Skip to content

deps: bump the all-dependencies group with 4 updates #17350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

deps: bump the all-dependencies group with 4 updates #17350

dependabot wants to merge 1 commit into from
+320 −257

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 29, 2026

Bumps the all-dependencies group with 4 updates: @aws-sdk/client-s3, @growthbook/growthbook, axios and cheerio.

Updates @aws-sdk/client-s3 from 3.972.0 to 3.978.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.978.0

3.978.0(2026-01-28)

Chores
  • codegen:
New Features
  • client-s3-control: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (8248439e)
  • client-mediaconvert: This release adds a follow source mode for audio output channel count, an AES audio frame wrapping option for MXF outputs, and an option to signal DolbyVision compatibility using the SUPPLEMENTAL-CODECS tag in HLS manifests. (9ee45457)
  • client-cognito-identity-provider: This release adds support for a new lambda trigger to transform federated user attributes during the authentication with external identity providers on Cognito Managed Login. (a291daef)
  • client-connect: Adds support for filtering search results based on tags assigned to contacts. (c3e7a41b)
  • client-ec2: SearchTransitGatewayRoutes API response now includes a NextToken field, enabling pagination when retrieving large sets of transit gateway routes. Pass the returned NextToken value in subsequent requests to retrieve the next page of results. (11fdee1e)
  • client-mediaconnect: This release adds support for NDI flow sources in AWS Elemental MediaConnect. You can now send content to your MediaConnect transport streams directly from your NDI environment using the new NDI source type. Also adds support for LARGE 4X flow size, which can be used when creating CDI JPEG-XS flows. (a5e075c8)
  • client-s3: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (b56cea55)
  • client-lambda: We are launching ESM Metrics and logging for Kafka ESM to allow customers to monitor Kafka event processing using CloudWatch Metrics and Logs. (af7d3d55)
Tests
  • client-s3: add test for aggregate client paginator/waiter methods (#7687) (75ba48bc)

For list of updated packages, view updated-packages.md in assets-3.978.0.zip

v3.977.0

3.977.0(2026-01-27)

Chores
New Features
  • clients: update client endpoints as of 2026-01-27 (04a9ab71)
  • client-ec2: Releasing new EC2 instances. C8gb and M8gb with highest EBS performance, M8gn with 600 Gbps network bandwidth, X8aedz and M8azn with 5GHz AMD processors, X8i with Intel Xeon 6 processors and up to 6TB memory, and Mac-m4max with Apple M4 Max chip for 25 percent faster builds. (8c83ff92)
  • client-connect: Added support for task attachments. The StartTaskContact API now accepts file attachments, enabling customers to include files (.csv, .doc, .docx, .heic, .jfif, .jpeg, .jpg, .mov, .mp4, .pdf, .png, .ppt, .pptx, .rtf, .txt, etc.) when creating Task contacts. Supports up to 5 attachments per task. (12e1a94a)
  • client-medialive: AWS Elemental MediaLive released two new features that allows customers 1) to set Output Timecode for AV1 encoder, 2) to set a Custom Epoch for CMAF Ingest and MediaPackage V2 output groups when using Pipeline Locking or Disabled Locking modes. (58a0492c)
  • client-deadline: AWS Deadline Cloud now supports editing job names and descriptions after submission. (fd6d1d4b)
  • client-sagemaker: Idle resource sharing enables teams to borrow unused compute resources in your SageMaker HyperPod cluster. This capability maximizes resource utilization by allowing teams to borrow idle compute capacity beyond their allocated compute quotas. (3f52b92b)

For list of updated packages, view updated-packages.md in assets-3.977.0.zip

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.978.0 (2026-01-28)

Features

  • client-s3: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (b56cea5)

3.975.0 (2026-01-23)

Note: Version bump only for package @​aws-sdk/client-s3

3.974.0 (2026-01-22)

Note: Version bump only for package @​aws-sdk/client-s3

Commits
  • a1794f7 Publish v3.978.0
  • b56cea5 feat(client-s3): Adds support for the UpdateObjectEncryption API to change th...
  • 75ba48b test(client-s3): add test for aggregate client paginator/waiter methods (#7687)
  • 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
  • 557a738 Publish v3.975.0
  • 784b9f3 chore(codegen): upgrade smithy to 1.66.0 (#7678)
  • 2f2a874 Publish v3.974.0
  • 8536efc chore(codegen): sync for http label validation (#7671)
  • See full diff in compare view

Updates @growthbook/growthbook from 1.6.2 to 1.6.4

Changelog

Sourced from @​growthbook/growthbook's changelog.

1.6.4 - Jan 26, 2026

  • Add support for case-insensitive membership operators: $ini, $nini, $alli
    • $ini: Case-insensitive version of $in
    • $nini: Case-insensitive version of $nin
    • $alli: Case-insensitive version of $all

1.6.3 - Jan 22, 2026

  • Add support for case-insensitive regex targeting: $regexi
Commits

Updates axios from 1.13.2 to 1.13.4

Release notes

Sourced from axios's releases.

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

  • fix: issues with version 1.13.3 (#7352) (ee90dfc)
    • Fixed issues discovered in v1.13.3 release
    • Cleaned up interceptor test files
    • Improved workflow configurations

Infrastructure & CI/CD

  • refactor: ci and build (#7340) (8ff6c19)

    • Major refactoring of CI/CD workflows
    • Consolidated workflow files for better maintainability
    • Added mise configuration for the development environment
    • Improved sponsor block update automation
    • Enhanced issue and PR templates
    • Added automatic release notes generation
    • Implemented workflow cancellation for concurrent runs

  • chore: codegen and some updates to workflows (76cf77b)

    • Code generation improvements
    • Workflow optimisations

Migration Notes

Breaking Changes

None in this release.

Deprecations

None in this release.

Contributors

Thank you to all contributors who made this release possible! Special thanks to:

Release v1.13.3

Release notes:

Bug Fixes

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

  • http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
  • interceptor: handle the error in the same interceptor (#6269) (5945e40)
  • main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
  • package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
  • silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
  • turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
  • types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
  • types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
  • unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

Reverts

  • Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
  • deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

... (truncated)

Commits
  • 9336cf9 chore(release): prepare release 1.13.4 (#7353)
  • ee90dfc fix: issues with version 1.13.3 (#7352)
  • af4f6d9 fix: release branch yml
  • 253e3ad fix: all merge configs
  • 8ff6c19 refactor: ci and build (#7340)
  • ab06109 chore(release): v1.13.3 (#7335)
  • 2d6ad5e revert(deps): bump peter-evans/create-pull-request from 7 to 8 in the github-...
  • cb49a6f chore(sponsor): update sponsor block (#7330)
  • d8233d9 fix(types): restore AxiosError.cause type from unknown to Error (#7327)
  • 5945e40 fix(interceptor): handle the error in the same interceptor (#6269)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.


Updates cheerio from 1.1.2 to 1.2.0

Release notes

Sourced from cheerio's releases.

v1.2.0

What's Changed

New Contributors

Full Changelog: cheeriojs/cheerio@v1.1.2...v1.2.0

Commits
  • e3c7aaf 1.2.0
  • 96bfd3e chore(package): Exclude tests from published bundle
  • 08d396c docs(readme): Update Sponsors (#5014)
  • bd9d3dd build(deps-dev): bump eslint-plugin-jsdoc from 62.3.0 to 62.3.1 (#5022)
  • f4c8a58 build(deps): bump unist-util-visit from 5.0.0 to 5.1.0 in /website (#5027)
  • 8fa46d5 build(deps): bump astro from 5.16.12 to 5.16.14 in /website (#5026)
  • 8e132a6 build(deps-dev): bump @​vitest/coverage-v8 from 4.0.17 to 4.0.18 (#5023)
  • 6d31bfc build(deps-dev): bump globals from 17.0.0 to 17.1.0 (#5025)
  • 65aa6c8 build(deps): bump @​docsearch/css from 4.5.0 to 4.5.3 in /website (#5020)
  • 5567e65 build(deps): bump astro from 5.16.11 to 5.16.12 in /website (#5021)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps: bump the all-dependencies group with 4 updates
b8dbec6 
Bumps the all-dependencies group with 4 updates: [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3), [@growthbook/growthbook](https://github.com/growthbook/growthbook/tree/HEAD/packages/sdk-js), [axios](https://github.com/axios/axios) and [cheerio](https://github.com/cheeriojs/cheerio).


Updates `@aws-sdk/client-s3` from 3.972.0 to 3.978.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.978.0/clients/client-s3)

Updates `@growthbook/growthbook` from 1.6.2 to 1.6.4
- [Release notes](https://github.com/growthbook/growthbook/releases)
- [Changelog](https://github.com/growthbook/growthbook/blob/main/packages/sdk-js/CHANGELOG.md)
- [Commits](https://github.com/growthbook/growthbook/commits/HEAD/packages/sdk-js)

Updates `axios` from 1.13.2 to 1.13.4
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.13.2...v1.13.4)

Updates `cheerio` from 1.1.2 to 1.2.0
- [Release notes](https://github.com/cheeriojs/cheerio/releases)
- [Commits](cheeriojs/cheerio@v1.1.2...v1.2.0)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.978.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: "@growthbook/growthbook"
  dependency-version: 1.6.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: axios
  dependency-version: 1.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: cheerio
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 29, 2026
@github-actions github-actions bot added deps-quarterly-review Close for quarterly batch review deps-risk-low Dev tools only labels Jan 29, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 29, 2026

Automated Dependabot Triage

Risk Tier: LOW
Dependencies: See PR body

Low Risk - Dev tools only. Safe to defer to quarterly review.

Claude Code Review

Automated Claude reviews are not available for Dependabot PRs. To review this PR with Claude Code, run:

/docs-review 17350

For detailed triage guidance, see the Dependency Management section in BUILD-AND-DEPLOY.md.

@pulumi-bot
Copy link
Collaborator

pulumi-bot commented Jan 29, 2026

Your site preview for commit b8dbec6 is ready! 🎉

http://www-testing-pulumi-docs-origin-pr-17350-b8dbec64.s3-website.us-west-2.amazonaws.com.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file deps-quarterly-review Close for quarterly batch review deps-risk-low Dev tools only

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pulumi-bot @CamSoper