build(deps-dev): bump the nodejs-other group across 1 directory with 5 updates

[dependabot]

Bumps the nodejs-other group with 5 updates in the /nodejs directory:

Package	From	To
rimraf	6.0.1	6.1.0
mocha	11.7.4	11.7.5
@aws-sdk/client-sts	3.917.0	3.927.0
@types/node	24.5.2	24.10.0
aws-cdk-lib	2.221.0	2.222.0

Updates rimraf from 6.0.1 to 6.1.0

Changelog

Sourced from rimraf's changelog.

6.1

• Move to native fs/promises usage instead of promisifying manually.

6.0

• Drop support for nodes before v20
• Add --version to CLI

5.0

• No default export, only named exports

4.4

• Provide Dirent or Stats object as second argument to filter

4.3

• Return boolean indicating whether the path was fully removed
• Add filter option
• bin: add --verbose, -v to print files as they are deleted
• bin: add --no-verbose, -V to not print files as they are deleted
• bin: add -i --interactive to be prompted on each deletion
• bin: add -I --no-interactive to not be prompted on each deletion
• 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

• Brought back glob support, using the new and improved glob v9

v4.1

• Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
• Accept and ignore -rf and -fr arguments to the bin.

v4.0

• Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
• Accept array of paths or single path.
• Windows performance and reliability improved.
• All strategies separated into explicitly exported methods.
• Drop support for Node.js below version 14
• rewrite in TypeScript

... (truncated)

Commits

• 18dc77a 6.1.0
• 2bd2e62 changelog 6.1
• 19311cf refactor: switch to native fs.promises
• 0c437d4 Create separate dir for integration tests
• 65a3b8a Do not pass unnecessary rest args to fs functions
• 02b31b7 Use the same ignoreENOENT and fixEPERM utils everywhere
• c012f4f Mock process.platform with t.intercept
• c72278a Use tap.intercept to test bin
• 549d1e8 Configure tap coverage-map
• a76970b benchmark: add options to filter and compare benchmarks
• Additional commits viewable in compare view

Updates mocha from 11.7.4 to 11.7.5

Release notes

Sourced from mocha's releases.

v11.7.5

11.7.5 (2025-11-04)

🩹 Fixes

• swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

• run tests on PRs for and pushes to v11.x (#5525) (8b21b38)
• setup release-please for v11 (#5522) (663fff4)

Changelog

Sourced from mocha's changelog.

11.7.5 (2025-11-04)

🩹 Fixes

• swallow more require errors from *ts files (#5498) (d89dbaf)

🧹 Chores

• run tests on PRs for and pushes to v11.x (#5525) (8b21b38)
• setup release-please for v11 (#5522) (663fff4)

Commits

• 9a6a5db chore(v11.x): release 11.7.5 (#5523)
• 8b21b38 chore: run tests on PRs for and pushes to v11.x (#5525)
• 663fff4 chore: setup release-please for v11 (#5522)
• 8d97220 Update release-please to include v11.x and use Node ^22
• d89dbaf fix: swallow more require errors from *ts files (#5498)
• See full diff in compare view

Updates @aws-sdk/client-sts from 3.917.0 to 3.927.0

Release notes

Sourced from @​aws-sdk/client-sts's releases.

v3.927.0

3.927.0(2025-11-07)

New Features

• client-ec2: Adds PrivateDnsPreference and PrivateDnsSpecifiedDomains to control private DNS resolution for resource and service network VPC endpoints and IpamScopeExternalAuthorityConfiguration to integrate Amazon VPC IPAM with a third-party IPAM service (650aa6de)
• client-opensearch: This release introduces the Default Application feature, allowing users to set, change, or unset a preferred OpenSearch UI application on a per-region basis for a streamlined and consistent user experience. (ea5f4e47)
• client-vpc-lattice: Amazon VPC Lattice now supports custom domain name for resource configurations (f46fcf1f)
• client-controltower: Added Parent Identifier support to ListEnabledControls and GetEnabledControl API. Implemented RemediationType support for Landing Zone operations: CreateLandingZone, UpdateLandingZone and GetLandingZone APIs (89c1f79d)
• client-kms: Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec (1d8341db)

Bug Fixes

• client-elastic-beanstalk: differentiate modeled and synthesized service base exception name (5e1e54b4)

Tests

• core/protocols: add shape serde perf baselines (#7479) (40bc6005)

---

For list of updated packages, view updated-packages.md in assets-3.927.0.zip

v3.926.0

3.926.0(2025-11-06)

Chores

• core/protocols: make error lookup in runtime protocol consistent with existing codegen (#7478) (64e9c616)

New Features

• clients: update client endpoints as of 2025-11-06 (4d3f1528)
• client-connect: Added support for Conditional Questions in Evaluation Forms. Introduced Auto Evaluation capability for Evaluation Forms and Contact Evaluations. Added new API operations: SearchEvaluationForms and SearchContactEvaluations. (45c43b47)
• client-gamelift: Amazon GameLift Servers now supports game builds that use the Windows 2022 operating system. (e38ba819)
• client-sagemaker: Added NodeProvisioningMode parameter to UpdateCluster API to determine how instance provisioning is handled during cluster operations; in Continuous mode. Added VpcId field in UpdateDomain request for SageMaker Unified Studio domains with no VPC to add a customer VPC. (382a2ff3)
• client-s3vectors: Amazon S3 Vectors provides cost-effective, elastic, and durable vector storage for queries based on semantic meaning and similarity. (cb2626e6)
• client-accessanalyzer: New field totalActiveErrors added to getFindingsStatistics response. (595167c7)
• client-s3tables: Adds support for tagging APIs for S3 Tables (4c268176)
• client-ec2: Add Amazon EC2 R8a instance types (7cb13679)
• client-identitystore: IdentityStore API: added new KMSExceptionReason fields to the Exception object; added multiple new fields to the User APIs - UserStatus, Birthdate, Website and Photos; added multiple new metadata fields for User, Groups and Membership APIs - CreatedAt, CreatedBy, UpdatedAt and UpdatedBy. (28d85047)
• client-quicksight: Support for New Data Prep Experience (02e87fe9)
• client-ssm: Provides NoLongerSupportedException error message (70be2a35)
• client-backup: AWS Backup now supports customer-managed keys (CMK) for logically air-gapped vaults, enabling customers to maintain full control over their encryption key lifecycle. This feature helps organizations meet specific internal governance requirements or external regulatory compliance standards. (b83f5f99)

---

For list of updated packages, view updated-packages.md in assets-3.926.0.zip

... (truncated)

Changelog

Sourced from @​aws-sdk/client-sts's changelog.

3.927.0 (2025-11-07)

Note: Version bump only for package @​aws-sdk/client-sts

3.926.0 (2025-11-06)

Note: Version bump only for package @​aws-sdk/client-sts

3.925.0 (2025-11-05)

Note: Version bump only for package @​aws-sdk/client-sts

3.922.0 (2025-10-31)

Bug Fixes

• middleware-user-agent: allow hash in userAgentAppId and propagate to inner clients (#7469) (03d94d1)

3.921.0 (2025-10-30)

Features

• client-sts: Update endpoint ruleset parameters casing (d28da8b)

3.920.0 (2025-10-29)

Bug Fixes

... (truncated)

Commits

• 73e7281 Publish v3.927.0
• 065860a Publish v3.926.0
• b554e95 Publish v3.925.0
• 4a796b6 chore(deps): bump smithy package versions (#7475)
• ed7ac2a Publish v3.922.0
• 03d94d1 fix(middleware-user-agent): allow hash in userAgentAppId and propagate to inn...
• e8b9fd8 Publish v3.921.0
• d28da8b feat(client-sts): Update endpoint ruleset parameters casing
• da06f0e chore(codegen): sync for waiter and proxy fixes (#7467)
• 1d4bdbf Publish v3.920.0
• Additional commits viewable in compare view

Updates @types/node from 24.5.2 to 24.10.0

Commits

• See full diff in compare view

Updates aws-cdk-lib from 2.221.0 to 2.222.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.222.0

⚠ BREAKING CHANGES

• bedrock-agentcore: The signature of RuntimeAuthorizerConfiguration.usingCognito() has changed to accept IUserPool and IUserPoolClient constructs instead of string parameters, and now supports multiple clients.

Features

• apigateway: add binaryMediaTypes property to SpecRestApi (#35502) (bf10d94), closes #35498
• apigatewayv2: WebSocketStage support accessLogSettings (#34766) (dad112e), closes #21935
• bedrock-agentcore: use IUserPool and IUserPoolClient interfaces instead of string identifiers (#35860) (a38afc9), closes #35854
• core: IEnvironmentAware interface to retrieve a construct's environment (#35817) (8ee5d4b)
• elasticloadbalancingv2: create security group settings for NLB by default (under feature flag) (#34675) (ff83cfd), closes #34606 aws/aws-cdk#34606
• events-targets: support Amazon Data Firehose target using Firehose's IDeliveryStream (#33798) (a374b6b), closes #33757 #33758
• kinesisfirehose: add built-in data processors to decompress CloudWatch logs and extract messages (#33749) (5dec21e), closes #33691 #20242 aws/aws-cdk#33691
• lambda: add Java25 runtime for Lambda (#35867) (db71fac)
• lambda: add Python 3.14 runtime for Lambda (#35869) (ebef303)
• memory: add agentcore memory l2 construct (#35757) (6a2e17e)
• msk: support Express brokers (#34741) (0a69e5f), closes #32923

Bug Fixes

• agentcore: addToRolePolicy for runtime with imported role destroys and recreates policies on every deployment (#35842) (92525e4), closes #35844 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-base.ts#L253
• agentcore: custom execution role policy for runtime lacks proper permissions (#35849) (ee94b63), closes #35852 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime-artifact.ts#L65 40aws-cdk/aws-bedrock-agentcore-alpha/agentcore/runtime/runtime.ts#L252-L259 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-codepipeline/lib/pipeline.ts#L693 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-lambda/lib/function.ts#L1468 /github.com/aws/aws-cdk/blob/v2.221.0/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts#L1161
• dynamodb: addToResourcePolicy has no effect (#35554) (94d7e34), closes #35062
• ecs: remove empty CfnClusterCapacityProviderAssociations resource (#35783) (c8a131b), closes #35699 #35742
• iam: cannot grant lambda:InvokeFunction on ManagedPolicy or Policy via grantInvoke() method (#32984) (a07d75a), closes #32980 aws/aws-cdk#32984
• compilation failure in Go (#35871) (5e4f603), closes aws/aws-cdk#35770 #35862
• ec2: remove PassRole policy emitted by cloudwatch vpc flow destination (#35762) (c4b80df), closes #35729

---

Alpha modules (2.222.0-alpha.0)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

v2.221.1

Bug Fixes

• compilation failure in Go (#35871) (4379f66), closes aws/aws-cdk#35770 #35862

---

Alpha modules (2.221.1-alpha.0)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.222.0-alpha.0 (2025-11-04)

Features

• eks-v2-alpha: eks-v2-alpha is now in developer preview (#35801) (32afc0f)

Bug Fixes

• bedrock-alpha: apply permission dependency to existing and non-existing roles (#35123) (b39ccf3), closes #35120
• eks-v2-alpha: remove hyphen from Go package name (#35927) (2cdfc8a)

2.221.1-alpha.0 (2025-10-29)

2.221.0-alpha.0 (2025-10-24)

Features

• msk-alpha: support Kafka 4.1 (#35759) (67539de)

Bug Fixes

• elasticache-alpha: cannot import Redis 7 serverless cache (#35629) (2bde1a0)

2.220.0-alpha.0 (2025-10-14)

Bug Fixes

• amplify-alpha: handle empty customResponseHeaders array (#35700) (57f9068), closes #35693

2.219.0-alpha.0 (2025-10-01)

2.218.0-alpha.0 (2025-09-29)

• elasticache-alpha: implement Serverless ElastiCache L2 Construct (#35424) (0e08c8c)

2.217.0-alpha.0 (2025-09-25)

2.216.0-alpha.0 (2025-09-22)

2.215.0-alpha.0 (2025-09-15)

Bug Fixes

... (truncated)

Commits

• cfc74ed chore: update analytics metadata blueprints
• 1ee40ad chore(release): 2.222.0
• dad112e feat(apigatewayv2): WebSocketStage support accessLogSettings (#34766)
• f618638 chore: fix Python TypeError: Cannot create a consistent method resolution ord...
• ebef303 feat(lambda): add Python 3.14 runtime for Lambda (#35869)
• db71fac feat(lambda): add Java25 runtime for Lambda (#35867)
• db057e1 docs: fix typos and wording in feature flags description (#35789)
• 75139b2 chore(bedrock): support Amazon Nova Multimodal Embeddings (#35904)
• bf10d94 feat(apigateway): add binaryMediaTypes property to SpecRestApi (#35502)
• 5dec21e feat(kinesisfirehose): add built-in data processors to decompress CloudWatch ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.