Skip to content

Bump the cdk group with 3 updates #14392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the cdk group with 3 updates #14392

wants to merge 1 commit into from
+308 −394

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 12, 2025
edited
Loading

Bumps the cdk group with 3 updates: @guardian/cdk, aws-cdk and aws-cdk-lib.

Updates @guardian/cdk from 61.4.0 to 61.10.1

Release notes

Sourced from @​guardian/cdk's releases.

v61.10.1

Patch Changes

  • 0b264a3: Fix resource property of guard duty IAM role for ECS task pattern

v61.10.0

Minor Changes

  • 9db50ef: Add required permissions to GuEcsTask pattern for guard duty sidecar container

Patch Changes

  • 6c611c8: Broaden CDK peer dependency ranges to allow any aws-cdk/construct version provided more recent than the specified version

v61.9.0

Minor Changes

  • 339c2e9: Improves the safety of the new deployment mechanism for services which scale horizontally.

    As part of this the default and maxValue properties of the MinInstancesInServiceFor<app> parameter (which is used by Riff-Raff) have been removed.

Patch Changes

  • 888d5e2: Update aws-cdk to 2.1018.0, aws-cdk-lib to 2.200.1, constructs to 10.4.2

v61.8.2

Patch Changes

  • 1336b63: Update import path of ContainerInsights.

v61.8.1

Patch Changes

  • 2ec1d32: chore(deps): bump codemaker from 1.111.0 to 1.112.0

v61.8.0

Minor Changes

  • 0cc9129: Addition of slow start mode support for GuEc2AppExperimental.

    We recommend enabling this setting if you run a high-traffic service, particularly if it is JVM-based.

v61.7.0

Minor Changes

  • d1ee03a: feat(GuEc2App): Replace enabledDetailedInstanceMonitoring optional property with mandatory instanceMetricGranularity property

    Specifying how an ASG service should be monitored is now explicitly required. When detailed monitoring is enabled, EC2 metrics are produced at a higher granularity of one minute (default is five minutes). This should allow for earlier horizontal scaling and provide more detail during incident triage.

... (truncated)

Changelog

Sourced from @​guardian/cdk's changelog.

61.10.1

Patch Changes

  • 0b264a3: Fix resource property of guard duty IAM role for ECS task pattern

61.10.0

Minor Changes

  • 9db50ef: Add required permissions to GuEcsTask pattern for guard duty sidecar container

Patch Changes

  • 6c611c8: Broaden CDK peer dependency ranges to allow any aws-cdk/construct version provided more recent than the specified version

61.9.0

Minor Changes

  • 339c2e9: Improves the safety of the new deployment mechanism for services which scale horizontally.

    As part of this the default and maxValue properties of the MinInstancesInServiceFor<app> parameter (which is used by Riff-Raff) have been removed.

Patch Changes

  • 888d5e2: Update aws-cdk to 2.1018.0, aws-cdk-lib to 2.200.1, constructs to 10.4.2

61.8.2

Patch Changes

  • 1336b63: Update import path of ContainerInsights.

61.8.1

Patch Changes

  • 2ec1d32: chore(deps): bump codemaker from 1.111.0 to 1.112.0

61.8.0

Minor Changes

  • 0cc9129: Addition of slow start mode support for GuEc2AppExperimental.

    We recommend enabling this setting if you run a high-traffic service, particularly if it is JVM-based.

61.7.0

... (truncated)

Commits
  • 9a90a16 Merge pull request #2705 from guardian/changeset-release/main
  • 0ee8de1 Bump package version
  • 4366fcf Merge pull request #2704 from guardian/pm-fix-guardutypolicy
  • 32b10b2 Format
  • 0b264a3 Add changeset
  • 2241a4a Use arn rather than url for runtime monitoring policy resource
  • 9dc7d63 Bump package version (#2701)
  • 0f20a6d Merge pull request #2703 from guardian/pm-fix-guard-duty-ecs-task
  • abae67b Make changeset more accurate
  • 3979291 Limit repository to location in ireland of guardduty container
  • Additional commits viewable in compare view

Updates aws-cdk from 2.1007.0 to 2.1024.0

Release notes

Sourced from aws-cdk's releases.

[email protected]

2.1024.0 (2025-08-06)

Features

  • add message about unconfigured feature flags when user runs cdk synth (#765) (a94b241)
  • cli: update Go init templates to v1.23.0 and add post-install tidy (#768) (8be6aad)

[email protected]

2.1023.0 (2025-07-29)

Features

  • modify a single feature flag configuration (#738) (969c499)

[email protected]

2.1022.0 (2025-07-24)

Features

  • cli: --no-version-reporting equals --no-telemetry for cli telemetry and library metadata exclusion (#718) (d40bf52)
  • cli: cli-telemetry status command (#697) (666f1b9), closes #631
  • cli: send telemetry events to local file (#631) (a6755f0)
  • cli: telemetry event deploy (#698) (d441f68), closes #631

Bug Fixes

  • cli: running --telemetry-file without the --unstable option creates a telemetry file (#731) (cde4468)

[email protected]

2.1021.0 (2025-07-16)

Features

  • "cdk flags" command reports active and missing feature flags (unstable) (#699) (d62b991)
  • diff shows moved resources (#708) (6beac2b)
  • modification is forbidden during a refactor (#667) (66594fd)
  • overrides to resolve mapping ambiguities (#679) (fdec382)
  • toolkit-lib: list action contains metadata (#719) (d71960e), closes #501

... (truncated)

Commits
  • 8be6aad feat(cli): update Go init templates to v1.23.0 and add post-install tidy (#768)
  • 2877f4c chore(cli): refactor command throws error on failure (#737)
  • edef43c chore(cli): funnel (#760)
  • a94b241 feat: add message about unconfigured feature flags when user runs cdk synth...
  • c6e6c46 chore(cli): move sinks into their own folder (#759)
  • f224645 chore(deps): upgrade dependencies (#741)
  • 969c499 feat: modify a single feature flag configuration (#738)
  • 2f44d1e chore: typo in readme (#739)
  • b0e6bc0 chore(deps): bump axios from 1.10.0 to 1.11.0 (#735)
  • d441f68 feat(cli): telemetry event deploy (#698)
  • Additional commits viewable in compare view

Updates aws-cdk-lib from 2.189.0 to 2.210.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.210.0

Reverts

Alpha modules (2.210.0-alpha.0)

Features

  • glue-alpha: add optional metrics control for cost optimization (#35154) (6e24133), closes #35149

v2.209.1

Bug Fixes

  • eks: fix helm commands not running ecr public login (#35161) (d860ee8)

Alpha modules (2.209.1-alpha.0)

Bug Fixes

  • eks-v2-alpha: fix helm commands not running ecr public login (#35162) (6c2a8b8)

v2.209.0

Features

  • ecs: add support for native blue/green deployments in ECS L2 (#35061) (3723aca), closes #35010
  • add new field to feature flag report (#35108) (8bff8f9)
  • inferenceprofiles: add inference and cross-region inference pro… (#35048) (87770ef)
  • deprecating delete existing field in ARecord (#35039) (49b2627), closes #34230
  • s3-tables: add L2 construct support for Table and Namespace resources (#35023) (576c9ec), closes #33054

Bug Fixes

  • app-staging-synthesizer: custom bootstrap qualifier is not passed through to deployment role name (#35118) (6525d51), closes #28195 #28195
  • codebuild: support Windows Server Core 2022 image with on-demand capacity (#35152) (a595884), closes #29754
  • eks: remove usage of shell=True in helm commands (#35148) (918593d)
  • eks-v2: remove usage of shell=True in helm commands (#35141) (cd9d69c)
  • rds: can not lookup VPC Security Groups with fromLookup method (#34906) (ae87e26)

Alpha modules (2.209.0-alpha.0)

v2.208.0

Features

  • update L1 CloudFormation resource definitions (#35054) (a2b3e78)
  • region-info: add support for region ap-southeast-6 (#35036)

Bug Fixes

  • core: Tag must have a value error is impossible to attribute to a specific tag (#35091) (6c4181b)

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.210.0-alpha.0 (2025-08-06)

Features

  • glue-alpha: add optional metrics control for cost optimization (#35154) (6e24133), closes #35149

2.209.1-alpha.0 (2025-08-06)

Bug Fixes

  • eks-v2-alpha: fix helm commands not running ecr public login (#35162) (6c2a8b8)

2.209.0-alpha.0 (2025-08-05)

2.208.0-alpha.0 (2025-07-29)

Features

  • glue: throw ValidationError instead of untyped errors (#35084) (1e20df6)

2.207.0-alpha.0 (2025-07-24)

2.206.0-alpha.0 (2025-07-16)

2.205.0-alpha.0 (2025-07-15)

2.204.0-alpha.0 (2025-07-04)

Features

2.203.1-alpha.0 (2025-07-02)

2.203.0-alpha.0 (2025-07-01)

Features

  • ec2: support for client route enforcement for client VPN endpoint (#34405) (063f4e7)

... (truncated)

Commits
  • 29e15ae chore: update analytics metadata blueprints
  • 88696e9 revert(ecs): add support for native blue/green deployments in ECS L2 (#35061)...
  • e128b29 chore(kms): add new enum values for kms (#35139)
  • 26cb806 chore(release): 2.209.0 (#35159)
  • 5b272a9 chore: update analytics metadata blueprints
  • 24bbced fix(logs): revert "exposed metric from the metric filter will now include the...
  • 6c4181b fix(core): Tag must have a value error is impossible to attribute to a spec...
  • 1da883e chore(dependencies): build with upgraded dependencies fails (#34957)
  • a2b3e78 feat: update L1 CloudFormation resource definitions (#35054)
  • 81fe660 fix(custom-resources): use loggingFormat instead of deprecated logFormat (#35...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 12, 2025
@dependabot dependabot bot requested a review from a team as a code owner August 12, 2025 18:45
@dependabot dependabot bot added Dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 12, 2025
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cdk-7d9fd41b28 branch 2 times, most recently from 8415e54 to 53b806a Compare August 13, 2025 18:49
@dependabot
Bump the cdk group with 3 updates
6fcdfaa 
Bumps the cdk group with 3 updates: [@guardian/cdk](https://github.com/guardian/cdk), [aws-cdk](https://github.com/aws/aws-cdk-cli/tree/HEAD/packages/aws-cdk) and [aws-cdk-lib](https://github.com/aws/aws-cdk/tree/HEAD/packages/aws-cdk-lib).


Updates `@guardian/cdk` from 61.4.0 to 61.10.1
- [Release notes](https://github.com/guardian/cdk/releases)
- [Changelog](https://github.com/guardian/cdk/blob/main/CHANGELOG.md)
- [Commits](guardian/cdk@v61.4.0...v61.10.1)

Updates `aws-cdk` from 2.1007.0 to 2.1024.0
- [Release notes](https://github.com/aws/aws-cdk-cli/releases)
- [Commits](https://github.com/aws/aws-cdk-cli/commits/[email protected]/packages/aws-cdk)

Updates `aws-cdk-lib` from 2.189.0 to 2.210.0
- [Release notes](https://github.com/aws/aws-cdk/releases)
- [Changelog](https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md)
- [Commits](https://github.com/aws/aws-cdk/commits/v2.210.0/packages/aws-cdk-lib)

---
updated-dependencies:
- dependency-name: "@guardian/cdk"
  dependency-version: 61.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cdk
- dependency-name: aws-cdk
  dependency-version: 2.1024.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cdk
- dependency-name: aws-cdk-lib
  dependency-version: 2.210.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: cdk
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cdk-7d9fd41b28 branch from 53b806a to 6fcdfaa Compare August 14, 2025 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
apps-rendering Dependencies Pull requests that update a dependency file dotcom-rendering javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants