Upgrade: [dependabot] - bump @middy/core from 6.4.5 to 7.0.2 by dependabot[bot] · Pull Request #2616 · NHSDigital/eps-prescription-status-update-api

dependabot · 2026-01-09T18:08:25Z

Bumps @middy/core from 6.4.5 to 7.0.2.

Release notes

Sourced from @middy/core's releases.

7.0.2

Add in workaround for bundlers that don't honour sideEffects:false. #1548

Full Changelog: middyjs/middy@7.0.1...7.0.2

7.0.1

What's Changed

ci: dep update by @willfarrell in middyjs/middy#1544

chore(deps): bump KineticCafe/actions-dco from 2.0.0 to 2.1.1 by @dependabot[bot] in middyjs/middy#1546

Add in peerDeps w/ optional for AWS SDKs by @willfarrell in middyjs/middy#1549

Full Changelog: middyjs/middy@7.0.0...7.0.1

7.0.0

For full details and upgrade guide see https://middy.js.org/docs/upgrade/6-7

Notable changes

Deprecate Node.js v20.x.

Add support for Node.js v24.x.

Add support for Durable Functions, caused breaking changes to streamifyResponse.

LLRT can now be used when using executionModeStandard (default) & executionModeDurableContext

Works with new Tenant isolation mode

Works with new multi-concurrency on Lambda Managed Instances

What's Changed

chore: use test() helper in type tests by @mrazauskas in middyjs/middy#1472

chore(deps): bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in middyjs/middy#1478

chore(deps): bump github/codeql-action from 3.30.3 to 3.30.6 by @dependabot[bot] in middyjs/middy#1496

chore(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4 by @dependabot[bot] in middyjs/middy#1495

chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in middyjs/middy#1494

chore(deps): bump actions/cache from 4.2.4 to 4.3.0 by @dependabot[bot] in middyjs/middy#1488

chore(deps): bump github/codeql-action from 3.30.6 to 4.30.8 by @dependabot[bot] in middyjs/middy#1504

chore(deps): bump softprops/action-gh-release from 2.4.0 to 2.4.1 by @dependabot[bot] in middyjs/middy#1503

chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 by @dependabot[bot] in middyjs/middy#1512

chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by @dependabot[bot] in middyjs/middy#1511

chore(deps): bump KineticCafe/actions-dco from 1.3.8 to 2.0.0 by @dependabot[bot] in middyjs/middy#1510

Release/7.0.0-alpha.0 by @willfarrell in middyjs/middy#1513

7.0.0-alpha.1 by @willfarrell in middyjs/middy#1514

chore: update TSTyche to v5.0.0 by @mrazauskas in middyjs/middy#1519

chore(deps): bump github/codeql-action from 4.30.9 to 4.31.0 by @dependabot[bot] in middyjs/middy#1516

chore(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in middyjs/middy#1517

chore(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in middyjs/middy#1515

chore(deps): bump github/codeql-action from 4.31.0 to 4.31.2 by @dependabot[bot] in middyjs/middy#1521

7.0.0-alpha.2 by @willfarrell in middyjs/middy#1522

chore(deps): bump softprops/action-gh-release from 2.4.1 to 2.4.2 by @dependabot[bot] in middyjs/middy#1523

chore(deps): bump github/codeql-action from 4.31.2 to 4.31.4 by @dependabot[bot] in middyjs/middy#1526

chore(deps): bump github/codeql-action from 4.31.4 to 4.31.8 by @dependabot[bot] in middyjs/middy#1537

chore(deps): bump softprops/action-gh-release from 2.4.2 to 2.5.0 by @dependabot[bot] in middyjs/middy#1532

chore(deps): bump actions/setup-node from 4.1.0 to 6.1.0 by @dependabot[bot] in middyjs/middy#1534

... (truncated)

Commits

4ba68bc chore: version bump
8837277 fix: workaround for sideEffects:false not honoured by esbuild
be71455 chore: version bump
ea25cd3 chore: add in peerDep
9609f3a test: update evals to use newer strict
98eadc7 chore: version bump
f0e040e chore: version bump
c4d2d75 docs: clean up
7303ee8 fix: update to use standard naming
f23ee36 ci: allow context to be durable
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @middy/core since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions · 2026-01-09T18:08:35Z

This PR is raised by Dependabot to update a dependency.

eps-autoapprove-dependabot · 2026-01-09T18:15:36Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-09T23:27:42Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-09T23:42:24Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-09T23:58:17Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T00:14:16Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T00:29:03Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T01:01:03Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T01:16:39Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T01:32:37Z

I'm not approving this PR because it includes a major update of a dependency used in production

eps-autoapprove-dependabot · 2026-01-10T01:48:51Z

I'm not approving this PR because it includes a major update of a dependency used in production

Bumps [@middy/core](https://github.com/middyjs/middy/tree/HEAD/packages/core) from 6.4.5 to 7.0.2. - [Release notes](https://github.com/middyjs/middy/releases) - [Changelog](https://github.com/middyjs/middy/blob/main/docs/RELEASE.md) - [Commits](https://github.com/middyjs/middy/commits/7.0.2/packages/core) --- updated-dependencies: - dependency-name: "@middy/core" dependency-version: 7.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2026-01-10T02:03:53Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

eps-autoapprove-dependabot · 2026-01-10T02:04:15Z

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 9, 2026

eps-autoapprove-dependabot Bot added the requires-manual-qa label Jan 9, 2026

eps-autoapprove-dependabot Bot enabled auto-merge (squash) January 9, 2026 18:15

dependabot Bot had a problem deploying to dev January 9, 2026 18:17 Failure

dependabot Bot temporarily deployed to dev January 9, 2026 18:17 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 300654f to 0e3354c Compare January 9, 2026 23:20

dependabot Bot had a problem deploying to dev January 9, 2026 23:29 Failure

dependabot Bot temporarily deployed to dev January 9, 2026 23:29 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 0e3354c to a78fe0f Compare January 9, 2026 23:36

dependabot Bot had a problem deploying to dev January 9, 2026 23:44 Failure

dependabot Bot temporarily deployed to dev January 9, 2026 23:44 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from a78fe0f to 8ad96eb Compare January 9, 2026 23:51

dependabot Bot had a problem deploying to dev January 10, 2026 00:00 Failure

dependabot Bot temporarily deployed to dev January 10, 2026 00:00 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 8ad96eb to e842cf4 Compare January 10, 2026 00:07

dependabot Bot had a problem deploying to dev January 10, 2026 00:16 Failure

dependabot Bot temporarily deployed to dev January 10, 2026 00:16 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from e842cf4 to 6d81d32 Compare January 10, 2026 00:22

dependabot Bot temporarily deployed to dev January 10, 2026 00:30 Inactive

dependabot Bot had a problem deploying to dev January 10, 2026 00:30 Failure

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch 2 times, most recently from f49e2f8 to 39fb908 Compare January 10, 2026 00:54

dependabot Bot had a problem deploying to dev January 10, 2026 01:02 Failure

dependabot Bot temporarily deployed to dev January 10, 2026 01:02 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 39fb908 to ca1fd04 Compare January 10, 2026 01:10

dependabot Bot temporarily deployed to dev January 10, 2026 01:18 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from ca1fd04 to 3115708 Compare January 10, 2026 01:26

dependabot Bot temporarily deployed to dev January 10, 2026 01:34 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 3115708 to 95e16ff Compare January 10, 2026 01:42

dependabot Bot temporarily deployed to dev January 10, 2026 01:50 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/middy/core-7.0.2 branch from 95e16ff to ea2e307 Compare January 10, 2026 01:57

dependabot Bot temporarily deployed to dev January 10, 2026 02:06 Inactive

anthony-nhs approved these changes Jan 10, 2026

View reviewed changes

eps-autoapprove-dependabot Bot merged commit e574b65 into main Jan 10, 2026
16 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/middy/core-7.0.2 branch January 10, 2026 09:00

Conversation

dependabot Bot commented on behalf of github Jan 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

7.0.2

7.0.1

What's Changed

7.0.0

Notable changes

What's Changed

Uh oh!

github-actions Bot commented Jan 9, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 9, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 9, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 9, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 9, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

sonarqubecloud Bot commented Jan 10, 2026

Quality Gate passed

Uh oh!

eps-autoapprove-dependabot Bot commented Jan 10, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jan 9, 2026 •

edited

Loading