chore(pnpm deps)(deps): bump @aws-sdk/client-s3 from 3.940.0 to 3.978.0

[dependabot]

Bumps @aws-sdk/client-s3 from 3.940.0 to 3.978.0.

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.978.0

3.978.0(2026-01-28)

Chores

• codegen:
  • smithy-typescript-aws-codegen release 0.43.0 (#7688) (f597b045)
  • update for aggregated paginators and waiters (#7685) (024c0731)

New Features

• client-s3-control: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (8248439e)
• client-mediaconvert: This release adds a follow source mode for audio output channel count, an AES audio frame wrapping option for MXF outputs, and an option to signal DolbyVision compatibility using the SUPPLEMENTAL-CODECS tag in HLS manifests. (9ee45457)
• client-cognito-identity-provider: This release adds support for a new lambda trigger to transform federated user attributes during the authentication with external identity providers on Cognito Managed Login. (a291daef)
• client-connect: Adds support for filtering search results based on tags assigned to contacts. (c3e7a41b)
• client-ec2: SearchTransitGatewayRoutes API response now includes a NextToken field, enabling pagination when retrieving large sets of transit gateway routes. Pass the returned NextToken value in subsequent requests to retrieve the next page of results. (11fdee1e)
• client-mediaconnect: This release adds support for NDI flow sources in AWS Elemental MediaConnect. You can now send content to your MediaConnect transport streams directly from your NDI environment using the new NDI source type. Also adds support for LARGE 4X flow size, which can be used when creating CDI JPEG-XS flows. (a5e075c8)
• client-s3: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (b56cea55)
• client-lambda: We are launching ESM Metrics and logging for Kafka ESM to allow customers to monitor Kafka event processing using CloudWatch Metrics and Logs. (af7d3d55)

Tests

• client-s3: add test for aggregate client paginator/waiter methods (#7687) (75ba48bc)

---

For list of updated packages, view updated-packages.md in assets-3.978.0.zip

v3.977.0

3.977.0(2026-01-27)

Chores

• core/protocols: use default structIterator (#7684) (eb471df6)

New Features

• clients: update client endpoints as of 2026-01-27 (04a9ab71)
• client-ec2: Releasing new EC2 instances. C8gb and M8gb with highest EBS performance, M8gn with 600 Gbps network bandwidth, X8aedz and M8azn with 5GHz AMD processors, X8i with Intel Xeon 6 processors and up to 6TB memory, and Mac-m4max with Apple M4 Max chip for 25 percent faster builds. (8c83ff92)
• client-connect: Added support for task attachments. The StartTaskContact API now accepts file attachments, enabling customers to include files (.csv, .doc, .docx, .heic, .jfif, .jpeg, .jpg, .mov, .mp4, .pdf, .png, .ppt, .pptx, .rtf, .txt, etc.) when creating Task contacts. Supports up to 5 attachments per task. (12e1a94a)
• client-medialive: AWS Elemental MediaLive released two new features that allows customers 1) to set Output Timecode for AV1 encoder, 2) to set a Custom Epoch for CMAF Ingest and MediaPackage V2 output groups when using Pipeline Locking or Disabled Locking modes. (58a0492c)
• client-deadline: AWS Deadline Cloud now supports editing job names and descriptions after submission. (fd6d1d4b)
• client-sagemaker: Idle resource sharing enables teams to borrow unused compute resources in your SageMaker HyperPod cluster. This capability maximizes resource utilization by allowing teams to borrow idle compute capacity beyond their allocated compute quotas. (3f52b92b)

---

For list of updated packages, view updated-packages.md in assets-3.977.0.zip

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.978.0 (2026-01-28)

Features

• client-s3: Adds support for the UpdateObjectEncryption API to change the server-side encryption type of objects in general purpose buckets. (b56cea5)

3.975.0 (2026-01-23)

Note: Version bump only for package @​aws-sdk/client-s3

3.974.0 (2026-01-22)

Note: Version bump only for package @​aws-sdk/client-s3

3.972.0 (2026-01-20)

Note: Version bump only for package @​aws-sdk/client-s3

3.971.0 (2026-01-16)

Note: Version bump only for package @​aws-sdk/client-s3

3.970.0 (2026-01-15)

Note: Version bump only for package @​aws-sdk/client-s3

... (truncated)

Commits

• a1794f7 Publish v3.978.0
• b56cea5 feat(client-s3): Adds support for the UpdateObjectEncryption API to change th...
• 75ba48b test(client-s3): add test for aggregate client paginator/waiter methods (#7687)
• 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
• 557a738 Publish v3.975.0
• 784b9f3 chore(codegen): upgrade smithy to 1.66.0 (#7678)
• 2f2a874 Publish v3.974.0
• 8536efc chore(codegen): sync for http label validation (#7671)
• c47a847 Publish v3.972.0
• e0b484f chore: replace rimraf with premove (#7669)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Greptile Overview

Greptile Summary

This PR updates @aws-sdk/client-s3 from version 3.940.0 to 3.978.0, a routine dependency update generated by Dependabot.

Key Changes:

• Updated AWS SDK S3 client package version in package.json
• Updated pnpm-lock.yaml with new dependency versions and checksums
• Node.js engine requirement increased from >=18.0.0 to >=20.0.0 for AWS SDK packages
• Added support for new UpdateObjectEncryption API (v3.978.0 feature)

Compatibility Assessment:
The project uses node:lts/* in CI workflows and node:lts-alpine in the Dockerfile, both of which currently point to Node.js 20+, satisfying the new engine requirement. The existing code in apps/api/src/config/cloudflare/cloudflare.config.ts uses only basic S3 operations (PutObjectCommand, DeleteObjectCommand, S3Client) that remain unchanged and backward compatible.

Confidence Score: 5/5

• This PR is safe to merge with no risk
• This is a standard Dependabot-generated dependency update with no breaking API changes. The project already uses Node.js LTS (20+) which satisfies the new engine requirements. The existing S3 client usage is limited to basic operations that remain fully compatible.
• No files require special attention

Important Files Changed

Filename	Overview
package.json	Updated @aws-sdk/client-s3 from ^3.850.0 to ^3.978.0
pnpm-lock.yaml	Updated lockfile with new AWS SDK versions and transitive dependencies, including Node.js engine requirement change from >=18.0.0 to >=20.0.0

Sequence Diagram

sequenceDiagram
    participant D as Dependabot
    participant PM as Package Manager (pnpm)
    participant AWS as @aws-sdk/client-s3
    participant App as Application (CloudflareConfig)
    
    D->>PM: Update @aws-sdk/client-s3 to 3.978.0
    PM->>PM: Resolve dependencies
    PM->>PM: Update lockfile with new versions
    Note over PM: Engine requirement: node >=20.0.0
    PM->>AWS: Install updated SDK packages
    AWS->>App: Provide S3Client, PutObjectCommand, DeleteObjectCommand
    Note over App: Existing API remains compatible

Loading

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
family-tree	Ignored	Preview	Jan 30, 2026 8:35am

[greptile-apps]

_{2 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.