[PR #23] [MERGED] fix: upgrade AWS CDK dependencies to fix security vulnerabilities #23

Closed
opened 2026-02-15 18:16:29 -05:00 by yindo · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/langgenius/aws-cdk-for-dify/pull/23
Author: @ZhouhaoJiang
Created: 10/13/2025
Status: Merged
Merged: 10/13/2025
Merged by: @ZhouhaoJiang

Base: mainHead: fix/upgrade-cdk-dependencies


📝 Commits (1)

  • 68fb42e fix: upgrade AWS CDK dependencies to fix security vulnerabilities

📊 Changes

2 files changed (+728 additions, -675 deletions)

View changed files

📝 package-lock.json (+725 -672)
📝 package.json (+3 -3)

📄 Description

  • Upgrade aws-cdk from 2.173.4 to 2.1020.2 (fixes CVE-2025-2598)
  • Upgrade aws-cdk-lib from 2.173.4 to 2.204.0 (fixes GHSA-qq4x-c6h6-rfxh)
  • Upgrade @aws-quickstart/eks-blueprints from 1.16.3 to 1.17.2

All security vulnerabilities have been resolved.
CLI commands remain fully backward compatible.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/langgenius/aws-cdk-for-dify/pull/23 **Author:** [@ZhouhaoJiang](https://github.com/ZhouhaoJiang) **Created:** 10/13/2025 **Status:** ✅ Merged **Merged:** 10/13/2025 **Merged by:** [@ZhouhaoJiang](https://github.com/ZhouhaoJiang) **Base:** `main` ← **Head:** `fix/upgrade-cdk-dependencies` --- ### 📝 Commits (1) - [`68fb42e`](https://github.com/langgenius/aws-cdk-for-dify/commit/68fb42e104bc6049d8695055b83dabb4c0af4a59) fix: upgrade AWS CDK dependencies to fix security vulnerabilities ### 📊 Changes **2 files changed** (+728 additions, -675 deletions) <details> <summary>View changed files</summary> 📝 `package-lock.json` (+725 -672) 📝 `package.json` (+3 -3) </details> ### 📄 Description - Upgrade aws-cdk from 2.173.4 to 2.1020.2 (fixes CVE-2025-2598) - Upgrade aws-cdk-lib from 2.173.4 to 2.204.0 (fixes GHSA-qq4x-c6h6-rfxh) - Upgrade @aws-quickstart/eks-blueprints from 1.16.3 to 1.17.2 All security vulnerabilities have been resolved. CLI commands remain fully backward compatible. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
yindo added the pull-request label 2026-02-15 18:16:29 -05:00
yindo closed this issue 2026-02-15 18:16:29 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: langgenius/aws-cdk-for-dify#23