build(deps): bump @middy/core from 2.5.7 to 3.0.1

[dependabot]

Bumps @middy/core from 2.5.7 to 3.0.1.

Release notes

Sourced from @​middy/core's releases.

3.0.1

What's Changed

• Updated dependencies

Full Changelog: middyjs/middy@3.0.0...3.0.1

3.0.0

Checkout UPGRADE.md to see what are the main breaking changes and how to migrate to this new version if coming from 2.x.

Version 3.x of Middy no longer supports Node.js versions 12.x. You are highly encouraged to move to Node.js 16.x. With the Node.js version change all packages are now ECMAScript Modules along side CommonJS Modules.

Notable changes

• New WebSocket middlewares
• HTTP & WebSocket Routers!
• Better error handling
• Timeout error handling
• Errors now use { cause } for better context

Additions

• New middleware (http-content-encoding, http-router, service-discovery, ws-json-body-parser, ws-response, ws-router)
• core
  • Added .handler() method to allow easier understanding of the execution cycle
  • lambdaHandler can now be passed an AbortController signal
  • internal events can now be monitored using Proxy
• util
  • getInternal error now includes cause set to an array of Errors
  • Catch when X-Ray is applied outside of handler invocation scope

Breaking Changes

• core
  • The order onError being called is now reversed to match after
  • Deprecate applyMiddleware() and __middlewares
• util
  • normalizeHttpResponse now takes request and mutates response
  • getCache will return {} instead of undefined when not found
• Deprecated setToEnv option from all middleware
• Will now throw error if not an http event in http-event-normalizer
• Change default charset from binary/latin1 to utf-8 within http-multipart-body-parser
• Renamed default option to defaultContentType to improve maintainability in http-response-serializer
• Deprecate expectCt in http-security-headers
• sqs-partial-batch-failure completely rewritten
• Renamed default option to defaultContentType http-response-serializer
• normalizeHttpResponse now takes request and mutates response
• Change where errors are stored, from request.error.details to request.error.cause in validator

Removed

• s3-key-normalizer in favour of event-normalizer
• sqs-json-body-parser in favour of event-normalizer

... (truncated)

Changelog

Sourced from @​middy/core's changelog.

3.0.0

Checkout UPGRADE.md to see what are the main breaking changes and how to migrate to this new version if coming from 2.x.

Focus this version was on error handling and improve consistency.

Additions

• New middleware (http-content-encoding)
• lambdaHandler can now be passed an AbortController signal
• internal events can now be monitored using Proxy

Breaking Changes

• The order onError being called is now reversed to match after
• Change default charset from binary/latin1 to utf-8 within http-multipart-body-parser
• Deprecated setToEnv option from all middleware
• sqs-partial-batch-failure completely rewritten
• Renamed default option to defaultContentType http-response-serializer
• normalizeHttpResponse now takes request and mutates response

Maintenance

• Better error reporting when dealing with Promise arrays

2.0.1

• #640 sms bug fix where infinite loop happens when pulling >10 values @​garnertb
• #643 improve performance of http-json-body-parser @​nponeccop

2.0.0

Checkout UPGRADE.md to see what are the main breaking changes and how to migrate to this new version if coming from 1.x.

Focus this version was on performance and security by default.

Additions

• New middlewares (rds-signer, sts, s3-object-response)
• New plugin hook for core to allow easier bottleneck detection with middlewares and handler

Breaking Changes

• All middlewares now use async/await and have deprecated next(err) and callback(err, response)
• validator refactored to support draft-2019-09 using the latest version of ajv. Full i18n is now enabled by default
• http-error-handler no longer exposes status code >= 500 by default.
• Middlewares that reach out to 3rd party API have been completely refactored to have unifying options that resolve on demand from internal context. Applies to:
  • rds-signer
  • secrets-manager
  • ssm
  • sts
• Deprecated middlewares:
  • cache: little usage, makes more sense to be pulled out of core
  • db-manager: little usage, makes more sense to be pulled out of core
  • function-shield: Only supported up to Node v10

... (truncated)

Upgrade guide

Sourced from @​middy/core's upgrade guide.

Upgrade 2.x -> 3.x

See CHANGELOG for an overview of changes.

Version 3.x of Middy no longer supports Node.js versions 12.x. You are highly encouraged to move to Node.js 16.x. With the Node.js version change all packages are now ECMAScript Modules along side CommonJS Modules.

Notable changes

• New WebSocket middlewares
• HTTP & WebSocket Routers!
• Better error handling
• Timeout error handling
• Errors now use { cause } for better context

Core

• onError middleware stack order reversed to match after [Breaking Change]
  • This change has trickle down effects on middlewares with onError (see below for details)
  • If you're handling errors yourself here are some things to review:
    • Attach near the end so it is triggered first (likely already done)
    • Remove return response, this will short circuit the response and block later middleware from modifying the response
• lambdaHandler now passes {signal} from AbortController to allow for ending lambda early to handle timeout errors
• plugin argument now supports:
  • internal: Allow the use of new Proxy() for smarter triggering in advanced use cases.
  • timeoutEarlyInMillis: When before lambda timeout to trigger early exit. Default 5
  • timeoutEarlyResponse: Function to throw a custom error or return a pre-set value. Default () => { throw new Error('Timeout') }
• Added .handler() method to allow easier understanding of the execution cycle
• Deprecate applyMiddleware() and __middlewares [Breaking Change]

Util

• getInternal error now includes cause set to an array of Errors
• Catch when X-Ray is applied outside of handler invocation scope
• normalizeHttpResponse now takes request and mutates response [Breaking Change]
• getCache will return {} instead of undefined when not found [Breaking Change]

Middleware

cloudwatch-metrics

No change

do-not-wait-for-empty-event-loop

No change

error-logger

No change

event-normalizer

• Add support for all missing AWS events
• Refactored for performance improvements

... (truncated)

Commits

• 797455e chore: version bump
• e09a3a5 chore: version bump
• 3653547 ci: dep update
• c04b3a0 chore: version bump
• 86a25cc chore: dep update
• 17b6ea1 chore: dep update
• f2e4df7 feat: add in build for both cjs/esm
• 8fff5b1 docs: add website
• 5cef39e chore: version bump
• ed8a11d ci: improve test coverage
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dreamorosi]

@dependabot rebase

[dreamorosi]

@dependabot ignore this major version

[dependabot]

OK, I won't notify you about version 3.x.x again, unless you re-open this PR or update to a 3.x.x release yourself.