[Snyk] Security upgrade aws-cdk-lib from 2.40.0 to 2.88.0

[gitafolabi]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• gitlab-aws-oidc/package.json
• gitlab-aws-oidc/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[dryrunsecurity]

DryRun Security Summary

The pull request primarily focuses on updating the aws-cdk-lib dependency from version 2.40.0 to 2.88.0 in the gitlab-aws-oidc project, which requires a thorough review and testing to ensure no new security vulnerabilities or breaking changes are introduced.

Expand for full summary

Summary:

The code changes in this pull request primarily focus on updating the aws-cdk-lib dependency from version 2.40.0 to 2.88.0 in the gitlab-aws-oidc project. While updating dependencies to their latest versions is a common practice to access the latest features, bug fixes, and security patches, it's important to thoroughly review and test the changes to ensure that no new security vulnerabilities or breaking changes are introduced.

The key things to consider from an application security perspective are:

1. Reviewing the release notes and change logs of the updated aws-cdk-lib dependency to understand the changes and any potential security implications.
2. Evaluating the new dependencies, such as @aws-cdk/asset-awscli-v1, @aws-cdk/asset-kubectl-v20, and @aws-cdk/asset-node-proxy-agent-v5, to ensure they do not introduce any new security vulnerabilities.
3. Paying attention to the update to the punycode dependency, as it is used for domain name handling and can be a source of security vulnerabilities if not properly handled.
4. Reviewing the addition of the new table dependency to ensure it does not introduce any security risks.

Overall, the code changes appear to be a routine dependency update, but it's crucial to thoroughly test the application after the update and address any security-related changes or new vulnerabilities that may be introduced.

Files Changed:

1. gitlab-aws-oidc/package.json: The aws-cdk-lib dependency version has been updated from 2.40.0 to 2.88.0.
2. gitlab-aws-oidc/package-lock.json: This file reflects the changes made to the aws-cdk-lib dependency, including the addition of new dependencies such as @aws-cdk/asset-awscli-v1, @aws-cdk/asset-kubectl-v20, and @aws-cdk/asset-node-proxy-agent-v5. The update to the punycode dependency from 2.1.1 to 2.3.0 and the addition of the table dependency are also noteworthy.

Code Analysis

We ran 9 analyzers against 2 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	2 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.