ministackorg/ministack v1.3.41 on GitHub

What's Changed

KMS Decrypt error code on malformed ciphertext — when the caller omitted KeyId and the ciphertext was too short or otherwise unparseable, MiniStack returned NotFoundException ("Unable to find the key for decryption"); real AWS returns InvalidCiphertextException in that case. The two errors are distinguished by AWS-SDK clients that catch encryption faults separately from key-lookup faults (e.g., wrapper libraries that retry on NotFound but surface InvalidCiphertext immediately). NotFoundException is still returned when the caller did pass an explicit KeyId that doesn't resolve, matching real AWS.