Bump software.amazon.awscdk:aws-cdk-lib from 2.258.1 to 2.259.0

[dependabot]

Bumps software.amazon.awscdk:aws-cdk-lib from 2.258.1 to 2.259.0.

Release notes

Sourced from software.amazon.awscdk:aws-cdk-lib's releases.

v2.259.0

⚠ BREAKING CHANGES

• lambda: Runtime.NODEJS_LATEST now resolves to nodejs24.x in every region. Customers who pin to a concrete runtime (Runtime.NODEJS_22_X, useLatestRuntimeVersion: false in aws-lambda-nodejs.NodejsFunction) are unaffected. Existing AWS::Lambda::Function resources synthesized with NODEJS_LATEST will see Runtime: nodejs22.x → Runtime: nodejs24.x on next deploy. Lambda accepts runtime updates in place.

  Customer-code compatibility — IMPORTANT: Node.js 24 removes support for callback-style asynchronous handlers ((event, context, callback) => {...}) per the launch blog. Customers whose Lambda code still uses callback-based handlers will see runtime errors after the bump. Customers should migrate to async (event, context) => {...} or pin to Runtime.NODEJS_22_X explicitly.

Features

• core: recommend the use of weak references if no choice has been made (#38070) (6e74e5e)
• ecs: add forceNewDeployment option for Fargate and EC2 services (#36797) (3d9c4df), closes #27762
• eks: use the recommended AL2023 instead of AL2 AMI type (under feature flag) (#37850) (6a2dcb7), closes #32211
• lambda: upgrade lambda and custom resource default runtime to nodejs24.x (#38031) (36c84c6)

Bug Fixes

• spec2cdk: sanitize hyphens in EventBridge event namespace names (#38088) (b8f41bf), closes 40aws-cdk/spec2cdk/lib/naming/conventions.ts#L195

Reverts

• "chore(bundling): check if docker image is cached before building" (#38116) (359f2fb), closes aws/aws-cdk#37951

---

Alpha modules (2.259.0-alpha.0)

Changelog

Sourced from software.amazon.awscdk:aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.259.0-alpha.0 (2026-06-11)

2.258.1-alpha.0 (2026-06-08)

2.258.0-alpha.0 (2026-06-04)

Features

• integ-tests-alpha: add option to set the provider log level (#38005) (c634a79)

Bug Fixes

• custom-resource-handlers: deterministic asset hashes for generated lambdas (#37634) (6c3d5bc), closes #34307
• glue-alpha: deprecate Ray Jobs (#38055) (3fa428b)
• glue-alpha: restore notifyDelayAfter to PySpark and Scala Spark ETL jobs (#37815) (05be88a), closes #33839
• integ-tests-alpha: assertion failures print too much unnecessary information (#37974) (bc0de1d)
• mediapackagev2-alpha: cdnAuth on OriginEndpoint now generates the required policy (#38013) (1d56b46)

2.257.0-alpha.0 (2026-05-21)

2.256.1-alpha.0 (2026-05-20)

2.256.0-alpha.0 (2026-05-19)

2.255.0-alpha.0 (2026-05-18)

Features

• bedrock-agentcore-alpha: Graduation of the library to stable. The Policy submodule is the only submodule that remains in alpha. All other constructs have graduated to stable in aws-cdk-lib/aws-bedrockagentcore and we recommend migrating to the stable versions (#37876) (00cf601)

2.254.0-alpha.0 (2026-05-13)

Features

• bedrock-agentcore-alpha: add tags support to Evaluator and OnlineEvaluationConfig (#37804) (adbf88f)
• bedrock-agentcore-alpha: add identity L2 constructs (#37610) (67c3af2)
• mediapackagev2-alpha: add OAC integration between CloudFront and MediaPackageV2 (#37701) (654f59c)

Bug Fixes

• bedrock-agentcore-alpha: fix cedar policy bug (#37782) (e678d5c), closes #37828

... (truncated)

Commits

• 5afca52 chore(release): 2.259.0 (#38127)
• 64da93e chore: update changelog
• 772eeba chore: update analytics metadata blueprints
• 2e409c7 chore(release): 2.259.0
• 36c84c6 chore(lambda): upgrade lambda and custom resource default runtime to nodejs24...
• 18ebd9a chore(merge-back): 2.258.1 (#38120)
• 2b571d3 Merge branch 'main' into merge-back/2.258.1
• 5961de2 chore(deps): bump the pip group across 3 directories with 2 updates (#37937)
• acf0971 chore(deps): bump the pip group across 8 directories with 1 update (#37355)
• 359f2fb revert: "chore(bundling): check if docker image is cached before building" (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.