chore: release 4.35.1

[eahefnawy]

This is a patch release that includes:

• Security fix: Upgrade axios from 1.15.0 to 1.15.2 (chore(deps): bump axios from 1.15.0 to 1.15.2 #13544)

The axios upgrade addresses a security vulnerability that was discovered in version 1.15.0.

Summary by CodeRabbit

• Chores
  • Patch version bumps for core packages: sf-core and sf-core-installer updated from 4.35.0 to 4.35.1.

---

Note

Low Risk
Version-only bumps in package.json/package-lock.json with no functional code changes; risk is limited to publishing/packaging metadata.

Overview
Bumps the released version from 4.35.0 to 4.35.1 for @serverlessinc/sf-core and the sf-core-installer, and updates package-lock.json accordingly.

^{Reviewed by Cursor Bugbot for commit a22e490. Bugbot is set up for automated code reviews on this repo. Configure here.}

[Mmarzex]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 36f3fc5d-f13a-4f14-9708-cbdcf357dd22

📥 Commits

Reviewing files that changed from the base of the PR and between 9f8e032 and a22e490.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• packages/sf-core-installer/package.json
• packages/sf-core/package.json

---

📝 Walkthrough

Walkthrough

Version patch bumps applied to two packages: packages/sf-core-installer and packages/sf-core both updated from 4.35.0 to 4.35.1 in their respective package.json manifests.

Changes

Package Version Bumps

Layer / File(s)	Summary
Version Updates packages/sf-core-installer/package.json, packages/sf-core/package.json	version field incremented from 4.35.0 to 4.35.1 in both package manifests.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• serverless/serverless#13451: Updates the same version fields in both packages/sf-core-installer/package.json and packages/sf-core/package.json.
• serverless/serverless#13364: Performs version bumps in the identical package manifest files.
• serverless/serverless#13494: Modifies the same package manifest files with version increments.

Suggested reviewers

• czubocha

Poem

🐰 A patch release hops along,
From .0 to .1 so strong,
Two packages bright align,
Version strings now shine,
A tiny bump, but all along!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'chore: release 4.35.1' directly and clearly describes the main change—a patch release bumping versions to 4.35.1 across multiple packages.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch cursor/release-4.35.1-1eac

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}