Bump aws-actions/aws-cloudformation-github-deploy from 2.0.0 to 2.1.0

[dependabot]

Bumps aws-actions/aws-cloudformation-github-deploy from 2.0.0 to 2.1.0.

Release notes

Sourced from aws-actions/aws-cloudformation-github-deploy's releases.

v2.1.0

See the CHANGELOG for more details on the release.

Changelog

Sourced from aws-actions/aws-cloudformation-github-deploy's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

[Unreleased]

[2.1.0] - 2026-04-01

Features

• ROLLBACK_COMPLETE Recovery: Automatically delete and recreate stacks stuck in ROLLBACK_COMPLETE state (#107, #191)

Chore

• Node.js 24: Upgraded action runtime from Node.js 20 to Node.js 24 (#184, #192)
• Updated CI workflow to use Node.js 24 and latest action versions

Dependencies

• Bump undici from 6.23.0 to 6.24.0 (#185)
• Bump fast-xml-parser and @​aws-sdk/client-cloudformation (#183)
• Bump minimatch (#181)
• Bump flatted from 3.3.3 to 3.4.2 (#186)
• Bump picomatch (#188)
• Bump handlebars from 4.7.8 to 4.7.9 (#189)

[2.0.0] - 2026-02-02

Features

• Enhanced Change Set Support: Added three-mode operation for better change set management
  • Create & Execute (default behavior)
  • Create Only (no-execute-changeset: true) with detailed change set information outputs
  • Execute Only (execute-change-set-id) for executing pre-created change sets
• Rich Change Set Information: New outputs when creating change sets without execution
  • change-set-id - The change set ID
  • change-set-name - The change set name
  • has-changes - Boolean indicating if changes exist
  • changes-count - Number of changes in the change set
  • changes-summary - JSON summary of all changes with detailed information
• Drift-Aware Change Sets: Added deployment-mode: "REVERT_DRIFT" support for creating change sets that revert resource drift
• Enhanced Change Set Visibility: Using IncludePropertyValues: true to show actual before/after property values
• Missing Parameter: Added include-nested-stacks-change-set parameter to action.yml (was implemented but not documented)

Dependencies

• Updated AWS SDK v3 to latest version (3.935.0)
• Updated TypeScript to 5.9.3 with compatible ESLint plugins
• Updated all development dependencies to latest versions
• Fixed security vulnerabilities in dependencies

... (truncated)

Commits

• 64bde66 chore: bump version to 2.1.0 (#194)
• c4f6e9f docs: update CHANGELOG for v2.1.0 release (#193)
• 84d33bd fix: delete and recreate stack in ROLLBACK_COMPLETE state (#191)
• 334ecac chore: upgrade from node20 to node24 (#192)
• 6f76219 Bump undici from 6.23.0 to 6.24.0 (#185)
• 93aaf20 Bump fast-xml-parser and @​aws-sdk/client-cloudformation (#183)
• 9ad1a40 Bump minimatch (#181)
• 5a75d77 Bump flatted from 3.3.3 to 3.4.2 (#186)
• a2479fa Bump picomatch (#188)
• 11baf28 Bump handlebars from 4.7.8 to 4.7.9 (#189)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA a2d0862.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

.github/workflows/main.yml

Package	Version	License	Issue Type
aws-actions/aws-cloudformation-github-deploy	64bde66a4001208fc0917038be8846d99c9d0585	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
actions/aws-actions/aws-cloudformation-github-deploy	64bde66a4001208fc0917038be8846d99c9d0585	🟢 5.2	Details Check Score Reason Code-Review ⚠️ 1 Found 2/13 approved changesets -- score normalized to 1 Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 1 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected SAST 🟢 3 SAST tool is not run on all commits -- score normalized to 3

Scanned Files

• .github/workflows/main.yml