fix(lambda): bump the aws-powertools group in /lambdas with 4 updates

[dependabot]

Bumps the aws-powertools group in /lambdas with 4 updates: @aws-lambda-powertools/parameters, @aws-lambda-powertools/logger, @aws-lambda-powertools/metrics and @aws-lambda-powertools/tracer.

Updates @aws-lambda-powertools/parameters from 2.23.0 to 2.24.0

Release notes

Sourced from @​aws-lambda-powertools/parameters's releases.

v2.24.0

Summary

We’ve listened to your feedback and starting from this release of Parser we support only Zod v4 for all our built-in schemas and envelopes. Additionally the utility got a power up and it now supports schemas written using Standard Schema 🔥.

We’ve also fixed a bug in Tracer that prevented requests made via proxies to be traced correctly and another bug in Metrics that caused dimension sets to be added correctly to the metrics data object..

🌟 Congratulations to @​chetan9518, @​sdangol, and @​matteofigus for their first PRs merged in the project 🎉

Using Parser with Standard Schema

Docs

You can now use schemas written using Valibot or other Standard Schema-compatible parsing library to parse incoming events using the parser Middy.js middleware or TypeScript class method decorator. This is useful if your codebase is already relying on one of these libraries or you want to have full control over the bundle size.

Note that our built-in schemas and envelopes are still defined only using Zod. If you would like us to support other libraries like Valibot please open an issue and we will consider it based on the community's feedback.

If you are using Zod v3 and need more time to migrate, you can continue using Parser v2.23.0 as long as needed.

import { Logger } from '@aws-lambda-powertools/logger';
import { parser } from '@aws-lambda-powertools/parser/middleware';
import middy from '@middy/core';
import {
  array,
  number,
  object,
  optional,
  pipe,
  string,
  toMinValue,
} from 'valibot';
const logger = new Logger();
const orderSchema = object({
id: pipe(number(), toMinValue(0)),
description: string(),
items: array(
object({
id: pipe(number(), toMinValue(0)),
quantity: pipe(number(), toMinValue(1)),
description: string(),
})
),
optionalField: optional(string()),
});
export const handler = middy()
.use(parser({ schema: orderSchema }))
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/parameters's changelog.

2.24.0 (2025-07-15)

Improvements

• metrics optimize addDimensions method to avoid O(n²) complexity (#4156) (3982b4a)
• tracer replace class-based env access with functional helpers (#4146) (51d9b98)

Bug Fixes

• metrics addDimensions() documentation and tests (#3964) (a801636)
• tracer skip tracing CONNECT requests (#4148) (a147c3b)
• parser remove nullable from md5OfMessageAttributes in SqsRecordSchema (#4165) (d6cbde0)

Maintenance

• batch exclude deprecated code from coverage (#4152) (30bbf5a)
• parser remove deprecated parser type (#4154) (a59db36)

Features

• parser support Standard Schema and upgrade to Zod v4 (#4164) (67549f6)

Commits

• 501dc17 chore: bump to 2.24.0 (#4172)
• 57902be chore(deps): bump @​types/node from 24.0.12 to 24.0.13 (#4167)
• c7ebae6 chore(deps): bump esbuild from 0.25.5 to 0.25.6 (#4166)
• d6cbde0 fix(parser): remove nullable from md5OfMessageAttributes in SqsRecordSchema (...
• 67549f6 feat(parser): support Standard Schema and upgrade to Zod v4 (#4164)
• 191c846 chore(deps-dev): bump @​redis/client from 5.5.6 to 5.6.0 (#4162)
• 9472471 chore(deps): bump the aws-sdk-v3 group across 1 directory with 9 updates (#4159)
• 06622c3 chore(deps): bump vscode/devcontainers/javascript-node from 0d29e5f to `eac...
• af44b7c chore(deps-dev): bump zod from 3.25.67 to 3.25.76 (#4158)
• c9a1f7b chore(deps): bump @​types/node from 24.0.10 to 24.0.12 (#4157)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/logger from 2.23.0 to 2.24.0

Release notes

Sourced from @​aws-lambda-powertools/logger's releases.

v2.24.0

Summary

We’ve listened to your feedback and starting from this release of Parser we support only Zod v4 for all our built-in schemas and envelopes. Additionally the utility got a power up and it now supports schemas written using Standard Schema 🔥.

We’ve also fixed a bug in Tracer that prevented requests made via proxies to be traced correctly and another bug in Metrics that caused dimension sets to be added correctly to the metrics data object..

🌟 Congratulations to @​chetan9518, @​sdangol, and @​matteofigus for their first PRs merged in the project 🎉

Using Parser with Standard Schema

Docs

You can now use schemas written using Valibot or other Standard Schema-compatible parsing library to parse incoming events using the parser Middy.js middleware or TypeScript class method decorator. This is useful if your codebase is already relying on one of these libraries or you want to have full control over the bundle size.

Note that our built-in schemas and envelopes are still defined only using Zod. If you would like us to support other libraries like Valibot please open an issue and we will consider it based on the community's feedback.

If you are using Zod v3 and need more time to migrate, you can continue using Parser v2.23.0 as long as needed.

import { Logger } from '@aws-lambda-powertools/logger';
import { parser } from '@aws-lambda-powertools/parser/middleware';
import middy from '@middy/core';
import {
  array,
  number,
  object,
  optional,
  pipe,
  string,
  toMinValue,
} from 'valibot';
const logger = new Logger();
const orderSchema = object({
id: pipe(number(), toMinValue(0)),
description: string(),
items: array(
object({
id: pipe(number(), toMinValue(0)),
quantity: pipe(number(), toMinValue(1)),
description: string(),
})
),
optionalField: optional(string()),
});
export const handler = middy()
.use(parser({ schema: orderSchema }))
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/logger's changelog.

2.24.0 (2025-07-15)

Improvements

• metrics optimize addDimensions method to avoid O(n²) complexity (#4156) (3982b4a)
• tracer replace class-based env access with functional helpers (#4146) (51d9b98)

Bug Fixes

• metrics addDimensions() documentation and tests (#3964) (a801636)
• tracer skip tracing CONNECT requests (#4148) (a147c3b)
• parser remove nullable from md5OfMessageAttributes in SqsRecordSchema (#4165) (d6cbde0)

Maintenance

• batch exclude deprecated code from coverage (#4152) (30bbf5a)
• parser remove deprecated parser type (#4154) (a59db36)

Features

• parser support Standard Schema and upgrade to Zod v4 (#4164) (67549f6)

Commits

• 501dc17 chore: bump to 2.24.0 (#4172)
• 57902be chore(deps): bump @​types/node from 24.0.12 to 24.0.13 (#4167)
• c7ebae6 chore(deps): bump esbuild from 0.25.5 to 0.25.6 (#4166)
• d6cbde0 fix(parser): remove nullable from md5OfMessageAttributes in SqsRecordSchema (...
• 67549f6 feat(parser): support Standard Schema and upgrade to Zod v4 (#4164)
• 191c846 chore(deps-dev): bump @​redis/client from 5.5.6 to 5.6.0 (#4162)
• 9472471 chore(deps): bump the aws-sdk-v3 group across 1 directory with 9 updates (#4159)
• 06622c3 chore(deps): bump vscode/devcontainers/javascript-node from 0d29e5f to `eac...
• af44b7c chore(deps-dev): bump zod from 3.25.67 to 3.25.76 (#4158)
• c9a1f7b chore(deps): bump @​types/node from 24.0.10 to 24.0.12 (#4157)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/metrics from 2.23.0 to 2.24.0

Release notes

Sourced from @​aws-lambda-powertools/metrics's releases.

v2.24.0

Summary

We’ve listened to your feedback and starting from this release of Parser we support only Zod v4 for all our built-in schemas and envelopes. Additionally the utility got a power up and it now supports schemas written using Standard Schema 🔥.

We’ve also fixed a bug in Tracer that prevented requests made via proxies to be traced correctly and another bug in Metrics that caused dimension sets to be added correctly to the metrics data object..

🌟 Congratulations to @​chetan9518, @​sdangol, and @​matteofigus for their first PRs merged in the project 🎉

Using Parser with Standard Schema

Docs

You can now use schemas written using Valibot or other Standard Schema-compatible parsing library to parse incoming events using the parser Middy.js middleware or TypeScript class method decorator. This is useful if your codebase is already relying on one of these libraries or you want to have full control over the bundle size.

Note that our built-in schemas and envelopes are still defined only using Zod. If you would like us to support other libraries like Valibot please open an issue and we will consider it based on the community's feedback.

If you are using Zod v3 and need more time to migrate, you can continue using Parser v2.23.0 as long as needed.

import { Logger } from '@aws-lambda-powertools/logger';
import { parser } from '@aws-lambda-powertools/parser/middleware';
import middy from '@middy/core';
import {
  array,
  number,
  object,
  optional,
  pipe,
  string,
  toMinValue,
} from 'valibot';
const logger = new Logger();
const orderSchema = object({
id: pipe(number(), toMinValue(0)),
description: string(),
items: array(
object({
id: pipe(number(), toMinValue(0)),
quantity: pipe(number(), toMinValue(1)),
description: string(),
})
),
optionalField: optional(string()),
});
export const handler = middy()
.use(parser({ schema: orderSchema }))
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/metrics's changelog.

2.24.0 (2025-07-15)

Improvements

• metrics optimize addDimensions method to avoid O(n²) complexity (#4156) (3982b4a)
• tracer replace class-based env access with functional helpers (#4146) (51d9b98)

Bug Fixes

• metrics addDimensions() documentation and tests (#3964) (a801636)
• tracer skip tracing CONNECT requests (#4148) (a147c3b)
• parser remove nullable from md5OfMessageAttributes in SqsRecordSchema (#4165) (d6cbde0)

Maintenance

• batch exclude deprecated code from coverage (#4152) (30bbf5a)
• parser remove deprecated parser type (#4154) (a59db36)

Features

• parser support Standard Schema and upgrade to Zod v4 (#4164) (67549f6)

Commits

• 501dc17 chore: bump to 2.24.0 (#4172)
• 57902be chore(deps): bump @​types/node from 24.0.12 to 24.0.13 (#4167)
• c7ebae6 chore(deps): bump esbuild from 0.25.5 to 0.25.6 (#4166)
• d6cbde0 fix(parser): remove nullable from md5OfMessageAttributes in SqsRecordSchema (...
• 67549f6 feat(parser): support Standard Schema and upgrade to Zod v4 (#4164)
• 191c846 chore(deps-dev): bump @​redis/client from 5.5.6 to 5.6.0 (#4162)
• 9472471 chore(deps): bump the aws-sdk-v3 group across 1 directory with 9 updates (#4159)
• 06622c3 chore(deps): bump vscode/devcontainers/javascript-node from 0d29e5f to `eac...
• af44b7c chore(deps-dev): bump zod from 3.25.67 to 3.25.76 (#4158)
• c9a1f7b chore(deps): bump @​types/node from 24.0.10 to 24.0.12 (#4157)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/tracer from 2.23.0 to 2.24.0

Release notes

Sourced from @​aws-lambda-powertools/tracer's releases.

v2.24.0

Summary

We’ve listened to your feedback and starting from this release of Parser we support only Zod v4 for all our built-in schemas and envelopes. Additionally the utility got a power up and it now supports schemas written using Standard Schema 🔥.

We’ve also fixed a bug in Tracer that prevented requests made via proxies to be traced correctly and another bug in Metrics that caused dimension sets to be added correctly to the metrics data object..

🌟 Congratulations to @​chetan9518, @​sdangol, and @​matteofigus for their first PRs merged in the project 🎉

Using Parser with Standard Schema

Docs

You can now use schemas written using Valibot or other Standard Schema-compatible parsing library to parse incoming events using the parser Middy.js middleware or TypeScript class method decorator. This is useful if your codebase is already relying on one of these libraries or you want to have full control over the bundle size.

Note that our built-in schemas and envelopes are still defined only using Zod. If you would like us to support other libraries like Valibot please open an issue and we will consider it based on the community's feedback.

If you are using Zod v3 and need more time to migrate, you can continue using Parser v2.23.0 as long as needed.

import { Logger } from '@aws-lambda-powertools/logger';
import { parser } from '@aws-lambda-powertools/parser/middleware';
import middy from '@middy/core';
import {
  array,
  number,
  object,
  optional,
  pipe,
  string,
  toMinValue,
} from 'valibot';
const logger = new Logger();
const orderSchema = object({
id: pipe(number(), toMinValue(0)),
description: string(),
items: array(
object({
id: pipe(number(), toMinValue(0)),
quantity: pipe(number(), toMinValue(1)),
description: string(),
})
),
optionalField: optional(string()),
});
export const handler = middy()
.use(parser({ schema: orderSchema }))
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/tracer's changelog.

2.24.0 (2025-07-15)

Improvements

• metrics optimize addDimensions method to avoid O(n²) complexity (#4156) (3982b4a)
• tracer replace class-based env access with functional helpers (#4146) (51d9b98)

Bug Fixes

• metrics addDimensions() documentation and tests (#3964) (a801636)
• tracer skip tracing CONNECT requests (#4148) (a147c3b)
• parser remove nullable from md5OfMessageAttributes in SqsRecordSchema (#4165) (d6cbde0)

Maintenance

• batch exclude deprecated code from coverage (#4152) (30bbf5a)
• parser remove deprecated parser type (#4154) (a59db36)

Features

• parser support Standard Schema and upgrade to Zod v4 (#4164) (67549f6)

Commits

• 501dc17 chore: bump to 2.24.0 (#4172)
• 57902be chore(deps): bump @​types/node from 24.0.12 to 24.0.13 (#4167)
• c7ebae6 chore(deps): bump esbuild from 0.25.5 to 0.25.6 (#4166)
• d6cbde0 fix(parser): remove nullable from md5OfMessageAttributes in SqsRecordSchema (...
• 67549f6 feat(parser): support Standard Schema and upgrade to Zod v4 (#4164)
• 191c846 chore(deps-dev): bump @​redis/client from 5.5.6 to 5.6.0 (#4162)
• 9472471 chore(deps): bump the aws-sdk-v3 group across 1 directory with 9 updates (#4159)
• 06622c3 chore(deps): bump vscode/devcontainers/javascript-node from 0d29e5f to `eac...
• af44b7c chore(deps-dev): bump zod from 3.25.67 to 3.25.76 (#4158)
• c9a1f7b chore(deps): bump @​types/node from 24.0.10 to 24.0.12 (#4157)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@aws-lambda-powertools/parameters	^2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	^2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	^2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	^2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/commons	2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/parameters	2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	2.24.0	🟢 8.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 6 4 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/libs/aws-powertools-util/package.json
• lambdas/yarn.lock