fix(lambda): bump the aws-powertools group in /lambdas with 4 updates

[dependabot]

Bumps the aws-powertools group in /lambdas with 4 updates: @aws-lambda-powertools/parameters, @aws-lambda-powertools/logger, @aws-lambda-powertools/metrics and @aws-lambda-powertools/tracer.

Updates @aws-lambda-powertools/parameters from 2.30.2 to 2.31.0

Release notes

Sourced from @​aws-lambda-powertools/parameters's releases.

v2.31.0

Summary

In this release we are pleased to announce Tracer middleware for the HTTP event handler, which allows users to enable distributed tracing for their HTTP routes with minimal boilerplate code.

In addition, the metric utility now supports a fluent interface, allowing you to chain multiple methods in a single statement.

We have also fixed a bug in the HTTP event handler that caused parameterized headers to be handled incorrectly.

⭐ Special thanks to @​nateiler and @​dothomson for their first PR merged in the project, and to @​arnabrahman! for another great contribution 🎉

Tracer Middleware

You can now use the Tracer utility with the HTTP event handler to gain observability over your routes. The middleware:

• Creates a subsegment for each HTTP route with the format METHOD /path (e.g., GET /users)
• Adds ColdStart and Service annotations
• Optionally captures JSON response bodies as metadata
• Captures errors as metadata when exceptions occur

import { Router } from '@aws-lambda-powertools/event-handler/http';
import { tracer as tracerMiddleware } from '@aws-lambda-powertools/event-handler/http/middleware/tracer';
import { Tracer } from '@aws-lambda-powertools/tracer';
import type { Context } from 'aws-lambda';
const tracer = new Tracer({ serviceName: 'my-api' });
const app = new Router();
app.get(
'/users/cards',
[tracerMiddleware(tracer, { captureResponse: false })],
({ params }) => {
return { id: params.id, secret: 'sensitive-data' };
}
);
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);

Metrics Fluent Interface

All mutation methods (with the exception of clear*) now return the metric instance that was mutated, allowing you to chain multiple metrics operations in a single statement.

import { Metrics} from '@aws-lambda-powertools/metrics';
const metrics = new Metrics();
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/parameters's changelog.

2.31.0 (2026-02-10)

Features

• metrics return metrics instance from metrics functions (#4930) (e7aa2e2)
• parameters pass underlying SDK error as cause to GetParameterError (#4936) (b3499db)
• event-handler add tracer middleware for HTTP routes (#4982) (8be6157)

Bug Fixes

• event-handler handle set-cookie header values with multiple attributes (#4990) (42317fe)
• kafka handle tombstone events (#4991) (04c3236)

Commits

• 54d1fa3 chore(ci): bump version to 2.31.0 (#5007)
• 42317fe fix(event-handler): handle set-cookie header values with multiple attributes ...
• 8e4da8a chore(deps): bump @​types/node from 25.2.0 to 25.2.2 (#5004)
• ddf54e0 chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 (#4998)
• 7692071 chore(deps): bump @​types/node from 25.2.0 to 25.2.1 (#4999)
• d8dfadc chore: manually upgrade dependency tree (#5002)
• 60b6ce1 ci: switch npm auth to OIDC (#4997)
• 04c3236 fix(kafka): handle tombstone events (#4991)
• 8e1359e chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4985)
• 4c6657a test: extract DF idempotency e2e tests (#4994)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/logger from 2.30.2 to 2.31.0

Release notes

Sourced from @​aws-lambda-powertools/logger's releases.

v2.31.0

Summary

In this release we are pleased to announce Tracer middleware for the HTTP event handler, which allows users to enable distributed tracing for their HTTP routes with minimal boilerplate code.

In addition, the metric utility now supports a fluent interface, allowing you to chain multiple methods in a single statement.

We have also fixed a bug in the HTTP event handler that caused parameterized headers to be handled incorrectly.

⭐ Special thanks to @​nateiler and @​dothomson for their first PR merged in the project, and to @​arnabrahman! for another great contribution 🎉

Tracer Middleware

You can now use the Tracer utility with the HTTP event handler to gain observability over your routes. The middleware:

• Creates a subsegment for each HTTP route with the format METHOD /path (e.g., GET /users)
• Adds ColdStart and Service annotations
• Optionally captures JSON response bodies as metadata
• Captures errors as metadata when exceptions occur

import { Router } from '@aws-lambda-powertools/event-handler/http';
import { tracer as tracerMiddleware } from '@aws-lambda-powertools/event-handler/http/middleware/tracer';
import { Tracer } from '@aws-lambda-powertools/tracer';
import type { Context } from 'aws-lambda';
const tracer = new Tracer({ serviceName: 'my-api' });
const app = new Router();
app.get(
'/users/cards',
[tracerMiddleware(tracer, { captureResponse: false })],
({ params }) => {
return { id: params.id, secret: 'sensitive-data' };
}
);
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);

Metrics Fluent Interface

All mutation methods (with the exception of clear*) now return the metric instance that was mutated, allowing you to chain multiple metrics operations in a single statement.

import { Metrics} from '@aws-lambda-powertools/metrics';
const metrics = new Metrics();
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/logger's changelog.

2.31.0 (2026-02-10)

Features

• metrics return metrics instance from metrics functions (#4930) (e7aa2e2)
• parameters pass underlying SDK error as cause to GetParameterError (#4936) (b3499db)
• event-handler add tracer middleware for HTTP routes (#4982) (8be6157)

Bug Fixes

• event-handler handle set-cookie header values with multiple attributes (#4990) (42317fe)
• kafka handle tombstone events (#4991) (04c3236)

Commits

• 54d1fa3 chore(ci): bump version to 2.31.0 (#5007)
• 42317fe fix(event-handler): handle set-cookie header values with multiple attributes ...
• 8e4da8a chore(deps): bump @​types/node from 25.2.0 to 25.2.2 (#5004)
• ddf54e0 chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 (#4998)
• 7692071 chore(deps): bump @​types/node from 25.2.0 to 25.2.1 (#4999)
• d8dfadc chore: manually upgrade dependency tree (#5002)
• 60b6ce1 ci: switch npm auth to OIDC (#4997)
• 04c3236 fix(kafka): handle tombstone events (#4991)
• 8e1359e chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4985)
• 4c6657a test: extract DF idempotency e2e tests (#4994)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/metrics from 2.30.2 to 2.31.0

Release notes

Sourced from @​aws-lambda-powertools/metrics's releases.

v2.31.0

Summary

In this release we are pleased to announce Tracer middleware for the HTTP event handler, which allows users to enable distributed tracing for their HTTP routes with minimal boilerplate code.

In addition, the metric utility now supports a fluent interface, allowing you to chain multiple methods in a single statement.

We have also fixed a bug in the HTTP event handler that caused parameterized headers to be handled incorrectly.

⭐ Special thanks to @​nateiler and @​dothomson for their first PR merged in the project, and to @​arnabrahman! for another great contribution 🎉

Tracer Middleware

You can now use the Tracer utility with the HTTP event handler to gain observability over your routes. The middleware:

• Creates a subsegment for each HTTP route with the format METHOD /path (e.g., GET /users)
• Adds ColdStart and Service annotations
• Optionally captures JSON response bodies as metadata
• Captures errors as metadata when exceptions occur

import { Router } from '@aws-lambda-powertools/event-handler/http';
import { tracer as tracerMiddleware } from '@aws-lambda-powertools/event-handler/http/middleware/tracer';
import { Tracer } from '@aws-lambda-powertools/tracer';
import type { Context } from 'aws-lambda';
const tracer = new Tracer({ serviceName: 'my-api' });
const app = new Router();
app.get(
'/users/cards',
[tracerMiddleware(tracer, { captureResponse: false })],
({ params }) => {
return { id: params.id, secret: 'sensitive-data' };
}
);
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);

Metrics Fluent Interface

All mutation methods (with the exception of clear*) now return the metric instance that was mutated, allowing you to chain multiple metrics operations in a single statement.

import { Metrics} from '@aws-lambda-powertools/metrics';
const metrics = new Metrics();
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/metrics's changelog.

2.31.0 (2026-02-10)

Features

• metrics return metrics instance from metrics functions (#4930) (e7aa2e2)
• parameters pass underlying SDK error as cause to GetParameterError (#4936) (b3499db)
• event-handler add tracer middleware for HTTP routes (#4982) (8be6157)

Bug Fixes

• event-handler handle set-cookie header values with multiple attributes (#4990) (42317fe)
• kafka handle tombstone events (#4991) (04c3236)

Commits

• 54d1fa3 chore(ci): bump version to 2.31.0 (#5007)
• 42317fe fix(event-handler): handle set-cookie header values with multiple attributes ...
• 8e4da8a chore(deps): bump @​types/node from 25.2.0 to 25.2.2 (#5004)
• ddf54e0 chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 (#4998)
• 7692071 chore(deps): bump @​types/node from 25.2.0 to 25.2.1 (#4999)
• d8dfadc chore: manually upgrade dependency tree (#5002)
• 60b6ce1 ci: switch npm auth to OIDC (#4997)
• 04c3236 fix(kafka): handle tombstone events (#4991)
• 8e1359e chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4985)
• 4c6657a test: extract DF idempotency e2e tests (#4994)
• Additional commits viewable in compare view

Updates @aws-lambda-powertools/tracer from 2.30.2 to 2.31.0

Release notes

Sourced from @​aws-lambda-powertools/tracer's releases.

v2.31.0

Summary

In this release we are pleased to announce Tracer middleware for the HTTP event handler, which allows users to enable distributed tracing for their HTTP routes with minimal boilerplate code.

In addition, the metric utility now supports a fluent interface, allowing you to chain multiple methods in a single statement.

We have also fixed a bug in the HTTP event handler that caused parameterized headers to be handled incorrectly.

⭐ Special thanks to @​nateiler and @​dothomson for their first PR merged in the project, and to @​arnabrahman! for another great contribution 🎉

Tracer Middleware

You can now use the Tracer utility with the HTTP event handler to gain observability over your routes. The middleware:

• Creates a subsegment for each HTTP route with the format METHOD /path (e.g., GET /users)
• Adds ColdStart and Service annotations
• Optionally captures JSON response bodies as metadata
• Captures errors as metadata when exceptions occur

import { Router } from '@aws-lambda-powertools/event-handler/http';
import { tracer as tracerMiddleware } from '@aws-lambda-powertools/event-handler/http/middleware/tracer';
import { Tracer } from '@aws-lambda-powertools/tracer';
import type { Context } from 'aws-lambda';
const tracer = new Tracer({ serviceName: 'my-api' });
const app = new Router();
app.get(
'/users/cards',
[tracerMiddleware(tracer, { captureResponse: false })],
({ params }) => {
return { id: params.id, secret: 'sensitive-data' };
}
);
export const handler = async (event: unknown, context: Context) =>
app.resolve(event, context);

Metrics Fluent Interface

All mutation methods (with the exception of clear*) now return the metric instance that was mutated, allowing you to chain multiple metrics operations in a single statement.

import { Metrics} from '@aws-lambda-powertools/metrics';
const metrics = new Metrics();
</tr></table>

... (truncated)

Changelog

Sourced from @​aws-lambda-powertools/tracer's changelog.

2.31.0 (2026-02-10)

Features

• metrics return metrics instance from metrics functions (#4930) (e7aa2e2)
• parameters pass underlying SDK error as cause to GetParameterError (#4936) (b3499db)
• event-handler add tracer middleware for HTTP routes (#4982) (8be6157)

Bug Fixes

• event-handler handle set-cookie header values with multiple attributes (#4990) (42317fe)
• kafka handle tombstone events (#4991) (04c3236)

Commits

• 54d1fa3 chore(ci): bump version to 2.31.0 (#5007)
• 42317fe fix(event-handler): handle set-cookie header values with multiple attributes ...
• 8e4da8a chore(deps): bump @​types/node from 25.2.0 to 25.2.2 (#5004)
• ddf54e0 chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 (#4998)
• 7692071 chore(deps): bump @​types/node from 25.2.0 to 25.2.1 (#4999)
• d8dfadc chore: manually upgrade dependency tree (#5002)
• 60b6ce1 ci: switch npm auth to OIDC (#4997)
• 04c3236 fix(kafka): handle tombstone events (#4991)
• 8e1359e chore(deps): bump the aws-cdk group across 1 directory with 3 updates (#4985)
• 4c6657a test: extract DF idempotency e2e tests (#4994)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.

See the Details below.

License Issues

lambdas/functions/control-plane/package.json

Package	Version	License	Issue Type
@aws-lambda-powertools/parameters	^2.31.0	Null	Unknown License

lambdas/libs/aws-powertools-util/package.json

Package	Version	License	Issue Type
@aws-lambda-powertools/logger	^2.31.0	Null	Unknown License
@aws-lambda-powertools/metrics	^2.31.0	Null	Unknown License
@aws-lambda-powertools/tracer	^2.31.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
npm/@aws-lambda-powertools/parameters	^2.31.0	Unknown	Unknown
npm/@aws-lambda-powertools/logger	^2.31.0	Unknown	Unknown
npm/@aws-lambda-powertools/metrics	^2.31.0	Unknown	Unknown
npm/@aws-lambda-powertools/tracer	^2.31.0	Unknown	Unknown
npm/@aws-lambda-powertools/commons	2.31.0	🟢 9.1	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 8 2 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/logger	2.31.0	🟢 9.1	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 8 2 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/metrics	2.31.0	🟢 9.1	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 8 2 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/parameters	2.31.0	🟢 9.1	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 8 2 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations
npm/@aws-lambda-powertools/tracer	2.31.0	🟢 9.1	Details Check Score Reason Dependency-Update-Tool 🟢 10 update tool detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 10 all dependencies are pinned Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 8 2 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 11 contributing companies or organizations

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/libs/aws-powertools-util/package.json
• lambdas/yarn.lock