chore(deps-dev): bump @guardian/cdk from 61.3.1 to 61.5.0 #167

dependabot · 2025-05-01T20:13:34Z

Bumps @guardian/cdk from 61.3.1 to 61.5.0.

Release notes

Sourced from @guardian/cdk's releases.

v61.5.0

Minor Changes
2a75b9f: Removes GuWazuhAccess security group as Wazuh has been deprecated.

This change will remove a resource of logical ID WazuhSecurityGroup from stacks that use a GuAutoScalingGroup. The snapshot diff will include the removal of the following resource:
{
  "Resources": {
    "WazuhSecurityGroup": {
      "Properties": {
        "GroupDescription": "Allow outbound traffic from wazuh agent to manager",
        "SecurityGroupEgress": [
          {
            "CidrIp": "0.0.0.0/0",
            "Description": "Wazuh event logging",
            "FromPort": 1514,
            "IpProtocol": "tcp",
            "ToPort": 1514
          },
          {
            "CidrIp": "0.0.0.0/0",
            "Description": "Wazuh agent registration",
            "FromPort": 1515,
            "IpProtocol": "tcp",
            "ToPort": 1515
          }
        ],
        "Type": "AWS::EC2::SecurityGroup"
      }
    }
  }
}
v61.4.0

Minor Changes
0426904: Removal of the withoutImdsv2 property from GuEc2App and GuAutoScalingGroup. When this property was set to true, launched instances would not meet the FSBP EC2.8 control.

Removing this property as a signal that GuCDK will follow FSBP controls by default.

If for whatever reason you need to disable IMDSv2, you can do so via an escape hatch:
import { CfnLaunchTemplate } from "aws-cdk-lib/aws-ec2";

... (truncated)

Changelog

Sourced from @guardian/cdk's changelog.

61.5.0

Minor Changes
2a75b9f: Removes GuWazuhAccess security group as Wazuh has been deprecated.

This change will remove a resource of logical ID WazuhSecurityGroup from stacks that use a GuAutoScalingGroup. The snapshot diff will include the removal of the following resource:
{
  "Resources": {
    "WazuhSecurityGroup": {
      "Properties": {
        "GroupDescription": "Allow outbound traffic from wazuh agent to manager",
        "SecurityGroupEgress": [
          {
            "CidrIp": "0.0.0.0/0",
            "Description": "Wazuh event logging",
            "FromPort": 1514,
            "IpProtocol": "tcp",
            "ToPort": 1514
          },
          {
            "CidrIp": "0.0.0.0/0",
            "Description": "Wazuh agent registration",
            "FromPort": 1515,
            "IpProtocol": "tcp",
            "ToPort": 1515
          }
        ],
        "Type": "AWS::EC2::SecurityGroup"
      }
    }
  }
}
61.4.0

Minor Changes
0426904: Removal of the withoutImdsv2 property from GuEc2App and GuAutoScalingGroup. When this property was set to true, launched instances would not meet the FSBP EC2.8 control.

Removing this property as a signal that GuCDK will follow FSBP controls by default.

If for whatever reason you need to disable IMDSv2, you can do so via an escape hatch:

... (truncated)

Commits

9db3a04 Merge pull request #2642 from guardian/changeset-release/main
2d0e182 Bump package version
2f5b07a Merge pull request #2561 from guardian/aa/rm-wazuh
2a75b9f feat: Remove GuWazuhAccess class
b915fae Merge pull request #2640 from guardian/dependabot/npm_and_yarn/typedoc-0.28.3
3b219a9 chore(deps): bump typedoc from 0.28.2 to 0.28.3
5ddee91 Merge pull request #2641 from guardian/dependabot/npm_and_yarn/eslint-9.25.1
af9ee25 chore(deps): bump eslint from 9.24.0 to 9.25.1
311fd34 Merge pull request #2639 from guardian/changeset-release/main
412de45 Bump package version
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@guardian/cdk](https://github.com/guardian/cdk) from 61.3.1 to 61.5.0. - [Release notes](https://github.com/guardian/cdk/releases) - [Changelog](https://github.com/guardian/cdk/blob/main/CHANGELOG.md) - [Commits](guardian/cdk@v61.3.1...v61.5.0) --- updated-dependencies: - dependency-name: "@guardian/cdk" dependency-version: 61.5.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-06-01T20:22:11Z

Superseded by #172.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 1, 2025

dependabot bot mentioned this pull request May 1, 2025

chore(deps-dev): bump @guardian/cdk from 61.3.1 to 61.3.2 #160

Closed