build(deps-dev): bump the nodejs-other group across 1 directory with 7 updates

[dependabot]

Bumps the nodejs-other group with 7 updates in the /nodejs directory:

Package	From	To
typescript	5.9.2	5.9.3
mocha	11.7.2	11.7.4
webpack	5.101.3	5.102.0
@aws-sdk/client-sts	3.896.0	3.901.0
@types/aws-lambda	8.10.152	8.10.155
@types/node	24.5.2	24.7.0
aws-cdk-lib	2.217.0	2.219.0

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)
• fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

• npm

Commits

• c63de15 Bump version to 5.9.3 and LKG
• 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
• a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
• 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
• bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
• 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
• 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
• See full diff in compare view

Updates mocha from 11.7.2 to 11.7.4

Release notes

Sourced from mocha's releases.

v11.7.4

11.7.4 (2025-10-01)

🩹 Fixes

• watch mode using chokidar v4 (#5379) (c2667c3)

📚 Documentation

• migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

• remove trailing spaces (#5475) (7f68e5c)

v11.7.3

11.7.3 (2025-09-30)

🩹 Fixes

• use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

📚 Documentation

• add security escalation policy (#5466) (4122c7d)
• fix duplicate global leak documentation (#5461) (1164b9d)
• migrate third party UIs wiki page to docs (#5434) (6654704)
• update maintainer release notes for release-please (#5453) (185ae1e)

🤖 Automation

• deps: bump actions/setup-node in the github-actions group (#5459) (48c6f40)

Changelog

Sourced from mocha's changelog.

11.7.4 (2025-10-01)

🩹 Fixes

• watch mode using chokidar v4 (#5379) (c2667c3)

📚 Documentation

• migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

🧹 Chores

• remove trailing spaces (#5475) (7f68e5c)

11.7.3 (2025-09-30)

🩹 Fixes

• use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

📚 Documentation

• add security escalation policy (#5466) (4122c7d)
• fix duplicate global leak documentation (#5461) (1164b9d)
• migrate third party UIs wiki page to docs (#5434) (6654704)
• update maintainer release notes for release-please (#5453) (185ae1e)

🤖 Automation

• deps: bump actions/setup-node in the github-actions group (#5459) (48c6f40)

Commits

• 8649f39 chore(main): release 11.7.4 (#5473)
• c2667c3 fix: watch mode using chokidar v4 (#5379)
• 7f68e5c chore: remove trailing spaces (#5475)
• bff9166 Docs: migrate remaining legacy wiki pages to main documentation (#5465)
• c805327 chore(main): release 11.7.3 (#5455)
• ebdbc48 fix: use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION ...
• 4122c7d docs: add security escalation policy (#5466)
• 1164b9d docs: fix duplicate global leak documentation (#5461)
• 48c6f40 build(deps): bump actions/setup-node in the github-actions group (#5459)
• 6654704 docs: migrate third party UIs wiki page to docs (#5434)
• Additional commits viewable in compare view

Updates webpack from 5.101.3 to 5.102.0

Release notes

Sourced from webpack's releases.

v5.102.0

Features

• Added static analyze for dynamic imports
• Added support for import file from "./file.ext" with { type: "bytes" } to get the content as Uint8Array (look at example)
• Added support for import file from "./file.ext" with { type: "text" } to get the content as text (look at example)
• Added the snapshot.contextModule to configure snapshots options for context modules
• Added the extractSourceMap option to implement the capabilities of loading source maps by comment, you don't need source-map-loader (look at example)
• The topLevelAwait experiment is now stable (you can remove experiments.topLevelAwait from your webpack.config.js)
• The layers experiment is now stable (you can remove experiments.layers from your webpack.config.js)
• Added function matcher support in rule options

Fixes

• Fixed conflicts caused by multiple concatenate modules
• Ignore import failure during HMR update with ES modules output
• Keep render module order consistent
• Prevent inlining modules that have this exports
• Removed unused timeout attribute of script tag
• Supported UMD chunk format to work in web workers
• Improved CommonJs bundle to ES module library
• Use es-lexer for mjs files for build dependencies
• Fixed support __non_webpack_require__ for ES modules
• Properly handle external modules for CSS
• AssetsByChunkName included assets from chunk.auxiliaryFiles
• Use createRequire only when output is ES module and target is node
• Typescript types

Performance Improvements

• Avoid extra calls for snapshot
• A avoid extra jobs for build dependencies
• Move import attributes to own dependencies

Commits

• 14c813a chore(release): 5.102.0
• 761b153 feat: support function matcher in rule options (#19952)
• 8c0fa9e feat: tree shaking nested exports for destructuring assignment (#19955)
• 0a58530 chore(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 (#19958)
• 042bf86 fix: integrity in http-url test (#19954)
• d9121b3 docs: use markdown instead html (#19938)
• 3f00777 docs: remove unused files (#19937)
• 3cf0d95 chore: add lfx badge (#19934)
• 84e5c12 fix: should analyze correct variable for dynamic import (#19936)
• 44cf16f docs: Revise security policy and reporting guidelines (#19886)
• Additional commits viewable in compare view

Updates @aws-sdk/client-sts from 3.896.0 to 3.901.0

Release notes

Sourced from @​aws-sdk/client-sts's releases.

v3.901.0

3.901.0(2025-10-01)

Chores

• codegen:
  • bump Gradle to 9.0.0 (#7390) (1e004195)
  • bump codegen version to 0.36.0 (#7393) (d0a9cd8b)
• add more bundle types to the benchmark (#7392) (97078ce6)
• bump '@smithy/*' versions (#7391) (0a418cc2)

Documentation Changes

• client-ecs: This is a documentation only Amazon ECS release that adds additional information for health checks. (a5652334)
• client-database-migration-service: This is a doc-only update, revising text for kms-key-arns. (629c6306)

New Features

• client-chime-sdk-meetings: Add support to receive dual stack MediaPlacement URLs in Chime Meetings SDK (c32ced42)
• client-cleanroomsml: This release introduces data access budgets to view how many times an input channel can be used for ML jobs in a collaboration. (a6cc054b)
• client-cleanrooms: This release introduces data access budgets to control how many times a table can be used for queries and jobs in a collaboration. (783dbc10)
• client-pcs: Added the UpdateCluster API action to modify cluster configurations, and Slurm custom settings for queues. (3b9d480e)
• client-ivs-realtime: Remove incorrect ReadOnly trait on IVS RealTime ImportPublicKey API (8b79cdc1)

---

For list of updated packages, view updated-packages.md in assets-3.901.0.zip

v3.900.0

3.900.0(2025-09-30)

Chores

• codegen:
  • replace legacy gradle plugin code (#7389) (e2b60b5d)
  • bump smithy-plugin to 0.7.0 (#7388) (b9cbc475)
  • bump smithy-gradle-plugin to 1.3.0 (#7387) (f449c5b8)
  • upgrade smithy to 1.62.0 (#7386) (568fe9a6)

Documentation Changes

• client-quicksight: added warnings to a few CLI pages (1ea0f889)

New Features

• clients: update client endpoints as of 2025-09-30 (453bf08d)
• client-customer-profiles: This release introduces ListProfileHistoryRecords and GetProfileHistoryRecord APIs for comprehensive profile history tracking with complete audit trails of creation, updates, merges, deletions, and data ingestion events. (a39cb127)
• client-rds: Enhanced RDS error handling: Added DBProxyEndpointNotFoundFault, DBShardGroupNotFoundFault, KMSKeyNotAccessibleFault for snapshots/restores/backups, NetworkTypeNotSupported, StorageTypeNotSupportedFault for restores, and granular state validation faults. Changed DBInstanceNotReadyFault to HTTP 400. (a6d4eb28)
• client-datasync: Added support for FIPS VPC endpoints in FIPS-enabled AWS Regions. (def03385)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-sts's changelog.

3.901.0 (2025-10-01)

Note: Version bump only for package @​aws-sdk/client-sts

3.899.0 (2025-09-29)

Note: Version bump only for package @​aws-sdk/client-sts

Commits

• 5befda8 Publish v3.901.0
• 0a418cc chore: bump '@smithy/*' versions (#7391)
• 99ff240 Publish v3.899.0
• ad1514d chore(codegen): sync for separating error schema & ctor (#7377)
• See full diff in compare view

Updates @types/aws-lambda from 8.10.152 to 8.10.155

Commits

• See full diff in compare view

Updates @types/node from 24.5.2 to 24.7.0

Commits

• See full diff in compare view

Updates aws-cdk-lib from 2.217.0 to 2.219.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.219.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-servicecatalog: AWS::ServiceCatalog::PortfolioPrincipalAssociation: PortfolioId property is now required. aws-servicecatalog: AWS::ServiceCatalog::PortfolioPrincipalAssociation: PrincipalARN property is now required. aws-servicecatalog: AWS::ServiceCatalog::PortfolioProductAssociation: Id attribute removed.

Co-authored-by: aws-cdk-automation [email protected]

Features

• ecs: new L2 construct for ManagedInstances CapacityProvider (#35648) (c72a09b)
• update L1 CloudFormation resource definitions (#35646) (860ce0d)
• codebuild: add custom instance type and VPC to Fleets (#34572) (5c2781b)
• codebuild: support overflow behavior of fleet (#35480) (e4113b0)
• update L1 CloudFormation resource definitions (#35614) (fb0a114)

Bug Fixes

• cloudfront: edgefunction does not propagate stack tags correctly (#35518) (63088e8)

---

Alpha modules (2.219.0-alpha.0)

v2.218.0

Features

• cloudfront-origins: ip address type for http origin (#35445) (196c7ae), closes #35427
• docdb: support for serverless clusters (#35574) (89bfef7), closes #35199
• pipelines: CodeBuildFactory support Docker server (#35584) (c62d996)
• spec2cdk: generate from<Resource>Arn and from<Resource><Prop> in every L1 (#35470) (c588061)

---

Alpha modules (2.218.0-alpha.0)

• elasticache-alpha: implement Serverless ElastiCache L2 Construct (#35424) (0e08c8c)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.219.0-alpha.0 (2025-10-01)

2.218.0-alpha.0 (2025-09-29)

• elasticache-alpha: implement Serverless ElastiCache L2 Construct (#35424) (0e08c8c)

2.217.0-alpha.0 (2025-09-25)

2.216.0-alpha.0 (2025-09-22)

2.215.0-alpha.0 (2025-09-15)

Bug Fixes

• bedrock-alpha: added missing validation when prompt uses default variant (#35366) (cbd271e)

2.214.0-alpha.0 (2025-09-02)

Features

• bedrock-alpha: add guardrails l2 construct (#34765) (b4fdb2b)
• eks-v2-alpha: support eks with k8s 1.33 (#34713) (c24565e), closes #34520 #34911
• s3tables-alpha: add TablePolicy support to L2 construct library (#35223) (2741dfb), closes #33054

2.213.0-alpha.0 (2025-08-27)

Features

• s3tables-alpha: add TablePolicy support to L2 construct library (#35223) (a4aad78), closes #33054

2.212.0-alpha.0 (2025-08-20)

2.211.0-alpha.0 (2025-08-12)

2.210.0-alpha.0 (2025-08-06)

Features

• glue-alpha: add optional metrics control for cost optimization (#35154) (6e24133), closes #35149

2.209.1-alpha.0 (2025-08-06)

... (truncated)

Commits

• 731eb40 chore(release): 2.219.0 (#35650)
• 6c38897 chore: update analytics metadata blueprints
• 7379a4b chore(eks): add AL2023_ARM_64_NVIDIA AMI type for managed node groups (#35578)
• 89bfef7 feat(docdb): support for serverless clusters (#35574)
• 2c22a6d chore(rds): mysql version 5.7.44-RDS.20250818 (#35581)
• c62d996 feat(pipelines): CodeBuildFactory support Docker server (#35584)
• c588061 feat(spec2cdk): generate from\<Resource>Arn and from\<Resource>\<Prop> in ev...
• 31bf1bf chore(ec2): add r8gb instance class (#35582)
• b8b3347 Merge branch 'main' into merge-back/2.217.0
• 196c7ae feat(cloudfront-origins): ip address type for http origin (#35445)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[wpessers]

@dependabot ignore @types/aws-lambda patch version

[dependabot]

OK, I won't notify you about version 8.10.155 of @types/aws-lambda again, unless you unignore it.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.