chore(release): 1.63.0 (#3680)

See [CHANGELOG](https://github.com/aws/jsii/blob/bump/1.63.0/CHANGELOG.md)

Author: mergify[bot]

.github/workflows/docker-images.yml

@@ -15,6 +15,7 @@ jobs:
     name: jsii/superchain
     permissions:
       contents: read
+      id-token: write # Necessary for OIDC federation
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -45,13 +46,49 @@ jobs:
               echo '⏯ Dockerfile changed'
               echo "::set-output name=result::true"
             else
-              echo '⏭ Dockerfile not changed'
-              echo "::set-output name=result::false"
+              if grep '.github/workflows/docker-images.yml' <<< "${changed}" ; then
+                echo '⏯ docker-images workflow changed'
+                echo "::set-output name=result::true"
+              else
+                echo '⏭ Dockerfile not changed'
+                echo "::set-output name=result::false"
+              fi
             fi
           fi
 
+      # Check if federation into AWS is configured. This is necessary because
+      # GitHub does not interpret ${{ secret.FOO }} within `if:` conditions...
+      # See: https://github.com/actions/runner/issues/520
+      - name: Check AWS federation configuration
+        id: federate_to_aws
+        if: steps.should-run.outputs.result == 'true'
+        run: |-
+          if [[ "${{ secrets.AWS_ROLE_TO_ASSUME }}" != "" ]]; then
+            echo "🔑 Federation into AWS is possible (AWS_ROLE_TO_ASSUME is available)"
+            echo "::set-output name=enabled::true"
+          else
+            echo "❌ Federation into AWS is disabled (no AWS_ROLE_TO_ASSUME secret found)"
+            echo "::set-output name=enabled::false"
+          fi
+
+      # Federate into the PR Validation AWS Account
+      - name: Federate into AWS
+        if: steps.should-run.outputs.result == 'true' && steps.federate_to_aws.outputs.enabled == 'true'
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-region: us-east-1
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+          role-session-name: GHA_aws-jsii_docker-images
+
+      # Login to ECR Public registry, so we don't get throttled at 1 TPS
+      - name: Login to ECR Public
+        if: steps.should-run.outputs.result == 'true' && steps.federate_to_aws.outputs.enabled == 'true'
+        run: |-
+          aws ecr-public get-login-password --region=us-east-1                  \
+          | docker login --username AWS --password-stdin public.ecr.aws
+
       # We only authenticate to Docker on the 'aws/jsii' repo, as forks will not have the secret
-      - name: Login to Docker
+      - name: Login to Docker Hub
         if: steps.should-run.outputs.result == 'true' && github.repository == 'aws/jsii'
         # The DOCKER_CREDENTIALS secret is expected to contain a username:token pair
         run: |-
@@ -70,6 +107,12 @@ jobs:
         id: buildx
         if: steps.should-run.outputs.result == 'true'
         uses: docker/setup-buildx-action@v2
+        with:
+          # Disable parallelism because IO contention makes it too slow on GitHub
+          # workers...
+          config-inline: |-
+            [worker.oci]
+              max-parallelism = 1
 
       # We only restore GH cache if we are not going to publish the result (i.e: PR validation)
       - name: Set up layer cache
@@ -85,7 +128,7 @@ jobs:
       # 1 pull per second from ECR Public
       - name: Jitter the start time to avoid ECR Public throttling
         id: sleep-start
-        if: steps.should-run.outputs.result == 'true'
+        if: steps.should-run.outputs.result == 'true' && steps.federate_to_aws.outputs.enabled != true
         run: |-
           sleep $((RANDOM % 60))
 
@@ -111,27 +154,12 @@ jobs:
             -f superchain/Dockerfile                                            \
             .
 
-      # Testing sequentially, because in parallel it's too slow due to IO contention
-      - name: Test Image (AMD64)
-        if: steps.should-run.outputs.result == 'true'
-        run: |-
-          docker buildx build                                                   \
-            --builder ${{ steps.buildx.outputs.name }}                          \
-            --platform linux/amd64                                              \
-            --target superchain                                                 \
-            --cache-from type=local,src=/tmp/.buildx-cache                      \
-            --cache-to type=local,dest=/tmp/.buildx-cache                       \
-            --build-arg BUILD_TIMESTAMP="${{ steps.build-time.outputs.value }}" \
-            --build-arg COMMIT_ID='${{ github.sha }}'                           \
-            --build-arg NODE_MAJOR_VERSION=${{ matrix.node }}                   \
-            -f superchain/Dockerfile                                            \
-            .
-      - name: Test Image (ARM64)
+      - name: Test Image
         if: steps.should-run.outputs.result == 'true'
         run: |-
           docker buildx build                                                   \
             --builder ${{ steps.buildx.outputs.name }}                          \
-            --platform linux/arm64                                              \
+            --platform linux/amd64,linux/arm64                                  \
             --target superchain                                                 \
             --cache-from type=local,src=/tmp/.buildx-cache                      \
             --cache-to type=local,dest=/tmp/.buildx-cache                       \

.github/workflows/main.yml

@@ -28,10 +28,10 @@ jobs:
       - name: Check out
         uses: actions/checkout@v3
       # Set up all of our standard runtimes
-      - name: Set up .NET 5
+      - name: Set up .NET 6
         uses: actions/setup-dotnet@v2
         with:
-          dotnet-version: '5.0.x'
+          dotnet-version: '6.0.x'
       - name: Set up Go 1.16
         uses: actions/setup-go@v3
         with:
@@ -122,10 +122,10 @@ jobs:
       - name: Check out
         uses: actions/checkout@v3
       # Set up all of our standard runtimes
-      - name: Set up .NET 5
+      - name: Set up .NET 6
         uses: actions/setup-dotnet@v2
         with:
-          dotnet-version: '5.0.x'
+          dotnet-version: '6.0.x'
       - name: Set up Go 1.16
         uses: actions/setup-go@v3
         with:
@@ -240,12 +240,6 @@ jobs:
             node: '14'
             python: '3.7'
           # Test alternate .NETs
-          - java: '8'
-            dotnet: '5.0.x'
-            go: '1.16'
-            node: '14'
-            os: ubuntu-latest
-            python: '3.7'
           - java: '8'
             dotnet: '6.0.x'
             go: '1.16'

.mergify/config.yml

@@ -14,7 +14,7 @@ queue_rules:
       - status-success~=^Test \(.* node 18 .*$
       # One test for each supported dotnet version
       - status-success~=^Test \(.* dotnet 3\.1\.x .*$
-      - status-success~=^Test \(.* dotnet 5\.0\.x .*$
+      - status-success~=^Test \(.* dotnet 6\.0\.x .*$
       # One test for Java 8 and 11
       - status-success~=^Test \(.* java 8 .*$
       - status-success~=^Test \(.* java 11 .*$
@@ -64,7 +64,7 @@ pull_request_rules:
       - status-success~=^Test \(.* node 18 .*$
       # One test for each supported dotnet version
       - status-success~=^Test \(.* dotnet 3\.1\.x .*$
-      - status-success~=^Test \(.* dotnet 5\.0\.x .*$
+      - status-success~=^Test \(.* dotnet 6\.0\.x .*$
       # One test for Java 8 and 11
       - status-success~=^Test \(.* java 8 .*$
       - status-success~=^Test \(.* java 11 .*$
@@ -114,7 +114,7 @@ pull_request_rules:
       - status-success~=^Test \(.* node 18 .*$
       # One test for each supported dotnet version
       - status-success~=^Test \(.* dotnet 3\.1\.x .*$
-      - status-success~=^Test \(.* dotnet 5\.0\.x .*$
+      - status-success~=^Test \(.* dotnet 6\.0\.x .*$
       # One test for Java 8 and 11
       - status-success~=^Test \(.* java 8 .*$
       - status-success~=^Test \(.* java 11 .*$
@@ -164,7 +164,7 @@ pull_request_rules:
       - status-success~=^Test \(.* node 18 .*$
       # One test for each supported dotnet version
       - status-success~=^Test \(.* dotnet 3\.1\.x .*$
-      - status-success~=^Test \(.* dotnet 5\.0\.x .*$
+      - status-success~=^Test \(.* dotnet 6\.0\.x .*$
       # One test for Java 8 and 11
       - status-success~=^Test \(.* java 8 .*$
       - status-success~=^Test \(.* java 11 .*$

CHANGELOG.md

@@ -2,6 +2,21 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.63.0](https://github.com/aws/jsii/compare/v1.62.0...v1.63.0) (2022-07-26)
+
+
+### Features
+
+* **jsii:** allow specifying baseUrl and paths in tsconfig.json ([#3662](https://github.com/aws/jsii/issues/3662)) ([7eb11b7](https://github.com/aws/jsii/commit/7eb11b7d3173f450cd6bd4c29180f6edf7f6b219)), closes [#865](https://github.com/aws/jsii/issues/865)
+* **python:** add dynamic type checking ([#3660](https://github.com/aws/jsii/issues/3660)) ([6c4b773](https://github.com/aws/jsii/commit/6c4b77301341add25df059c66fabde225377a48a)), closes [#3639](https://github.com/aws/jsii/issues/3639)
+
+
+### Bug Fixes
+
+* **go:** unused imports emitted for type unions ([#3664](https://github.com/aws/jsii/issues/3664)) ([68a80d9](https://github.com/aws/jsii/commit/68a80d98f1faa5772862c18b6907ca2298dccc76)), closes [#3399](https://github.com/aws/jsii/issues/3399)
+* **rosetta:** infuse incorrectly handles compressed assemblies ([#3669](https://github.com/aws/jsii/issues/3669)) ([a5bd219](https://github.com/aws/jsii/commit/a5bd2196f2e2e43686c3013a4671c55ddd8ee248))
+* **rosetta:** tablet compression handled incorrectly in multiple places ([#3670](https://github.com/aws/jsii/issues/3670)) ([30eded9](https://github.com/aws/jsii/commit/30eded98ec05734f687023ca04ec09769fb1e331)), closes [#3652](https://github.com/aws/jsii/issues/3652)
+
 ## [1.62.0](https://github.com/aws/jsii/compare/v1.61.0...v1.62.0) (2022-07-12)
 
 

gh-pages/content/user-guides/lib-author/configuration/index.md

@@ -197,6 +197,7 @@ are set in the `jsii.tsc` section of the `package.json` file, but use the same n
   default, all visible `@types/*` packages will be loaded, which can be undesirable (in particular in monorepos, where
   some type libraries are not compatible with the TypeScript compiler version that `jsii` uses). The value specified
   here will be forwarded as-is to the TypeScript compiler.
+- `baseUrl` and `paths` can be used to configure TypeScript path mappings, and are copied verbatim to `tsconfig.json`.
 
 Refer to the [TypeScript compiler options reference][ts-options] for more information about those options.
 

gh-pages/requirements-dev.txt

@@ -1,4 +1,4 @@
-mkdocs~=1.3.0
-mkdocs-awesome-pages-plugin~=2.7.0
-mkdocs-material~=8.3.8
+mkdocs~=1.3.1
+mkdocs-awesome-pages-plugin~=2.8.0
+mkdocs-material~=8.3.9
 mkdocs-git-revision-date-plugin~=0.3.2

lerna.json

@@ -10,5 +10,5 @@
       "rejectCycles": true
     }
   },
-  "version": "1.62.0"
+  "version": "1.63.0"
 }

package.json

@@ -15,26 +15,26 @@
     "compliance": "(cd tools/jsii-compliance && yarn report)"
   },
   "devDependencies": {
-    "@jest/types": "^28.1.1",
-    "@types/jest": "^28.1.4",
-    "@types/node": "^14.18.21",
-    "@typescript-eslint/eslint-plugin": "^5.30.5",
-    "@typescript-eslint/parser": "^5.30.5",
+    "@jest/types": "^28.1.3",
+    "@types/jest": "^28.1.6",
+    "@types/node": "^14.18.22",
+    "@typescript-eslint/eslint-plugin": "^5.30.7",
+    "@typescript-eslint/parser": "^5.30.7",
     "all-contributors-cli": "^6.20.0",
-    "eslint": "^8.19.0",
+    "eslint": "^8.20.0",
     "eslint-config-prettier": "^8.5.0",
     "eslint-import-resolver-node": "^0.3.6",
-    "eslint-import-resolver-typescript": "^3.2.4",
+    "eslint-import-resolver-typescript": "^3.3.0",
     "eslint-plugin-import": "^2.26.0",
     "eslint-plugin-prettier": "^4.2.1",
-    "jest": "^28.1.2",
-    "jest-circus": "^28.1.2",
-    "jest-config": "^28.1.2",
+    "jest": "^28.1.3",
+    "jest-circus": "^28.1.3",
+    "jest-config": "^28.1.3",
     "jest-expect-message": "^1.0.2",
-    "lerna": "^5.1.6",
+    "lerna": "^5.1.8",
     "prettier": "^2.7.1",
     "standard-version": "^9.5.0",
-    "ts-node": "^10.8.2",
+    "ts-node": "^10.9.1",
     "typescript": "~4.7.4"
   },
   "repository": {

packages/@jsii/Directory.Build.targets

@@ -11,7 +11,7 @@
     <PackageReference Update="Microsoft.CodeQuality.Analyzers" Version="3.3.2" />
 
     <PackageReference Update="Microsoft.NET.Test.Sdk" Version="17.2.0" />
-    <PackageReference Update="NSubstitute" Version="4.3.0" />
+    <PackageReference Update="NSubstitute" Version="4.4.0" />
     <PackageReference Update="xunit" Version="2.4.1" />
     <PackageReference Update="xunit.runner.visualstudio" Version="2.4.5" />
     <PackageReference Update="XunitXml.TestLogger" Version="3.0.70" />

packages/@jsii/benchmarks/package.json

@@ -7,7 +7,7 @@
   "dependencies": {
     "fs-extra": "^10.1.0",
     "jsii": "^0.0.0",
-    "npm": "^8.13.2",
+    "npm": "^8.14.0",
     "tar": "^6.1.11",
     "typescript": "~3.9.10",
     "yargs": "^16.2.0"

packages/@jsii/java-runtime/pom.xml.t.js

@@ -60,11 +60,11 @@ process.stdout.write(`<?xml version="1.0" encoding="UTF-8"?>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <!-- Versions of the dependencies -->
         <hamcrest.version>[1.3,1.4-a0)</hamcrest.version>
-        <jackson.version>[2.11.3,2.12-a0)</jackson.version>
+        <jackson.version>[2.11.3,2.14-a0)</jackson.version>
         <javax-annotations.version>[1.3.2,1.4.0)</javax-annotations.version>
-        <jetbrains-annotations.version>[13.0.0,20.0-a0)</jetbrains-annotations.version>
-        <junit.version>[5.7.0,5.8-a0)</junit.version>
-        <mockito.version>[3.5.13,4.0-a0)</mockito.version>
+        <jetbrains-annotations.version>[13.0.0,24.0-a0)</jetbrains-annotations.version>
+        <junit.version>[5.8.0,5.10-a0)</junit.version>
+        <mockito.version>[3.12.4,4.0-a0)</mockito.version>
     </properties>
 
     <dependencies>
@@ -82,6 +82,13 @@ process.stdout.write(`<?xml version="1.0" encoding="UTF-8"?>
             <version>\${jackson.version}</version>
         </dependency>
 
+        <!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.datatype/jackson-datatype-jsr310 -->
+        <dependency>
+            <groupId>com.fasterxml.jackson.datatype</groupId>
+            <artifactId>jackson-datatype-jsr310</artifactId>
+            <version>\${jackson.version}</version>
+        </dependency>
+
         <!-- https://mvnrepository.com/artifact/org.jetbrains/annotations -->
         <dependency>
             <groupId>org.jetbrains</groupId>

packages/@jsii/kernel/src/kernel.test.ts

@@ -3,7 +3,6 @@ import * as fs from 'fs-extra';
 import * as os from 'os';
 import { join } from 'path';
 import * as path from 'path';
-import * as vm from 'vm';
 
 import * as api from './api';
 import {
@@ -701,13 +700,13 @@ defineTest('async overrides: two overrides', async (sandbox) => {
   expect(callbacks1.callbacks.length).toBe(1);
 
   sandbox.complete({ cbid: callbacks1.callbacks[0].cbid, result: 666 });
-  await processPendingPromises(sandbox); // processing next promise
+  await processPendingPromises(); // processing next promise
 
   const callbacks2 = sandbox.callbacks();
   expect(callbacks2.callbacks.length).toBe(1);
 
   sandbox.complete({ cbid: callbacks2.callbacks[0].cbid, result: 101 });
-  await processPendingPromises(sandbox);
+  await processPendingPromises();
 
   const result = await sandbox.end({ promiseid: promise.promiseid });
   expect(result.result).toBe(775);
@@ -744,7 +743,7 @@ defineTest(
     // this is needed in order to cycle through another event loop so
     // that promises that are lazily called will be processed (nothing ensures
     // that the promise callback will be invokes synchronously).
-    await processPendingPromises(sandbox);
+    await processPendingPromises();
 
     const callbacks1 = sandbox.callbacks();
 
@@ -781,7 +780,7 @@ defineTest(
     sandbox.complete({ cbid: callbacks1.callbacks[0].cbid, result: 8888 });
 
     // required: process pending promises so that we will get the next one in the callbacks list
-    await processPendingPromises(sandbox);
+    await processPendingPromises();
 
     // ------ end of execution of "overrideMe"
 
@@ -802,11 +801,8 @@ defineTest(
   },
 );
 
-function processPendingPromises(sandbox: Kernel) {
-  return vm.runInContext(
-    'new Promise(done => setImmediate(done));',
-    (sandbox as any).sandbox,
-  );
+async function processPendingPromises() {
+  return new Promise<void>((done) => setImmediate(done));
 }
 
 defineTest('sync overrides', async (sandbox) => {
@@ -1347,7 +1343,7 @@ defineTest(
 defineTest('node.js standard library', async (sandbox) => {
   const objref = sandbox.create({ fqn: 'jsii-calc.NodeStandardLibrary' });
   const promise = sandbox.begin({ objref, method: 'fsReadFile' });
-  await processPendingPromises(sandbox);
+  await processPendingPromises();
 
   const output = await sandbox.end({ promiseid: promise.promiseid });
   expect(output).toEqual({ result: 'Hello, resource!' });