chore(deps-dev): bump @guardian/cdk from 62.4.0 to 63.2.0

[dependabot]

Bumps @guardian/cdk from 62.4.0 to 63.2.0.

Release notes

Sourced from @​guardian/cdk's releases.

v63.2.0

Minor Changes

• ac2348e: Fix warnings around childProcess.spawn and shell: true.

Patch Changes

• bc0f9b8: Bump the Cognito auth lambda runtime from PROVIDED_AL2 (deprecated) to PROVIDED_AL2023 in the GuEc2App pattern. No client changes needed.

v63.1.0

Minor Changes

• 3b98fea: Minor improvements to the GuDeveloperPolicy class to make it more intuitive for users.
  • path includes source repo name to help map the policy back from AWS to its source codebase.
  • path includes stack and stage as we have nowhere else to find it and this can help with identification.
  • friendlyName is now a required attribute that maps to the managed policy's description.
  • The policy must have at least one statement.
  • permission attribute is now called grantId to match with the corresponding Janus structure.

v63.0.1

Patch Changes

• 1ff04c8: Introduce a withoutPolicyChecks flag to GuDeveloperPolicy properties so that the check can be turned off.

  Provide instructions for use of that flag in the "overbroad" action/resource error text.

  This enables teams to use fully wildcarded actions and resources when needed, but also provides information in cloudformation metadata to allow us to track the usage of that switch in order to study how often this is needed.

v63.0.0

Major Changes

• c6e30e1: Support generating multiple riff-raff.yaml files. To do this, set the riffRaffProjectName property of a GuStack. This is helpful in a few scenarios, for example if you have a singleton (INFRA) stack, and CODE/PROD application stacks.

  In the following, two files will be produced:

  • /path/to/cdk.out/deploy::core-infra/riff-raff.yaml
  • /path/to/cdk.out/deploy::my-app/riff-raff.yaml

  class MyCoreInfraStack extends GuStack {}
  class MyApplicationStack extends GuStack {}
  new MyCoreInfraStack(app, "MyCoreInfra", {
  stack: "deploy",
  stage: "INFRA",
  env: { region: "eu-west-1" },

... (truncated)

Changelog

Sourced from @​guardian/cdk's changelog.

63.2.0

Minor Changes

• ac2348e: Fix warnings around childProcess.spawn and shell: true.

Patch Changes

• bc0f9b8: Bump the Cognito auth lambda runtime from PROVIDED_AL2 (deprecated) to PROVIDED_AL2023 in the GuEc2App pattern. No client changes needed.

63.1.0

Minor Changes

• 3b98fea: Minor improvements to the GuDeveloperPolicy class to make it more intuitive for users.
  • path includes source repo name to help map the policy back from AWS to its source codebase.
  • path includes stack and stage as we have nowhere else to find it and this can help with identification.
  • friendlyName is now a required attribute that maps to the managed policy's description.
  • The policy must have at least one statement.
  • permission attribute is now called grantId to match with the corresponding Janus structure.

63.0.1

Patch Changes

• 1ff04c8: Introduce a withoutPolicyChecks flag to GuDeveloperPolicy properties so that the check can be turned off.

  Provide instructions for use of that flag in the "overbroad" action/resource error text.

  This enables teams to use fully wildcarded actions and resources when needed, but also provides information in cloudformation metadata to allow us to track the usage of that switch in order to study how often this is needed.

63.0.0

Major Changes

• c6e30e1: Support generating multiple riff-raff.yaml files. To do this, set the riffRaffProjectName property of a GuStack. This is helpful in a few scenarios, for example if you have a singleton (INFRA) stack, and CODE/PROD application stacks.

  In the following, two files will be produced:

  • /path/to/cdk.out/deploy::core-infra/riff-raff.yaml
  • /path/to/cdk.out/deploy::my-app/riff-raff.yaml

  class MyCoreInfraStack extends GuStack {}
  class MyApplicationStack extends GuStack {}
  new MyCoreInfraStack(app, "MyCoreInfra", {

... (truncated)

Commits

• 9f82805 Merge pull request #2889 from guardian/changeset-release/main
• 230b0b8 Bump package version
• bc0f9b8 Bump auth lambda runtime to Amazon Linux 2023 (#2888)
• ac2348e Pass shell: false to childProcess.spawn (#2887)
• 5600e5e Merge pull request #2876 from guardian/dependabot/github_actions/github-actio...
• 95fb5c4 chore(deps): bump the github-actions group with 2 updates
• b567f12 Bump package version (#2884)
• 468e5c4 Disable workflow schedule (#2859)
• 3b98fea feat: Usability improvements to GuDeveloperPolicy (#2862)
• fff5260 Bump package version (#2881)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Deploy build 618 of playground::example-typescript-lambda to CODE

All deployment options

• Deploy build 618 of playground::example-typescript-lambda to CODE
• Deploy parts of build 618 to CODE by previewing it first
• What's on CODE right now?

---

From guardian/actions-riff-raff.