fix: chokidar and npm rely on outdated version of tar

[iankhou]

Fixes #1044

Gets us off of tar mv 6 by upgrading chokidar from v3 -> v4 (used by cdk watch), and npm from v10 -> v11 (used by cli-integ)

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[codecov-commenter]

Codecov Report

❌ Patch coverage is 85.00000% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 87.64%. Comparing base (78ed91b) to head (8b1a595).

Files with missing lines	Patch %	Lines
packages/aws-cdk/lib/cli/cdk-toolkit.ts	85.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1059      +/-   ##
==========================================
- Coverage   87.70%   87.64%   -0.06%     
==========================================
  Files          72       72              
  Lines       10102    10121      +19     
  Branches     1335     1334       -1     
==========================================
+ Hits         8860     8871      +11     
- Misses       1217     1225       +8     
  Partials       25       25              

Flag	Coverage Δ
suite.unit	87.64% <85.00%> (-0.06%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

Upgrades key Node tooling dependencies to move off tar v6 by bumping chokidar (for cdk watch) and npm (for cli-integ), along with necessary code and build config adjustments.

Changes:

• Upgrade chokidar from v3 → v4 across CLI, toolkit-lib, and integ-runner (plus updated watch event typing/filtering).
• Upgrade npm from v10 → v11 in @aws-cdk-testing/cli-integ (and update lockfile graph, including tar v7).
• Update bundling config/tasks and adjust watcher shutdown behavior/tests (remove unref usage).

Reviewed changes

Copilot reviewed 17 out of 18 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
yarn.lock	Updates the dependency graph for chokidar v4, npm v11, and newer tar/related transitive deps.
packages/aws-cdk/package.json	Bumps runtime dependency chokidar to ^4.
packages/aws-cdk/lib/cli/cdk-toolkit.ts	Updates watch handling for chokidar v4 event typing/filtering.
packages/aws-cdk/THIRD_PARTY_LICENSES	Updates bundled third-party attributions (currently missing chokidar attribution).
packages/aws-cdk/.projen/tasks.json	Updates node-backpack pack/validate command lines (removes fsevents externalization).
packages/aws-cdk/.projen/deps.json	Aligns projen-managed deps to chokidar@^4.
packages/@aws-cdk/toolkit-lib/test/actions/watch.test.ts	Updates tests to reflect watcher shutdown changes (no unref).
packages/@aws-cdk/toolkit-lib/package.json	Bumps runtime dependency chokidar to ^4.
packages/@aws-cdk/toolkit-lib/lib/toolkit/toolkit.ts	Updates watch logic to accept chokidar v4 event types and removes unref.
packages/@aws-cdk/toolkit-lib/.projen/deps.json	Aligns projen-managed deps to chokidar@^4.
packages/@aws-cdk/integ-runner/package.json	Bumps runtime dependency chokidar to ^4.
packages/@aws-cdk/integ-runner/lib/runner/integ-test-runner.ts	Updates chokidar watch event typing/filtering for v4.
packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES	Updates bundled third-party attributions (currently missing chokidar attribution).
packages/@aws-cdk/integ-runner/.projen/tasks.json	Updates node-backpack pack/validate command lines (removes fsevents externalization).
packages/@aws-cdk/integ-runner/.projen/deps.json	Aligns projen-managed deps to chokidar@^4.
packages/@aws-cdk-testing/cli-integ/package.json	Bumps runtime dependency npm to ^11.
packages/@aws-cdk-testing/cli-integ/.projen/deps.json	Aligns projen-managed deps to npm@^11.
.projenrc.ts	Updates projen project dependency declarations and bundling configuration to match new versions.

Comments suppressed due to low confidence (2)

packages/aws-cdk/THIRD_PARTY_LICENSES:21572

• THIRD_PARTY_LICENSES no longer contains an attribution entry for chokidar, but aws-cdk still declares chokidar as a runtime dependency (now ^4). Please regenerate/update the attributions so the new chokidar version (and any new transitive deps like readdirp@^4) are included; otherwise the published package/bundle will be missing required third-party notices.
  packages/@aws-cdk/integ-runner/THIRD_PARTY_LICENSES:21414
• THIRD_PARTY_LICENSES no longer contains an attribution entry for chokidar, but @aws-cdk/integ-runner still declares chokidar as a runtime dependency (now ^4). Please regenerate/update the attributions so the new chokidar version (and any new transitive deps like readdirp@^4) are included; otherwise the published package/bundle will be missing required third-party notices.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.