fix(lambda): bump the aws-powertools group in /lambdas with 4 updates

[dependabot]

Bumps the aws-powertools group in /lambdas with 4 updates: @aws-lambda-powertools/parameters, @aws-lambda-powertools/logger, @aws-lambda-powertools/metrics and @aws-lambda-powertools/tracer.

Updates @aws-lambda-powertools/parameters from 2.30.1 to 2.30.2

Release notes

Sourced from @​aws-lambda-powertools/parameters's releases.

v2.30.2

Summary

In this release we have added Middy v7 middleware compatibility which enables developers using Middy to use Durable functions, Tenant isolation mode, and multi-concurrency on Lambda Managed Instances.

We have also now added a new tenantId property by default for tenant identification in all log entries, making it easier to filter and trace logs across different tenants in your Lambda functions.

⭐ Special thanks to @​coderbyheart for their first PR merged in the project 🎉

Changes

• feat: allow @​middy/core v7 (#4918) by @​coderbyheart
• feat(logger): add tenantId to logger default properties (#4931) by @​kawaaaas
• improv(ci): Added environment suffix to prevent artefact name conflict (#4921) by @​sdangol

📜 Documentation updates

• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• improv(docs): added a note for customers migrating from BatchProcessorSync to BatchProcessor (#4926) by @​sdangol
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

🔧 Maintenance

• chore(batch): remove invoke store global namespace workaround (#4932) by @​svozza
• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• feat: remove baseUrl from TypeScript configurations for future compiler compatibility (#4925) by @​dreamorosi
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

This release was made possible by the following contributors:

@​coderbyheart, @​dependabot[bot], @​dreamorosi, @​github-actions[bot], @​kawaaaas, @​sdangol, @​svozza, dependabot[bot] and github-actions[bot]

Changelog

Sourced from @​aws-lambda-powertools/parameters's changelog.

2.30.2 (2026-01-12)

Features

• logger add tenantId to logger default properties (#4931) (2e3e867)

Maintenance

• batch remove invoke store global namespace workaround (#4932) (8e93ec3)

Commits

• 48a557d chore(ci): bump version to 2.30.2 (#4937)
• 8e93ec3 chore(batch): remove invoke store global namespace workaround (#4932)
• 2e3e867 feat(logger): add tenantId to logger default properties (#4931)
• 5544ce0 chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927)
• 6239b19 improv(docs): added a note for customers migrating from BatchProcessorSync ...
• e83509f feat: remove baseUrl from TypeScript configurations for future compiler compa...
• 74bf4c6 feat: allow @​middy/core v7 (#4918)
• f7c1001 chore(ci): update layer ARN on documentation (#4917)
• a0c0ffc improv(docs): updated the Maintainer's Playbook with the updated CI process (...
• 7f84229 improv(ci): Added environment suffix to prevent artefact name conflict (#4921)
• See full diff in compare view

Updates @aws-lambda-powertools/logger from 2.30.1 to 2.30.2

Release notes

Sourced from @​aws-lambda-powertools/logger's releases.

v2.30.2

Summary

In this release we have added Middy v7 middleware compatibility which enables developers using Middy to use Durable functions, Tenant isolation mode, and multi-concurrency on Lambda Managed Instances.

We have also now added a new tenantId property by default for tenant identification in all log entries, making it easier to filter and trace logs across different tenants in your Lambda functions.

⭐ Special thanks to @​coderbyheart for their first PR merged in the project 🎉

Changes

• feat: allow @​middy/core v7 (#4918) by @​coderbyheart
• feat(logger): add tenantId to logger default properties (#4931) by @​kawaaaas
• improv(ci): Added environment suffix to prevent artefact name conflict (#4921) by @​sdangol

📜 Documentation updates

• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• improv(docs): added a note for customers migrating from BatchProcessorSync to BatchProcessor (#4926) by @​sdangol
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

🔧 Maintenance

• chore(batch): remove invoke store global namespace workaround (#4932) by @​svozza
• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• feat: remove baseUrl from TypeScript configurations for future compiler compatibility (#4925) by @​dreamorosi
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

This release was made possible by the following contributors:

@​coderbyheart, @​dependabot[bot], @​dreamorosi, @​github-actions[bot], @​kawaaaas, @​sdangol, @​svozza, dependabot[bot] and github-actions[bot]

Changelog

Sourced from @​aws-lambda-powertools/logger's changelog.

2.30.2 (2026-01-12)

Features

• logger add tenantId to logger default properties (#4931) (2e3e867)

Maintenance

• batch remove invoke store global namespace workaround (#4932) (8e93ec3)

Commits

• 48a557d chore(ci): bump version to 2.30.2 (#4937)
• 8e93ec3 chore(batch): remove invoke store global namespace workaround (#4932)
• 2e3e867 feat(logger): add tenantId to logger default properties (#4931)
• 5544ce0 chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927)
• 6239b19 improv(docs): added a note for customers migrating from BatchProcessorSync ...
• e83509f feat: remove baseUrl from TypeScript configurations for future compiler compa...
• 74bf4c6 feat: allow @​middy/core v7 (#4918)
• f7c1001 chore(ci): update layer ARN on documentation (#4917)
• a0c0ffc improv(docs): updated the Maintainer's Playbook with the updated CI process (...
• 7f84229 improv(ci): Added environment suffix to prevent artefact name conflict (#4921)
• See full diff in compare view

Updates @aws-lambda-powertools/metrics from 2.30.1 to 2.30.2

Release notes

Sourced from @​aws-lambda-powertools/metrics's releases.

v2.30.2

Summary

In this release we have added Middy v7 middleware compatibility which enables developers using Middy to use Durable functions, Tenant isolation mode, and multi-concurrency on Lambda Managed Instances.

We have also now added a new tenantId property by default for tenant identification in all log entries, making it easier to filter and trace logs across different tenants in your Lambda functions.

⭐ Special thanks to @​coderbyheart for their first PR merged in the project 🎉

Changes

• feat: allow @​middy/core v7 (#4918) by @​coderbyheart
• feat(logger): add tenantId to logger default properties (#4931) by @​kawaaaas
• improv(ci): Added environment suffix to prevent artefact name conflict (#4921) by @​sdangol

📜 Documentation updates

• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• improv(docs): added a note for customers migrating from BatchProcessorSync to BatchProcessor (#4926) by @​sdangol
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

🔧 Maintenance

• chore(batch): remove invoke store global namespace workaround (#4932) by @​svozza
• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• feat: remove baseUrl from TypeScript configurations for future compiler compatibility (#4925) by @​dreamorosi
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

This release was made possible by the following contributors:

@​coderbyheart, @​dependabot[bot], @​dreamorosi, @​github-actions[bot], @​kawaaaas, @​sdangol, @​svozza, dependabot[bot] and github-actions[bot]

Changelog

Sourced from @​aws-lambda-powertools/metrics's changelog.

2.30.2 (2026-01-12)

Features

• logger add tenantId to logger default properties (#4931) (2e3e867)

Maintenance

• batch remove invoke store global namespace workaround (#4932) (8e93ec3)

Commits

• 48a557d chore(ci): bump version to 2.30.2 (#4937)
• 8e93ec3 chore(batch): remove invoke store global namespace workaround (#4932)
• 2e3e867 feat(logger): add tenantId to logger default properties (#4931)
• 5544ce0 chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927)
• 6239b19 improv(docs): added a note for customers migrating from BatchProcessorSync ...
• e83509f feat: remove baseUrl from TypeScript configurations for future compiler compa...
• 74bf4c6 feat: allow @​middy/core v7 (#4918)
• f7c1001 chore(ci): update layer ARN on documentation (#4917)
• a0c0ffc improv(docs): updated the Maintainer's Playbook with the updated CI process (...
• 7f84229 improv(ci): Added environment suffix to prevent artefact name conflict (#4921)
• See full diff in compare view

Updates @aws-lambda-powertools/tracer from 2.30.1 to 2.30.2

Release notes

Sourced from @​aws-lambda-powertools/tracer's releases.

v2.30.2

Summary

In this release we have added Middy v7 middleware compatibility which enables developers using Middy to use Durable functions, Tenant isolation mode, and multi-concurrency on Lambda Managed Instances.

We have also now added a new tenantId property by default for tenant identification in all log entries, making it easier to filter and trace logs across different tenants in your Lambda functions.

⭐ Special thanks to @​coderbyheart for their first PR merged in the project 🎉

Changes

• feat: allow @​middy/core v7 (#4918) by @​coderbyheart
• feat(logger): add tenantId to logger default properties (#4931) by @​kawaaaas
• improv(ci): Added environment suffix to prevent artefact name conflict (#4921) by @​sdangol

📜 Documentation updates

• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• improv(docs): added a note for customers migrating from BatchProcessorSync to BatchProcessor (#4926) by @​sdangol
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

🔧 Maintenance

• chore(batch): remove invoke store global namespace workaround (#4932) by @​svozza
• chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927) by @dependabot[bot]
• feat: remove baseUrl from TypeScript configurations for future compiler compatibility (#4925) by @​dreamorosi
• improv(docs): updated the Maintainer's Playbook with the updated CI process (#4922) by @​sdangol

This release was made possible by the following contributors:

@​coderbyheart, @​dependabot[bot], @​dreamorosi, @​github-actions[bot], @​kawaaaas, @​sdangol, @​svozza, dependabot[bot] and github-actions[bot]

Changelog

Sourced from @​aws-lambda-powertools/tracer's changelog.

2.30.2 (2026-01-12)

Features

• logger add tenantId to logger default properties (#4931) (2e3e867)

Maintenance

• batch remove invoke store global namespace workaround (#4932) (8e93ec3)

Commits

• 48a557d chore(ci): bump version to 2.30.2 (#4937)
• 8e93ec3 chore(batch): remove invoke store global namespace workaround (#4932)
• 2e3e867 feat(logger): add tenantId to logger default properties (#4931)
• 5544ce0 chore(deps): bump urllib3 from 2.6.0 to 2.6.3 in /docs (#4927)
• 6239b19 improv(docs): added a note for customers migrating from BatchProcessorSync ...
• e83509f feat: remove baseUrl from TypeScript configurations for future compiler compa...
• 74bf4c6 feat: allow @​middy/core v7 (#4918)
• f7c1001 chore(ci): update layer ARN on documentation (#4917)
• a0c0ffc improv(docs): updated the Maintainer's Playbook with the updated CI process (...
• 7f84229 improv(ci): Added environment suffix to prevent artefact name conflict (#4921)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@aws-lambda-powertools/parameters	^2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	^2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	^2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	^2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/commons	2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/parameters	2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	2.30.2	🟢 9.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Dependency-Update-Tool 🟢 10 update tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws/lambda-invoke-store	0.2.3	Unknown	Unknown

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/libs/aws-powertools-util/package.json
• lambdas/yarn.lock