agent-claw: automated task changes

2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/artifact-map.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/artifact-map.d.ts
@@ -0,0 +1,33 @@
+import * as cp from '../../../aws-codepipeline';
+import { FileSet } from '../blueprint';
+/**
+ * Translate FileSets to CodePipeline Artifacts
+ */
+export declare class ArtifactMap {
+    private artifacts;
+    private usedNames;
+    /**
+     * Return the matching CodePipeline artifact for a FileSet
+     */
+    toCodePipeline(x: FileSet): cp.Artifact;
+    private makeUniqueName;
+}
+/**
+ * A FileSet created from a CodePipeline artifact
+ *
+ * You only need to use this if you want to add CDK Pipeline stages
+ * add the end of an existing CodePipeline, which should be very rare.
+ */
+export declare class CodePipelineFileSet extends FileSet {
+    /**
+     * Turn a CodePipeline Artifact into a FileSet
+     */
+    static fromArtifact(artifact: cp.Artifact): CodePipelineFileSet;
+    /**
+     * The artifact this class is wrapping
+     *
+     * @internal
+     */
+    readonly _artifact: cp.Artifact;
+    private constructor();
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/artifact-map.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/artifact-map.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.CodePipelineFileSet=exports.ArtifactMap=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var crypto=()=>{var tmp=require("crypto");return crypto=()=>tmp,tmp},cp=()=>{var tmp=require("../../../aws-codepipeline");return cp=()=>tmp,tmp},blueprint_1=()=>{var tmp=require("../blueprint");return blueprint_1=()=>tmp,tmp},helpers_internal_1=()=>{var tmp=require("../helpers-internal");return helpers_internal_1=()=>tmp,tmp};class ArtifactMap{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.ArtifactMap",version:"2.252.0"};artifacts=new Map;usedNames=new Set;toCodePipeline(x){try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_FileSet(x)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.toCodePipeline),error}if(x instanceof CodePipelineFileSet)return x._artifact;let ret=this.artifacts.get(x);if(!ret){const artifactName=this.makeUniqueName(`${x.producer.id}.${x.id}`);this.usedNames.add(artifactName),this.artifacts.set(x,ret=new(cp()).Artifact(artifactName))}return ret}makeUniqueName(baseName){let i=1;baseName=sanitizeArtifactName(baseName);let name=baseName;for(;this.usedNames.has(name);)name=`${baseName}${++i}`;return name}}exports.ArtifactMap=ArtifactMap;function sanitizeArtifactName(x){let sani=x.replace(/[^A-Za-z0-9_]/g,"_");const maxLength=100;if(sani.length>maxLength){const fingerprint=crypto().createHash("sha256").update(sani).digest("hex").slice(0,8);sani=sani.slice(0,maxLength-fingerprint.length)+fingerprint}return sani}class CodePipelineFileSet extends blueprint_1().FileSet{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.CodePipelineFileSet",version:"2.252.0"};static fromArtifact(artifact){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_Artifact(artifact)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromArtifact),error}return new CodePipelineFileSet(artifact)}_artifact;constructor(artifact){super(artifact.artifactName??"Imported",helpers_internal_1().PipelineGraph.NO_STEP),this._artifact=artifact}}exports.CodePipelineFileSet=CodePipelineFileSet;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codebuild-step.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codebuild-step.d.ts
@@ -0,0 +1,259 @@
+import * as codebuild from '../../../aws-codebuild';
+import type * as ec2 from '../../../aws-ec2';
+import type * as iam from '../../../aws-iam';
+import type { Duration } from '../../../core';
+import type { ShellStepProps } from '../blueprint';
+import { ShellStep } from '../blueprint';
+/**
+ * Construction props for a CodeBuildStep
+ */
+export interface CodeBuildStepProps extends ShellStepProps {
+    /**
+     * Name for the generated CodeBuild project
+     *
+     * @default - Automatically generated
+     */
+    readonly projectName?: string;
+    /**
+     * Additional configuration that can only be configured via BuildSpec
+     *
+     * You should not use this to specify output artifacts; those
+     * should be supplied via the other properties of this class, otherwise
+     * CDK Pipelines won't be able to inspect the artifacts.
+     *
+     * Set the `commands` to an empty array if you want to fully specify
+     * the BuildSpec using this field.
+     *
+     * The BuildSpec must be available inline--it cannot reference a file
+     * on disk.
+     *
+     * @default - BuildSpec completely derived from other properties
+     */
+    readonly partialBuildSpec?: codebuild.BuildSpec;
+    /**
+     * The VPC where to execute the SimpleSynth.
+     *
+     * @default - No VPC
+     */
+    readonly vpc?: ec2.IVpc;
+    /**
+     * Which subnets to use.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default - All private subnets.
+     */
+    readonly subnetSelection?: ec2.SubnetSelection;
+    /**
+     * Caching strategy to use.
+     *
+     * @default - No cache
+     */
+    readonly cache?: codebuild.Cache;
+    /**
+     * Policy statements to add to role used during the synth
+     *
+     * Can be used to add acces to a CodeArtifact repository etc.
+     *
+     * @default - No policy statements added to CodeBuild Project Role
+     */
+    readonly rolePolicyStatements?: iam.PolicyStatement[];
+    /**
+     * Custom execution role to be used for the CodeBuild project
+     *
+     * @default - A role is automatically created
+     */
+    readonly role?: iam.IRole;
+    /**
+     * Custom execution role to be used for the Code Build Action
+     *
+     * @default - A role is automatically created
+     */
+    readonly actionRole?: iam.IRole;
+    /**
+     * Changes to environment
+     *
+     * This environment will be combined with the pipeline's default
+     * environment.
+     *
+     * @default - Use the pipeline's default build environment
+     */
+    readonly buildEnvironment?: codebuild.BuildEnvironment;
+    /**
+     * Which security group to associate with the script's project network interfaces.
+     * If no security group is identified, one will be created automatically.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default - Security group will be automatically created.
+     */
+    readonly securityGroups?: ec2.ISecurityGroup[];
+    /**
+     * The number of minutes after which AWS CodeBuild stops the build if it's
+     * not complete. For valid values, see the timeoutInMinutes field in the AWS
+     * CodeBuild User Guide.
+     *
+     * @default Duration.hours(1)
+     */
+    readonly timeout?: Duration;
+    /**
+     * ProjectFileSystemLocation objects for CodeBuild build projects.
+     *
+     * A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint,
+     * and type of a file system created using Amazon Elastic File System.
+     *
+     * @default - no file system locations
+     */
+    readonly fileSystemLocations?: codebuild.IFileSystemLocation[];
+    /**
+     * Information about logs for CodeBuild projects. A CodeBuild project can create logs in Amazon CloudWatch Logs, an S3 bucket, or both.
+     *
+     * @default - no log configuration is set
+     */
+    readonly logging?: codebuild.LoggingOptions;
+}
+/**
+ * Run a script as a CodeBuild Project
+ *
+ * The BuildSpec must be available inline--it cannot reference a file
+ * on disk. If your current build instructions are in a file like
+ * `buildspec.yml` in your repository, extract them to a script
+ * (say, `build.sh`) and invoke that script as part of the build:
+ *
+ * ```ts
+ * new pipelines.CodeBuildStep('Synth', {
+ *   commands: ['./build.sh'],
+ * });
+ * ```
+ */
+export declare class CodeBuildStep extends ShellStep {
+    /**
+     * Name for the generated CodeBuild project
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly projectName?: string;
+    /**
+     * The VPC where to execute the SimpleSynth.
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly vpc?: ec2.IVpc;
+    /**
+     * Which subnets to use.
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly subnetSelection?: ec2.SubnetSelection;
+    /**
+     * Caching strategy to use.
+     *
+     * @default - No cache
+     */
+    readonly cache?: codebuild.Cache;
+    /**
+     * Policy statements to add to role used during the synth
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly rolePolicyStatements?: iam.PolicyStatement[];
+    /**
+     * Custom execution role to be used for the CodeBuild project
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly role?: iam.IRole;
+    /**
+     * Custom execution role to be used for the Code Build Action
+     *
+     * @default - A role is automatically created
+     */
+    readonly actionRole?: iam.IRole;
+    /**
+     * Build environment
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly buildEnvironment?: codebuild.BuildEnvironment;
+    /**
+     * Which security group to associate with the script's project network interfaces.
+     *
+     * @default - No value specified at construction time, use defaults
+     */
+    readonly securityGroups?: ec2.ISecurityGroup[];
+    /**
+     * The number of minutes after which AWS CodeBuild stops the build if it's
+     * not complete. For valid values, see the timeoutInMinutes field in the AWS
+     * CodeBuild User Guide.
+     *
+     * @default Duration.hours(1)
+     */
+    readonly timeout?: Duration;
+    /**
+     * ProjectFileSystemLocation objects for CodeBuild build projects.
+     *
+     * A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint,
+     * and type of a file system created using Amazon Elastic File System.
+     *
+     * @default - no file system locations
+     */
+    readonly fileSystemLocations?: codebuild.IFileSystemLocation[];
+    /**
+     * Information about logs for CodeBuild projects. A CodeBuilde project can create logs in Amazon CloudWatch Logs, an S3 bucket, or both.
+     *
+     * @default - no log configuration is set
+     */
+    readonly logging?: codebuild.LoggingOptions;
+    private _project?;
+    private _partialBuildSpec?;
+    private readonly exportedVariables;
+    private exportedVarsRendered;
+    constructor(id: string, props: CodeBuildStepProps);
+    /**
+     * CodeBuild Project generated for the pipeline
+     *
+     * Will only be available after the pipeline has been built.
+     */
+    get project(): codebuild.IProject;
+    /**
+     * The CodeBuild Project's principal
+     */
+    get grantPrincipal(): iam.IPrincipal;
+    /**
+     * Additional configuration that can only be configured via BuildSpec
+     *
+     * Contains exported variables
+     *
+     * @default - Contains the exported variables
+     */
+    get partialBuildSpec(): codebuild.BuildSpec | undefined;
+    /**
+     * Reference a CodePipeline variable defined by the CodeBuildStep.
+     *
+     * The variable must be set in the shell of the CodeBuild step when
+     * it finishes its `post_build` phase.
+     *
+     * @param variableName the name of the variable for reference.
+     * @example
+     * // Access the output of one CodeBuildStep in another CodeBuildStep
+     * declare const pipeline: pipelines.CodePipeline;
+     *
+     * const step1 = new pipelines.CodeBuildStep('Step1', {
+     *   commands: ['export MY_VAR=hello'],
+     * });
+     *
+     * const step2 = new pipelines.CodeBuildStep('Step2', {
+     *   env: {
+     *     IMPORTED_VAR: step1.exportedVariable('MY_VAR'),
+     *   },
+     *   commands: ['echo $IMPORTED_VAR'],
+     * });
+     */
+    exportedVariable(variableName: string): string;
+    /**
+     * Set the internal project value
+     *
+     * @internal
+     */
+    _setProject(project: codebuild.IProject): void;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codebuild-step.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codebuild-step.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.CodeBuildStep=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var buildspecs_1=()=>{var tmp=require("./private/buildspecs");return buildspecs_1=()=>tmp,tmp},outputs_1=()=>{var tmp=require("./private/outputs");return outputs_1=()=>tmp,tmp},codebuild=()=>{var tmp=require("../../../aws-codebuild");return codebuild=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},blueprint_1=()=>{var tmp=require("../blueprint");return blueprint_1=()=>tmp,tmp};class CodeBuildStep extends blueprint_1().ShellStep{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.CodeBuildStep",version:"2.252.0"};projectName;vpc;subnetSelection;cache;rolePolicyStatements;role;actionRole;buildEnvironment;securityGroups;timeout;fileSystemLocations;logging;_project;_partialBuildSpec;exportedVariables=new Set;exportedVarsRendered=!1;constructor(id,props){super(id,props);try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_CodeBuildStepProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,CodeBuildStep),error}this.projectName=props.projectName,this.buildEnvironment=props.buildEnvironment,this._partialBuildSpec=props.partialBuildSpec,this.vpc=props.vpc,this.subnetSelection=props.subnetSelection,this.cache=props.cache,this.role=props.role,this.actionRole=props.actionRole,this.rolePolicyStatements=props.rolePolicyStatements,this.securityGroups=props.securityGroups,this.timeout=props.timeout,this.fileSystemLocations=props.fileSystemLocations,this.logging=props.logging}get project(){if(!this._project)throw new(core_1()).UnscopedValidationError((0,literal_string_1().lit)`CallPipeline`,"Call pipeline.buildPipeline() before reading this property");return this._project}get grantPrincipal(){return this.project.grantPrincipal}get partialBuildSpec(){this.exportedVarsRendered=!0;const varsBuildSpec=this.exportedVariables.size>0?codebuild().BuildSpec.fromObject({version:"0.2",env:{"exported-variables":Array.from(this.exportedVariables)}}):void 0;return(0,buildspecs_1().mergeBuildSpecs)(varsBuildSpec,this._partialBuildSpec)}exportedVariable(variableName){if(this.exportedVarsRendered&&!this.exportedVariables.has(variableName))throw new(core_1()).UnscopedValidationError((0,literal_string_1().lit)`ExportvariablePipelineAlreadyProduced`,"exportVariable(): Pipeline has already been produced, cannot call this function anymore");return this.exportedVariables.add(variableName),(0,outputs_1().makeCodePipelineOutput)(this,variableName)}_setProject(project){this._project=project}}exports.CodeBuildStep=CodeBuildStep;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-action-factory.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-action-factory.d.ts
@@ -0,0 +1,110 @@
+import type { Construct } from 'constructs';
+import type { ArtifactMap } from './artifact-map';
+import type { CodeBuildOptions, CodePipeline } from './codepipeline';
+import type { StackOutputsMap } from './stack-outputs-map';
+import type * as cb from '../../../aws-codebuild';
+import type * as cp from '../../../aws-codepipeline';
+/**
+ * Options for the `CodePipelineActionFactory.produce()` method.
+ */
+export interface ProduceActionOptions {
+    /**
+     * Scope in which to create constructs
+     */
+    readonly scope: Construct;
+    /**
+     * Name the action should get
+     */
+    readonly actionName: string;
+    /**
+     * RunOrder the action should get
+     */
+    readonly runOrder: number;
+    /**
+     * If this step is producing outputs, the variables namespace assigned to it
+     *
+     * Pass this on to the Action you are creating.
+     *
+     * @default - Step doesn't produce any outputs
+     */
+    readonly variablesNamespace?: string;
+    /**
+     * Helper object to translate FileSets to CodePipeline Artifacts
+     */
+    readonly artifacts: ArtifactMap;
+    /**
+     * An input artifact that CodeBuild projects that don't actually need an input artifact can use
+     *
+     * CodeBuild Projects MUST have an input artifact in order to be added to the Pipeline. If
+     * the Project doesn't actually care about its input (it can be anything), it can use the
+     * Artifact passed here.
+     *
+     * @default - A fallback artifact does not exist
+     */
+    readonly fallbackArtifact?: cp.Artifact;
+    /**
+     * The pipeline the action is being generated for
+     */
+    readonly pipeline: CodePipeline;
+    /**
+     * If this action factory creates a CodeBuild step, default options to inherit
+     *
+     * @default - No CodeBuild project defaults
+     */
+    readonly codeBuildDefaults?: CodeBuildOptions;
+    /**
+     * Whether or not this action is inserted before self mutation.
+     *
+     * If it is, the action should take care to reflect some part of
+     * its own definition in the pipeline action definition, to
+     * trigger a restart after self-mutation (if necessary).
+     *
+     * @default false
+     */
+    readonly beforeSelfMutation?: boolean;
+    /**
+     * Helper object to produce variables exported from stack deployments.
+     *
+     * If your step references outputs from a stack deployment, use
+     * this to map the output references to Codepipeline variable names.
+     *
+     * Note - Codepipeline variables can only be referenced in action
+     * configurations.
+     *
+     */
+    readonly stackOutputsMap: StackOutputsMap;
+}
+/**
+ * Factory for explicit CodePipeline Actions
+ *
+ * If you have specific types of Actions you want to add to a
+ * CodePipeline, write a subclass of `Step` that implements this
+ * interface, and add the action or actions you want in the `produce` method.
+ *
+ * There needs to be a level of indirection here, because some aspects of the
+ * Action creation need to be controlled by the workflow engine (name and
+ * runOrder). All the rest of the properties are controlled by the factory.
+ */
+export interface ICodePipelineActionFactory {
+    /**
+     * Create the desired Action and add it to the pipeline
+     */
+    produceAction(stage: cp.IStage, options: ProduceActionOptions): CodePipelineActionFactoryResult;
+}
+/**
+ * The result of adding actions to the pipeline
+ */
+export interface CodePipelineActionFactoryResult {
+    /**
+     * How many RunOrders were consumed
+     *
+     * If you add 1 action, return the value 1 here.
+     */
+    readonly runOrdersConsumed: number;
+    /**
+     * If a CodeBuild project got created, the project
+     *
+     * @default - This factory did not create a CodeBuild project
+     */
+    readonly project?: cb.IProject;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-action-factory.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-action-factory.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0});
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-source.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-source.d.ts
@@ -0,0 +1,330 @@
+import type { CodePipelineActionFactoryResult, ProduceActionOptions, ICodePipelineActionFactory } from './codepipeline-action-factory';
+import type * as codecommit from '../../../aws-codecommit';
+import type { Artifact, IStage } from '../../../aws-codepipeline';
+import type { Action, CodeCommitTrigger, GitHubTrigger, S3Trigger } from '../../../aws-codepipeline-actions';
+import type * as iam from '../../../aws-iam';
+import type { IBucket } from '../../../aws-s3';
+import { SecretValue } from '../../../core';
+import type { IRepositoryRef } from '../../../interfaces/generated/aws-ecr-interfaces.generated';
+import { Step } from '../blueprint';
+/**
+ * Factory for CodePipeline source steps
+ *
+ * This class contains a number of factory methods for the different types
+ * of sources that CodePipeline supports.
+ */
+export declare abstract class CodePipelineSource extends Step implements ICodePipelineActionFactory {
+    /**
+     * Returns a GitHub source, using OAuth tokens to authenticate with
+     * GitHub and a separate webhook to detect changes. This is no longer
+     * the recommended method. Please consider using `connection()`
+     * instead.
+     *
+     * Pass in the owner and repository in a single string, like this:
+     *
+     * ```ts
+     * pipelines.CodePipelineSource.gitHub('owner/repo', 'main');
+     * ```
+     *
+     * Authentication will be done by a secret called `github-token` in AWS
+     * Secrets Manager (unless specified otherwise).
+     *
+     * If you rotate the value in the Secret, you must also change at least one property
+     * on the Pipeline, to force CloudFormation to re-read the secret.
+     *
+     * The token should have these permissions:
+     *
+     * * **repo** - to read the repository
+     * * **admin:repo_hook** - if you plan to use webhooks (true by default)
+     *
+     * If you need access to symlinks or the repository history, use a source of type
+     * `connection` instead.
+     */
+    static gitHub(repoString: string, branch: string, props?: GitHubSourceOptions): CodePipelineSource;
+    /**
+     * Returns an S3 source.
+     *
+     * @param bucket The bucket where the source code is located.
+     * @param props The options, which include the key that identifies the source code file and
+     * and how the pipeline should be triggered.
+     *
+     * @example
+     * declare const bucket: s3.Bucket;
+     * pipelines.CodePipelineSource.s3(bucket, 'path/to/file.zip');
+     */
+    static s3(bucket: IBucket, objectKey: string, props?: S3SourceOptions): CodePipelineSource;
+    /**
+     * Returns an ECR source.
+     *
+     * @param repository The repository that will be watched for changes.
+     * @param props The options, which include the image tag to be checked for changes.
+     *
+     * @example
+     * declare const repository: ecr.IRepository;
+     * pipelines.CodePipelineSource.ecr(repository, {
+     *   imageTag: 'latest',
+     * });
+     */
+    static ecr(repository: IRepositoryRef, props?: ECRSourceOptions): CodePipelineSource;
+    /**
+     * Returns a CodeStar connection source. A CodeStar connection allows AWS CodePipeline to
+     * access external resources, such as repositories in GitHub, GitHub Enterprise or
+     * BitBucket.
+     *
+     * To use this method, you first need to create a CodeStar connection
+     * using the AWS console. In the process, you may have to sign in to the external provider
+     * -- GitHub, for example -- to authorize AWS to read and modify your repository.
+     * Once you have done this, copy the connection ARN and use it to create the source.
+     *
+     * Example:
+     *
+     * ```ts
+     * pipelines.CodePipelineSource.connection('owner/repo', 'main', {
+     *   connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', // Created using the AWS console
+     * });
+     * ```
+     *
+     * If you need access to symlinks or the repository history, be sure to set
+     * `codeBuildCloneOutput`.
+     *
+     * @param repoString A string that encodes owner and repository separated by a slash (e.g. 'owner/repo'). The provided string must be resolvable at runtime.
+     * @param branch The branch to use.
+     * @param props The source properties, including the connection ARN.
+     *
+     * @see https://docs.aws.amazon.com/dtconsole/latest/userguide/welcome-connections.html
+     */
+    static connection(repoString: string, branch: string, props: ConnectionSourceOptions): CodePipelineSource;
+    /**
+     * Returns a CodeCommit source.
+     *
+     * If you need access to symlinks or the repository history, be sure to set
+     * `codeBuildCloneOutput`.
+     *
+     *
+     * @param repository The CodeCommit repository.
+     * @param branch The branch to use.
+     * @param props The source properties.
+     *
+     * @example
+     * declare const repository: codecommit.IRepository;
+     * pipelines.CodePipelineSource.codeCommit(repository, 'main');
+     */
+    static codeCommit(repository: codecommit.IRepository, branch: string, props?: CodeCommitSourceOptions): CodePipelineSource;
+    readonly isSource = true;
+    produceAction(stage: IStage, options: ProduceActionOptions): CodePipelineActionFactoryResult;
+    protected abstract getAction(output: Artifact, actionName: string, runOrder: number, variablesNamespace?: string): Action;
+    /**
+     * Return an attribute of the current source revision
+     *
+     * These values can be passed into the environment variables of pipeline steps,
+     * so your steps can access information about the source revision.
+     *
+     * Pipeline synth step has some source attributes predefined in the environment.
+     * If these suffice, you don't need to use this method for the synth step.
+     * @see https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-env-vars.html
+     *
+     * What attributes are available depends on the type of source. These attributes
+     * are supported:
+     *
+     * - GitHub, CodeCommit, and CodeStarSourceConnection
+     *   - `AuthorDate`
+     *   - `BranchName`
+     *   - `CommitId`
+     *   - `CommitMessage`
+     * - GitHub, CodeCommit and ECR
+     *   - `RepositoryName`
+     * - GitHub and CodeCommit
+     *   - `CommitterDate`
+     * - GitHub
+     *   - `CommitUrl`
+     * - CodeStarSourceConnection
+     *   - `FullRepositoryName`
+     * - S3
+     *   - `ETag`
+     *   - `VersionId`
+     * - ECR
+     *   - `ImageDigest`
+     *   - `ImageTag`
+     *   - `ImageURI`
+     *   - `RegistryId`
+     *
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html#reference-variables-list
+     * @example
+     * // Access the CommitId of a GitHub source in the synth
+     * const source = pipelines.CodePipelineSource.gitHub('owner/repo', 'main');
+     *
+     * const pipeline = new pipelines.CodePipeline(scope, 'MyPipeline', {
+     *   synth: new pipelines.ShellStep('Synth', {
+     *     input: source,
+     *     commands: [],
+     *     env: {
+     *       'COMMIT_ID': source.sourceAttribute('CommitId'),
+     *     }
+     *   })
+     * });
+     */
+    sourceAttribute(name: string): string;
+}
+/**
+ * Options for GitHub sources
+ */
+export interface GitHubSourceOptions {
+    /**
+     * A GitHub OAuth token to use for authentication.
+     *
+     * It is recommended to use a Secrets Manager `Secret` to obtain the token:
+     *
+     * ```ts
+     * const oauth = cdk.SecretValue.secretsManager('my-github-token');
+     * ```
+     *
+     * The GitHub Personal Access Token should have these scopes:
+     *
+     * * **repo** - to read the repository
+     * * **admin:repo_hook** - if you plan to use webhooks (true by default)
+     *
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/GitHub-create-personal-token-CLI.html
+     *
+     * @default - SecretValue.secretsManager('github-token')
+     */
+    readonly authentication?: SecretValue;
+    /**
+     * How AWS CodePipeline should be triggered
+     *
+     * With the default value "WEBHOOK", a webhook is created in GitHub that triggers the action.
+     * With "POLL", CodePipeline periodically checks the source for changes.
+     * With "None", the action is not triggered through changes in the source.
+     *
+     * To use `WEBHOOK`, your GitHub Personal Access Token should have
+     * **admin:repo_hook** scope (in addition to the regular **repo** scope).
+     *
+     * @default GitHubTrigger.WEBHOOK
+     */
+    readonly trigger?: GitHubTrigger;
+    /**
+     * The action name used for this source in the CodePipeline
+     *
+     * @default - The repository string
+     */
+    readonly actionName?: string;
+}
+/**
+ * Options for S3 sources
+ */
+export interface S3SourceOptions {
+    /**
+     * How should CodePipeline detect source changes for this Action.
+     * Note that if this is S3Trigger.EVENTS, you need to make sure to include the source Bucket in a CloudTrail Trail,
+     * as otherwise the CloudWatch Events will not be emitted.
+     *
+     * @default S3Trigger.POLL
+     * @see https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/log-s3-data-events.html
+     */
+    readonly trigger?: S3Trigger;
+    /**
+     * The action name used for this source in the CodePipeline
+     *
+     * @default - The bucket name
+     */
+    readonly actionName?: string;
+    /**
+     * The role that will be assumed by the pipeline prior to executing
+     * the `S3Source` action.
+     *
+     * @default - a new role will be generated
+     */
+    readonly role?: iam.IRole;
+}
+/**
+ * Options for ECR sources
+ */
+export interface ECRSourceOptions {
+    /**
+     * The image tag that will be checked for changes.
+     *
+     * @default latest
+     */
+    readonly imageTag?: string;
+    /**
+     * The action name used for this source in the CodePipeline
+     *
+     * @default - The repository name
+     */
+    readonly actionName?: string;
+}
+/**
+ * Configuration options for CodeStar source
+ */
+export interface ConnectionSourceOptions {
+    /**
+     * The ARN of the CodeStar Connection created in the AWS console
+     * that has permissions to access this GitHub or BitBucket repository.
+     *
+     * @example 'arn:aws:codestar-connections:us-east-1:123456789012:connection/12345678-abcd-12ab-34cdef5678gh'
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/connections-create.html
+     */
+    readonly connectionArn: string;
+    /**
+     * If this is set, the next CodeBuild job clones the repository (instead of CodePipeline downloading the files).
+     *
+     * This provides access to repository history, and retains symlinks (symlinks would otherwise be
+     * removed by CodePipeline).
+     *
+     * **Note**: if this option is true, only CodeBuild jobs can use the output artifact.
+     *
+     * @default false
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html#action-reference-CodestarConnectionSource-config
+     */
+    readonly codeBuildCloneOutput?: boolean;
+    /**
+     * Controls automatically starting your pipeline when a new commit
+     * is made on the configured repository and branch. If unspecified,
+     * the default value is true, and the field does not display by default.
+     *
+     * @default true
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html
+     */
+    readonly triggerOnPush?: boolean;
+    /**
+     * The action name used for this source in the CodePipeline
+     *
+     * @default - The repository string
+     */
+    readonly actionName?: string;
+}
+/**
+ * Configuration options for a CodeCommit source
+ */
+export interface CodeCommitSourceOptions {
+    /**
+     * How should CodePipeline detect source changes for this Action.
+     *
+     * @default CodeCommitTrigger.EVENTS
+     */
+    readonly trigger?: CodeCommitTrigger;
+    /**
+     * Role to be used by on commit event rule.
+     * Used only when trigger value is CodeCommitTrigger.EVENTS.
+     *
+     * @default a new role will be created.
+     */
+    readonly eventRole?: iam.IRole;
+    /**
+     * If this is set, the next CodeBuild job clones the repository (instead of CodePipeline downloading the files).
+     *
+     * This provides access to repository history, and retains symlinks (symlinks would otherwise be
+     * removed by CodePipeline).
+     *
+     * **Note**: if this option is true, only CodeBuild jobs can use the output artifact.
+     *
+     * @default false
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeCommit.html
+     */
+    readonly codeBuildCloneOutput?: boolean;
+    /**
+     * The action name used for this source in the CodePipeline
+     *
+     * @default - The repository name
+     */
+    readonly actionName?: string;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-source.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline-source.js
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.d.ts
@@ -0,0 +1,440 @@
+import type { Construct } from 'constructs';
+import * as cb from '../../../aws-codebuild';
+import * as cp from '../../../aws-codepipeline';
+import type * as ec2 from '../../../aws-ec2';
+import * as iam from '../../../aws-iam';
+import type * as s3 from '../../../aws-s3';
+import type { Duration } from '../../../core';
+import type { IFileSetProducer } from '../blueprint';
+import type { DockerCredential } from '../docker-credentials';
+import { PipelineBase } from '../main';
+/**
+ * Properties for a `CodePipeline`
+ */
+export interface CodePipelineProps {
+    /**
+     * Type of the pipeline.
+     *
+     * @default - PipelineType.V2 if the feature flag `CODEPIPELINE_DEFAULT_PIPELINE_TYPE_TO_V2`
+     * is true, PipelineType.V1 otherwise
+     *
+     * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html
+     */
+    readonly pipelineType?: cp.PipelineType;
+    /**
+     * The build step that produces the CDK Cloud Assembly
+     *
+     * The primary output of this step needs to be the `cdk.out` directory
+     * generated by the `cdk synth` command.
+     *
+     * If you use a `ShellStep` here and you don't configure an output directory,
+     * the output directory will automatically be assumed to be `cdk.out`.
+     */
+    readonly synth: IFileSetProducer;
+    /**
+     * The name of the CodePipeline pipeline
+     *
+     * @default - Automatically generated
+     */
+    readonly pipelineName?: string;
+    /**
+     * Create KMS keys for the artifact buckets, allowing cross-account deployments
+     *
+     * The artifact buckets have to be encrypted to support deploying CDK apps to
+     * another account, so if you want to do that or want to have your artifact
+     * buckets encrypted, be sure to set this value to `true`.
+     *
+     * Be aware there is a cost associated with maintaining the KMS keys.
+     *
+     * @default false
+     */
+    readonly crossAccountKeys?: boolean;
+    /**
+     * CDK CLI version to use in self-mutation step
+     *
+     * If you want to lock the CDK CLI version used in the pipeline, by steps
+     * that are automatically generated for you, specify the version here.
+     *
+     * We recommend you do not specify this value, as not specifying it always
+     * uses the latest CLI version which is backwards compatible with old versions.
+     *
+     * If you do specify it, be aware that this version should always be equal to or higher than the
+     * version of the CDK framework used by the CDK app, when the CDK commands are
+     * run during your pipeline execution. When you change this version, the *next
+     * time* the `SelfMutate` step runs it will still be using the CLI of the the
+     * *previous* version that was in this property: it will only start using the
+     * new version after `SelfMutate` completes successfully. That means that if
+     * you want to update both framework and CLI version, you should update the
+     * CLI version first, commit, push and deploy, and only then update the
+     * framework version.
+     *
+     * @default - Latest version
+     */
+    readonly cliVersion?: string;
+    /**
+     * CDK CLI version to use in asset publishing steps
+     *
+     * If you want to lock the `cdk-assets` version used in the pipeline, by steps
+     * that are automatically generated for you, specify the version here.
+     *
+     * We recommend you do not specify this value, as not specifying it always
+     * uses the latest CLI version which is backwards compatible with old versions.
+     *
+     * @see https://www.npmjs.com/package/cdk-assets
+     * @default - Latest version
+     */
+    readonly cdkAssetsCliVersion?: string;
+    /**
+     * Whether the pipeline will update itself
+     *
+     * This needs to be set to `true` to allow the pipeline to reconfigure
+     * itself when assets or stages are being added to it, and `true` is the
+     * recommended setting.
+     *
+     * You can temporarily set this to `false` while you are iterating
+     * on the pipeline itself and prefer to deploy changes using `cdk deploy`.
+     *
+     * @default true
+     */
+    readonly selfMutation?: boolean;
+    /**
+     * Enable Docker for the self-mutate step
+     *
+     * Set this to true if the pipeline itself uses Docker container assets
+     * (for example, if you use `LinuxBuildImage.fromAsset()` as the build
+     * image of a CodeBuild step in the pipeline).
+     *
+     * You do not need to set it if you build Docker image assets in the
+     * application Stages and Stacks that are *deployed* by this pipeline.
+     *
+     * Configures privileged mode for the self-mutation CodeBuild action.
+     *
+     * If you are about to turn this on in an already-deployed Pipeline,
+     * set the value to `true` first, commit and allow the pipeline to
+     * self-update, and only then use the Docker asset in the pipeline.
+     *
+     * @default false
+     */
+    readonly dockerEnabledForSelfMutation?: boolean;
+    /**
+     * Enable Docker for the 'synth' step
+     *
+     * Set this to true if you are using file assets that require
+     * "bundling" anywhere in your application (meaning an asset
+     * compilation step will be run with the tools provided by
+     * a Docker image), both for the Pipeline stack as well as the
+     * application stacks.
+     *
+     * A common way to use bundling assets in your application is by
+     * using the `aws-cdk-lib/aws-lambda-nodejs` library.
+     *
+     * Configures privileged mode for the synth CodeBuild action.
+     *
+     * If you are about to turn this on in an already-deployed Pipeline,
+     * set the value to `true` first, commit and allow the pipeline to
+     * self-update, and only then use the bundled asset.
+     *
+     * @default false
+     */
+    readonly dockerEnabledForSynth?: boolean;
+    /**
+     * Customize the CodeBuild projects created for this pipeline
+     *
+     * @default - All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0
+     */
+    readonly codeBuildDefaults?: CodeBuildOptions;
+    /**
+     * Additional customizations to apply to the synthesize CodeBuild projects
+     *
+     * @default - Only `codeBuildDefaults` are applied
+     */
+    readonly synthCodeBuildDefaults?: CodeBuildOptions;
+    /**
+     * Additional customizations to apply to the asset publishing CodeBuild projects
+     *
+     * @default - Only `codeBuildDefaults` are applied
+     */
+    readonly assetPublishingCodeBuildDefaults?: CodeBuildOptions;
+    /**
+     * Additional customizations to apply to the self mutation CodeBuild projects
+     *
+     * @default - Only `codeBuildDefaults` are applied
+     */
+    readonly selfMutationCodeBuildDefaults?: CodeBuildOptions;
+    /**
+     * Publish assets in multiple CodeBuild projects
+     *
+     * If set to false, use one Project per type to publish all assets.
+     *
+     * Publishing in parallel improves concurrency and may reduce publishing
+     * latency, but may also increase overall provisioning time of the CodeBuild
+     * projects.
+     *
+     * Experiment and see what value works best for you.
+     *
+     * @default true
+     */
+    readonly publishAssetsInParallel?: boolean;
+    /**
+     * A list of credentials used to authenticate to Docker registries.
+     *
+     * Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.
+     *
+     * @default []
+     */
+    readonly dockerCredentials?: DockerCredential[];
+    /**
+     * An existing Pipeline to be reused and built upon.
+     *
+     * [disable-awslint:ref-via-interface]
+     *
+     * @default - a new underlying pipeline is created.
+     */
+    readonly codePipeline?: cp.Pipeline;
+    /**
+     * Reuse the same cross region support stack for all pipelines in the App.
+     *
+     * @default - true (Use the same support stack for all pipelines in App)
+     */
+    readonly reuseCrossRegionSupportStacks?: boolean;
+    /**
+     * The IAM role to be assumed by this Pipeline
+     *
+     * @default - A new role is created
+     */
+    readonly role?: iam.IRole;
+    /**
+     * Deploy every stack by creating a change set and executing it
+     *
+     * When enabled, creates a "Prepare" and "Execute" action for each stack. Disable
+     * to deploy the stack in one pipeline action.
+     *
+     * @default true
+     */
+    readonly useChangeSets?: boolean;
+    /**
+     * Enable KMS key rotation for the generated KMS keys.
+     *
+     * By default KMS key rotation is disabled, but will add
+     * additional costs when enabled.
+     *
+     * @default - false (key rotation is disabled)
+     */
+    readonly enableKeyRotation?: boolean;
+    /**
+     * An existing S3 Bucket to use for storing the pipeline's artifact.
+     *
+     * @default - A new S3 bucket will be created.
+     */
+    readonly artifactBucket?: s3.IBucket;
+    /**
+     * A map of region to S3 bucket name used for cross-region CodePipeline.
+     * For every Action that you specify targeting a different region than the Pipeline itself,
+     * if you don't provide an explicit Bucket for that region using this property,
+     * the construct will automatically create a Stack containing an S3 Bucket in that region.
+     * Passed directly through to the {@link cp.Pipeline}.
+     *
+     * @default - no cross region replication buckets.
+     */
+    readonly crossRegionReplicationBuckets?: {
+        [region: string]: s3.IBucket;
+    };
+    /**
+     * Use pipeline service role for actions if no action role configured
+     *
+     * @default - false
+     */
+    readonly usePipelineRoleForActions?: boolean;
+}
+/**
+ * Options for customizing a single CodeBuild project
+ */
+export interface CodeBuildOptions {
+    /**
+     * Partial build environment, will be combined with other build environments that apply
+     *
+     * @default - Non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0
+     */
+    readonly buildEnvironment?: cb.BuildEnvironment;
+    /**
+     * Policy statements to add to role
+     *
+     * @default - No policy statements added to CodeBuild Project Role
+     */
+    readonly rolePolicy?: iam.PolicyStatement[];
+    /**
+     * Partial buildspec, will be combined with other buildspecs that apply
+     *
+     * The BuildSpec must be available inline--it cannot reference a file
+     * on disk.
+     *
+     * @default - No initial BuildSpec
+     */
+    readonly partialBuildSpec?: cb.BuildSpec;
+    /**
+     * Which security group(s) to associate with the project network interfaces.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default - Security group will be automatically created.
+     */
+    readonly securityGroups?: ec2.ISecurityGroup[];
+    /**
+     * The VPC where to create the CodeBuild network interfaces in.
+     *
+     * @default - No VPC
+     */
+    readonly vpc?: ec2.IVpc;
+    /**
+     * Which subnets to use.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default - All private subnets.
+     */
+    readonly subnetSelection?: ec2.SubnetSelection;
+    /**
+     * Caching strategy to use.
+     *
+     * @default - No cache
+     */
+    readonly cache?: cb.Cache;
+    /**
+     * The number of minutes after which AWS CodeBuild stops the build if it's
+     * not complete. For valid values, see the timeoutInMinutes field in the AWS
+     * CodeBuild User Guide.
+     *
+     * @default Duration.hours(1)
+     */
+    readonly timeout?: Duration;
+    /**
+     * ProjectFileSystemLocation objects for CodeBuild build projects.
+     *
+     * A ProjectFileSystemLocation object specifies the identifier, location, mountOptions, mountPoint,
+     * and type of a file system created using Amazon Elastic File System.
+     * Requires a vpc to be set and privileged to be set to true.
+     *
+     * @default - no file system locations
+     */
+    readonly fileSystemLocations?: cb.IFileSystemLocation[];
+    /**
+     * Information about logs for CodeBuild projects. A CodeBuild project can create logs in Amazon CloudWatch Logs, an S3 bucket, or both.
+     *
+     * @default - no log configuration is set
+     */
+    readonly logging?: cb.LoggingOptions;
+}
+/**
+ * A CDK Pipeline that uses CodePipeline to deploy CDK apps
+ *
+ * This is a `Pipeline` with its `engine` property set to
+ * `CodePipelineEngine`, and exists for nicer ergonomics for
+ * users that don't need to switch out engines.
+ */
+export declare class CodePipeline extends PipelineBase {
+    private readonly props;
+    /**
+     * Whether SelfMutation is enabled for this CDK Pipeline
+     */
+    readonly selfMutationEnabled: boolean;
+    /**
+     * Allow pipeline service role used for actions if no action role configured
+     * instead of creating a new role for each action
+     */
+    readonly usePipelineRoleForActions: boolean;
+    private _pipeline?;
+    private artifacts;
+    private _synthProject?;
+    private _selfMutationProject?;
+    private readonly useChangeSets;
+    private _myCxAsmRoot?;
+    private readonly dockerCredentials;
+    private readonly cachedFnSub;
+    private stackOutputs;
+    /**
+     * Asset roles shared for publishing
+     */
+    private readonly assetCodeBuildRoles;
+    /**
+     * This is set to the very first artifact produced in the pipeline
+     */
+    private _fallbackArtifact?;
+    private _cloudAssemblyFileSet?;
+    private readonly singlePublisherPerAssetType;
+    private readonly cliVersion?;
+    private readonly cdkAssetsCliVersion;
+    constructor(scope: Construct, id: string, props: CodePipelineProps);
+    /**
+     * The CodeBuild project that performs the Synth
+     *
+     * Only available after the pipeline has been built.
+     */
+    get synthProject(): cb.IProject;
+    /**
+     * The CodeBuild project that performs the SelfMutation
+     *
+     * Will throw an error if this is accessed before `buildPipeline()`
+     * is called, or if selfMutation has been disabled.
+     */
+    get selfMutationProject(): cb.IProject;
+    /**
+     * The CodePipeline pipeline that deploys the CDK app
+     *
+     * Only available after the pipeline has been built.
+     */
+    get pipeline(): cp.Pipeline;
+    protected doBuildPipeline(): void;
+    private get myCxAsmRoot();
+    /**
+     * Scope for Assets-related resources.
+     *
+     * Purely exists for construct tree backwards compatibility with legacy pipelines
+     */
+    private get assetsScope();
+    private pipelineStagesAndActionsFromGraph;
+    /**
+     * Do additional things after the action got added to the pipeline
+     *
+     * Some minor state manipulation of CodeBuild projects and pipeline
+     * artifacts.
+     */
+    private postProcessNode;
+    /**
+     * Make an action from the given node and/or step
+     */
+    private actionFromNode;
+    /**
+     * Take a Step and turn it into a CodePipeline Action
+     *
+     * There are only 3 types of Steps we need to support:
+     *
+     * - Shell (generic)
+     * - ManualApproval (generic)
+     * - CodePipelineActionFactory (CodePipeline-specific)
+     *
+     * The rest is expressed in terms of these 3, or in terms of graph nodes
+     * which are handled elsewhere.
+     */
+    private actionFromStep;
+    private createChangeSetAction;
+    private executeChangeSetAction;
+    private executeDeploymentAction;
+    private selfMutateAction;
+    private publishAssetsAction;
+    private nodeTypeFromNode;
+    private codeBuildDefaultsFor;
+    private roleFromPlaceholderArn;
+    /**
+     * Non-template config files for CodePipeline actions
+     *
+     * Currently only supports tags.
+     */
+    private writeTemplateConfiguration;
+    /**
+     * This role is used by both the CodePipeline build action and related CodeBuild project. Consolidating these two
+     * roles into one, and re-using across all assets, saves significant size of the final synthesized output.
+     * Modeled after the CodePipeline role and 'CodePipelineActionRole' roles.
+     * Generates one role per asset type to separate file and Docker/image-based permissions.
+     */
+    private obtainAssetCodeBuildRole;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/codepipeline.js
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/confirm-permissions-broadening.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/confirm-permissions-broadening.d.ts
@@ -0,0 +1,33 @@
+import type { CodePipelineActionFactoryResult, ICodePipelineActionFactory, ProduceActionOptions } from './codepipeline-action-factory';
+import type { IStage } from '../../../aws-codepipeline';
+import type * as sns from '../../../aws-sns';
+import type { Stage } from '../../../core';
+import { Step } from '../blueprint';
+/**
+ * Properties for a `PermissionsBroadeningCheck`
+ */
+export interface PermissionsBroadeningCheckProps {
+    /**
+     * The CDK Stage object to check the stacks of
+     *
+     * This should be the same Stage object you are passing to `addStage()`.
+     */
+    readonly stage: Stage;
+    /**
+     * Topic to send notifications when a human needs to give manual confirmation
+     *
+     * @default - no notification
+     */
+    readonly notificationTopic?: sns.ITopic;
+}
+/**
+ * Pause the pipeline if a deployment would add IAM permissions or Security Group rules
+ *
+ * This step is only supported in CodePipeline pipelines.
+ */
+export declare class ConfirmPermissionsBroadening extends Step implements ICodePipelineActionFactory {
+    private readonly props;
+    constructor(id: string, props: PermissionsBroadeningCheckProps);
+    produceAction(stage: IStage, options: ProduceActionOptions): CodePipelineActionFactoryResult;
+    private getOrCreateSecCheck;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/confirm-permissions-broadening.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/confirm-permissions-broadening.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.ConfirmPermissionsBroadening=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var constructs_1=()=>{var tmp=require("constructs");return constructs_1=()=>tmp,tmp},cpa=()=>{var tmp=require("../../../aws-codepipeline-actions");return cpa=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},blueprint_1=()=>{var tmp=require("../blueprint");return blueprint_1=()=>tmp,tmp},application_security_check_1=()=>{var tmp=require("../private/application-security-check");return application_security_check_1=()=>tmp,tmp};class ConfirmPermissionsBroadening extends blueprint_1().Step{props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.ConfirmPermissionsBroadening",version:"2.252.0"};constructor(id,props){super(id),this.props=props;try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_PermissionsBroadeningCheckProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,ConfirmPermissionsBroadening),error}}produceAction(stage,options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_IStage(stage),jsiiDeprecationWarnings().aws_cdk_lib_pipelines_ProduceActionOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.produceAction),error}const sec=this.getOrCreateSecCheck(options.pipeline);this.props.notificationTopic?.grantPublish(sec.cdkDiffProject);const variablesNamespace=constructs_1().Node.of(this.props.stage).addr,approveActionName=`${options.actionName}.Confirm`;return stage.addAction(new(cpa()).CodeBuildAction({runOrder:options.runOrder,actionName:`${options.actionName}.Check`,input:options.artifacts.toCodePipeline(options.pipeline.cloudAssemblyFileSet),project:sec.cdkDiffProject,variablesNamespace,environmentVariables:{STAGE_PATH:{value:constructs_1().Node.of(this.props.stage).path},STAGE_NAME:{value:stage.stageName},ACTION_NAME:{value:approveActionName},...this.props.notificationTopic?{NOTIFICATION_ARN:{value:this.props.notificationTopic.topicArn},NOTIFICATION_SUBJECT:{value:`Confirm permission broadening in ${this.props.stage.stageName}`}}:{}}})),stage.addAction(new(cpa()).ManualApprovalAction({actionName:approveActionName,runOrder:options.runOrder+1,additionalInformation:`#{${variablesNamespace}.MESSAGE}`,externalEntityLink:`#{${variablesNamespace}.LINK}`})),{runOrdersConsumed:2}}getOrCreateSecCheck(pipeline){const id="PipelinesSecurityCheck",existing=constructs_1().Node.of(pipeline).tryFindChild(id);if(existing){if(!(existing instanceof application_security_check_1().ApplicationSecurityCheck))throw new(core_1()).ValidationError((0,literal_string_1().lit)`Expected`,`Expected '${constructs_1().Node.of(existing).path}' to be 'ApplicationSecurityCheck' but was '${existing}'`,pipeline);return existing}return new(application_security_check_1()).ApplicationSecurityCheck(pipeline,id,{codePipeline:pipeline.pipeline})}}exports.ConfirmPermissionsBroadening=ConfirmPermissionsBroadening;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/index.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/index.d.ts
@@ -0,0 +1,7 @@
+export * from './artifact-map';
+export * from './codebuild-step';
+export * from './confirm-permissions-broadening';
+export * from './codepipeline';
+export * from './codepipeline-action-factory';
+export * from './codepipeline-source';
+export * from './stack-outputs-map';
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/index.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/index.js
@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.ArtifactMap=void 0,Object.defineProperty(exports,_noFold="ArtifactMap",{enumerable:!0,configurable:!0,get:()=>{var value=require("./artifact-map").ArtifactMap;return Object.defineProperty(exports,_noFold="ArtifactMap",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipelineFileSet=void 0,Object.defineProperty(exports,_noFold="CodePipelineFileSet",{enumerable:!0,configurable:!0,get:()=>{var value=require("./artifact-map").CodePipelineFileSet;return Object.defineProperty(exports,_noFold="CodePipelineFileSet",{enumerable:!0,configurable:!0,value}),value}}),exports.CodeBuildStep=void 0,Object.defineProperty(exports,_noFold="CodeBuildStep",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codebuild-step").CodeBuildStep;return Object.defineProperty(exports,_noFold="CodeBuildStep",{enumerable:!0,configurable:!0,value}),value}}),exports.ConfirmPermissionsBroadening=void 0,Object.defineProperty(exports,_noFold="ConfirmPermissionsBroadening",{enumerable:!0,configurable:!0,get:()=>{var value=require("./confirm-permissions-broadening").ConfirmPermissionsBroadening;return Object.defineProperty(exports,_noFold="ConfirmPermissionsBroadening",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipeline=void 0,Object.defineProperty(exports,_noFold="CodePipeline",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codepipeline").CodePipeline;return Object.defineProperty(exports,_noFold="CodePipeline",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipelineSource=void 0,Object.defineProperty(exports,_noFold="CodePipelineSource",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codepipeline-source").CodePipelineSource;return Object.defineProperty(exports,_noFold="CodePipelineSource",{enumerable:!0,configurable:!0,value}),value}}),exports.StackOutputsMap=void 0,Object.defineProperty(exports,_noFold="StackOutputsMap",{enumerable:!0,configurable:!0,get:()=>{var value=require("./stack-outputs-map").StackOutputsMap;return Object.defineProperty(exports,_noFold="StackOutputsMap",{enumerable:!0,configurable:!0,value}),value}});
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/buildspecs.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/buildspecs.d.ts
@@ -0,0 +1,4 @@
+import * as codebuild from '../../../../aws-codebuild';
+export declare function mergeBuildSpecs(a: codebuild.BuildSpec, b?: codebuild.BuildSpec): codebuild.BuildSpec;
+export declare function mergeBuildSpecs(a: codebuild.BuildSpec | undefined, b: codebuild.BuildSpec): codebuild.BuildSpec;
+export declare function mergeBuildSpecs(a?: codebuild.BuildSpec, b?: codebuild.BuildSpec): codebuild.BuildSpec | undefined;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/buildspecs.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/buildspecs.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.mergeBuildSpecs=mergeBuildSpecs;var codebuild=()=>{var tmp=require("../../../../aws-codebuild");return codebuild=()=>tmp,tmp};function mergeBuildSpecs(a,b){return!a||!b?a??b:codebuild().mergeBuildSpecs(a,b)}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/codebuild-factory.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/codebuild-factory.d.ts
@@ -0,0 +1,120 @@
+import type { Construct, IDependable } from 'constructs';
+import * as codebuild from '../../../../aws-codebuild';
+import type * as codepipeline from '../../../../aws-codepipeline';
+import * as iam from '../../../../aws-iam';
+import type { FileSetLocation, ShellStep, StackOutputReference } from '../../blueprint';
+import { StepOutput } from '../../helpers-internal/step-output';
+import type { CodeBuildStep } from '../codebuild-step';
+import type { CodeBuildOptions } from '../codepipeline';
+import type { ICodePipelineActionFactory, ProduceActionOptions, CodePipelineActionFactoryResult } from '../codepipeline-action-factory';
+export interface CodeBuildFactoryProps {
+    /**
+     * Name for the generated CodeBuild project
+     *
+     * @default - Automatically generated
+     */
+    readonly projectName?: string;
+    /**
+     * Customization options for the project
+     *
+     * Will at CodeBuild production time be combined with the option
+     * defaults configured on the pipeline.
+     *
+     * @default - No special values
+     */
+    readonly projectOptions?: CodeBuildOptions;
+    /**
+     * Custom execution role to be used for the CodeBuild project
+     *
+     * @default - A role is automatically created
+     */
+    readonly role?: iam.IRole;
+    /**
+     * Custom execution role to be used for the Code Build Action
+     *
+     * @default - A role is automatically created
+     */
+    readonly actionRole?: iam.IRole;
+    /**
+     * If true, the build spec will be passed via the Cloud Assembly instead of rendered onto the Project
+     *
+     * Doing this has two advantages:
+     *
+     * - Bypass size restrictions: the buildspec on the project is restricted
+     *   in size, while buildspecs coming from an input artifact are not restricted
+     *   in such a way.
+     * - Bypass pipeline update: if the SelfUpdate step has to change the buildspec,
+     *   that just takes time. On the other hand, if the buildspec comes from the
+     *   pipeline artifact, no such update has to take place.
+     *
+     * @default false
+     */
+    readonly passBuildSpecViaCloudAssembly?: boolean;
+    /**
+     * Override the construct tree where the CodeBuild project is created.
+     *
+     * Normally, the construct tree will look like this:
+     *
+     *  ── Pipeline
+     *      └── 'MyStage'         <- options.scope
+     *           └── 'MyAction'   <- this is the CodeBuild project
+     *
+     * If this flag is set, the construct tree will look like this:
+     *
+     *  ── Pipeline
+     *      └── 'MyStage'                         <- options.scope
+     *           └── 'MyAction'                   <- just a scope
+     *                  └── 'BackwardsCompatName' <- CodeBuild project
+     *
+     * This is to maintain logicalID compatibility with the previous iteration
+     * of pipelines (where the Action was a construct that would create the Project).
+     *
+     * @default true
+     */
+    readonly additionalConstructLevel?: boolean;
+    /**
+     * Additional dependency that the CodeBuild project should take
+     *
+     * @default -
+     */
+    readonly additionalDependable?: IDependable;
+    readonly inputs?: FileSetLocation[];
+    readonly outputs?: FileSetLocation[];
+    readonly stepId?: string;
+    readonly commands: string[];
+    readonly installCommands?: string[];
+    readonly env?: Record<string, string>;
+    readonly envFromCfnOutputs?: Record<string, StackOutputReference>;
+    /**
+     * If given, override the scope from the produce call with this scope.
+     */
+    readonly scope?: Construct;
+    /**
+     * Whether or not the given CodeBuild project is going to be the synth step
+     *
+     * @default false
+     */
+    readonly isSynth?: boolean;
+    /**
+     * StepOutputs produced by this CodeBuild step
+     */
+    readonly producedStepOutputs?: StepOutput[];
+}
+/**
+ * Produce a CodeBuild project from a ShellStep and some CodeBuild-specific customizations
+ *
+ * The functionality here is shared between the `CodePipeline` translating a `ShellStep` into
+ * a CodeBuild project, as well as the `CodeBuildStep` straight up.
+ */
+export declare class CodeBuildFactory implements ICodePipelineActionFactory {
+    private readonly constructId;
+    private readonly props;
+    static fromShellStep(constructId: string, shellStep: ShellStep, additional?: Partial<CodeBuildFactoryProps>): ICodePipelineActionFactory;
+    static fromCodeBuildStep(constructId: string, step: CodeBuildStep, additional?: Partial<CodeBuildFactoryProps>): ICodePipelineActionFactory;
+    private _project?;
+    private stepId;
+    private constructor();
+    get project(): codebuild.IProject;
+    produceAction(stage: codepipeline.IStage, options: ProduceActionOptions): CodePipelineActionFactoryResult;
+}
+export declare function mergeCodeBuildOptions(...opts: Array<CodeBuildOptions | undefined>): CodeBuildOptions;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/codebuild-factory.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/codebuild-factory.js
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/outputs.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/outputs.d.ts
@@ -0,0 +1,14 @@
+import type * as cp from '../../../../aws-codepipeline';
+import type { Step } from '../../blueprint/step';
+export declare function makeCodePipelineOutput(step: Step, variableName: string): string;
+/**
+ * If the step is producing outputs, determine a variableNamespace for it, and configure that on the outputs
+ */
+export declare function namespaceStepOutputs(step: Step, stage: cp.IStage, name: string): string | undefined;
+/**
+ * Generate a variable namespace from stage and action names
+ *
+ * Variable namespaces cannot have '.', but they can have '@'. Other than that,
+ * action names are more limited so they translate easily.
+ */
+export declare function namespaceName(stage: cp.IStage, name: string): string;
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/outputs.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/private/outputs.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.makeCodePipelineOutput=makeCodePipelineOutput,exports.namespaceStepOutputs=namespaceStepOutputs,exports.namespaceName=namespaceName;var core_1=()=>{var tmp=require("../../../../core");return core_1=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},helpers_internal_1=()=>{var tmp=require("../../helpers-internal");return helpers_internal_1=()=>tmp,tmp};const CODEPIPELINE_ENGINE_NAME="codepipeline";function makeCodePipelineOutput(step,variableName){return new(helpers_internal_1()).StepOutput(step,CODEPIPELINE_ENGINE_NAME,variableName).toString()}function namespaceStepOutputs(step,stage,name){let ret;for(const output of helpers_internal_1().StepOutput.producedStepOutputs(step)){if(ret=namespaceName(stage,name),output.engineName!==CODEPIPELINE_ENGINE_NAME)throw new(core_1()).ValidationError((0,literal_string_1().lit)`FoundUnrecognizedOutputType`,`Found unrecognized output type: ${output.engineName}`,stage.pipeline);if(typeof output.engineSpecificInformation!="string")throw new(core_1()).ValidationError((0,literal_string_1().lit)`CodePipelineRequiresEngineSpecific`,`CodePipeline requires that 'engineSpecificInformation' is a string, got: ${JSON.stringify(output.engineSpecificInformation)}`,stage.pipeline);output.defineResolution(`#{${ret}.${output.engineSpecificInformation}}`)}return ret}function namespaceName(stage,name){return`${stage.stageName}/${name}`.replace(/[^a-zA-Z0-9@_-]/g,"@")}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/stack-outputs-map.d.ts
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/stack-outputs-map.d.ts
@@ -0,0 +1,13 @@
+import type { StackOutputReference } from '../blueprint';
+import type { PipelineBase } from '../main';
+/**
+ * Translate stack outputs to CodePipeline variable references
+ */
+export declare class StackOutputsMap {
+    private queries;
+    constructor(pipeline: PipelineBase);
+    /**
+     * Return the matching variable reference string for a StackOutputReference
+     */
+    toCodePipeline(x: StackOutputReference): string;
+}
--- a/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/stack-outputs-map.js
+++ b/cdk/node_modules/aws-cdk-lib/pipelines/lib/codepipeline/stack-outputs-map.js
@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.StackOutputsMap=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var pipeline_queries_1=()=>{var tmp=require("../helpers-internal/pipeline-queries");return pipeline_queries_1=()=>tmp,tmp},identifiers_1=()=>{var tmp=require("../private/identifiers");return identifiers_1=()=>tmp,tmp};class StackOutputsMap{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.StackOutputsMap",version:"2.252.0"};queries;constructor(pipeline){try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_PipelineBase(pipeline)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,StackOutputsMap),error}this.queries=new(pipeline_queries_1()).PipelineQueries(pipeline)}toCodePipeline(x){try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_StackOutputReference(x)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.toCodePipeline),error}return`#{${(0,identifiers_1().stackVariableNamespace)(this.queries.producingStack(x))}.${x.outputName}}`}}exports.StackOutputsMap=StackOutputsMap;
				`@@ -0,0 +1 @@`
				"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.CodePipelineFileSet=exports.ArtifactMap=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var crypto=()=>{var tmp=require("crypto");return crypto=()=>tmp,tmp},cp=()=>{var tmp=require("../../../aws-codepipeline");return cp=()=>tmp,tmp},blueprint_1=()=>{var tmp=require("../blueprint");return blueprint_1=()=>tmp,tmp},helpers_internal_1=()=>{var tmp=require("../helpers-internal");return helpers_internal_1=()=>tmp,tmp};class ArtifactMap{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.ArtifactMap",version:"2.252.0"};artifacts=new Map;usedNames=new Set;toCodePipeline(x){try{jsiiDeprecationWarnings().aws_cdk_lib_pipelines_FileSet(x)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.toCodePipeline),error}if(x instanceof CodePipelineFileSet)return x._artifact;let ret=this.artifacts.get(x);if(!ret){const artifactName=this.makeUniqueName(`${x.producer.id}.${x.id}`);this.usedNames.add(artifactName),this.artifacts.set(x,ret=new(cp()).Artifact(artifactName))}return ret}makeUniqueName(baseName){let i=1;baseName=sanitizeArtifactName(baseName);let name=baseName;for(;this.usedNames.has(name);)name=`${baseName}${++i}`;return name}}exports.ArtifactMap=ArtifactMap;function sanitizeArtifactName(x){let sani=x.replace(/[^A-Za-z0-9_]/g,"_");const maxLength=100;if(sani.length>maxLength){const fingerprint=crypto().createHash("sha256").update(sani).digest("hex").slice(0,8);sani=sani.slice(0,maxLength-fingerprint.length)+fingerprint}return sani}class CodePipelineFileSet extends blueprint_1().FileSet{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.pipelines.CodePipelineFileSet",version:"2.252.0"};static fromArtifact(artifact){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_Artifact(artifact)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromArtifact),error}return new CodePipelineFileSet(artifact)}_artifact;constructor(artifact){super(artifact.artifactName??"Imported",helpers_internal_1().PipelineGraph.NO_STEP),this._artifact=artifact}}exports.CodePipelineFileSet=CodePipelineFileSet;
				`@@ -0,0 +1 @@`
				`"use strict";Object.defineProperty(exports,"__esModule",{value:!0});`
				`@@ -0,0 +1 @@`
				"use strict";var __createBinding=exports&&exports.__createBinding\|\|(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc\|\|("get"in desc?!m.__esModule:desc.writable\|\|desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar\|\|function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.ArtifactMap=void 0,Object.defineProperty(exports,_noFold="ArtifactMap",{enumerable:!0,configurable:!0,get:()=>{var value=require("./artifact-map").ArtifactMap;return Object.defineProperty(exports,_noFold="ArtifactMap",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipelineFileSet=void 0,Object.defineProperty(exports,_noFold="CodePipelineFileSet",{enumerable:!0,configurable:!0,get:()=>{var value=require("./artifact-map").CodePipelineFileSet;return Object.defineProperty(exports,_noFold="CodePipelineFileSet",{enumerable:!0,configurable:!0,value}),value}}),exports.CodeBuildStep=void 0,Object.defineProperty(exports,_noFold="CodeBuildStep",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codebuild-step").CodeBuildStep;return Object.defineProperty(exports,_noFold="CodeBuildStep",{enumerable:!0,configurable:!0,value}),value}}),exports.ConfirmPermissionsBroadening=void 0,Object.defineProperty(exports,_noFold="ConfirmPermissionsBroadening",{enumerable:!0,configurable:!0,get:()=>{var value=require("./confirm-permissions-broadening").ConfirmPermissionsBroadening;return Object.defineProperty(exports,_noFold="ConfirmPermissionsBroadening",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipeline=void 0,Object.defineProperty(exports,_noFold="CodePipeline",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codepipeline").CodePipeline;return Object.defineProperty(exports,_noFold="CodePipeline",{enumerable:!0,configurable:!0,value}),value}}),exports.CodePipelineSource=void 0,Object.defineProperty(exports,_noFold="CodePipelineSource",{enumerable:!0,configurable:!0,get:()=>{var value=require("./codepipeline-source").CodePipelineSource;return Object.defineProperty(exports,_noFold="CodePipelineSource",{enumerable:!0,configurable:!0,value}),value}}),exports.StackOutputsMap=void 0,Object.defineProperty(exports,_noFold="StackOutputsMap",{enumerable:!0,configurable:!0,get:()=>{var value=require("./stack-outputs-map").StackOutputsMap;return Object.defineProperty(exports,_noFold="StackOutputsMap",{enumerable:!0,configurable:!0,value}),value}});