build(deps): bump the production-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates in the / directory: @aws-sdk/client-dynamodb, @aws-sdk/client-secrets-manager and viem.

Updates @aws-sdk/client-dynamodb from 3.975.0 to 3.980.0

Release notes

Sourced from @​aws-sdk/client-dynamodb's releases.

v3.980.0

3.980.0(2026-01-30)

Chores

• use yarn workspace versioning for monorepo packages (#7693) (b951130e)

New Features

• clients: update client endpoints as of 2026-01-30 (11699137)
• client-quicksight: Improve SessionTag usage guidelines in the GenerateEmbedURLForAnonymousUser API documentation. Update the GetIdentityContext document with the region support context. (cf53c93f)
• client-connect: This release adds Estimated Wait Time support to the GetContactMetrics API for Amazon Connect. (e7dbc0a5)

---

For list of updated packages, view updated-packages.md in assets-3.980.0.zip

v3.979.0

3.979.0(2026-01-29)

New Features

• client-gamelift: Amazon GameLift Servers now supports automatic scaling to and from zero instances based on game session activity. Fleets scale down to zero following a defined period of no game session activity and scale up from zero when game sessions are requested, providing an option for cost optimization. (6b625f59)
• client-ec2: G7e instances feature up to 8 NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs with 768 GB of memory and 5th generation Intel Xeon Scalable processors. Supporting up to 192 vCPUs, 1600 Gbps networking bandwidth with EFA, up to 2 TiB of system memory, and up to 15.2 TB of local NVMe SSD storage. (5678db81)

Bug Fixes

• credential-provider-node: open credential provider lock after failed chain (#7692) (2320c7c0)

---

For list of updated packages, view updated-packages.md in assets-3.979.0.zip

v3.978.0

3.978.0(2026-01-28)

Chores

• codegen:
  • smithy-typescript-aws-codegen release 0.43.0 (#7688) (f597b045)
  • update for aggregated paginators and waiters (#7685) (024c0731)

New Features

• client-s3-control: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (8248439e)
• client-mediaconvert: This release adds a follow source mode for audio output channel count, an AES audio frame wrapping option for MXF outputs, and an option to signal DolbyVision compatibility using the SUPPLEMENTAL-CODECS tag in HLS manifests. (9ee45457)
• client-cognito-identity-provider: This release adds support for a new lambda trigger to transform federated user attributes during the authentication with external identity providers on Cognito Managed Login. (a291daef)
• client-connect: Adds support for filtering search results based on tags assigned to contacts. (c3e7a41b)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-dynamodb's changelog.

3.980.0 (2026-01-30)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.978.0 (2026-01-28)

Note: Version bump only for package @​aws-sdk/client-dynamodb

Commits

• 0306270 Publish v3.980.0
• b951130 chore: use yarn workspace versioning for monorepo packages (#7693)
• a1794f7 Publish v3.978.0
• 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
• See full diff in compare view

Updates @aws-sdk/client-secrets-manager from 3.975.0 to 3.980.0

Release notes

Sourced from @​aws-sdk/client-secrets-manager's releases.

v3.980.0

3.980.0(2026-01-30)

Chores

• use yarn workspace versioning for monorepo packages (#7693) (b951130e)

New Features

• clients: update client endpoints as of 2026-01-30 (11699137)
• client-quicksight: Improve SessionTag usage guidelines in the GenerateEmbedURLForAnonymousUser API documentation. Update the GetIdentityContext document with the region support context. (cf53c93f)
• client-connect: This release adds Estimated Wait Time support to the GetContactMetrics API for Amazon Connect. (e7dbc0a5)

---

For list of updated packages, view updated-packages.md in assets-3.980.0.zip

v3.979.0

3.979.0(2026-01-29)

New Features

• client-gamelift: Amazon GameLift Servers now supports automatic scaling to and from zero instances based on game session activity. Fleets scale down to zero following a defined period of no game session activity and scale up from zero when game sessions are requested, providing an option for cost optimization. (6b625f59)
• client-ec2: G7e instances feature up to 8 NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs with 768 GB of memory and 5th generation Intel Xeon Scalable processors. Supporting up to 192 vCPUs, 1600 Gbps networking bandwidth with EFA, up to 2 TiB of system memory, and up to 15.2 TB of local NVMe SSD storage. (5678db81)

Bug Fixes

• credential-provider-node: open credential provider lock after failed chain (#7692) (2320c7c0)

---

For list of updated packages, view updated-packages.md in assets-3.979.0.zip

v3.978.0

3.978.0(2026-01-28)

Chores

• codegen:
  • smithy-typescript-aws-codegen release 0.43.0 (#7688) (f597b045)
  • update for aggregated paginators and waiters (#7685) (024c0731)

New Features

• client-s3-control: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (8248439e)
• client-mediaconvert: This release adds a follow source mode for audio output channel count, an AES audio frame wrapping option for MXF outputs, and an option to signal DolbyVision compatibility using the SUPPLEMENTAL-CODECS tag in HLS manifests. (9ee45457)
• client-cognito-identity-provider: This release adds support for a new lambda trigger to transform federated user attributes during the authentication with external identity providers on Cognito Managed Login. (a291daef)
• client-connect: Adds support for filtering search results based on tags assigned to contacts. (c3e7a41b)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-secrets-manager's changelog.

3.980.0 (2026-01-30)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.978.0 (2026-01-28)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

Commits

• 0306270 Publish v3.980.0
• b951130 chore: use yarn workspace versioning for monorepo packages (#7693)
• a1794f7 Publish v3.978.0
• 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
• See full diff in compare view

Updates viem from 2.45.0 to 2.45.1

Release notes

Sourced from viem's releases.

viem@2.45.1

Patch Changes

• #4273 bf3f117aa4d6a4693af29894b1c27e130623cbc7 Thanks @​nicodlz! - Added Subtensor EVM chain.

• #4272 a3a4ff9a25c8f31d3caef533d3d100cf22c1ea5e Thanks @​matzapata! - Added Alpen Testnet

• #4228 26ffdfbef41e08a4d6837051eda615fb659c2c31 Thanks @​sakulstra! - Improved performance in parseEventLogs by memoizing.

• #4275 ea8398b80c6fa90747e979d959c32e276bdd43e1 Thanks @​GiovaniGuizzo! - Added KiiChain mainnet chain definition

• #4259 1ae28c2a9acb55b8fc599643549a52ec71a02e72 Thanks @​cruzdanilo! - Fixed error decoding in simulateBlocks when RPC returns revert data in returnData instead of error.data.

• #4260 1f2a1839c201a2f5b97bddf26d605fb0394cdbd7 Thanks @​akitothemoon! - Added Horizen Testnet.

• 4fe411bd4231ec0a89159723ec68fcfe13c10071 Thanks @​jxom! - Added nonce and faucet.fundSync actions to decorator.

Commits

• 2ec2006 chore: lockfile
• 9ad3224 chore: audit
• 2c9e270 Version Packages (#4285)
• d2faf08 test: add nonce to Decorator snapshot
• 47b7c99 chore: add resolveJsonModule, remove docs deploy on push
• 9647f61 chore: exclude site/snippets from type checks
• 5419362 chore: up snaps
• 9fbd836 chore: audit
• 4fe411b feat(tempo): add nonce and faucet.fundSync actions to decorator
• 4a23afc ci(tmp): disable deployed tempo
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@aws-sdk/client-dynamodb	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/client-secrets-manager	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/client-sso	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/core	3.973.7	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-env	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-http	3.972.7	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-ini	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-login	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-node	3.972.6	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-process	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-sso	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/credential-provider-web-identity	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/dynamodb-codec	3.972.8	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/middleware-endpoint-discovery	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/middleware-host-header	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/middleware-logger	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/middleware-recursion-detection	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/middleware-user-agent	3.972.7	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/nested-clients	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/region-config-resolver	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/token-providers	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/util-endpoints	3.985.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/util-user-agent-browser	3.972.3	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/util-user-agent-node	3.972.5	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@aws-sdk/xml-builder	3.972.4	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 36 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed
npm/@smithy/core	3.22.1	Unknown	Unknown
npm/@smithy/middleware-endpoint	4.4.13	Unknown	Unknown
npm/@smithy/middleware-retry	4.4.30	Unknown	Unknown
npm/@smithy/node-http-handler	4.4.9	Unknown	Unknown
npm/@smithy/smithy-client	4.11.2	Unknown	Unknown
npm/@smithy/util-defaults-mode-browser	4.3.29	Unknown	Unknown
npm/@smithy/util-defaults-mode-node	4.2.32	Unknown	Unknown
npm/@smithy/util-stream	4.5.11	Unknown	Unknown
npm/fast-xml-parser	5.3.4	🟢 5.7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 8 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 3 Found 9/30 approved changesets -- score normalized to 3 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/viem	2.45.2	Unknown	Unknown

Scanned Files

• yarn.lock