Update dependency serverless to v2 - autoclosed

[mend-for-github.aaakk.us.kg]

This PR contains the following updates:

Package	Type	Update	Change
serverless (source)	dependencies	major	^1.47.0 -> ^2.0.0

By merging this PR, the issue #20 will be automatically resolved and closed:

Severity	CVSS Score	CVE	Reachability
Critical	9.8	CVE-2020-28472
Critical	9.8	CVE-2020-36632
Critical	9.8	CVE-2020-7788
Critical	9.8	CVE-2021-44906
Critical	9.8	CVE-2021-44906
Critical	9.8	CVE-2024-27307
Critical	9.1	CVE-2021-42581
High	7.8	CVE-2021-43138
High	7.5	CVE-2019-20149
High	7.5	CVE-2021-3795
High	7.5	CVE-2021-3807
High	7.5	CVE-2021-3807
High	7.5	CVE-2021-43307
High	7.5	CVE-2022-24785
High	7.5	CVE-2022-25901
High	7.5	CVE-2022-31129
High	7.5	CVE-2022-38900
High	7.5	WS-2019-0310
High	7.5	WS-2020-0044
High	7.3	CVE-2020-8116
High	7.3	CVE-2022-48285
High	7.2	CVE-2021-23337
Medium	6.5	CVE-2020-8244
Medium	6.1	CVE-2022-0235
Medium	6.1	CVE-2022-0235
Medium	5.6	CVE-2020-7598
Medium	5.6	CVE-2020-7598
Medium	5.3	CVE-2020-15168
Medium	5.3	CVE-2020-15168
Medium	5.3	CVE-2020-28500
Medium	5.3	CVE-2021-23413
Medium	5.3	CVE-2022-33987
Low	3.7	CVE-2017-16137
Low	0.0	CVE-2024-27088

---

Release Notes

serverless/serverless (serverless)

v2.72.2

Compare Source

v2.72.1

Compare Source

v2.72.0

Compare Source

Features

• CLI Onboarding: Auto login if org provided or configured (#​10510) (dcf5273) (Piotr Grzesik)

Bug Fixes

• CLI: Respect old Node.js versions in version detection (#​10499) (427920e) (Mariusz Nowak)

Maintenance Improvements

• AWS Deploy: Improve custom resource generation log (#​10496) (521861b) (Mariusz Nowak)
• CLI Onboarding: Improve user message when app does not exist (#​10509) (20afe33) (Mariusz Nowak)
• Ensure support for warn mode for modern deprecations (#​10502) (82303b3) (Piotr Grzesik)
• Support conceal option in modern logs (#​10501) (0dacf1b) (Piotr Grzesik)

Templates

• Ensure esbuild dependency in aws-nodejs-typescript (#​10484) (452e4d8) (François Farge)

v2.71.0

Compare Source

Features

• AWS Cognito: Support forceDeploy setting (#​10435) (c67a3f1) (TsimpDim)
• Variables: Resign from projectDir concept (#​10478) (5a76437) (Mariusz Nowak)

Bug Fixes

• CLI: Fix handling of provider URL handling (#​10461) (7ebe133) (Mariusz Nowak)
• Config Schema: Address invalid schema definitions (#​10452) (9e1fe0a) (Piotr Grzesik)

Maintenance Improvements

• CLI Onboarding: Download templates from v2 examples branch (#​10447) (46d090a) (Piotr Grzesik)
• CLI: Ensure telemetry logs are issued at debug level (#​10424) (7b36038) (Mariusz Nowak)

Templates

• Upgrade log4j to 2.17.1 in corresponding templates (#​10430) (2c3ab1d) (Graham Campbell)

v2.70.0

Compare Source

Features

• AWS API Gateway: Allow use of custom authorizer with authorizerId (#​10384) (c0eda27) (Adam Lanners)
• AWS Local Invocation: Upgrade log4j to version 2.17.0 (#​10396) (2782ed4) (Vassili Gorshkov)

Bug Fixes

• AWS API Gateway: Meaningfully reject missing restApiRootResourceId (#​10371) (2c0a962) (Sudipto Das)
• AWS Deploy: Fix reliability of VPC config change detection in deploy function (#​10409) (0190d0d) (Piotr Grzesik)

Templates

• Upgrade log4j in aws-lambda-java-log4j2 (#​10383) (786f5e4) (Marina)
• Upgrade log4j in aws-kotlin-jvm-gradle (#​10382) (7bf8f1b) (Varun)
• Upgrade log4j dependencies (#​10392) (86fa604) (Juan Bermúdez)

Maintenance Improvements

• Telemetry:
  • Report didCreateService property (#​10406) (4fa20a5) (Piotr Grzesik)
  • Report projectId in remove command (#​10415) (0de3bc3) (Piotr Grzesik)
  • Ensure to report projectId for interactive (#​10406) (08b5acb) (Piotr Grzesik)
• CLI: Replace internal old logging utils with modern interface (#​10417) (5a451ad) (Mariusz Nowak)
• Variables: Support custom sources in internal resolver (#​10393) (365a7f1) (Mariusz Nowak)

v2.69.1

Compare Source

Bug Fixes

• AWS Lambda: Fix event config setup for provisioned lambdas (#​10366) (3b4e453) (Mariusz Nowak)
• CLI:
  • Do not crash on help request (#​10347) (f6feb0b) (Mariusz Nowak)
  • Improve error handler resolution (#​10367) (0dedd3e) (Mariusz Nowak)

Templates

• Upgrade log4j in Java based templates (#​10363) (7de020b) (Vassili Gorshkov)
• Upgrade log4j in Java based templates (#​10339) (c1df4f8) (Vassili Gorshkov)

v2.69.0

Compare Source

Features

• AWS Deploy: Ensure existence of S3 deployment bucket (if possible) (#​10317) (f358585) (Piotr Grzesik)
• AWS Kafka: Add support for mTLS access configuration (#​10273) (9faf37a) (Misha Bruml)
• Standalone:
  • Support installation on M1-based Macs (#​10291) (92ae054) (Piotr Grzesik)
  • Use Node 16 as base for binaries (#​10291) (eb8f474) (Piotr Grzesik)

Bug Fixes

• AWS Deploy:
  • Allow removal of stack with bucket missing (#​10306) (1a85a4a) (Piotr Grzesik)
  • Ensure to strip all null properties from CloudFormation template (#​10304) (1f58760) (GurmeharS)
  • Recognize all boolean values at provider.disableRollback (#​10324) (2485c7e) (François Farge)
• Variables: Provide opt-out from forced decryption atssm source (#​10315) (503c031) (Omer Shacham)

Maintenance Improvements

• Configure promise returning functions as async (#​10309) (4d4f863) (mdanyalkhan)
• Use async/await syntax in bucket.js (#​10306) (39e43b5) (Piotr Grzesik)

v2.68.0

Compare Source

Features

• AWS Deploy:
  • Ensure consistent function state in deploy function (#​10288) (d52526b) (Piotr Grzesik)
  • Support all regions from iso and isob partition (25eb571) (#​10299) (maafk)
• AWS SQS: Support filterPatterns (#​10297) (3f0a80a) (Piotr Grzesik)
• AWS Stream: Support filterPatterns (#​10285) (fc00505) (Frédéric Barthelet)

Bug Fixes

• AWS SQS: Accept only plain string form in direct ARN assignement (#​10263) (f7bbd17) (Sudipto Das)
• Variables: Resolve variables in resolved address & params values (#​10296) (63d54e1) (Mariusz Nowak)

Maintenance Improvements

• Variables: Seclude internal logic for reuse (#​10296) (9c75044) (Mariusz Nowak)

Templates

• Update dependencies in aws-java-maven (#​10289) (0714f7d) (burakaktasfe)

v2.67.0

Compare Source

Features

• AWS Deploy: Support disableRollback parameter (#​10236) (c9fefce) (Frédéric Barthelet)
• AWS Lambda: Add platform option for container images (#​10237) (5b61b41) (Zane Mountcastle)
• AWS S3: Support Fn::If CF function for s3 event (#​10272) (a4fa498) (Piotr Grzesik)
• AWS SQS: Support functionResponseType (#​10265) (44511f3) (nicoeft)

v2.66.2

Compare Source

Bug Fixes

• CLI: Fix component template recognition in triage (#​10252) (4494f77) (Mariusz Nowak)

Maintenance Improvements

• CLI: Expose dashboard provider name when starting deployment (#​10194) (6698fa6) (Mariusz Nowak)

Templates

• Use iam.role syntax (#​10227) (a55d51c) (Piotr Grzesik)
• Update ts-node for es2020 and es2021 support in aws-nodes-typescript (#​10234) (e131609) (Frédéric Barthelet)

2.66.1 (2021-11-10)

Bug Fixes

• AWS API Gateway: Ensure proper apiId resolution (#​10221) (95f3a56) (Piotr Grzesik)

Maintenance Improvements

• CLI: Improve timestamp visiblity in deploy list output (#​10211) (55146c4) (Mariusz Nowak)

Templates

• Upgrade middy in aws-nodejs-typescript (#​10215) (ad95e03) (Frédéric Barthelet)
• Use non deprecated API in aws-nodejs-typescript (#​10214) (6671d98) (Frédéric Barthelet)

v2.66.1

Compare Source

v2.66.0

Compare Source

Features

• Introduce enforce-hash-update flag to help Lambda hashing version migration (#​10209) (afd0a5b) (Piotr Grzesik)
• Variables: Recognize : in variable address to support output source (#​10208) (723927f) (Piotr Grzesik)

Bug Fixes

• AWS API Gateway: Ensure shouldStartNameWithService support (#​10177) (e8c8d25) (Vicary A.)
• CLI: Do not recommend frameworkVersion when running pre release (#​10204) (53490a5) (Mariusz Nowak)

Maintenance Improvements

• Ensure to use legacy.log instead of cli.log (#​10206) (ea05d7c) (Mariusz Nowak)

v2.65.0

Compare Source

Features

• AWS Lambda:
  • Support CF intrinsic functions at functions[].reservedConcurrency (#​10129) (7cfddff) (ROSeaboyer)
  • Allow to stick to current default Lambda hashing version mode with lambdaHashingVersion: 20200924 setting (#​10173) (50a8457) (Piotr Grzesik)
• AWS EventBridge: Adjust deprecation of deployment method and allow to keep using old approach (#​10133) (bf62b7c) (Piotr Grzesik)
• AWS Local Invocation: Support decimal serialization for Python (#​10178) (9ef46ba) (Shane R. Spencer)

Bug Fixes

• AWS Deploy: Fix handling of deployment bucket extensions (#​10137) (39bdea0) (Mars Lan)
• AWS HTTP API: Recognize max timeout as 30s instead of 29s (#​10119) (e3e02fe) (Caio Fauza)
• CLI:
  • Fix help command usage information (#​10175) (254e70c) (Sebastian Bille)
  • Fix resolution of help for not integrated commands (#​10128) (204f205) (Mariusz Nowak)
• Recognize accessible configuration parts on validation errors (#​10134) (b7a6349) (Mariusz Nowak)

Performance Improvements

• CLI: Integrate CLI triage into this package (no @serverless/components and @serverless/cli modules are loaded unless their CLI is used)(#​10131) (415bdef) (Mariusz Nowak)

Maintenance Improvements

• CLI:
  • Improve file size output in logs (#​10169) (4448490) (Mariusz Nowak)
  • Improve main progress message (#​10183) (533f709) (Mariusz Nowak)
• Telemetry: Add projectId to payload (#​10180) (cc7d7e4) (Piotr Grzesik)
• AWS EventBridge: Address typos in error messages (#​10165) (ee38f6a) (Andreas Kohn)
• Seprate internal and plugin output sections (#​10184) (7bb2520) (Mariusz Nowak)

Templates

• Package lambdas individually in aws-nodejs-typescript (#​10106) (3aab5f8) (Adrien Cacciaguerra)
• Upgrade azure-nodejs-typescript (#​10163) (26846d5) (Giang Nguyen)

2.64.1 (2021-10-20)

Bug Fixes

• CLI: Handle gently case where temp folder is on other device (#​10124) (a030636) (Mariusz Nowak)

v2.64.1

Compare Source

v2.64.0

Compare Source

Features

• AWS RabbitMQ: Support for Amazon MQ RabbitMQ events (#​9919) (a3edecf) (Michael)

Bug Fixes

• AWS Deploy: Recognize LogicalResourceId in stackPolicy (#​10097) (1a528c2) (Monsma)
• AWS EventBridge: Allow intrinsic functions in pattern (#​10120) (1c105a4) (Benoît Bouré)
• CLI: Ensure command validation for service independent commands (#​10115) (6022fb9) (Mariusz Nowak)
• Packaging: Ensure to show deprecation in all cases (#​10111) (cc71fc9) (Mariusz Nowak)

Maintenance Improvements

• CLI:
  • Support decoratedMessage on ServerlessError (#​10112) (2217158) (Piotr Grzesik)
  • Enhanced modern error reporting for CloudFormation (#​10112) (cfd828e) (Piotr Grzesik)
  • Report credentials source in modern error output (#​10114) (b4ff87d) (Piotr Grzesik)
  • Improve style for local fallback modern notice (#​10111) (73c071b) (Mariusz Nowak)
  • Introduce doctor command for modern handling of deprecations (#​10115) (452e234) (Mariusz Nowak)
  • Do not filter commands by lifecycleEvents for help (#​10115) (6991d66) (Mariusz Nowak)

v2.63.0

Compare Source

Features

• AWS Deploy: Introduce warning about deploy -f alias (#​10078) (40f574f) (Piotr Grzesik)
• AWS Lambda: Allow overriding provider VPC with no VPC on function level (#​10060) (44a81fc) (Oliver)
• AWS S3: Recognize ExpirationInDays property for s3 events (#​10083) (8e6dcd1) (ROSeaboyer)
• CLI:
  • Introduce deprecation for duplicate plugin definition (#​10080) (d2a75ea) (Piotr Grzesik)
  • Introduce deprecation instead of warning on S3 Accelerate for user provided bucket (#​10080) (04b921a) (Piotr Grzesik)
• Opt-in support for deployment bucket versioning (#​9912) (c4cb0f3) (Mars Lan)

Maintenance Improvements

• CLI: New logs (experimental):
  • Adapt logInfo to modern logs (#​10078) (771f99b) (Piotr Grzesik)
  • Adapt logWarning to modern logs (#​10078) (d43298d) (Piotr Grzesik)
  • Cover image building with modern logs (#​10070) (a2be338) (Piotr Grzesik)
  • Improve handling of service outputs in modern logs (#​10100) (7d19ca8) (Mariusz Nowak)
  • Introduce modern warning about resource limit (#​10086) (ca705b8) (Piotr Grzesik)
  • Minor modern logs updates (#​10071) (39c09e4) (Piotr Grzesik)
  • Remove empty line in info command (#​10086) (03b4b3d) (Piotr Grzesik)
  • Replace process.stdout use with modern logs (#​10087) (be00a26) (Piotr Grzesik)
  • Replace warnings with modern counterparts (#​10080) (4da0899) (Piotr Grzesik)
  • Update link style for modern logs (#​10096) (6264296) (Mariusz Nowak)
• Fix typo in lib/classes/Variables.js (#​10093) (49f0913) (Chris Poli)

Templates

• Add esbuild to gitignore in aws-nodejs-typescript (#​10076) (865f21f) (ssshun)

v2.62.0

Compare Source

Features

• AWS Deploy: Remove deploy -f deprecation (#​10063) (1084251) (Mariusz Nowak)
• Config Schema: Remove validation mode related deprecation (#​10063) (a9bf916) (Mariusz Nowak)
• Packaging: Remove package[include|exclude] deprecation (#​10063) (70e2736) (Mariusz Nowak)

Bug Fixes

• AWS Deploy: Throw on attempt of extending not existing resource (#​10063) (02be86c) (Mariusz Nowak)

Maintenance Improvements

• CLI: New logs (experimental):
  • Simplify CF deploy progress (#​10068) (be60ed4) (Mariusz Nowak)
  • Expose function artifact size in deploy summary (#​10062) (8746100) (Mariusz Nowak)
  • create command (#​10066) (05f937f) (Piotr Grzesik)
  • invoke local command (#​10065) (82dd1e4) (Piotr Grzesik)
  • invoke command (#​10052) (2af95c0) (Piotr Grzesik)
  • metrics command (#​10051) (592596c) (Piotr Grzesik)
  • remove command (#​10050) (3934cad) (Piotr Grzesik)
  • rollback function command (#​10064) (4cbc342) (Piotr Grzesik)
  • rollback command (#​10064) (f0970e0) (Piotr Grzesik)
  • uninstall command (#​10034) (2787ea0) (Piotr Grzesik)
  • upgrade command (#​10034) (9b5e6b1) (Piotr Grzesik)
  • Ensure empty line prior final status with progress (#​10063) (#​10062) (c9f2227) (Mariusz Nowak)
  • Reconfigure dashboard related warning (#​10053) (7c91cde) (Mariusz Nowak)
• AWS Deploy: Improve error message (#​10063) (d071c5f) (Mariusz Nowak)
• Remove async handling from sync function (#​10053) (5f1a916) (Mariusz Nowak)

v2.61.0

Compare Source

Features

• AWS Lambda: Support 64-bit ARM architecture (#​10049) (fe655d4) (Mariusz Nowak)

Bug Fixes

• AWS Credentials: Fail when profile is already configured (#​10038) (f8ad7bc) (Piotr Grzesik)

Maintenance Improvements

• CLI: New logs (experimental):
  • config credentials command (#​10038) (bcb2408) (Piotr Grzesik)
  • config tabcompletion install command (#​10038) (16a7739) (Piotr Grzesik)
  • config tabcompletion uninstall command (#​10038) (02eebb4) (Piotr Grzesik)
  • config command (#​10038) (7926570) (Piotr Grzesik)
  • slstats command (#​10036) (0c9dae1) (Piotr Grzesik)

2.60.3 (2021-10-01)

Bug Fixes

• CLI: Fix resolution of handler in case of local fallback (#​10042) (7d31410) (Mariusz Nowak)

Maintenance Improvements

• CLI:
  • Improve modern info output (#​10037) (2828a2c) (Mariusz Nowak)
  • Improve modern error reporting (#​10037) (a205f88) (Mariusz Nowak)
  • Improve modern logs for logs command (#​10037) (d1701bf) (Mariusz Nowak)
  • Modern logs for install command (#​10040) (bd4d215) (Piotr Grzesik)
  • Modern logs for print command (#​10035) (4ed34c3) (Piotr Grzesik)
  • Generalize writeServiceOutputs (#​10037) (8aa700d) (Mariusz Nowak)

2.60.2 (2021-09-30)

Bug Fixes

• AWS EventBridge: Ensure proper support for deadLetterQueueArn (instead of deadLetterConfig) (#​10030) (846cfa1) (Piotr Grzesik)

2.60.1 (2021-09-29)

Bug Fixes

• AWS EventBridge: Fix MaximumEventAgeInSecond template reference (#​10023) (cd03f55) (Mariusz Nowak)
• Standalone:
  • Fix internal npm installation handling (#​10014) (5a583a9) (Mariusz Nowak)
  • Upgrade npm version to one that supports Node.js v14 (#​10014) (62d697c) (Mariusz Nowak)
• CLI: Fix handling when local serverless is removed in command run (#​10016) (1a3ccdb) (Mariusz Nowak)

Maintenance Improvements

• Plugins:
  • Seclude plugin install standalone command (#​9942) (713ac1e) (Seungchan Ahn)
  • Seclude plugin uninstall standalone command (#​10015) (26ce1c6) (Seungchan Ahn)
  • Fix manual update notice (#​10016) (0d5884e) (Mariusz Nowak)
• CLI: New logs (experimental):
  • plugin install command (#​10016) (8c5f22c) (Mariusz Nowak)
  • plugin list command (#​10016) (00e016c) (Mariusz Nowak)
  • plugin search command (#​10016) (1463171) (Mariusz Nowak)
  • plugin uninstall command (#​10016) (3094be0) (Mariusz Nowak)
  • interactive setup (#​10024) (07aed34) (Mariusz Nowak)
  • Local version fallback (#​10024) (231095d) (Mariusz Nowak)
  • Rely on