fix(lambda): bump the aws-powertools group in /lambdas with 4 updates

[dependabot]

Bumps the aws-powertools group in /lambdas with 4 updates: @aws-lambda-powertools/parameters, @aws-lambda-powertools/logger, @aws-lambda-powertools/metrics and @aws-lambda-powertools/tracer.

Updates @aws-lambda-powertools/parameters from 2.26.1 to 2.27.0

Release notes

Sourced from @​aws-lambda-powertools/parameters's releases.

v2.27.0

Summary

We're excited to announce an update to our Event Handler utility, featuring new middleware for CORS (Cross-Origin Resource Sharing) configuration and automatic response compression. We have also added support for Route Prefixes which allows you to avoid repeating a shared prefix in each route definition.

We've listened to your feedback and also made some slight changes to the type signature in the handlers to improve developer experience.

We have also made the error handlers more versatile by allowing a Response object or a JavaScript object to be returned from the error handler.

⭐ Congratulations @​guillemcomerma for their first PR merged in the project, and thank you to @​shrivarshapoojari and @​dani-abib for their contributions 🎉

CORS Middleware

Docs

The CORS middleware ensures CORS headers are returned as part of the response when your functions match the path invoked and the Origin matches one of the allowed values.

import { Router } from '@aws-lambda-powertools/event-handler/experimental-rest';
import { cors } from '@aws-lambda-powertools/event-handler/experimental-rest/middleware';
import type { Context } from 'aws-lambda';
const app = new Router();
app.use(
cors({
origin: 'https://example.com',
maxAge: 300,
})
);
app.get('/todos/:todoId', async ({ params: { todoId } }) => {
const todo = await getTodoById(todoId);
return { todo };
});
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);
/**
When invoked from a valid origin, this returns:
{
"statusCode": 200,
"headers": {
"access-control-allow-credentials": "false",
"access-control-allow-origin": "https://example.com",
"content-type": "application/json"
},
"multiValueHeaders": {
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/parameters's changelog.

2.27.0 (2025-09-24)

Bug Fixes

• batch fixed the build issue with Batch processor due to missing dependencies (#4498) (ef67b43)
• event-handler fixed CORS behaviour not aligned with CORS spec (#4512) (dd368fa)
• event-handler run global middleware on all requests for REST API (#4507) (49d5f8a)

Improvements

• event-handler rename HttpErrorCodes to HttpStatusCodes (#4543) (e53aa88)
• event-handler made error handler responses versatile (#4536) (f08b366)
• event-handler changed path parameter in middleware and routehandler signature (#4532) (278fca0)
• event-handler change the Middleware and RequestContext signatures (#4530) (a05c074)

Features

• event-handler implemented route prefixes in HTTP event handler (#4523) (8913854)
• event-handler throw error when middleware does not await next() (#4511) (b0b43e8)
• event-handler add CORS middleware support (#4477) (972cd1f)
• event-handler added compress middleware for the REST API event handler (#4495) (320e0dc)

Commits

• f38af1d chore(ci): bump version to 2.27.0 (#4544)
• 72cf1cd docs(event-handler): update to new APIs before release (#4542)
• e53aa88 improv(event-handler): rename HttpErrorCodes to HttpStatusCodes (#4543)
• 3d1255c docs(idempotency): fix dataKeywordArgument reference and remove unused test c...
• f08b366 improv(event-handler): made error handler responses versatile (#4536)
• fd156aa chore(ci): add registry-url to setup-node steps to fix Scorecard packagin...
• d281d46 chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4527)
• 278fca0 improv(event-handler): changed path parameter in middleware and routehandler ...
• 7ea49c7 chore(deps): bump the aws-sdk-v3 group across 1 directory with 62 updates (#4...
• a05c074 improv(event-handler): change the Middleware and RequestContext signatures (#...
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/logger from 2.26.1 to 2.27.0

Release notes

Sourced from @​aws-lambda-powertools/logger's releases.

v2.27.0

Summary

We're excited to announce an update to our Event Handler utility, featuring new middleware for CORS (Cross-Origin Resource Sharing) configuration and automatic response compression. We have also added support for Route Prefixes which allows you to avoid repeating a shared prefix in each route definition.

We've listened to your feedback and also made some slight changes to the type signature in the handlers to improve developer experience.

We have also made the error handlers more versatile by allowing a Response object or a JavaScript object to be returned from the error handler.

⭐ Congratulations @​guillemcomerma for their first PR merged in the project, and thank you to @​shrivarshapoojari and @​dani-abib for their contributions 🎉

CORS Middleware

Docs

The CORS middleware ensures CORS headers are returned as part of the response when your functions match the path invoked and the Origin matches one of the allowed values.

import { Router } from '@aws-lambda-powertools/event-handler/experimental-rest';
import { cors } from '@aws-lambda-powertools/event-handler/experimental-rest/middleware';
import type { Context } from 'aws-lambda';
const app = new Router();
app.use(
cors({
origin: 'https://example.com',
maxAge: 300,
})
);
app.get('/todos/:todoId', async ({ params: { todoId } }) => {
const todo = await getTodoById(todoId);
return { todo };
});
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);
/**
When invoked from a valid origin, this returns:
{
"statusCode": 200,
"headers": {
"access-control-allow-credentials": "false",
"access-control-allow-origin": "https://example.com",
"content-type": "application/json"
},
"multiValueHeaders": {
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/logger's changelog.

2.27.0 (2025-09-24)

Bug Fixes

• batch fixed the build issue with Batch processor due to missing dependencies (#4498) (ef67b43)
• event-handler fixed CORS behaviour not aligned with CORS spec (#4512) (dd368fa)
• event-handler run global middleware on all requests for REST API (#4507) (49d5f8a)

Improvements

• event-handler rename HttpErrorCodes to HttpStatusCodes (#4543) (e53aa88)
• event-handler made error handler responses versatile (#4536) (f08b366)
• event-handler changed path parameter in middleware and routehandler signature (#4532) (278fca0)
• event-handler change the Middleware and RequestContext signatures (#4530) (a05c074)

Features

• event-handler implemented route prefixes in HTTP event handler (#4523) (8913854)
• event-handler throw error when middleware does not await next() (#4511) (b0b43e8)
• event-handler add CORS middleware support (#4477) (972cd1f)
• event-handler added compress middleware for the REST API event handler (#4495) (320e0dc)

Commits

• f38af1d chore(ci): bump version to 2.27.0 (#4544)
• 72cf1cd docs(event-handler): update to new APIs before release (#4542)
• e53aa88 improv(event-handler): rename HttpErrorCodes to HttpStatusCodes (#4543)
• 3d1255c docs(idempotency): fix dataKeywordArgument reference and remove unused test c...
• f08b366 improv(event-handler): made error handler responses versatile (#4536)
• fd156aa chore(ci): add registry-url to setup-node steps to fix Scorecard packagin...
• d281d46 chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4527)
• 278fca0 improv(event-handler): changed path parameter in middleware and routehandler ...
• 7ea49c7 chore(deps): bump the aws-sdk-v3 group across 1 directory with 62 updates (#4...
• a05c074 improv(event-handler): change the Middleware and RequestContext signatures (#...
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/metrics from 2.26.1 to 2.27.0

Release notes

Sourced from @​aws-lambda-powertools/metrics's releases.

v2.27.0

Summary

We're excited to announce an update to our Event Handler utility, featuring new middleware for CORS (Cross-Origin Resource Sharing) configuration and automatic response compression. We have also added support for Route Prefixes which allows you to avoid repeating a shared prefix in each route definition.

We've listened to your feedback and also made some slight changes to the type signature in the handlers to improve developer experience.

We have also made the error handlers more versatile by allowing a Response object or a JavaScript object to be returned from the error handler.

⭐ Congratulations @​guillemcomerma for their first PR merged in the project, and thank you to @​shrivarshapoojari and @​dani-abib for their contributions 🎉

CORS Middleware

Docs

The CORS middleware ensures CORS headers are returned as part of the response when your functions match the path invoked and the Origin matches one of the allowed values.

import { Router } from '@aws-lambda-powertools/event-handler/experimental-rest';
import { cors } from '@aws-lambda-powertools/event-handler/experimental-rest/middleware';
import type { Context } from 'aws-lambda';
const app = new Router();
app.use(
cors({
origin: 'https://example.com',
maxAge: 300,
})
);
app.get('/todos/:todoId', async ({ params: { todoId } }) => {
const todo = await getTodoById(todoId);
return { todo };
});
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);
/**
When invoked from a valid origin, this returns:
{
"statusCode": 200,
"headers": {
"access-control-allow-credentials": "false",
"access-control-allow-origin": "https://example.com",
"content-type": "application/json"
},
"multiValueHeaders": {
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/metrics's changelog.

2.27.0 (2025-09-24)

Bug Fixes

• batch fixed the build issue with Batch processor due to missing dependencies (#4498) (ef67b43)
• event-handler fixed CORS behaviour not aligned with CORS spec (#4512) (dd368fa)
• event-handler run global middleware on all requests for REST API (#4507) (49d5f8a)

Improvements

• event-handler rename HttpErrorCodes to HttpStatusCodes (#4543) (e53aa88)
• event-handler made error handler responses versatile (#4536) (f08b366)
• event-handler changed path parameter in middleware and routehandler signature (#4532) (278fca0)
• event-handler change the Middleware and RequestContext signatures (#4530) (a05c074)

Features

• event-handler implemented route prefixes in HTTP event handler (#4523) (8913854)
• event-handler throw error when middleware does not await next() (#4511) (b0b43e8)
• event-handler add CORS middleware support (#4477) (972cd1f)
• event-handler added compress middleware for the REST API event handler (#4495) (320e0dc)

Commits

• f38af1d chore(ci): bump version to 2.27.0 (#4544)
• 72cf1cd docs(event-handler): update to new APIs before release (#4542)
• e53aa88 improv(event-handler): rename HttpErrorCodes to HttpStatusCodes (#4543)
• 3d1255c docs(idempotency): fix dataKeywordArgument reference and remove unused test c...
• f08b366 improv(event-handler): made error handler responses versatile (#4536)
• fd156aa chore(ci): add registry-url to setup-node steps to fix Scorecard packagin...
• d281d46 chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4527)
• 278fca0 improv(event-handler): changed path parameter in middleware and routehandler ...
• 7ea49c7 chore(deps): bump the aws-sdk-v3 group across 1 directory with 62 updates (#4...
• a05c074 improv(event-handler): change the Middleware and RequestContext signatures (#...
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/tracer from 2.26.1 to 2.27.0

Release notes

Sourced from @​aws-lambda-powertools/tracer's releases.

v2.27.0

Summary

We're excited to announce an update to our Event Handler utility, featuring new middleware for CORS (Cross-Origin Resource Sharing) configuration and automatic response compression. We have also added support for Route Prefixes which allows you to avoid repeating a shared prefix in each route definition.

We've listened to your feedback and also made some slight changes to the type signature in the handlers to improve developer experience.

We have also made the error handlers more versatile by allowing a Response object or a JavaScript object to be returned from the error handler.

⭐ Congratulations @​guillemcomerma for their first PR merged in the project, and thank you to @​shrivarshapoojari and @​dani-abib for their contributions 🎉

CORS Middleware

Docs

The CORS middleware ensures CORS headers are returned as part of the response when your functions match the path invoked and the Origin matches one of the allowed values.

import { Router } from '@aws-lambda-powertools/event-handler/experimental-rest';
import { cors } from '@aws-lambda-powertools/event-handler/experimental-rest/middleware';
import type { Context } from 'aws-lambda';
const app = new Router();
app.use(
cors({
origin: 'https://example.com',
maxAge: 300,
})
);
app.get('/todos/:todoId', async ({ params: { todoId } }) => {
const todo = await getTodoById(todoId);
return { todo };
});
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);
/**
When invoked from a valid origin, this returns:
{
"statusCode": 200,
"headers": {
"access-control-allow-credentials": "false",
"access-control-allow-origin": "https://example.com",
"content-type": "application/json"
},
"multiValueHeaders": {
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/tracer's changelog.

2.27.0 (2025-09-24)

Bug Fixes

• batch fixed the build issue with Batch processor due to missing dependencies (#4498) (ef67b43)
• event-handler fixed CORS behaviour not aligned with CORS spec (#4512) (dd368fa)
• event-handler run global middleware on all requests for REST API (#4507) (49d5f8a)

Improvements

• event-handler rename HttpErrorCodes to HttpStatusCodes (#4543) (e53aa88)
• event-handler made error handler responses versatile (#4536) (f08b366)
• event-handler changed path parameter in middleware and routehandler signature (#4532) (278fca0)
• event-handler change the Middleware and RequestContext signatures (#4530) (a05c074)

Features

• event-handler implemented route prefixes in HTTP event handler (#4523) (8913854)
• event-handler throw error when middleware does not await next() (#4511) (b0b43e8)
• event-handler add CORS middleware support (#4477) (972cd1f)
• event-handler added compress middleware for the REST API event handler (#4495) (320e0dc)

Commits

• f38af1d chore(ci): bump version to 2.27.0 (#4544)
• 72cf1cd docs(event-handler): update to new APIs before release (#4542)
• e53aa88 improv(event-handler): rename HttpErrorCodes to HttpStatusCodes (#4543)
• 3d1255c docs(idempotency): fix dataKeywordArgument reference and remove unused test c...
• f08b366 improv(event-handler): made error handler responses versatile (#4536)
• fd156aa chore(ci): add registry-url to setup-node steps to fix Scorecard packagin...
• d281d46 chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4527)
• 278fca0 improv(event-handler): changed path parameter in middleware and routehandler ...
• 7ea49c7 chore(deps): bump the aws-sdk-v3 group across 1 directory with 62 updates (#4...
• a05c074 improv(event-handler): change the Middleware and RequestContext signatures (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@aws-lambda-powertools/parameters	^2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	^2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	^2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	^2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/commons	2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/parameters	2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	2.27.0	🟢 9.3	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing SAST 🟢 10 SAST tool is run on all commits Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/libs/aws-powertools-util/package.json
• lambdas/yarn.lock