-2026-2391
v1.1.8
[1.1.8] - 2026-02-04
Security
- Upgraded
aws-nuketo mitigate: - Upgraded
fast-xml-parserto mitigate CVE-2026-25128 - Upgraded
lodashto mitigate CVE-2025-13465
v1.1.7
[1.1.7] - 2026-01-20
Fixed
- Upgraded
aws-nuketo v3.63.2 to resolve discovery short-circuit behavior when encountering SCP-protected log groups
v1.1.6
[1.1.6] - 2026-01-12
Security
- Upgraded
@remix-run/routerto mitigate CVE-2026-22029 - Upgraded
glib2to mitigate CVE-2025-14087 - Upgraded
libcapto mitigate: - Upgraded
python3to mitigate: - Upgraded
python3-libsto mitigate: - Upgraded
python-unversioned-commandto mitigate:
v1.1.5
v1.1.4
v1.1.3
[1.1.3] - 2025-12-10
Security
- Upgraded
jwsto mitigate CVE-2025-65945 - Upgraded
mdast-util-to-hastto mitigate CVE-2025-66400 - Upgraded
curl-minimalto mitigate CVE-2025-11563 - Upgraded
libcurl-minimalto mitigate CVE-2025-11563 - Upgraded
glib2to mitigate CVE-2025-13601 - Upgraded
python-unversioned-commandto mitigate CVE-2025-6075 - Upgraded
python3-libsto mitigate CVE-2025-6075 - Upgraded
python3to mitigate CVE-2025-6075
v1.1.2
[1.1.2] - 2025-11-20
Security
- Upgraded
js-yamlto mitigate CVE-2025-64718 - Upgraded
globto mitigate CVE-2025-64756