Skip to content

[Snyk] Upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0#13422

Closed
Mmarzex wants to merge 1 commit intomainfrom
snyk-upgrade-fcfc144f9447ce105a6bdb4a6486c089
Closed

[Snyk] Upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0#13422
Mmarzex wants to merge 1 commit intomainfrom
snyk-upgrade-fcfc144f9447ce105a6bdb4a6486c089

Conversation

@Mmarzex
Copy link
Copy Markdown
Contributor

@Mmarzex Mmarzex commented Mar 25, 2026
edited by cursor bot
Loading

snyk-top-banner

Snyk has created this PR to upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 20 versions ahead of your current version.

  • The recommended version was released 21 days ago.

Release notes
Package name: @aws-sdk/client-s3
  • 3.1001.0 - 2026-03-03

    3.1001.0(2026-03-03)

    Chores
    • codegen: upgrade smithy 1.68.0 (#7806) (ab9e7759)
    • util-user-agent-node: read typescript package.json version from process.cwd() (#7802) (d1523943)
    • scripts: script for setting * versions in workspace (#7805) (8cc388f2)
    • ci: run test-codegen as part of CI (#7795) (ae35327a)
    • deps: bump fast-xml-parser from 5.3.6 to 5.4.1 (#7796) (c0dac298)
    New Features
    • clients: update client endpoints as of 2026-03-03 (f0635119)
    • client-bedrock-agentcore-control: Support for AgentCore Policy GA (b71557c8)
    • client-cloudwatch-logs: CloudWatch Logs updates- Added support for the PutBearerTokenAuthentication API to enable or disable bearer token authentication on a log group. For more information, see CloudWatch Logs API documentation. (4efe87a3)
    • client-datazone: Adding QueryGraph operation to DataZone SDK (5aaa6300)
    • client-sagemaker: This release adds b300 and g7e instance types for SageMaker inference endpoints. (823258f2)
    • client-partnercentral-channel: Adds the Resold Unified Operations support plan and removes the Resold Business support plan in the CreateRelationship and UpdateRelationship APIs (d87cfc94)
    Bug Fixes
    • util-user-agent-node: validate typescript version for semver and strip metadata (#7799) (f5a49a13)

    For list of updated packages, view updated-packages.md in assets-3.1001.0.zip

  • 3.1000.0 - 2026-02-27

    3.1000.0(2026-02-27)

    New Features
    • client-arc-region-switch: Post-Recovery Workflows enable customers to maintain comprehensive disaster recovery automation. This allows customer SREs and leadership to have complete recovery orchestration from failover through post-recovery preparation, ensuring Regions remain ready for subsequent recovery events. (3abb5202)
    • client-keyspacesstreams: Added support for Change Data Capture (CDC) streams with Duration DataType. (59b94328)
    • client-batch: This feature allows customers to specify the minimum time (in minutes) that AWS Batch keeps instances running in a compute environment after all jobs on the instance complete (25f4947a)
    • client-cognito-identity-provider: Cognito is introducing a two-secret rotation model for app clients, enabling seamless credential rotation without downtime. Dedicated APIs support passing in a custom secret. Custom secrets need to be at least 24 characters. This eliminates reconfiguration needs and reduces security risks. (582a3813)
    • client-bedrock: Added four new model lifecycle date fields, startOfLifeTime, endOfLifeTime, legacyTime, and publicExtendedAccessTime. Adds support for using the Converse API with Bedrock Batch inference jobs. (29b1fe6d)
    • client-odb: ODB Networking Route Management is a feature improvement which allows for implicit creation and deletion of EC2 Routes in the Peer Network Route Table designated by the customer via new optional input. This feature release is combined with Multiple App-VPC functionality for ODB Network Peering(s). (d372d85d)
    • client-customer-profiles: This release introduces an optional SourcePriority parameter to the ProfileObjectType APIs, allowing you to control the precedence of object types when ingesting data from multiple sources. Additionally, WebAnalytics and Device have been added as new StandardIdentifier values. (6166dfb7)
    • client-connect: Deprecate EvaluationReviewMetadata's CreatedBy and CreatedTime, add EvaluationReviewMetadata's RequestedBy and RequestedTime (df058ded)
    • client-ram: Resource owners can now specify ResourceShareConfiguration request parameter for CreateResourceShare API including RetainSharingOnAccountLeaveOrganization boolean parameter (3cc0ca9d)
    • client-health: Updates the regex for validating availabilityZone strings used in the describe events filters. (eded08f6)
    • client-transcribe-streaming: AWS Transcribe Streaming now supports specifying a resumption window for the stream through the SessionResumeWindow parameter, allowing customers to reconnect to their streams for a longer duration beyond stream start time. (56168c57)
    Tests
    • clients: enable snapshots for small subset of clients (#7790) (822c995d)

    For list of updated packages, view updated-packages.md in assets-3.1000.0.zip

  • 3.999.0 - 2026-02-26

    3.999.0(2026-02-26)

    Chores
    New Features
    • client-securityhub: Security Hub added EXTENDED PLAN integration type to DescribeProductsV2 and added metadata.product.vendor name GroupBy support to GetFindingStatisticsV2 (1d1c9825)
    • client-ec2: Add c8id, m8id and hpc8a instance types. (f49cb0c1)
    • client-ecs: Adding support for Capacity Reservations for ECS Managed Instances by introducing a new "capacityOptionType" value of "RESERVED" and new field "capacityReservations" for CreateCapacityProvider and UpdateCapacityProvider APIs. (4a7cfd05)
    • client-marketplace-entitlement-service: Added License Arn as a new optional filter for GetEntitlements and LicenseArn field in each entitlement in the response. (b884b35b)
    • client-marketplace-metering: Added LicenseArn to ResolveCustomer response and BatchMeterUsage usage records. BatchMeterUsage now accepts LicenseArn in each UsageRecord to report usage at the license level. Added InvalidLicenseException error response for invalid license parameters. (f5f5c096)
    • client-backup-gateway: This release updates GetGateway API to include deprecationDate and softwareVersion in the response, enabling customers to track gateway software versions and upcoming deprecation dates. (9dd68ddc)
    • util-user-agent-node: populate typescript version in user agent when available (#7786) (0a5ab579)

    For list of updated packages, view updated-packages.md in assets-3.999.0.zip

  • 3.998.0 - 2026-02-25

    3.998.0(2026-02-25)

    Chores
    • scripts: use $npm_package_name in build:include:deps script (#7782) (6e324394)
    • codegen: sync for checksum algorithm extensions (#7781) (ae4f994f)
    Documentation Changes
    • client-batch: AWS Batch documentation update for service job capacity units. (2f11daa7)
    New Features
    • clients: update client endpoints as of 2026-02-25 (9bb005ef)
    • client-ec2: Add support for EC2 Capacity Blocks in Local Zones. (7029db2c)
    • client-ecr: Update repository name regex to comply with OCI Distribution Specification (fa176d37)
    • client-wafv2: AWS WAF now supports GetTopPathStatisticsByTraffic that provides aggregated statistics on the top URI paths accessed by bot traffic. Use this operation to see which paths receive the most bot traffic, identify the specific bots accessing them, and filter by category, organization, or bot name. (68165e55)
    • client-neptune: Neptune global clusters now supports tags (e3c73a0f)
    • middleware-flexible-checksums: allow custom checksum algorithm implementations (#7746) (34e99cdd)
    Tests

    For list of updated packages, view updated-packages.md in assets-3.998.0.zip

  • 3.997.0 - 2026-02-24

    3.997.0(2026-02-24)

    Chores
    • util-endpoints: update aws partitions.json (ba2bbcd3)
    • endpoints: update endpoints model (61dd47fe)
    • models: update API models (e3339290)
    • packages: use open version range for additional packages (#7774) (3f776c33)
    • codegen: sync for checksum stream backpressure (#7776) (14fc5717)
    New Features
    • clients: update client endpoints as of 2026-02-24 (3f22faa1)
    • client-observabilityadmin: Adding a new field in the CreateCentralizationRuleForOrganization, UpdateCentralizationRuleForOrganization API and updating the GetCentralizationRuleForOrganization API response to include the new field (7025fca9)
    • client-cloudwatch: This release adds the APIs (PutAlarmMuteRule, ListAlarmMuteRules, GetAlarmMuteRule and DeleteAlarmMuteRule) to manage a new Cloudwatch resource, AlarmMuteRules. AlarmMuteRules allow customers to temporarily mute alarm notifications during expected downtime periods. (cc014d1a)
    • client-elasticsearch-service: Fixed HTTP binding for DescribeDomainAutoTunes API to correctly pass request parameters as query parameters in the HTTP request. (aff0c5eb)
    • client-ec2: Adds httpTokensEnforced property to ModifyInstanceMetadataDefaults API. Set per account or manage organization-wide using declarative policies to prevent IMDSv1-enabled instance launch and block attempts to enable IMDSv1 on existing IMDSv2-only instances. (89d8e7e9)
    • client-medialive: AWS Elemental MediaLive - Added support for Elemental Inference for Smart Cropping and Clipping features for MediaLive. (967c712b)
    • client-partnercentral-selling: Added support for filtering opportunities by target close date in the ListOpportunities API. You can now filter results to return opportunities with a target close date before or after a specified date, enabling more precise opportunity searches based on expected closure timelines. (bf803227)
    • client-opensearch: Fixed HTTP binding for DescribeDomainAutoTunes API to correctly pass request parameters as query parameters in the HTTP request. (5aaa8bc9)
    • client-elementalinference: Initial GA launch for AWS Elemental Inference including capabilities of Smart Crop and Live Event Clipping (592e5a73)

    For list of updated packages, view updated-packages.md in assets-3.997.0.zip

  • 3.996.0 - 2026-02-23

    3.996.0(2026-02-23)

    Chores
    Documentation Changes
    • client-controlcatalog: Updated ExemptedPrincipalArns parameter documentation for improved accuracy (dd772c6d)
    New Features
    • clients: update client endpoints as of 2026-02-23 (02d83401)
    • client-wickr: AWS Wickr now provides APIs to manage your Wickr OpenTDF integration. These APIs enable you to test and save your OpenTDF configuration allowing you to manage rooms based on Trusted Data Format attributes. (750b4d86)
    • client-bedrock: Automated Reasoning checks in Amazon Bedrock Guardrails now support fidelity report generation. The new workflow type assesses policy coverage and accuracy against customer documents. The GetAutomatedReasoningPolicyBuildWorkflowResultAssets API adds support for the three new asset types. (3fe66102)
    • client-dynamodb: This change supports the creation of multi-account global tables. It adds one new arguments to UpdateTable, GlobalTableSettingsReplicationMode. (8e185cb4)
    • client-quicksight: Adds support for SEMISTRUCT to InputColumn Type (581e9ea9)
    • client-connectcases: SearchCases API can now accept 25 fields in the request and response as opposed to the previous limit of 10. DeleteField's hard limit of 100 fields per domain has been lifted. (21ae04f9)
    • client-mediatailor: Updated endpoint rule set for dualstack endpoints. Added a new opt-in option to log raw ad decision server requests for Playback Configurations. (3068c8ee)
    • client-datazone: Add workflow properties support to connections APIs (b76f82b3)
    Bug Fixes
    • core: handle empty error response body in AwsQuery protocol deserialization (#7766) (7d973147)
    • scripts: disable Rollup externalLiveBindings to fix Jest auto-mocking (#7767) (95d1cc6c)
    • protocols: handle missing error.Error in queryCompat mode (#7758) (15a27f99)
    Other Changes
    • build: revert - run partial package build prior to snapshot-write (#7768)" (#7775) (fb08e5f8)
    Tests

    For list of updated packages, view updated-packages.md in assets-3.996.0.zip

  • 3.995.0 - 2026-02-20

    3.995.0(2026-02-20)

    Chores
    • codegen: bump codegen version to 0.45.0 (#7752) (3c93f8ab)
    • util-user-agent-node: populate metadata of alternative JavaScript runtimes (#7754) (79d2c235)
    • make PR template checklist easier to edit (#7753) (be25ea35)
    New Features
    • clients: update client endpoints as of 2026-02-20 (aa23f1e0)
    • client-appstream: Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances. (72021889)
    • client-sagemaker-runtime: Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads. (edac3d73)
    • client-trustedadvisor: Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios. (2d4a1eb4)
    • client-ecs: Migrated to Smithy. No functional changes (20258a5f)
    • client-ssm: Add support for AssociationDispatchAssumeRole in AWS SSM State Manager. (83535fc8)
    • client-signer-data: This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs. (b03b059d)

    For list of updated packages, view updated-packages.md in assets-3.995.0.zip

  • 3.994.0 - 2026-02-19

    3.994.0(2026-02-19)

    Chores
    New Features
    • client-pca-connector-scep: AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately. (6ffd8f08)
    • client-bcm-dashboards: The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards. (4d6e1de7)
    • client-ecr: Adds multiple artifact types filter support in ListImageReferrers API. (9335ea37)

    For list of updated packages, view updated-packages.md in assets-3.994.0.zip

  • 3.993.0 - 2026-02-18

    3.993.0(2026-02-18)

    Chores
    Documentation Changes
    • client-connect: Correcting in-app notifications API documentation. (6220881a)
    New Features
    • clients: update client endpoints as of 2026-02-18 (c1adc9d8)
    • client-cleanrooms: This release adds support for federated catalogs in Athena-sourced configured tables. (f657502f)

    For list of updated packages, view updated-packages.md in assets-3.993.0.zip

  • 3.992.0 - 2026-02-17

    3.992.0(2026-02-17)

    New Features
    • clients: update client endpoints as of 2026-02-17 (72c78059)
    • client-ec2: Add Operator field to CreatePlacementGroup and DescribePlacementGroup APIs. (ccdf06ad)
    • client-rds: Adds support for the StorageEncryptionType field to specify encryption type for DB clusters, DB instances, snapshots, automated backups, and global clusters. (976ce193)
    • client-grafana: This release updates Amazon Managed Grafana's APIs to support customer managed KMS keys. (276a337c)
    • client-workspaces-web: Adds support for branding customization without requiring a custom wallpaper. (dce78467)

    For list of updated packages, view updated-packages.md in assets-3.992.0.zip

  • 3.991.0 - 2026-02-16
  • 3.990.0 - 2026-02-13
  • 3.989.0 - 2026-02-12
  • 3.988.0 - 2026-02-11
  • 3.987.0 - 2026-02-10
  • 3.986.0 - 2026-02-09
  • 3.985.0 - 2026-02-06
  • 3.984.0 - 2026-02-05
  • 3.983.0 - 2026-02-04
  • 3.982.0 - 2026-02-03
  • 3.981.0 - 2026-02-02
from @aws-sdk/client-s3 GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Note

Low Risk
Low risk dependency bump confined to the packages/engine/integration/e2e/fixture/service test fixture. Potential risk is e2e fixture behavior changes if the newer S3 client has subtle API/runtime differences.

Overview
Updates the e2e fixture service’s package.json to upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0.

Written by Cursor Bugbot for commit 0bf6f26. This will update automatically on new commits. Configure here.

@snyk-bot
fix: upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0
0bf6f26 
Snyk has created this PR to upgrade @aws-sdk/client-s3 from 3.981.0 to 3.1001.0.

See this package in npm:
@aws-sdk/client-s3

See this project in Snyk:
https://app.us.snyk.io/org/framework/project/b8f9ec9e-7987-43de-87ed-42a15615a983?utm_source=github-enterprise&utm_medium=referral&page=upgrade-pr
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Mar 25, 2026

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 815af538-5eb4-4456-af14-e36cb1427dbe

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch snyk-upgrade-fcfc144f9447ce105a6bdb4a6486c089

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@Mmarzex
Copy link
Copy Markdown
Contributor Author

Mmarzex commented Mar 25, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@czubocha czubocha closed this Apr 15, 2026
@github-actions github-actions bot locked and limited conversation to collaborators Apr 15, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Mmarzex @czubocha @snyk-bot