chore(deps): bump the aws-cdk group across 1 directory with 2 updates

[dependabot]

Bumps the aws-cdk group with 2 updates in the / directory: aws-cdk and aws-cdk-lib.

Updates aws-cdk from 2.1120.0 to 2.1125.0

Commits

• 76445b3 chore(deps): bump semver from 7.7.4 to 7.8.0 (#1548)
• 0aec629 chore(deps): upgrade dependencies (#1546)
• e1cd6bc fix: bootstrap fails if bucket, ECR repo already exist (#1544)
• 62e217a feat(deps): upgrade aws-cdk-lib (#1543)
• bd58d4d fix: recognize VSCode Agent terminal (#1540)
• 9197aee feat(deps): upgrade aws-cdk-lib (#1538)
• 791408c fix(cli): resolve command aliases in unknown options check (#1536)
• 0920b78 feat(deps): upgrade aws-cdk-lib (#1532)
• de82699 fix(cloud-assembly-api): widen jsonschema range to fix npm ci on npm 11 (#1529)
• abd4f4c feat(cli): warn on unrecognized CLI options (#1514)
• Additional commits viewable in compare view

Updates aws-cdk-lib from 2.252.0 to 2.257.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.257.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

  • aws-neptunegraph: AWS::NeptuneGraph::GraphSnapshot: GraphIdentifier property is now required.

Features

• update L1 CloudFormation resource definitions (#37955) (211b06c)
• core: failSynthOnValidationErrors context key to suppress console output and exit code (#37909) (deb968f), closes aws/aws-cdk-cli#1515

---

Alpha modules (2.257.0-alpha.0)

v2.256.1

Bug Fixes

• invalid lock file (#37943) (73ae91d), closes #37726 #37929 #37870

---

Alpha modules (2.256.1-alpha.0)

v2.256.0

Features

• aws-cdk-lib: emits performance counters if synthesis is slow (#37919) (caa0f4c), closes #37843
• core: validations report is always written to cloud assembly (#37867) (dddc6e0)
• ec2: replace any return types with specific interfaces in IPeer methods (#36637) (626e44d), closes #36636
• s3: support bucketNamePrefix and bucketNamespace properties (#37386) (997b003), closes #37760

Bug Fixes

• core: handle token-wrapped Boxes in property merge strategies (#37902) (18435e3)
• core: prevent stack overflow on large construct trees (#37901) (10163cb), closes #37903

---

Alpha modules (2.256.0-alpha.0)

v2.255.0

Features

• aws-cdk-lib: emits performance counters if synthesis is slow (#37843) (ea33967)
• bedrockagentcore: graduate to stable 🚀 (#37876) (00cf601)
• core: builtin PropertyMergeStrategys are now compatible with deferred Box values (#37844) (ca4b722)
• core: persist asset fingerprinting cache (#37822) (605a776)
• ec2: add C8A instance type support (#36736) (0d088ca), closes #36722

Bug Fixes

• core: cached Lazys use the Box API internally (#37889) (464fa3d)

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.257.0-alpha.0 (2026-05-21)

2.256.1-alpha.0 (2026-05-20)

2.256.0-alpha.0 (2026-05-19)

2.255.0-alpha.0 (2026-05-18)

Features

• bedrock-agentcore-alpha: Graduation of the library to stable. The Policy submodule is the only submodule that remains in alpha. All other constructs have graduated to stable in aws-cdk-lib/aws-bedrockagentcore and we recommend migrating to the stable versions (#37876) (00cf601)

2.254.0-alpha.0 (2026-05-13)

Features

• bedrock-agentcore-alpha: add tags support to Evaluator and OnlineEvaluationConfig (#37804) (adbf88f)
• bedrock-agentcore-alpha: add identity L2 constructs (#37610) (67c3af2)
• mediapackagev2-alpha: add OAC integration between CloudFront and MediaPackageV2 (#37701) (654f59c)

Bug Fixes

• bedrock-agentcore-alpha: fix cedar policy bug (#37782) (e678d5c), closes #37828
• custom-resource-handlers: deployment fails when parameter already exists (#37852) (025c38c)

2.253.1-alpha.0 (2026-05-08)

2.253.0-alpha.0 (2026-05-06)

Features

• bedrock-agentcore-alpha: add OnlineEvaluationConfig and Evaluator L2 constructs (#37615) (c13de04), closes #37614
• glue-alpha: add extraPythonFiles support to PythonShellJob (#37130) (c9c6f9c), closes #34448

Bug Fixes

• bedrock-agentcore-alpha: self-managed memory strategy validation throws on unresolved tokens (#37691) (7956537), closes #37197

2.252.0-alpha.0 (2026-04-29)

2.251.0-alpha.0 (2026-04-24)

... (truncated)

Commits

• 211b06c feat: update L1 CloudFormation resource definitions (#37955)
• c0fe7ee chore(bundling): check if docker image is cached before building (#37951)
• 95284c5 fix: invalid lock file (#37943)
• b7090dd refactor: replace Lazy.uncachedString with Box API where context is not neede...
• deb968f feat(core): failSynthOnValidationErrors context key to suppress console outpu...
• 68c62d7 chore: update analytics metadata blueprints
• 30c7a2b chore: upgrade cloud-assembly packages to fix npm ci (#37932)
• 3c5e5f8 fix(merge-back): move dispose-polyfill to lib/private where perf.ts expects it
• 1f4c823 Merge remote-tracking branch 'origin/main' into merge-back/2.255.0
• 626e44d feat(ec2): replace any return types with specific interfaces in IPeer met...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud