Skip to content

chore(deps): Bump the cdk-deps group in /cdk with 3 updates #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): Bump the cdk-deps group in /cdk with 3 updates #60

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2026

Bumps the cdk-deps group in /cdk with 3 updates: aws-cdk-lib, constructs and black.

Updates aws-cdk-lib from 2.234.1 to 2.235.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.235.0

⚠ BREAKING CHANGES

  • ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:
  • aws-ecs: AWS::ECS::CapacityProvider: ManagedInstancesNetworkConfiguration.SecurityGroups property is now required.
  • ecs: securityGroups is now required in ManagedInstancesCapacityProviderProps. CloudFormation has always required this field, so any code that omitted it would have failed at deployment time with a validation error. This change catches the error at compile time instead, improving the developer experience. If your code previously omitted securityGroups, you must now explicitly provide at least one security group.
  • aws-cdk-lib: JobQueue.computeEnvironments contains an computeEnvironment: IComputeEnvironment → IComputeEnvironmentRef. BackupPlanRule.props contains a backupVault: IBackupVault → IBackupVaultRef. ApiDestination.fromApiDestinationAttributes() return type ApiDestination → IApiDestination. This should never have returned a class but always an interface, as is the standard for referencing factories. EventDestination.bus changed IEventBus →IEventBusRef; FlowLogDestination.bind() now returns and ICluster.executeCommandConfiguration contains a member changing type ILogGroup → ILogGroupRef.
  • events: ApiDestination.fromApiDestinationAttributes() now returns an IApiDestination. It used to return an ApiDestination but this was a mistake, referencing methods always return a type by interface, not by class.EventDestination.bus used to be an IEventBus but is now an IEventBusRef; it needs to be type tested to assert it is actually an IEventBus if that is necessary.
  • logs: the return types of FlowLogDestination.bind() and ICluster.executeCommandConfiguration now contain an ILogGroupRef instead of an ILogGroup, which guarantees less. These fields are for communication between constructs, and their values should not be used by application builders. If they do, they will need to add a cast or a type check.
  • iot-actions: enableBatchConfig property is explicitly disabled by default. Even with this modification, the behavior of HttpAction remains unchanged from before, but only the Cfn template will be modified.

Features

Bug Fixes

Miscellaneous Chores

Alpha modules (2.235.0-alpha.0)

⚠ BREAKING CHANGES

  • bedrock-agentcore-alpha: The User Pool Client will be replaced and new Resource Server and Domain resources will be added for existing Gateway stacks using the default Cognito authorizer.

Checklist

Bug Fixes

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.235.0-alpha.0 (2026-01-15)

⚠ BREAKING CHANGES

  • bedrock-agentcore-alpha: The User Pool Client will be replaced and new Resource Server and Domain resources will be added for existing Gateway stacks using the default Cognito authorizer.

Checklist

Bug Fixes

  • bedrock-agentcore-alpha: default Cognito User Pool for AgentCore Gateway is not set up for M2M authentication. (#36323) (5a5605a)

2.234.1-alpha.0 (2026-01-08)

2.234.0-alpha.0 (2026-01-08)

Features

  • msk-alpha: support express broker for Kafka v3.9 (#36450) (afcc953)

Bug Fixes

  • elasticache-alpha: deployment fails when serverlessCacheName or userGroupId is not specified (#36459) (b3f62f7), closes #36458
  • elasticache-alpha: security group for ServerlessCache does not use default endpoint port (#35738) (79d91ad)

2.233.0-alpha.0 (2025-12-18)

⚠ BREAKING CHANGES

  • bedrock-agentcore-alpha: Runtime constructs will no longer automatically include lifecycleConfiguration with default values when not explicitly specified by users.
  • elasticache-alpha: The engine property in NoPasswordUserProps has been removed.

Bug Fixes

  • bedrock-agentcore-alpha: runtime construct incorrectly forces default lifecycleConfiguration values (#36379) (7954354), closes #36376
  • elasticache-alpha: the default engine for NoPasswordUser contradict in the docs (#35920) (495fa37), closes #35847
  • mixins-preview: improving delivery source and delivery destination creation (#36314) (86092ab)

2.232.2-alpha.0 (2025-12-12)

2.232.1-alpha.0 (2025-12-05)

... (truncated)

Commits
  • 7686e1d chore(release): 2.235.0 (#36697)
  • e836d23 chore: update CHANGELOG.v2.md
  • ccf7b9f chore: update analytics metadata blueprints
  • e2c1d6e chore(release): 2.235.0
  • 861f437 feat: update L1 CloudFormation resource definitions (#36694)
  • d8e023d feat(rds): add Read/Write IOPS metrics to DatabaseInstance and VolumeRead/Wri...
  • cccd94c fix(opensearchservice): use KMS Key ARN for cross-account encryption (#36020)
  • dea2c28 chore: yarn upgrade dependencies requiring intervention (#36600)
  • 6734426 fix(ecs): make securityGroups required in ManagedInstancesCapacityProvider (#...
  • 7da5aeb ci(security-guardian): fix guardhooks-no-root-principals guard rule (#36690)
  • Additional commits viewable in compare view

Updates constructs from 10.4.4 to 10.4.5

Release notes

Sourced from constructs's releases.

v10.4.5

10.4.5 (2026-01-16)

Bug Fixes

  • save memory by lazy initializing all fields (#2838) (28249f8)
Commits

Updates black from 25.12.0 to 26.1.0

Release notes

Sourced from black's releases.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

  • always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
  • fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
  • fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
  • fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
  • multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
  • normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
  • remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
  • remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
  • standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

  • Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root

... (truncated)

Changelog

Sourced from black's changelog.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

  • always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
  • fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
  • fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
  • fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
  • multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
  • normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
  • remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
  • remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
  • standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

  • Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the cdk-deps group in /cdk with 3 updates
cec4ff9 
Bumps the cdk-deps group in /cdk with 3 updates: [aws-cdk-lib](https://github.com/aws/aws-cdk), [constructs](https://github.com/aws/constructs) and [black](https://github.com/psf/black).


Updates `aws-cdk-lib` from 2.234.1 to 2.235.0
- [Release notes](https://github.com/aws/aws-cdk/releases)
- [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md)
- [Commits](aws/aws-cdk@v2.234.1...v2.235.0)

Updates `constructs` from 10.4.4 to 10.4.5
- [Release notes](https://github.com/aws/constructs/releases)
- [Commits](aws/constructs@v10.4.4...v10.4.5)

Updates `black` from 25.12.0 to 26.1.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@25.12.0...26.1.0)

---
updated-dependencies:
- dependency-name: aws-cdk-lib
  dependency-version: 2.235.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cdk-deps
- dependency-name: constructs
  dependency-version: 10.4.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cdk-deps
- dependency-name: black
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: cdk-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jan 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant