chore(deps): bump the aws-cdk group across 1 directory with 3 updates

[dependabot]

Bumps the aws-cdk group with 3 updates in the / directory: @aws-cdk/toolkit-lib, aws-cdk-lib and aws-cdk.

Updates @aws-cdk/toolkit-lib from 1.14.0 to 1.14.1

Release notes

Sourced from @​aws-cdk/toolkit-lib's releases.

@​aws-cdk/toolkit-lib@​v1.14.1

1.14.1 (2026-01-25)

Bug Fixes

• chokidar and npm rely on outdated version of tar (#1059) (ba59816)
• cli: refactor commands fail for templates exceeding 50KB (#1019) (1bdbaca), closes #1012

Commits

• ba59816 fix: chokidar and npm rely on outdated version of tar (#1059)
• 1bdbaca fix(cli): refactor commands fail for templates exceeding 50KB (#1019)
• See full diff in compare view

Updates aws-cdk-lib from 2.235.1 to 2.236.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.236.0

Features

• update L1 CloudFormation resource definitions (#36721) (7a4a443)
• ecs: add capacityOptionType (Spot support) to ManagedInstancesCapacityProvider L2 construct (#36497) (e8ad85b), closes #35648
• ecs: add built-in Linear and Canary deployments (#35981) (67ac5e7), closes #35986 #35987
• logs: add support for deletion protection configuration (#36583) (c4d1389), closes #36554 #36554

Bug Fixes

• apigatewayv2: use custom domain name instead of regional domain name when importing domain name via fromDomainNameAttributes (#36710) (fe6eb0b)
• batch: undeprecate useOptimalInstanceClasses property (#36353) (3485d53), closes #36291 #36291
• core: resources allocate unnecessary string tokens upon instantiation (#36692) (59d4928)
• core: tree.json unintentionally includes telemetry metadata (#36748) (87fd86b)
• scheduler: scheduleName returns undefined when imported from ARN (#36400) (752bd9b), closes #36361
• recent change to IAlarmAction breaks too many implementors (#36695) (0c5b0db)

---

Alpha modules (2.236.0-alpha.0)

Features

• bedrock-agentcore-alpha: added episodic memory strategy (#36591) (21dcfc6)
• bedrock-agentcore-alpha: added gateway interceptors (#36604) (ba8aa48)
• bedrock-agentcore-alpha: make physical name properties optional for AgentCore resources (#36354) (5137d81), closes #36341
• mixins-preview: expose BucketPolicyStatementsMixin publicly (#36771) (458156d)
• sagemaker: add containerStartupHealthCheckTimeoutInSeconds support for EndpointConfig (#35626) (47d707a), closes #35566

Bug Fixes

• eks-v2-alpha: ensure kubectl provider access entry is depended upon by downstream resources (#36734) (e104f45), closes #34898 #34897

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.236.0-alpha.0 (2026-01-23)

Features

• bedrock-agentcore-alpha: added episodic memory strategy (#36591) (21dcfc6)
• bedrock-agentcore-alpha: added gateway interceptors (#36604) (ba8aa48)
• bedrock-agentcore-alpha: make physical name properties optional for AgentCore resources (#36354) (5137d81), closes #36341
• mixins-preview: expose BucketPolicyStatementsMixin publicly (#36771) (458156d)
• sagemaker: add containerStartupHealthCheckTimeoutInSeconds support for EndpointConfig (#35626) (47d707a), closes #35566

Bug Fixes

• eks-v2-alpha: ensure kubectl provider access entry is depended upon by downstream resources (#36734) (e104f45), closes #34898 #34897

2.235.1-alpha.0 (2026-01-19)

2.235.0-alpha.0 (2026-01-15)

⚠ BREAKING CHANGES

• bedrock-agentcore-alpha: The User Pool Client will be replaced and new Resource Server and Domain resources will be added for existing Gateway stacks using the default Cognito authorizer.

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

Bug Fixes

• bedrock-agentcore-alpha: default Cognito User Pool for AgentCore Gateway is not set up for M2M authentication. (#36323) (5a5605a)

2.234.1-alpha.0 (2026-01-08)

2.234.0-alpha.0 (2026-01-08)

Features

• msk-alpha: support express broker for Kafka v3.9 (#36450) (afcc953)

Bug Fixes

• elasticache-alpha: deployment fails when serverlessCacheName or userGroupId is not specified (#36459) (b3f62f7), closes #36458
• elasticache-alpha: security group for ServerlessCache does not use default endpoint port (#35738) (79d91ad)

... (truncated)

Commits

• b2add3f chore: update analytics metadata blueprints
• 867adc8 chore(deps): bump the npm_and_yarn group across 2 directories with 1 update (...
• 9b4065c chore(mixins-preview): track mixin usage (#36743)
• 87fd86b fix(core): tree.json unintentionally includes telemetry metadata (#36748)
• 0fe7635 chore: yarn upgrade dependencies requiring intervention (#36747)
• e8ad85b feat(ecs): add capacityOptionType (Spot support) to ManagedInstancesCapacityP...
• 041cc0e chore: npm-check-updates && yarn upgrade (#36691)
• 6380446 chore(rds): add new enum values for rds (#36730)
• b3c858b chore(lambda): add new enum values for lambda (#36729)
• d3b87fe chore(kms): add new enum values for kms (#36728)
• Additional commits viewable in compare view

Updates aws-cdk from 2.1102.0 to 2.1103.0

Release notes

Sourced from aws-cdk's releases.

aws-cdk@v2.1103.0

2.1103.0 (2026-01-25)

Features

• cli: add --[no-]color flag to control output colorization (#1030) (91be9f1), closes aws/aws-cdk-cli#1031

Bug Fixes

• chokidar and npm rely on outdated version of tar (#1059) (ba59816)

Commits

• ba59816 fix: chokidar and npm rely on outdated version of tar (#1059)
• 88e95b9 chore(deps): bump @​smithy/node-config-provider from 4.3.6 to 4.3.8 (#1037)
• 4048c55 chore(deps): bump diff from 7.0.0 to 8.0.3 (#1026)
• 892e7f2 chore(deps): bump lodash from 4.17.21 to 4.17.23 (#1054)
• 91be9f1 feat(cli): add --[no-]color flag to control output colorization (#1030)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud