Third-time is the luck of the Irish (new security release mechanisms)
Summary
This patch release addresses an internal issue for Event Handler REST API compression feature when headers value is None -- Huge thanks for spotting and fixing it as a first-time contributor @tbuatois!!
We now have public Lambda Layers deployed across all AWS commercial regions (22) - stellar multi-month work by @am29d. We have one last work to complete before we share the additional ARNs with everyone -- automate documentation generation for every Layer Version::Region mapping.
Lastly on Operational Excellence, we've implemented further security layers for GitHub Actions following GitHub's Hardening Guide, and created a Maintenance Issue template to make tech debt work more visible to all customers and future maintainers.
Changes
🐛 Bug and hot fixes
- fix(event_handlers): handle lack of headers when using auto-compression feature (#1325) by @tbuatois
🔧 Maintenance
- chore(ci): use gh environment for beta and prod layer deploy (#1356) by @am29d
- chore(ci): remove core group from codeowners (#1358) by @heitorlessa
- chore(ci): use OIDC and encrypt release secrets (#1355) by @heitorlessa
- chore(ci): introduce codeowners (#1352) by @heitorlessa
- chore(ci): lockdown workflow_run by origin (#1350) by @heitorlessa
- chore(deps): bump constructs from 10.1.1 to 10.1.52 (#1343) by @dependabot
- chore(deps-dev): bump mypy-boto3-cloudwatch from 1.24.0 to 1.24.35 (#1342) by @dependabot
- chore(layers): replace layers account secret (#1329) by @heitorlessa
- chore(governance): add new maintenance issue template for tech debt and governance (#1326) by @heitorlessa
- chore(layers): expand to all aws commercial regions (#1324) by @heitorlessa
This release was made possible by the following contributors:
@am29d, @dependabot, @dependabot[bot], @heitorlessa, @tbuatois and Release bot