From 36c83a27ef87ee830fcd1400aa0ec7f2edce3b4b Mon Sep 17 00:00:00 2001
From: Phil Gates-Idem <phil.gates-idem@jupiterone.com>
Date: Wed, 24 Apr 2024 13:56:26 -0400
Subject: [PATCH 1/4] Remove default query limit and let DynamoDB choose

---
 src/constants.ts |  1 -
 src/index.ts     | 15 +++++++--------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/src/constants.ts b/src/constants.ts
index 870fb01..86bf9f8 100644
--- a/src/constants.ts
+++ b/src/constants.ts
@@ -1,3 +1,2 @@
-export const DEFAULT_QUERY_LIMIT = 50;
 export const MAX_BATCH_OPERATIONS = 25;
 export const DEFAULT_LOCK_INCREMENT = 1;
diff --git a/src/index.ts b/src/index.ts
index 51eecbb..97f81ad 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -2,11 +2,7 @@ import { sleep } from '@lifeomic/attempt';
 import { DocumentClient } from 'aws-sdk/clients/dynamodb';
 import chunk from 'lodash.chunk';
 import pMap from 'p-map';
-import {
-  DEFAULT_LOCK_INCREMENT,
-  DEFAULT_QUERY_LIMIT,
-  MAX_BATCH_OPERATIONS,
-} from './constants';
+import { DEFAULT_LOCK_INCREMENT, MAX_BATCH_OPERATIONS } from './constants';
 import { buildOptimisticLockOptions } from './locking/buildOptimisticLockOptions';
 import {
   decodeQueryUntilLimitCursor,
@@ -181,7 +177,10 @@ export default class DynamoDbDao<DataModel, KeySchema> {
 
       // If the version attribute is supplied, increment it, otherwise only
       // set the default if directed to do so
-      if (versionAttribute in data && !isNaN(dataAsMap[versionAttribute])) {
+      if (
+        versionAttribute in dataAsMap &&
+        !isNaN(dataAsMap[versionAttribute])
+      ) {
         dataAsMap[versionAttribute] += DEFAULT_LOCK_INCREMENT;
       } else if (this.autoInitiateLockingAttribute) {
         dataAsMap[versionAttribute] = DEFAULT_LOCK_INCREMENT;
@@ -354,7 +353,7 @@ export default class DynamoDbDao<DataModel, KeySchema> {
       scanIndexForward,
       keyConditionExpression,
       filterExpression,
-      limit = DEFAULT_QUERY_LIMIT,
+      limit,
       consistentRead,
     } = input;
 
@@ -475,7 +474,7 @@ export default class DynamoDbDao<DataModel, KeySchema> {
       filterExpression,
       segment,
       totalSegments,
-      limit = DEFAULT_QUERY_LIMIT,
+      limit,
       consistentRead,
     } = input;
 

From 466634ad642691b48ea439d5e7fa2e32a7015bc6 Mon Sep 17 00:00:00 2001
From: Phil Gates-Idem <phil.gates-idem@jupiterone.com>
Date: Wed, 24 Apr 2024 13:57:27 -0400
Subject: [PATCH 2/4] 1.9.0

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index e93bea6..5d126e1 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/dynamodb-dao",
-  "version": "1.8.0",
+  "version": "1.9.0",
   "description": "DynamoDB Data Access Object (DAO) helper library",
   "repository": {
     "type": "git",

From c9f89ad871a6a77f48aa2a89aed62b32e5987d3a Mon Sep 17 00:00:00 2001
From: Phil Gates-Idem <phil.gates-idem@jupiterone.com>
Date: Wed, 24 Apr 2024 14:02:21 -0400
Subject: [PATCH 3/4] Fix test after removing default query limit

---
 src/index.test.ts | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/index.test.ts b/src/index.test.ts
index 7c58527..40720c0 100644
--- a/src/index.test.ts
+++ b/src/index.test.ts
@@ -2,7 +2,6 @@ import * as AWS from 'aws-sdk';
 import { v4 as uuid } from 'uuid';
 import DynamoDbDao from '.';
 import mockLogger from '../test/helpers/mockLogger';
-import { DEFAULT_QUERY_LIMIT } from './constants';
 import { CountOutput } from './types';
 import { generateUpdateParams } from './update/generateUpdateParams';
 
@@ -211,7 +210,6 @@ test(`#query should have default query limit`, async () => {
   expect(documentClient.query).toHaveBeenCalledWith({
     TableName: tableName,
     IndexName: index,
-    Limit: DEFAULT_QUERY_LIMIT,
     ExclusiveStartKey: undefined,
     KeyConditionExpression: keyConditionExpression,
     ExpressionAttributeValues: attributeValues,
@@ -509,7 +507,6 @@ test('#scan should allow consistent reads', async () => {
 
   expect(documentClient.scan).toHaveBeenCalledWith({
     ConsistentRead: true,
-    Limit: 50,
     TableName: tableName,
   });
 });

From 23dd7c58510de50f79825a49f1a76d92aa2b1d23 Mon Sep 17 00:00:00 2001
From: Phil Gates-Idem <phil.gates-idem@jupiterone.com>
Date: Wed, 24 Apr 2024 14:04:50 -0400
Subject: [PATCH 4/4] Remove peril GitHub action

---
 .github/workflows/peril.yml | 90 -------------------------------------
 1 file changed, 90 deletions(-)
 delete mode 100644 .github/workflows/peril.yml

diff --git a/.github/workflows/peril.yml b/.github/workflows/peril.yml
deleted file mode 100644
index 6ecfea3..0000000
--- a/.github/workflows/peril.yml
+++ /dev/null
@@ -1,90 +0,0 @@
-name: 'Peril'
-
-on:
-  pull_request:
-
-env:
-  TRANSPONDER_DOCKER_IMAGE: 081157560428.dkr.ecr.us-east-1.amazonaws.com/transponder:1
-  SECURITY_SCAN_IMAGE: ghcr.io/jupiterone/security-scan:latest
-
-jobs:
-  Peril:
-    name: Peril
-    permissions:
-      id-token: write
-      contents: read
-      packages: read
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Setup Node
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14.x
-
-      - name: Run build
-        run: yarn install
-
-      - name: Get Variables
-        id: get-vars
-        run: |
-          if [[ "${GITHUB_REF}" == 'ref/head/main' && "${GITHUB_EVENT_NAME}" == 'push' ]];
-          then
-            echo ::set-output name=aws-oidc-role::arn:aws:iam::081157560428:role/github-main-role
-          else
-            echo ::set-output name=aws-oidc-role::arn:aws:iam::081157560428:role/github-pull-request-role
-          fi
-
-      - name: Configure aws credentials
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          role-to-assume: ${{ steps.get-vars.outputs.aws-oidc-role }}
-          role-session-name: pr-role-session
-          aws-region: us-east-1
-
-      - name: ECR login
-        uses: aws-actions/amazon-ecr-login@v1
-        id: amazon-ecr-login
-
-      - name: Login to GHCR
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.PACKAGE_TOKEN }}
-
-      - name: Pull security-scan
-        run: |
-          docker pull $SECURITY_SCAN_IMAGE
-
-      - name: Run security-scan
-        run: |
-          docker run \
-          --user root \
-          -v /var/run/docker.sock:/var/run/docker.sock \
-          -v `pwd`:`pwd` \
-          -e AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }} \
-          -e AWS_SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }} \
-          -e AWS_SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }} \
-          -e GITHUB_REPOSITORY=$GITHUB_REPOSITORY \
-          -e GITHUB_REF_NAME=$GITHUB_REF_NAME \
-          -e GITHUB_RUN_NUMBER=$GITHUB_RUN_NUMBER \
-          -e GITHUB_SERVER_URL=$GITHUB_SERVER_URL \
-          -e GITHUB_RUN_ID=$GITHUB_RUN_ID \
-          -e MODE=ci \
-          -w `pwd` $SECURITY_SCAN_IMAGE
-
-      - name: Pull transponder
-        run: |
-          docker pull $TRANSPONDER_DOCKER_IMAGE
-
-      - name: Run transponder
-        run: |
-          docker run --rm -v `pwd`:`pwd` -w `pwd` \
-          -e J1_API_KEY=${{ secrets.J1_API_KEY_TRANSPONDER }} \
-          -e J1_API_DOMAIN=${{ secrets.J1_API_DOMAIN_TRANSPONDER }} \
-          -e J1_ACCOUNT_ID=${{ secrets.J1_ACCOUNT_ID_TRANSPONDER }} \
-          $TRANSPONDER_DOCKER_IMAGE