Bump aws-cdk-lib from 2.257.0 to 2.258.0 in /cdk in the npm-production group

[dependabot]

Bumps the npm-production group in /cdk with 1 update: aws-cdk-lib.

Updates aws-cdk-lib from 2.257.0 to 2.258.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.258.0

⚠ BREAKING CHANGES

• ** L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

• aws-pcaconnectorad: AWS::PCAConnectorAD::ServicePrincipalName: ConnectorArn property is now required.
• aws-pcaconnectorad: AWS::PCAConnectorAD::ServicePrincipalName: DirectoryRegistrationArn property is now required.
• aws-pcaconnectorad: AWS::PCAConnectorAD::TemplateGroupAccessControlEntry: GroupSecurityIdentifier property is now required.
• aws-pcaconnectorad: AWS::PCAConnectorAD::TemplateGroupAccessControlEntry: TemplateArn property is now required.

Features

• core: trace property assignments in CfnResource.addPropertyOverride (#38072) (a226372)
• update L1 CloudFormation resource definitions (#37993) (664a878)
• aws-cdk-lib: emits performance counters if synthesis is slow (#38004) (cb03794), closes #37919 #37843
• bedrockagentcore: expose default endpoint application log group on Runtime (#37812) (8e25d78), closes #37796
• core: add scope to IPolicyValidationContext (#38006) (cae7456)
• core: allow validation plugins to create new files in cloud assembly (#38007) (d9f38a9)
• core: fine-grained control over cross-stack reference strength (#37840) (bddcd44)
• core: include suppressed violations in validation-report.json (#38009) (f396892)
• core: new validation report schema (#37970) (4e09b52), closes aws/aws-cdk-cli#1515
• eks: add AlbControllerVersion support for v2.8.3 through v3.2.2 (#37752) (20abc6a), closes #37414
• eks: add deletionProtection property to Cluster construct (#36474) (5b19ac5), closes #36460
• elasticache: replace CacheEngine/UserEngine enums with enum-like classes (#37816) (6ad84b3), closes #37813

Bug Fixes

• autoscaling: use of ScheduledAction.endTime is dangerous (#38014) (109fae7)
• aws-cdk-lib: make token resolution ~25% faster (#37920) (87483dc)
• bedrockagentcore: relax allowlistedHeaders pattern to match CFN schema (#37969) (e0d6c8a), closes #37964
• cloudwatch: metric math validation reports quoted strings as unknown identifiers (#37977) (59bae38)
• core: cross-region SSM writer orphans parameters when resource is replaced during stack update (#38059) (f130388)
• core: handle string "false" for boolean context values in validation (#37989) (a26ed73)
• integ-tests: responseURL logged in onTimeout (#37972) (b9259dd)
• lambda-nodejs: bundling rejects entry paths containing ".." (#38022) (a7cc53c), closes #38017 #37572 #37572
• lambda-nodejs: perf counters e2e test uses incorrect filename (#38033) (d88637f)

---

Alpha modules (2.258.0-alpha.0)

Features

• integ-tests-alpha: add option to set the provider log level (#38005) (c634a79)

Bug Fixes

• custom-resource-handlers: deterministic asset hashes for generated lambdas (#37634) (6c3d5bc), closes #34307
• glue-alpha: deprecate Ray Jobs (#38055) (3fa428b)
• glue-alpha: restore notifyDelayAfter to PySpark and Scala Spark ETL jobs (#37815) (05be88a), closes #33839
• integ-tests-alpha: assertion failures print too much unnecessary information (#37974) (bc0de1d)

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.258.0-alpha.0 (2026-06-04)

Features

• integ-tests-alpha: add option to set the provider log level (#38005) (c634a79)

Bug Fixes

• custom-resource-handlers: deterministic asset hashes for generated lambdas (#37634) (6c3d5bc), closes #34307
• glue-alpha: deprecate Ray Jobs (#38055) (3fa428b)
• glue-alpha: restore notifyDelayAfter to PySpark and Scala Spark ETL jobs (#37815) (05be88a), closes #33839
• integ-tests-alpha: assertion failures print too much unnecessary information (#37974) (bc0de1d)
• mediapackagev2-alpha: cdnAuth on OriginEndpoint now generates the required policy (#38013) (1d56b46)

2.257.0-alpha.0 (2026-05-21)

2.256.1-alpha.0 (2026-05-20)

2.256.0-alpha.0 (2026-05-19)

2.255.0-alpha.0 (2026-05-18)

Features

• bedrock-agentcore-alpha: Graduation of the library to stable. The Policy submodule is the only submodule that remains in alpha. All other constructs have graduated to stable in aws-cdk-lib/aws-bedrockagentcore and we recommend migrating to the stable versions (#37876) (00cf601)

2.254.0-alpha.0 (2026-05-13)

Features

• bedrock-agentcore-alpha: add tags support to Evaluator and OnlineEvaluationConfig (#37804) (adbf88f)
• bedrock-agentcore-alpha: add identity L2 constructs (#37610) (67c3af2)
• mediapackagev2-alpha: add OAC integration between CloudFront and MediaPackageV2 (#37701) (654f59c)

Bug Fixes

• bedrock-agentcore-alpha: fix cedar policy bug (#37782) (e678d5c), closes #37828
• custom-resource-handlers: deployment fails when parameter already exists (#37852) (025c38c)

2.253.1-alpha.0 (2026-05-08)

... (truncated)

Commits

• c331663 Revert "chore: update analytics metadata blueprints"
• ca23898 chore: update analytics metadata blueprints
• 6b00479 chore(deps): upgrade @​aws-cdk/cloud-assembly-schema to ^54.0.0 (#38074)
• 41a35d2 chore: yarn upgrade dependencies requiring intervention (#37551)
• 81d5b03 chore: npm-check-updates && yarn upgrade (#38076)
• d368e21 chore: prepare repo for TypeScript/JSII 6.0 (#38058)
• a226372 feat(core): trace property assignments in CfnResource.addPropertyOverride (#3...
• 581ebc1 chore(rds): add MySQL versions 5.7.44-rds.20260212, 8.0.46 and 8.4.9 (#38039)
• 2726f06 chore(rds): add Aurora PostgreSQL 16.13 limitless (#38053)
• 664a878 feat: update L1 CloudFormation resource definitions (#37993)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions