Skip to content

chore(deps): bump the npm-dependencies group across 1 directory with 10 updates#1010

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/develop/npm-dependencies-4676d02379
Open

chore(deps): bump the npm-dependencies group across 1 directory with 10 updates#1010
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/develop/npm-dependencies-4676d02379

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps the npm-dependencies group with 10 updates in the / directory:

Package From To
aws-cdk-lib 2.250.0 2.251.0
cdk-ecr-deployment 4.2.0 4.2.1
@aws-sdk/client-iam 3.1036.0 3.1037.0
@aws-sdk/client-ssm 3.1036.0 3.1037.0
npm-check-updates 21.0.3 22.0.1
@cloudscape-design/chat-components 1.0.121 1.0.123
@cloudscape-design/collection-hooks 1.0.90 1.0.91
@cloudscape-design/components 3.0.1283 3.0.1285
@swc/core 1.15.30 1.15.32
jsdom 29.0.2 29.1.0

Updates aws-cdk-lib from 2.250.0 to 2.251.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.251.0

⚠ BREAKING CHANGES

  • ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: SourceSecurityGroup attribute removed. aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: PolicyItem type removed. aws-elasticloadbalancing: AWS::ElasticLoadBalancing::LoadBalancer: SourceSecurityGroup type removed.

Features

  • update L1 CloudFormation resource definitions (#37684) (9e6c2ef)
  • lambda: add ruby 4.0 runtime (#37650) (04d4337)
  • update L1 CloudFormation resource definitions (#37644) (e64f943)
  • core: Validations class is the new way to add validation plugins to CDK Apps (#37611) (95696b4), closes #37613
  • core: graduate policyValidationBeta1 interfaces to policyValidation (#37613) (8c613cf)
  • ecs: support for service connect access log configuration (#36067) (5ad1c06)
  • route53: accelerated recovery for public hosted zone (#36358) (f1b7b03)
  • synthetics: support canary group (#35689) (20ccd31), closes #34043

Bug Fixes

  • core: Stage.policyValidationBeta1 is mutable (#37612) (3c1faf1)
  • core: construct creation stack traces are implicit (#37643) (5635c20)
  • core: synth output is not valid YAML when using policy validation (#37597) (927dd60), closes #25331
  • core: token stack traces expensively clutter --debug mode (#37642) (498c546)
  • core: tree metadata does not contain logical ID (#37630) (284ab23)
  • ec2: fixing vpc endpoint for eu-isoe-west-1 region (#37596) (555c930), closes #31690
  • events-targets: make LogGroupTargetInput extend RuleTargetInput for JSII compatibility (#37451) (46dbc7a), closes #36733
  • lambda: add Token.isUnresolved checks to provisioned poller config validation (#37197) (667ed30)
  • stepfunctions-tasks: warn when CallAwsServiceCrossRegion endpoint is resolved from state input (#37646) (9fdf590)

Alpha modules (2.251.0-alpha.0)

Features

  • bedrock-agentcore-alpha: add L2 constructs for policy and policy engine (#37238) (1e89e7e)
  • bedrock-agentcore-alpha: add observability configuration for Runtime (#36689) (34b43aa), closes #36596
  • bedrock-agentcore-alpha: support No Authorization for AgentCore Gateway (#36610) (f20bd8e)
  • dsql-alpha: initial L2 construct (#34599) (be1a458), closes #34593
Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.251.0-alpha.0 (2026-04-24)

Features

  • bedrock-agentcore-alpha: add L2 constructs for policy and policy engine (#37238) (1e89e7e)
  • bedrock-agentcore-alpha: add observability configuration for Runtime (#36689) (34b43aa), closes #36596
  • bedrock-agentcore-alpha: support No Authorization for AgentCore Gateway (#36610) (f20bd8e)
  • dsql-alpha: initial L2 construct (#34599) (be1a458), closes #34593

2.250.0-alpha.0 (2026-04-14)

2.249.0-alpha.0 (2026-04-10)

2.248.0-alpha.0 (2026-04-02)

2.247.0-alpha.0 (2026-04-02)

Features

2.246.0-alpha.0 (2026-03-31)

2.245.0-alpha.0 (2026-03-27)

Features

  • s3tables-alpha: add support for partition spec, sort order, and table properties (#36811) (2696cd1)
  • s3tables-alpha: add metrics configuration support for TableBucket (#37275) (e8786f5)
  • s3tables-alpha: implement ITaggableV2 on TableBucket and Table L2 constructs (#37277) (69c8944), closes #33054

2.244.0-alpha.0 (2026-03-19)

Bug Fixes

  • kinesisanalytics-flink-alpha: mark deprecated flink runtimes as deprecated (#37155) (0a89447)

2.243.0-alpha.0 (2026-03-11)

2.242.0-alpha.0 (2026-03-10)

... (truncated)

Commits
  • 9e6c2ef feat: update L1 CloudFormation resource definitions (#37684)
  • 9fdf590 fix(stepfunctions-tasks): warn when CallAwsServiceCrossRegion endpoint is res...
  • 04d4337 feat(lambda): add ruby 4.0 runtime (#37650)
  • 9fba04d chore: upgrade cloud-assembly-schema packages to fix build (#37677)
  • e64f943 feat: update L1 CloudFormation resource definitions (#37644)
  • 78fbcb3 chore(ec2): remove obsolete tslint directive from vpc.ts (#37532)
  • 56656e8 chore(rds): add PostgreSQL 16.13 engine version (#37654)
  • 20ccd31 feat(synthetics): support canary group (#35689)
  • 95696b4 feat(core): Validations class is the new way to add validation plugins to C...
  • 5635c20 fix(core): construct creation stack traces are implicit (#37643)
  • Additional commits viewable in compare view

Updates cdk-ecr-deployment from 4.2.0 to 4.2.1

Release notes

Sourced from cdk-ecr-deployment's releases.

v4.2.1

4.2.1 (2026-04-27)

Bug Fixes

Commits
  • 2949107 fix(deps): bump go.opentelemetry.io/otel from 1.39.0 to 1.41.0 in /lambda-src...
  • 02a8ea6 chore(deps): upgrade dev dependencies (#1261)
  • f359508 chore(deps): upgrade dev dependencies (#1260)
  • See full diff in compare view

Updates @aws-sdk/client-iam from 3.1036.0 to 3.1037.0

Release notes

Sourced from @​aws-sdk/client-iam's releases.

v3.1037.0

3.1037.0(2026-04-24)

New Features
  • clients: update client endpoints as of 2026-04-24 (ca3df2be)
  • client-evs: EVS now supports i7i.metal-24xl EC2 bare metal instance type, delivering high random IOPS performance with real-time latency, ideal for IO intensive and latency-sensitive workloads such as transactional databases, real-time analytics, and AI ML pre-processing. (fd92ee48)
  • client-cloudwatch-logs: Adding nextToken and maxItems to the GetQueryResults API. (1a5ef619)
  • client-transfer: AWS Transfer Family now support configurable IP address types for Web Apps of type VPC, enabling customers to select IPv4-only or dual-stack (IPv4 and IPv6) configurations based on their network requirements. (f2a72a85)
  • client-bedrock-agentcore-control: Added support for configuring identity providers and inbound authorizers within a private VPC for AWS Bedrock AgentCore, enabling secure network connection without public internet access (a0bf24cd)
  • client-connect: Amazon Connect is expanding attachment capabilities to give customers greater flexibility and control. Currently limited to predefined file types, the new feature will allow contact center administrators to customize which file extensions and sizes are supported across chat, email, tasks, and cases. (7e987e88)
  • client-connecthealth: Corrected CreateWebAppConfiguration documentation. Adding slash as an allowed character for the Ambient documentation agent to allow pronoun specifications. (c21882c4)
Bug Fixes
  • client-kinesis: tolerance for flaky H2 session ordering assertion in E2E test (#7959) (58734960)

For list of updated packages, view updated-packages.md in assets-3.1037.0.zip

Changelog

Sourced from @​aws-sdk/client-iam's changelog.

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/client-iam

Commits

Updates @aws-sdk/client-ssm from 3.1036.0 to 3.1037.0

Release notes

Sourced from @​aws-sdk/client-ssm's releases.

v3.1037.0

3.1037.0(2026-04-24)

New Features
  • clients: update client endpoints as of 2026-04-24 (ca3df2be)
  • client-evs: EVS now supports i7i.metal-24xl EC2 bare metal instance type, delivering high random IOPS performance with real-time latency, ideal for IO intensive and latency-sensitive workloads such as transactional databases, real-time analytics, and AI ML pre-processing. (fd92ee48)
  • client-cloudwatch-logs: Adding nextToken and maxItems to the GetQueryResults API. (1a5ef619)
  • client-transfer: AWS Transfer Family now support configurable IP address types for Web Apps of type VPC, enabling customers to select IPv4-only or dual-stack (IPv4 and IPv6) configurations based on their network requirements. (f2a72a85)
  • client-bedrock-agentcore-control: Added support for configuring identity providers and inbound authorizers within a private VPC for AWS Bedrock AgentCore, enabling secure network connection without public internet access (a0bf24cd)
  • client-connect: Amazon Connect is expanding attachment capabilities to give customers greater flexibility and control. Currently limited to predefined file types, the new feature will allow contact center administrators to customize which file extensions and sizes are supported across chat, email, tasks, and cases. (7e987e88)
  • client-connecthealth: Corrected CreateWebAppConfiguration documentation. Adding slash as an allowed character for the Ambient documentation agent to allow pronoun specifications. (c21882c4)
Bug Fixes
  • client-kinesis: tolerance for flaky H2 session ordering assertion in E2E test (#7959) (58734960)

For list of updated packages, view updated-packages.md in assets-3.1037.0.zip

Changelog

Sourced from @​aws-sdk/client-ssm's changelog.

3.1037.0 (2026-04-24)

Note: Version bump only for package @​aws-sdk/client-ssm

Commits

Updates npm-check-updates from 21.0.3 to 22.0.1

Release notes

Sourced from npm-check-updates's releases.

v22.0.1

What's Changed

Full Changelog: raineorshine/npm-check-updates@v22.0.0...v22.0.1

v22.0.0

Breaking Changes

--cooldown now falls back to the greatest non-prerelease version rather than skipping the upgrade entirely when the latest version falls within the cooldown window.

  • This only affects --cooldown (or inferred cooldown from min-release-age/minimumReleaseAge/npmMinimalAgeGate).
  • This only affects --target latest (which is the default).

⚠️ WARNING

In rare circumstances, it is now possible for ncu --cooldown 10 to install a version that was never published to latest. This is because the npm registry does not store a history of versions published to the latest dist-tag. It is impossible to fall back to an earlier latest version, because there is no record of it. However, we do have a list of all published versions, and it's likely that a boring version like 1.0.1 was published to latest at some point. Versions like 1.0.1-pre.0, 1.0.1-beta, 1.0.1-build.58157394, etc will be ignored, as you would expect.

While npm-check-updates typically takes a conservative approach to version upgrades, following semver exactly and only upgrading to the latest version, falling back to the highest version outside the cooldown window is clearly the more intuitive behavior, and this outweighs the few cases where the results would be undesirable. The discussion in #1556 and the large amount of confusion since the initial release of --cooldown attest to this.

How to opt out of the new behavior

You can opt out of the new behavior by using --target "@latest". This forces a strict upgrade (or downgrade) to the latest tag only, without any fallback behavior.

For granular control, use a custom ncurc function to set the target or disable cooldown for a single package.

What's Changed

New Contributors

Full Changelog: raineorshine/npm-check-updates@v21.0.3...v22.0.0

Commits
  • 28b5fcb 22.0.1
  • 127c552 fix: suppress cooldown config log messages when JSON output is active (#1692)
  • 7c62657 CHANGELOG
  • c94174d 22.0.0
  • 36e1fd2 feat(cooldown): fall back to greatest passing version when latest is within c...
  • 3641100 build: stub cosmiconfig's typescript dependency to reduce bundle size by 8MB ...
  • b44ec68 Update dependencies (#1685)
  • 2ceac56 Bump @​typescript-eslint/eslint-plugin from 8.58.2 to 8.59.0 (#1682)
  • 9025296 Bump @​typescript-eslint/parser from 8.58.2 to 8.59.0 (#1681)
  • 6803c3e Bump vite from 8.0.8 to 8.0.9 (#1680)
  • Additional commits viewable in compare view

Updates @cloudscape-design/chat-components from 1.0.121 to 1.0.123

Release notes

Sourced from @​cloudscape-design/chat-components's releases.

Release 1.0.123

1.0.123 (2026-04-27)

No customer visible changes in this release

Release 1.0.122

1.0.122 (2026-04-24)

No customer visible changes in this release

Commits

Updates @cloudscape-design/collection-hooks from 1.0.90 to 1.0.91

Release notes

Sourced from @​cloudscape-design/collection-hooks's releases.

Release 1.0.91

1.0.91 (2026-04-27)

No customer visible changes in this release

Commits

Updates @cloudscape-design/components from 3.0.1283 to 3.0.1285

Release notes

Sourced from @​cloudscape-design/components's releases.

Release 3.0.1285

3.0.1285 (2026-04-27)

Features

  • Add toolbar background and primary button border design tokens (#4465) (eb9e00b)
  • expose renderStep prop of Steps (#4466) (f5628d2)

Release 3.0.1284

3.0.1284 (2026-04-24)

No customer visible changes in this release

Commits

Updates @swc/core from 1.15.30 to 1.15.32

Changelog

Sourced from @​swc/core's changelog.

[1.15.32] - 2026-04-27

Bug Fixes

  • (es/flow) Fix Flow type-only modules in script transforms (#11817) (be38316)

  • (es/flow) Avoid restoring module context when flow syntax is enabled (#11819) (3ed7243)

  • (es/minifier) Preserve frozen spread registry keys (#11825) (347181c)

  • (es/parser) Align Flow generic arrow JSX disambiguation (#11821) (28a7fad)

Features

  • (es) Add jsc.preserveSymlinks to swc::Options (#11813) (fe38342)
Commits
  • 364a11c chore: Publish 1.15.32 with swc_core v65.0.0
  • 7789132 chore: Publish 1.15.32-nightly-20260427.1 with swc_core v65.0.0
  • cd5d7e8 chore: Publish 1.15.31-nightly-20260427.1 with swc_core v65.0.0
  • 65bd999 chore: Publish crates with swc_core v65.0.0
  • be38316 fix(es/flow): Fix Flow type-only modules in script transforms (#11817)
  • See full diff in compare view

Updates jsdom from 29.0.2 to 29.1.0

Release notes

Sourced from jsdom's releases.

v29.1.0

  • Added basic support for the ratio CSS type. (@​asamuzaK)
  • Fixed getComputedStyle() sometimes returning outdated results after CSS was modified. (@​asamuzaK)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the npm-dependencies group across 1 directory with …
d88d17c 
…10 updates

Bumps the npm-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [aws-cdk-lib](https://github.com/aws/aws-cdk/tree/HEAD/packages/aws-cdk-lib) | `2.250.0` | `2.251.0` |
| [cdk-ecr-deployment](https://github.com/cdklabs/cdk-ecr-deployment) | `4.2.0` | `4.2.1` |
| [@aws-sdk/client-iam](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-iam) | `3.1036.0` | `3.1037.0` |
| [@aws-sdk/client-ssm](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-ssm) | `3.1036.0` | `3.1037.0` |
| [npm-check-updates](https://github.com/raineorshine/npm-check-updates) | `21.0.3` | `22.0.1` |
| [@cloudscape-design/chat-components](https://github.com/cloudscape-design/chat-components) | `1.0.121` | `1.0.123` |
| [@cloudscape-design/collection-hooks](https://github.com/cloudscape-design/collection-hooks) | `1.0.90` | `1.0.91` |
| [@cloudscape-design/components](https://github.com/cloudscape-design/components) | `3.0.1283` | `3.0.1285` |
| [@swc/core](https://github.com/swc-project/swc/tree/HEAD/packages/core) | `1.15.30` | `1.15.32` |
| [jsdom](https://github.com/jsdom/jsdom) | `29.0.2` | `29.1.0` |



Updates `aws-cdk-lib` from 2.250.0 to 2.251.0
- [Release notes](https://github.com/aws/aws-cdk/releases)
- [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md)
- [Commits](https://github.com/aws/aws-cdk/commits/v2.251.0/packages/aws-cdk-lib)

Updates `cdk-ecr-deployment` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/cdklabs/cdk-ecr-deployment/releases)
- [Commits](cdklabs/cdk-ecr-deployment@v4.2.0...v4.2.1)

Updates `@aws-sdk/client-iam` from 3.1036.0 to 3.1037.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-iam/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1037.0/clients/client-iam)

Updates `@aws-sdk/client-ssm` from 3.1036.0 to 3.1037.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-ssm/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1037.0/clients/client-ssm)

Updates `npm-check-updates` from 21.0.3 to 22.0.1
- [Release notes](https://github.com/raineorshine/npm-check-updates/releases)
- [Changelog](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)
- [Commits](raineorshine/npm-check-updates@v21.0.3...v22.0.1)

Updates `@cloudscape-design/chat-components` from 1.0.121 to 1.0.123
- [Release notes](https://github.com/cloudscape-design/chat-components/releases)
- [Commits](cloudscape-design/chat-components@1.0.121...1.0.123)

Updates `@cloudscape-design/collection-hooks` from 1.0.90 to 1.0.91
- [Release notes](https://github.com/cloudscape-design/collection-hooks/releases)
- [Commits](cloudscape-design/collection-hooks@1.0.90...1.0.91)

Updates `@cloudscape-design/components` from 3.0.1283 to 3.0.1285
- [Release notes](https://github.com/cloudscape-design/components/releases)
- [Commits](cloudscape-design/components@3.0.1283...3.0.1285)

Updates `@swc/core` from 1.15.30 to 1.15.32
- [Release notes](https://github.com/swc-project/swc/releases)
- [Changelog](https://github.com/swc-project/swc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/swc-project/swc/commits/v1.15.32/packages/core)

Updates `jsdom` from 29.0.2 to 29.1.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](jsdom/jsdom@v29.0.2...v29.1.0)

---
updated-dependencies:
- dependency-name: aws-cdk-lib
  dependency-version: 2.251.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: cdk-ecr-deployment
  dependency-version: 4.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@aws-sdk/client-iam"
  dependency-version: 3.1037.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@aws-sdk/client-ssm"
  dependency-version: 3.1037.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: npm-check-updates
  dependency-version: 22.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: "@cloudscape-design/chat-components"
  dependency-version: 1.0.123
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@cloudscape-design/collection-hooks"
  dependency-version: 1.0.91
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@cloudscape-design/components"
  dependency-version: 3.0.1285
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@swc/core"
  dependency-version: 1.15.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: jsdom
  dependency-version: 29.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants