chore(deps-dev): bump the cdk group in /cdk with 2 updates

[dependabot]

Bumps the cdk group in /cdk with 2 updates: @guardian/cdk and @types/node.

Updates @guardian/cdk from 59.5.2 to 59.5.3

Release notes

Sourced from @​guardian/cdk's releases.

v59.5.3

@​guardian/cdk

59.5.2

Patch Changes

• 1110a11: fix(experimental-ec2-pattern): Create Policy first

  When deploying Prism with the GuEc2AppExperimental for the first time, the deployment failed with the cloud-init-output logs stating:

  An error occurred (AccessDenied) when calling the DescribeTargetHealth operation: User: arn:aws:sts::000000000000:assumed-role/prism-CODE-InstanceRolePrism/i-0cee86d64de253ca4 is not authorized to perform: elasticloadbalancing:DescribeTargetHealth because no identity-based policy allows the elasticloadbalancing:DescribeTargetHealth action
  

  This suggests the instance update was started before the policy was created.

  Make the ASG depend on the policy that grants these permissions to resolve, as CloudFormation creates dependencies first.

• 5add16c: feat(experimental-ec2-pattern): Tag launch template to improve observability

59.5.1

Patch Changes

• fed2598: fix(experimental-ec2-pattern): Add buffer to rolling update timeout

  If we consider the health check grace period to be the time it takes the "normal" user data to run, the rolling update should be configured to be a little longer to cover the additional time spent polling the target group.

  A buffer of 1 minute is somewhat arbitrarily chosen. Too high a value, then we increase the time it takes to automatically rollback from a failing healthcheck. Too low a value, then we risk flaky deploys.

59.5.0

Minor Changes

• f4e2a7c: feat(experimental-ec2-pattern): Pattern to deploy ASG updates w/CFN

  Included in this update is a new experimental pattern GuEc2AppExperimental, which can be used in place of a GuEc2App:

  import { GuEc2AppExperimental } from "@guardian/cdk/lib/experimental/patterns/ec2-app";

  This pattern will add an AutoScalingRollingUpdate policy to the autoscaling group. This allows application updates to be performed like a standard CloudFormation update, and using the custom logic provided by Riff-Raff's autoscaling deployment type is unnecessary.

... (truncated)

Changelog

Sourced from @​guardian/cdk's changelog.

@​guardian/cdk

Commits

• 9b555ec feat: Add exports for constructs
• b61bbc6 Merge pull request #2473 from guardian/dependabot/npm_and_yarn/typedoc-0.26.8
• e905b31 chore(deps): bump typedoc from 0.26.7 to 0.26.8
• f6066f7 Merge pull request #2472 from guardian/dependabot/npm_and_yarn/types/node-22.7.5
• a334ea9 chore(deps): bump @​types/node from 22.7.4 to 22.7.5
• 1350cd2 Merge pull request #2471 from guardian/dependabot/npm_and_yarn/changesets/cli...
• 504fe94 chore(deps): bump @​changesets/cli from 2.27.8 to 2.27.9
• 890c89e Merge pull request #2470 from guardian/dependabot/npm_and_yarn/types/node-22.7.4
• 5a5498d chore(deps): bump @​types/node from 22.7.0 to 22.7.4
• 4f41d90 Merge pull request #2468 from guardian/dependabot/npm_and_yarn/types/node-22.7.0
• Additional commits viewable in compare view

Updates @types/node from 20.16.11 to 20.16.13

Commits

• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
@types/node	[>= 22.a, < 23]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Deploy build 10127 of identity:identity-gateway to CODE

All deployment options

• Deploy build 10127 of identity:identity-gateway to CODE
• Deploy parts of build 10127 to CODE by previewing it first
• What's on CODE right now?

---

From guardian/actions-riff-raff.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.