chore(deps-dev): update serverless requirement from ^4.35.0 to ^4.35.1 in /examples/deploy-aws-lambda

[dependabot]

Updates the requirements on serverless to permit the latest version.

Release notes

Sourced from serverless's releases.

4.35.1

Bug Fixes

• AppSync: @canonical, @hidden, and @renamed now work on field definitions. The bundled Merged API directive stubs only declared the OBJECT location, so applying these directives to fields failed packaging with errors like Directive "@canonical" may not be used on FIELD_DEFINITION.. They're now declared as OBJECT | FIELD_DEFINITION to match AWS's documented surface. (#13533, #13542). Thanks @​PatrykMilewski!

type Query {
  getMessage(id: ID!): Message @renamed(to: "getChatMessage")
  internalField: String @hidden
}

• Python: lambda layer is now built for layer-only services. Services that declared custom.pythonRequirements.layer with no functions: block silently produced an empty CloudFormation stack. The runtime guard now also activates when pythonRequirements.layer is set and the provider runtime starts with python, restoring parity with the standalone serverless-python-requirements plugin. Heads up: services that previously hit this bug will now actually invoke pip on serverless package, so set pythonBin or use dockerizePip if the matching pythonX.Y binary isn't available locally. (#13541)

provider:
  runtime: python3.13
custom:
  pythonRequirements:
    layer: true

• Python: zip entry paths are now normalized to forward slashes on Windows. globSync was preserving Windows backslashes in ZIP archive entries, which broke the ZIP spec and caused import mismatches at runtime. Entries are now written with POSIX-style / separators on every platform, and ci-python.yml also runs Python tests on Windows when Python paths change. (#13307, #13383, #13546). Thanks @​Tsingis!

Maintenance

• Patched GHSA-w5hq-g745-h8pq (uuid v3/v5/v6 missing buffer bounds check) in the langgraph-* JavaScript example lockfiles under bedrock-agentcore/examples/javascript/ by bumping nested uuid from 13.0.0 to 13.0.2. Lockfile-only, and these examples aren't shipped in the published package. (#13545)
• Bumped axios from 1.15.0 to 1.15.2 (transitive, lockfile-only) for upstream security-hardening patches. (#13544)

Commits

• e0d19d2 chore: release 4.35.1 (#13556)
• 2d2cff1 fix(python): use forward slashes in uv group test assertions (#13546)
• a668d73 chore(deps): patch uuid buffer-bounds vulnerability in bedrock-agentcore JS e...
• bfee234 fix(python): add zip path normalization test and Windows CI (#13383)
• df45e21 chore(deps): bump axios from 1.15.0 to 1.15.2 (#13544)
• c9dec98 fix(python): build lambda layer for layer-only services (#13541)
• 3d3b0c8 fix(appsync): allow @​canonical, @​hidden, @​renamed on FIELD_DEFINITION (#13542)
• See full diff in compare view

[changeset-bot]

⚠️ No Changeset found

Latest commit: 17d3099

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.39%. Comparing base (968e48b) to head (17d3099).
⚠️ Report is 5 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2921   +/-   ##
=======================================
  Coverage   94.39%   94.39%           
=======================================
  Files          44       44           
  Lines        7861     7861           
  Branches      699      699           
=======================================
  Hits         7420     7420           
  Misses        435      435           
  Partials        6        6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.