[2.2.0] Mitigation for JWT Verifier timeouts, update dependencies

disney · Oct 7, 2024 · 023963d · 023963d
1 parent 4086d30
commit 023963d
Show file tree

Hide file tree

Showing 4 changed files with 1,274 additions and 1,226 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.2.0] - 2024-10-07
+
+### Changed
+
+- Update runtime dependency `cognito-at-edge` to `v1.5.3` (was `v1.5.2`).
+- Update `pino` to `v9.4.0` (was `v9.3.1`)
+
+### Fixed
+- Add mitigation for [ISSUE-86](https://github.com/awslabs/cognito-at-edge/issues/86).
+
 ## [2.1.0] - 2024-07-22
 
 ### Changed

diff --git a/files/deployable/index.js b/files/deployable/index.js
@@ -1,3 +1,8 @@
+// Mitigation for https://github.com/awslabs/cognito-at-edge/issues/86
+// This won't fix all situations but this does seem to help reduce the total amount of 503 errors 
+// that occur from cognito-at-edge due to timeouts.
+process.env['AWS_NODEJS_CONNECTION_REUSE_ENABLED'] = '1';
+
 const { IAMClient, GetRolePolicyCommand } = require('@aws-sdk/client-iam');
 const { SSMClient, GetParameterCommand } = require('@aws-sdk/client-ssm');
 const { STSClient, GetCallerIdentityCommand } = require('@aws-sdk/client-sts');