Bump the npm group across 2 directories with 2 updates

[dependabot]

Bumps the npm group with 2 updates in the / directory: aws-cdk-lib and aws-cdk.
Bumps the npm group with 2 updates in the /test directory: aws-cdk-lib and aws-cdk.

Updates aws-cdk-lib from 2.224.0 to 2.225.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.225.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

  • aws-dynamodb: AWS::DynamoDB::GlobalTable: ResourcePolicy property is now required.

Features

• update L1 CloudFormation resource definitions (#36082) (3df1d81)
• custom-resource: add External ID support for AwsCustomResource (#35252) (9f6c02b), closes #34018
• route53: support restricting delegated zone names when using grantDelegation (#35129) (d832aca)

Bug Fixes

• aws-cdk-lib: temporary Cloud Assemblies are not cleaned up (#36043) (1ace1ef), closes #802
• cognito: remove overly strict validation for threat protection on non-PLUS plans (#36027) (172c65f), closes #36023
• s3-deployment: Source.jsonData() fails with null JSON values (#36054) (67b85f2), closes #36052

Reverts

• (dynamodb) revert Table.table field to private to fix .NET naming (#36029) (d84fce8), closes #36025 #35554

---

Alpha modules (2.225.0-alpha.0)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.226.0-alpha.0 (2025-11-20)

2.225.0-alpha.0 (2025-11-17)

2.224.0-alpha.0 (2025-11-13)

Features

• imagebuilder-alpha: add support for EC2 Image Builder L2 Constructs - Infrastructure Configuration (#35882) (db1d964), closes aws/aws-cdk-rfcs#789 aws/aws-cdk-rfcs#789

2.223.0-alpha.0 (2025-11-10)

2.222.0-alpha.0 (2025-11-04)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

2.221.1-alpha.0 (2025-10-29)

2.221.0-alpha.0 (2025-10-24)

Features

• msk-alpha: support Kafka 4.1 (#35759) (67539de)

Bug Fixes

• elasticache-alpha: cannot import Redis 7 serverless cache (#35629) (2bde1a0)

2.220.0-alpha.0 (2025-10-14)

Bug Fixes

• amplify-alpha: handle empty customResponseHeaders array (#35700) (57f9068), closes #35693

2.219.0-alpha.0 (2025-10-01)

... (truncated)

Commits

• 440742a chore: update analytics metadata blueprints
• 3df1d81 feat: update L1 CloudFormation resource definitions (#36082)
• 9f6c02b feat(custom-resource): add External ID support for AwsCustomResource (#35252)
• af61744 chore(ec2): add VPC interface endpoints for Cognito (#35984)
• 5b58c56 chore(rds): add support for 8.0.mysql_aurora.3.11.0 (#36026)
• a119de5 chore(rds): deprecate MySQL versions 5.7.44, 8.0.32-36 (#35949)
• a2df80e chore(rds): add PostgreSQL extended support versions 11.22-rds.20250814, 12.2...
• 900d7f7 chore(rds): add MariaDB versions 10.6.23, 10.11.14, and 11.4.8 (#35896)
• 26a33bc chore(rds): deprecate Aurora MySQL versions 3.05.2-3.07.1 (#35952)
• b293fd8 chore(rds): deprecate Aurora PostgreSQL versions 13.11-13, 14.8-10, 15.3-5 (#...
• Additional commits viewable in compare view

Updates aws-cdk from 2.1031.2 to 2.1032.0

Release notes

Sourced from aws-cdk's releases.

aws-cdk@v2.1032.0

2.1032.0 (2025-11-17)

Features

• cli: --yes option to accept all questions (#826) (dd641b0), closes #732

Bug Fixes

• aws-cdk: warn when legacy exports are used (#931) (8758f3c), closes #310
• cli: update typescript to 5.9.x in init-templates (#939) (30ee4c9)

Commits

• 30ee4c9 fix(cli): update typescript to 5.9.x in init-templates (#939)
• 96fda68 chore(cli): update link for cli-telemetry --status (#932)
• 8758f3c fix(aws-cdk): warn when legacy exports are used (#931)
• dd641b0 feat(cli): --yes option to accept all questions (#826)
• See full diff in compare view

Updates aws-cdk-lib from 2.224.0 to 2.225.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.225.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

  • aws-dynamodb: AWS::DynamoDB::GlobalTable: ResourcePolicy property is now required.

Features

• update L1 CloudFormation resource definitions (#36082) (3df1d81)
• custom-resource: add External ID support for AwsCustomResource (#35252) (9f6c02b), closes #34018
• route53: support restricting delegated zone names when using grantDelegation (#35129) (d832aca)

Bug Fixes

• aws-cdk-lib: temporary Cloud Assemblies are not cleaned up (#36043) (1ace1ef), closes #802
• cognito: remove overly strict validation for threat protection on non-PLUS plans (#36027) (172c65f), closes #36023
• s3-deployment: Source.jsonData() fails with null JSON values (#36054) (67b85f2), closes #36052

Reverts

• (dynamodb) revert Table.table field to private to fix .NET naming (#36029) (d84fce8), closes #36025 #35554

---

Alpha modules (2.225.0-alpha.0)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.226.0-alpha.0 (2025-11-20)

2.225.0-alpha.0 (2025-11-17)

2.224.0-alpha.0 (2025-11-13)

Features

• imagebuilder-alpha: add support for EC2 Image Builder L2 Constructs - Infrastructure Configuration (#35882) (db1d964), closes aws/aws-cdk-rfcs#789 aws/aws-cdk-rfcs#789

2.223.0-alpha.0 (2025-11-10)

2.222.0-alpha.0 (2025-11-04)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

2.221.1-alpha.0 (2025-10-29)

2.221.0-alpha.0 (2025-10-24)

Features

• msk-alpha: support Kafka 4.1 (#35759) (67539de)

Bug Fixes

• elasticache-alpha: cannot import Redis 7 serverless cache (#35629) (2bde1a0)

2.220.0-alpha.0 (2025-10-14)

Bug Fixes

• amplify-alpha: handle empty customResponseHeaders array (#35700) (57f9068), closes #35693

2.219.0-alpha.0 (2025-10-01)

... (truncated)

Commits

• 440742a chore: update analytics metadata blueprints
• 3df1d81 feat: update L1 CloudFormation resource definitions (#36082)
• 9f6c02b feat(custom-resource): add External ID support for AwsCustomResource (#35252)
• af61744 chore(ec2): add VPC interface endpoints for Cognito (#35984)
• 5b58c56 chore(rds): add support for 8.0.mysql_aurora.3.11.0 (#36026)
• a119de5 chore(rds): deprecate MySQL versions 5.7.44, 8.0.32-36 (#35949)
• a2df80e chore(rds): add PostgreSQL extended support versions 11.22-rds.20250814, 12.2...
• 900d7f7 chore(rds): add MariaDB versions 10.6.23, 10.11.14, and 11.4.8 (#35896)
• 26a33bc chore(rds): deprecate Aurora MySQL versions 3.05.2-3.07.1 (#35952)
• b293fd8 chore(rds): deprecate Aurora PostgreSQL versions 13.11-13, 14.8-10, 15.3-5 (#...
• Additional commits viewable in compare view

Updates aws-cdk from 2.1031.2 to 2.1032.0

Release notes

Sourced from aws-cdk's releases.

aws-cdk@v2.1032.0

2.1032.0 (2025-11-17)

Features

• cli: --yes option to accept all questions (#826) (dd641b0), closes #732

Bug Fixes

• aws-cdk: warn when legacy exports are used (#931) (8758f3c), closes #310
• cli: update typescript to 5.9.x in init-templates (#939) (30ee4c9)

Commits

• 30ee4c9 fix(cli): update typescript to 5.9.x in init-templates (#939)
• 96fda68 chore(cli): update link for cli-telemetry --status (#932)
• 8758f3c fix(aws-cdk): warn when legacy exports are used (#931)
• dd641b0 feat(cli): --yes option to accept all questions (#826)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@aws-cdk/cloud-assembly-schema	48.20.0	Unknown	Unknown
npm/aws-cdk	2.1032.0	Unknown	Unknown
npm/aws-cdk-lib	2.225.0	🟢 4.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST 🟢 9 SAST tool detected but not run on all commits Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing 🟢 10 project is fuzzed Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/aws-cdk	^2.1032.0	Unknown	Unknown
npm/aws-cdk-lib	^2.225.0	🟢 4.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST 🟢 9 SAST tool detected but not run on all commits Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing 🟢 10 project is fuzzed Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Files

• pnpm-lock.yaml
• test/package.json