From 7c8f05598ff2fefb5f10620228d3a8af954f08c9 Mon Sep 17 00:00:00 2001 From: Matteo Restelli Date: Mon, 5 Feb 2024 16:51:26 +0100 Subject: [PATCH] feat: first implementation (#3) First implementation of CDK L2 AVP Constructs --------- Co-authored-by: mrestell --- .gitattributes | 7 +- .github/workflows/release.yml | 263 ++ ...ade-cdklabs-projen-project-types-main.yml} | 12 +- ...dev-deps.yml => upgrade-dev-deps-main.yml} | 12 +- .../{upgrade.yml => upgrade-main.yml} | 12 +- .gitignore | 9 +- .projen/deps.json | 7 +- .projen/files.json | 7 +- .projen/tasks.json | 64 +- .projenrc.ts | 18 +- API.md | 2697 ++++++++++++++++- NOTICE | 1 + README.md | 199 +- package.json | 26 +- rosetta/default.ts-fixture | 7 +- src/identity-source.ts | 236 ++ src/index.ts | 10 +- src/policy-store.ts | 324 ++ src/policy-template.ts | 131 + src/policy.ts | 220 ++ src/private/permissions.ts | 28 + src/statement.ts | 29 + test/hello.test.ts | 5 - test/identity-source.test.ts | 207 ++ test/policy-store.test.ts | 441 +++ test/policy-template.test.ts | 104 + test/policy.test.ts | 339 +++ test/statement.cedar | 6 + test/statement.test.ts | 41 + test/utils.ts | 19 + yarn.lock | 987 +++++- 31 files changed, 6348 insertions(+), 120 deletions(-) create mode 100644 .github/workflows/release.yml rename .github/workflows/{upgrade-cdklabs-projen-project-types.yml => upgrade-cdklabs-projen-project-types-main.yml} (93%) rename .github/workflows/{upgrade-dev-deps.yml => upgrade-dev-deps-main.yml} (93%) rename .github/workflows/{upgrade.yml => upgrade-main.yml} (90%) create mode 100644 NOTICE create mode 100644 src/identity-source.ts create mode 100644 src/policy-store.ts create mode 100644 src/policy-template.ts create mode 100644 src/policy.ts create mode 100644 src/private/permissions.ts create mode 100644 src/statement.ts delete mode 100644 test/hello.test.ts create mode 100644 test/identity-source.test.ts create mode 100644 test/policy-store.test.ts create mode 100644 test/policy-template.test.ts create mode 100644 test/policy.test.ts create mode 100644 test/statement.cedar create mode 100644 test/statement.test.ts create mode 100644 test/utils.ts diff --git a/.gitattributes b/.gitattributes index 3a5dc56..2c1f074 100644 --- a/.gitattributes +++ b/.gitattributes @@ -8,9 +8,10 @@ /.github/workflows/auto-merge.yml linguist-generated /.github/workflows/build.yml linguist-generated /.github/workflows/pull-request-lint.yml linguist-generated -/.github/workflows/upgrade-cdklabs-projen-project-types.yml linguist-generated -/.github/workflows/upgrade-dev-deps.yml linguist-generated -/.github/workflows/upgrade.yml linguist-generated +/.github/workflows/release.yml linguist-generated +/.github/workflows/upgrade-cdklabs-projen-project-types-main.yml linguist-generated +/.github/workflows/upgrade-dev-deps-main.yml linguist-generated +/.github/workflows/upgrade-main.yml linguist-generated /.gitignore linguist-generated /.npmignore linguist-generated /.projen/** linguist-generated diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..c151823 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,263 @@ +# ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen". + +name: release +on: + push: + branches: + - main + workflow_dispatch: {} +jobs: + release: + runs-on: ubuntu-latest + permissions: + contents: write + outputs: + latest_commit: ${{ steps.git_remote.outputs.latest_commit }} + tag_exists: ${{ steps.check_tag_exists.outputs.exists }} + env: + CI: "true" + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Set git identity + run: |- + git config user.name "github-actions" + git config user.email "github-actions@github.com" + - name: Setup Node.js + uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Install dependencies + run: yarn install --check-files --frozen-lockfile + - name: release + run: npx projen release + - name: Check if version has already been tagged + id: check_tag_exists + run: |- + TAG=$(cat dist/dist/releasetag.txt) + ([ ! -z "$TAG" ] && git ls-remote -q --exit-code --tags origin $TAG && (echo "exists=true" >> $GITHUB_OUTPUT)) || (echo "exists=false" >> $GITHUB_OUTPUT) + cat $GITHUB_OUTPUT + - name: Check for new commits + id: git_remote + run: |- + echo "latest_commit=$(git ls-remote origin -h ${{ github.ref }} | cut -f1)" >> $GITHUB_OUTPUT + cat $GITHUB_OUTPUT + - name: Backup artifact permissions + if: ${{ steps.git_remote.outputs.latest_commit == github.sha }} + run: cd dist && getfacl -R . > permissions-backup.acl + continue-on-error: true + - name: Upload artifact + if: ${{ steps.git_remote.outputs.latest_commit == github.sha }} + uses: actions/upload-artifact@v3 + with: + name: build-artifact + path: dist + release_github: + name: Publish to GitHub Releases + needs: release + runs-on: ubuntu-latest + permissions: + contents: write + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Collect GitHub Metadata + run: mv .repo/dist dist + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GITHUB_REPOSITORY: ${{ github.repository }} + GITHUB_REF: ${{ github.ref }} + run: errout=$(mktemp); gh release create $(cat dist/releasetag.txt) -R $GITHUB_REPOSITORY -F dist/changelog.md -t $(cat dist/releasetag.txt) --target $GITHUB_REF -p 2> $errout && true; exitcode=$?; if [ $exitcode -ne 0 ] && ! grep -q "Release.tag_name already exists" $errout; then cat $errout; exit $exitcode; fi + release_npm: + name: Publish to npm + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create js artifact + run: cd .repo && npx projen package:js + - name: Collect js Artifact + run: mv .repo/dist dist + - name: Release + env: + NPM_DIST_TAG: latest + NPM_REGISTRY: registry.npmjs.org + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + run: npx -p publib@latest publib-npm + release_maven: + name: Publish to Maven Central + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-java@v3 + with: + distribution: temurin + java-version: 11.x + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create java artifact + run: cd .repo && npx projen package:java + - name: Collect java Artifact + run: mv .repo/dist dist + - name: Release + env: + MAVEN_ENDPOINT: https://s01.oss.sonatype.org + MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} + MAVEN_GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSPHRASE }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_STAGING_PROFILE_ID: ${{ secrets.MAVEN_STAGING_PROFILE_ID }} + run: npx -p publib@latest publib-maven + release_pypi: + name: Publish to PyPI + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - uses: actions/setup-python@v4 + with: + python-version: 3.x + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create python artifact + run: cd .repo && npx projen package:python + - name: Collect python Artifact + run: mv .repo/dist dist + - name: Release + env: + TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} + TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} + run: npx -p publib@latest publib-pypi + release_nuget: + name: Publish to NuGet Gallery + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - uses: actions/setup-dotnet@v3 + with: + dotnet-version: 3.x + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create dotnet artifact + run: cd .repo && npx projen package:dotnet + - name: Collect dotnet Artifact + run: mv .repo/dist dist + - name: Release + env: + NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }} + run: npx -p publib@latest publib-nuget + release_golang: + name: Publish to GitHub Go Module Repository + needs: release + runs-on: ubuntu-latest + permissions: + contents: read + if: needs.release.outputs.tag_exists != 'true' && needs.release.outputs.latest_commit == github.sha + steps: + - uses: actions/setup-node@v3 + with: + node-version: 18.x + - uses: actions/setup-go@v3 + with: + go-version: ^1.16.0 + - name: Download build artifacts + uses: actions/download-artifact@v3 + with: + name: build-artifact + path: dist + - name: Restore build artifact permissions + run: cd dist && setfacl --restore=permissions-backup.acl + continue-on-error: true + - name: Prepare Repository + run: mv dist .repo + - name: Install Dependencies + run: cd .repo && yarn install --check-files --frozen-lockfile + - name: Create go artifact + run: cd .repo && npx projen package:go + - name: Collect go Artifact + run: mv .repo/dist dist + - name: Release + env: + GIT_USER_NAME: github-actions + GIT_USER_EMAIL: github-actions@github.com + GITHUB_TOKEN: ${{ secrets.GO_GITHUB_TOKEN }} + run: npx -p publib@latest publib-golang diff --git a/.github/workflows/upgrade-cdklabs-projen-project-types.yml b/.github/workflows/upgrade-cdklabs-projen-project-types-main.yml similarity index 93% rename from .github/workflows/upgrade-cdklabs-projen-project-types.yml rename to .github/workflows/upgrade-cdklabs-projen-project-types-main.yml index 2d35fdb..3d5e513 100644 --- a/.github/workflows/upgrade-cdklabs-projen-project-types.yml +++ b/.github/workflows/upgrade-cdklabs-projen-project-types-main.yml @@ -1,6 +1,6 @@ # ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen". -name: upgrade-cdklabs-projen-project-types +name: upgrade-cdklabs-projen-project-types-main on: workflow_dispatch: {} jobs: @@ -14,6 +14,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Setup Node.js uses: actions/setup-node@v3 - name: Install dependencies @@ -41,6 +43,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Download patch uses: actions/download-artifact@v3 with: @@ -66,8 +70,8 @@ jobs: ------ - *Automatically created by projen via the "upgrade-cdklabs-projen-project-types" workflow* - branch: github-actions/upgrade-cdklabs-projen-project-types + *Automatically created by projen via the "upgrade-cdklabs-projen-project-types-main" workflow* + branch: github-actions/upgrade-cdklabs-projen-project-types-main title: "chore(deps): upgrade cdklabs-projen-project-types" labels: auto-approve body: |- @@ -77,7 +81,7 @@ jobs: ------ - *Automatically created by projen via the "upgrade-cdklabs-projen-project-types" workflow* + *Automatically created by projen via the "upgrade-cdklabs-projen-project-types-main" workflow* author: github-actions committer: github-actions signoff: true diff --git a/.github/workflows/upgrade-dev-deps.yml b/.github/workflows/upgrade-dev-deps-main.yml similarity index 93% rename from .github/workflows/upgrade-dev-deps.yml rename to .github/workflows/upgrade-dev-deps-main.yml index b6548d1..2eec200 100644 --- a/.github/workflows/upgrade-dev-deps.yml +++ b/.github/workflows/upgrade-dev-deps-main.yml @@ -1,6 +1,6 @@ # ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen". -name: upgrade-dev-deps +name: upgrade-dev-deps-main on: workflow_dispatch: {} schedule: @@ -16,6 +16,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Setup Node.js uses: actions/setup-node@v3 with: @@ -45,6 +47,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Download patch uses: actions/download-artifact@v3 with: @@ -70,8 +74,8 @@ jobs: ------ - *Automatically created by projen via the "upgrade-dev-deps" workflow* - branch: github-actions/upgrade-dev-deps + *Automatically created by projen via the "upgrade-dev-deps-main" workflow* + branch: github-actions/upgrade-dev-deps-main title: "chore(deps): upgrade dev dependencies" labels: auto-approve body: |- @@ -81,7 +85,7 @@ jobs: ------ - *Automatically created by projen via the "upgrade-dev-deps" workflow* + *Automatically created by projen via the "upgrade-dev-deps-main" workflow* author: github-actions committer: github-actions signoff: true diff --git a/.github/workflows/upgrade.yml b/.github/workflows/upgrade-main.yml similarity index 90% rename from .github/workflows/upgrade.yml rename to .github/workflows/upgrade-main.yml index 54d87ab..48f9d83 100644 --- a/.github/workflows/upgrade.yml +++ b/.github/workflows/upgrade-main.yml @@ -1,6 +1,6 @@ # ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen". -name: upgrade +name: upgrade-main on: workflow_dispatch: {} schedule: @@ -16,6 +16,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Setup Node.js uses: actions/setup-node@v3 with: @@ -45,6 +47,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v3 + with: + ref: main - name: Download patch uses: actions/download-artifact@v3 with: @@ -70,8 +74,8 @@ jobs: ------ - *Automatically created by projen via the "upgrade" workflow* - branch: github-actions/upgrade + *Automatically created by projen via the "upgrade-main" workflow* + branch: github-actions/upgrade-main title: "fix(deps): upgrade dependencies" labels: auto-approve body: |- @@ -81,7 +85,7 @@ jobs: ------ - *Automatically created by projen via the "upgrade" workflow* + *Automatically created by projen via the "upgrade-main" workflow* author: github-actions committer: github-actions signoff: true diff --git a/.gitignore b/.gitignore index 448c4f2..45a426b 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,9 @@ jspm_packages/ junit.xml /coverage/ !/.github/workflows/build.yml +/dist/changelog.md +/dist/version.txt +!/.github/workflows/release.yml !/.github/pull_request_template.md !/test/ !/tsconfig.dev.json @@ -48,7 +51,7 @@ tsconfig.json .jsii.tabl.json !/rosetta/default.ts-fixture !/.github/workflows/auto-merge.yml -!/.github/workflows/upgrade-cdklabs-projen-project-types.yml -!/.github/workflows/upgrade.yml -!/.github/workflows/upgrade-dev-deps.yml +!/.github/workflows/upgrade-cdklabs-projen-project-types-main.yml +!/.github/workflows/upgrade-main.yml +!/.github/workflows/upgrade-dev-deps-main.yml !/.projenrc.ts diff --git a/.projen/deps.json b/.projen/deps.json index 46e3218..9831129 100644 --- a/.projen/deps.json +++ b/.projen/deps.json @@ -70,6 +70,11 @@ "name": "projen", "type": "build" }, + { + "name": "standard-version", + "version": "^9", + "type": "build" + }, { "name": "ts-jest", "type": "build" @@ -94,7 +99,7 @@ }, { "name": "aws-cdk-lib", - "version": "^2.1.0", + "version": "^2.92.0", "type": "peer" }, { diff --git a/.projen/files.json b/.projen/files.json index 6430562..5780cf3 100644 --- a/.projen/files.json +++ b/.projen/files.json @@ -7,9 +7,10 @@ ".github/workflows/auto-merge.yml", ".github/workflows/build.yml", ".github/workflows/pull-request-lint.yml", - ".github/workflows/upgrade-cdklabs-projen-project-types.yml", - ".github/workflows/upgrade-dev-deps.yml", - ".github/workflows/upgrade.yml", + ".github/workflows/release.yml", + ".github/workflows/upgrade-cdklabs-projen-project-types-main.yml", + ".github/workflows/upgrade-dev-deps-main.yml", + ".github/workflows/upgrade-main.yml", ".gitignore", ".projen/deps.json", ".projen/files.json", diff --git a/.projen/tasks.json b/.projen/tasks.json index 71f1305..e0ab2da 100644 --- a/.projen/tasks.json +++ b/.projen/tasks.json @@ -24,6 +24,24 @@ } ] }, + "bump": { + "name": "bump", + "description": "Bumps version based on latest git tag and generates a changelog entry", + "env": { + "OUTFILE": "package.json", + "CHANGELOG": "dist/changelog.md", + "BUMPFILE": "dist/version.txt", + "RELEASETAG": "dist/releasetag.txt", + "RELEASE_TAG_PREFIX": "", + "RELEASABLE_COMMITS": "git log --no-merges --oneline $LATEST_TAG..HEAD -E --grep '^(feat|fix){1}(\\([^()[:space:]]+\\))?(!)?:[[:blank:]]+.+'" + }, + "steps": [ + { + "builtin": "release/bump-version" + } + ], + "condition": "! git log --oneline -1 | grep -q \"chore(release):\"" + }, "clobber": { "name": "clobber", "description": "hard resets to HEAD of origin and cleans the local repo", @@ -247,6 +265,31 @@ "name": "pre-compile", "description": "Prepare the project for compilation" }, + "release": { + "name": "release", + "description": "Prepare a release from \"main\" branch", + "env": { + "RELEASE": "true", + "PRERELEASE": "alpha" + }, + "steps": [ + { + "exec": "rm -fr dist" + }, + { + "spawn": "bump" + }, + { + "spawn": "build" + }, + { + "spawn": "unbump" + }, + { + "exec": "git diff --ignore-space-at-eol --exit-code" + } + ] + }, "rosetta:extract": { "name": "rosetta:extract", "description": "Test rosetta extract", @@ -281,6 +324,23 @@ } ] }, + "unbump": { + "name": "unbump", + "description": "Restores version to 0.0.0", + "env": { + "OUTFILE": "package.json", + "CHANGELOG": "dist/changelog.md", + "BUMPFILE": "dist/version.txt", + "RELEASETAG": "dist/releasetag.txt", + "RELEASE_TAG_PREFIX": "", + "RELEASABLE_COMMITS": "git log --no-merges --oneline $LATEST_TAG..HEAD -E --grep '^(feat|fix){1}(\\([^()[:space:]]+\\))?(!)?:[[:blank:]]+.+'" + }, + "steps": [ + { + "builtin": "release/reset-version" + } + ] + }, "upgrade": { "name": "upgrade", "description": "upgrade dependencies", @@ -325,13 +385,13 @@ }, "steps": [ { - "exec": "npx npm-check-updates@16 --upgrade --target=minor --peer --dep=dev --filter=@types/jest,@types/node,@typescript-eslint/eslint-plugin,@typescript-eslint/parser,cdklabs-projen-project-types,eslint-import-resolver-typescript,eslint-plugin-import,eslint,jest,jest-junit,jsii-diff,jsii-docgen,jsii-pacmak,jsii-rosetta,projen,ts-jest,ts-node,typescript" + "exec": "npx npm-check-updates@16 --upgrade --target=minor --peer --dep=dev --filter=@types/jest,@types/node,@typescript-eslint/eslint-plugin,@typescript-eslint/parser,cdklabs-projen-project-types,eslint-import-resolver-typescript,eslint-plugin-import,eslint,jest,jest-junit,jsii-diff,jsii-docgen,jsii-pacmak,jsii-rosetta,projen,standard-version,ts-jest,ts-node,typescript" }, { "exec": "yarn install --check-files" }, { - "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser cdklabs-projen-project-types eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit jsii-diff jsii-docgen jsii-pacmak jsii-rosetta projen ts-jest ts-node typescript" + "exec": "yarn upgrade @types/jest @types/node @typescript-eslint/eslint-plugin @typescript-eslint/parser cdklabs-projen-project-types eslint-import-resolver-typescript eslint-plugin-import eslint jest jest-junit jsii-diff jsii-docgen jsii-pacmak jsii-rosetta projen standard-version ts-jest ts-node typescript" }, { "exec": "npx projen" diff --git a/.projenrc.ts b/.projenrc.ts index 6bd9181..bd38674 100644 --- a/.projenrc.ts +++ b/.projenrc.ts @@ -1,17 +1,17 @@ import { CdklabsConstructLibrary } from 'cdklabs-projen-project-types'; const project = new CdklabsConstructLibrary({ - author: 'AWS', - authorAddress: 'aws-cdk-dev@amazon.com', - cdkVersion: '2.1.0', + author: 'Amazon Web Services', + authorAddress: 'aws-avp-cdk-dev@amazon.com', + description: 'L2 AWS CDK Constructs for Amazon Verified Permissions', + keywords: ['cdk', 'aws-cdk', 'awscdk', 'aws', 'verified-permissions', 'authorization'], + cdkVersion: '2.92.0', defaultReleaseBranch: 'main', devDeps: ['cdklabs-projen-project-types'], - name: 'cdk-verified-permissions', + name: '@cdklabs/cdk-verified-permissions', projenrcTs: true, - release: false, + prerelease: 'alpha', + stability: 'experimental', + releaseToNpm: true, repositoryUrl: 'https://github.com/cdklabs/cdk-verified-permissions.git', - - // deps: [], /* Runtime dependencies of this module. */ - // description: undefined, /* The description is just a string that helps people understand the purpose of the package. */ - // packageName: undefined, /* The "name" in package.json. */ }); project.synth(); \ No newline at end of file diff --git a/API.md b/API.md index dd4c4b6..e538b5f 100644 --- a/API.md +++ b/API.md @@ -1,39 +1,2722 @@ # API Reference +## Constructs +### IdentitySource + +- *Implements:* IIdentitySource + +#### Initializers + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +new IdentitySource(scope: Construct, id: string, props: IdentitySourceProps) +``` + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| scope | constructs.Construct | *No description.* | +| id | string | *No description.* | +| props | IdentitySourceProps | *No description.* | + +--- + +##### `scope`Required + +- *Type:* constructs.Construct + +--- + +##### `id`Required + +- *Type:* string + +--- + +##### `props`Required + +- *Type:* IdentitySourceProps + +--- + +#### Methods + +| **Name** | **Description** | +| --- | --- | +| toString | Returns a string representation of this construct. | +| applyRemovalPolicy | Apply the given removal policy to this resource. | +| addUserPoolClient | Add a User Pool Client. | + +--- + +##### `toString` + +```typescript +public toString(): string +``` + +Returns a string representation of this construct. + +##### `applyRemovalPolicy` + +```typescript +public applyRemovalPolicy(policy: RemovalPolicy): void +``` + +Apply the given removal policy to this resource. + +The Removal Policy controls what happens to this resource when it stops +being managed by CloudFormation, either because you've removed it from the +CDK application or because you've made a change that requires the resource +to be replaced. + +The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS +account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). + +###### `policy`Required + +- *Type:* aws-cdk-lib.RemovalPolicy + +--- + +##### `addUserPoolClient` + +```typescript +public addUserPoolClient(userPoolClient: IUserPoolClient): void +``` + +Add a User Pool Client. + +###### `userPoolClient`Required + +- *Type:* aws-cdk-lib.aws_cognito.IUserPoolClient + +The User Pool Client Construct. + +--- + +#### Static Functions + +| **Name** | **Description** | +| --- | --- | +| isConstruct | Checks if `x` is a construct. | +| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. | +| isResource | Check whether the given construct is a Resource. | +| fromIdentitySourceArn | Create an Identity Source from its ARN. | +| fromIdentitySourceAttributes | Creates Identity Source from its attributes. | +| fromIdentitySourceId | Create an Identity Source from its identifier. | + +--- + +##### ~~`isConstruct`~~ + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.isConstruct(x: any) +``` + +Checks if `x` is a construct. + +###### `x`Required + +- *Type:* any + +Any object. + +--- + +##### `isOwnedResource` + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.isOwnedResource(construct: IConstruct) +``` + +Returns true if the construct was created by CDK, and false otherwise. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `isResource` + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.isResource(construct: IConstruct) +``` + +Check whether the given construct is a Resource. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `fromIdentitySourceArn` + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.fromIdentitySourceArn(scope: Construct, id: string, identitySourceArn: string) +``` + +Create an Identity Source from its ARN. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `identitySourceArn`Required + +- *Type:* string + +The Identity Source ARN. + +--- + +##### `fromIdentitySourceAttributes` + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.fromIdentitySourceAttributes(scope: Construct, id: string, attrs: IdentitySourceAttributes) +``` + +Creates Identity Source from its attributes. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `attrs`Required + +- *Type:* IdentitySourceAttributes + +An `IdentitySourceAttributes` object. + +--- + +##### `fromIdentitySourceId` + +```typescript +import { IdentitySource } from '@cdklabs/cdk-verified-permissions' + +IdentitySource.fromIdentitySourceId(scope: Construct, id: string, identitySourceId: string) +``` + +Create an Identity Source from its identifier. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `identitySourceId`Required + +- *Type:* string + +The Identity Source identifier. + +--- + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| clientIds | string[] | *No description.* | +| discoveryUrl | string | *No description.* | +| identitySourceArn | string | Identity Source ARN. | +| identitySourceId | string | Identity Source identifier. | +| openIdIssuer | string | *No description.* | +| userPoolArn | string | *No description.* | +| policyStore | IPolicyStore | *No description.* | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `clientIds`Required + +```typescript +public readonly clientIds: string[]; +``` + +- *Type:* string[] + +--- + +##### `discoveryUrl`Required + +```typescript +public readonly discoveryUrl: string; +``` + +- *Type:* string + +--- + +##### `identitySourceArn`Required + +```typescript +public readonly identitySourceArn: string; +``` + +- *Type:* string + +Identity Source ARN. + +--- + +##### `identitySourceId`Required + +```typescript +public readonly identitySourceId: string; +``` + +- *Type:* string + +Identity Source identifier. + +--- + +##### `openIdIssuer`Required + +```typescript +public readonly openIdIssuer: string; +``` + +- *Type:* string + +--- + +##### `userPoolArn`Required + +```typescript +public readonly userPoolArn: string; +``` + +- *Type:* string + +--- + +##### `policyStore`Optional + +```typescript +public readonly policyStore: IPolicyStore; +``` + +- *Type:* IPolicyStore + +--- + + +### Policy + +- *Implements:* IPolicy + +#### Initializers + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +new Policy(scope: Construct, id: string, props: PolicyProps) +``` + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| scope | constructs.Construct | *No description.* | +| id | string | *No description.* | +| props | PolicyProps | *No description.* | + +--- + +##### `scope`Required + +- *Type:* constructs.Construct + +--- + +##### `id`Required + +- *Type:* string + +--- + +##### `props`Required + +- *Type:* PolicyProps + +--- + +#### Methods + +| **Name** | **Description** | +| --- | --- | +| toString | Returns a string representation of this construct. | +| applyRemovalPolicy | Apply the given removal policy to this resource. | + +--- + +##### `toString` + +```typescript +public toString(): string +``` + +Returns a string representation of this construct. + +##### `applyRemovalPolicy` + +```typescript +public applyRemovalPolicy(policy: RemovalPolicy): void +``` + +Apply the given removal policy to this resource. + +The Removal Policy controls what happens to this resource when it stops +being managed by CloudFormation, either because you've removed it from the +CDK application or because you've made a change that requires the resource +to be replaced. + +The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS +account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). + +###### `policy`Required + +- *Type:* aws-cdk-lib.RemovalPolicy + +--- + +#### Static Functions + +| **Name** | **Description** | +| --- | --- | +| isConstruct | Checks if `x` is a construct. | +| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. | +| isResource | Check whether the given construct is a Resource. | +| fromPolicyAttributes | Import a Policy construct from attributes. | +| fromPolicyId | Import a policy into the CDK using its id. | + +--- + +##### ~~`isConstruct`~~ + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +Policy.isConstruct(x: any) +``` + +Checks if `x` is a construct. + +###### `x`Required + +- *Type:* any + +Any object. + +--- + +##### `isOwnedResource` + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +Policy.isOwnedResource(construct: IConstruct) +``` + +Returns true if the construct was created by CDK, and false otherwise. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `isResource` + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +Policy.isResource(construct: IConstruct) +``` + +Check whether the given construct is a Resource. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `fromPolicyAttributes` + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +Policy.fromPolicyAttributes(scope: Construct, id: string, attrs: PolicyAttributes) +``` + +Import a Policy construct from attributes. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct id. + +--- + +###### `attrs`Required + +- *Type:* PolicyAttributes + +A `PolicyAttributes` object. + +--- + +##### `fromPolicyId` + +```typescript +import { Policy } from '@cdklabs/cdk-verified-permissions' + +Policy.fromPolicyId(scope: Construct, id: string, policyId: string) +``` + +Import a policy into the CDK using its id. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct id. + +--- + +###### `policyId`Required + +- *Type:* string + +The policy id. + +--- + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| definition | PolicyDefinitionProperty | *No description.* | +| policyId | string | The unique ID of the new or updated policy. | +| policyStoreId | string | *No description.* | +| policyType | PolicyType | The type of the policy. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `definition`Required + +```typescript +public readonly definition: PolicyDefinitionProperty; +``` + +- *Type:* PolicyDefinitionProperty + +--- + +##### `policyId`Required + +```typescript +public readonly policyId: string; +``` + +- *Type:* string + +The unique ID of the new or updated policy. + +--- + +##### `policyStoreId`Required + +```typescript +public readonly policyStoreId: string; +``` + +- *Type:* string + +--- + +##### `policyType`Required + +```typescript +public readonly policyType: PolicyType; +``` + +- *Type:* PolicyType + +The type of the policy. + +This is one of the following values: Static or TemplateLinked. + +--- + + +### PolicyStore + +- *Implements:* IPolicyStore + +#### Initializers + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +new PolicyStore(scope: Construct, id: string, props?: PolicyStoreProps) +``` + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| scope | constructs.Construct | *No description.* | +| id | string | *No description.* | +| props | PolicyStoreProps | *No description.* | + +--- + +##### `scope`Required + +- *Type:* constructs.Construct + +--- + +##### `id`Required + +- *Type:* string + +--- + +##### `props`Optional + +- *Type:* PolicyStoreProps + +--- + +#### Methods + +| **Name** | **Description** | +| --- | --- | +| toString | Returns a string representation of this construct. | +| applyRemovalPolicy | Apply the given removal policy to this resource. | +| addPolicies | Add multiple policies to the policy store. | +| grant | Adds an IAM policy statement associated with this policy store to an IAM principal's policy. | +| grantAuth | Permits an IAM principal all auth operations on the policy store: IsAuthorized, IsAuthorizedWithToken. | +| grantRead | Permits an IAM principal all read operations on the policy store: GetIdentitySource, GetPolicy, GetPolicyStore, GetPolicyTemplate, GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates. | +| grantWrite | Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate. | + +--- + +##### `toString` + +```typescript +public toString(): string +``` + +Returns a string representation of this construct. + +##### `applyRemovalPolicy` + +```typescript +public applyRemovalPolicy(policy: RemovalPolicy): void +``` + +Apply the given removal policy to this resource. + +The Removal Policy controls what happens to this resource when it stops +being managed by CloudFormation, either because you've removed it from the +CDK application or because you've made a change that requires the resource +to be replaced. + +The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS +account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). + +###### `policy`Required + +- *Type:* aws-cdk-lib.RemovalPolicy + +--- + +##### `addPolicies` + +```typescript +public addPolicies(policyDefinitions: AddPolicyOptions[]): Policy[] +``` + +Add multiple policies to the policy store. + +###### `policyDefinitions`Required + +- *Type:* AddPolicyOptions[] + +An array of policy options for the policy stores policies. + +--- + +##### `grant` + +```typescript +public grant(grantee: IGrantable, actions: string): Grant +``` + +Adds an IAM policy statement associated with this policy store to an IAM principal's policy. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +###### `actions`Required + +- *Type:* string + +--- + +##### `grantAuth` + +```typescript +public grantAuth(grantee: IGrantable): Grant +``` + +Permits an IAM principal all auth operations on the policy store: IsAuthorized, IsAuthorizedWithToken. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +##### `grantRead` + +```typescript +public grantRead(grantee: IGrantable): Grant +``` + +Permits an IAM principal all read operations on the policy store: GetIdentitySource, GetPolicy, GetPolicyStore, GetPolicyTemplate, GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +##### `grantWrite` + +```typescript +public grantWrite(grantee: IGrantable): Grant +``` + +Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +#### Static Functions + +| **Name** | **Description** | +| --- | --- | +| isConstruct | Checks if `x` is a construct. | +| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. | +| isResource | Check whether the given construct is a Resource. | +| fromPolicyStoreArn | Create a PolicyStore construct that represents an external PolicyStore via policy store arn. | +| fromPolicyStoreAttributes | Creates a PolicyStore construct that represents an external Policy Store. | +| fromPolicyStoreId | Create a PolicyStore construct that represents an external policy store via policy store id. | + +--- + +##### ~~`isConstruct`~~ + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.isConstruct(x: any) +``` + +Checks if `x` is a construct. + +###### `x`Required + +- *Type:* any + +Any object. + +--- + +##### `isOwnedResource` + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.isOwnedResource(construct: IConstruct) +``` + +Returns true if the construct was created by CDK, and false otherwise. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `isResource` + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.isResource(construct: IConstruct) +``` + +Check whether the given construct is a Resource. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `fromPolicyStoreArn` + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.fromPolicyStoreArn(scope: Construct, id: string, policyStoreArn: string) +``` + +Create a PolicyStore construct that represents an external PolicyStore via policy store arn. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `policyStoreArn`Required + +- *Type:* string + +The PolicyStore's ARN. + +--- + +##### `fromPolicyStoreAttributes` + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.fromPolicyStoreAttributes(scope: Construct, id: string, attrs: PolicyStoreAttributes) +``` + +Creates a PolicyStore construct that represents an external Policy Store. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `attrs`Required + +- *Type:* PolicyStoreAttributes + +A `PolicyStoreAttributes` object. + +--- + +##### `fromPolicyStoreId` + +```typescript +import { PolicyStore } from '@cdklabs/cdk-verified-permissions' + +PolicyStore.fromPolicyStoreId(scope: Construct, id: string, policyStoreId: string) +``` + +Create a PolicyStore construct that represents an external policy store via policy store id. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `policyStoreId`Required + +- *Type:* string + +The PolicyStore's id. + +--- + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| policyStoreArn | string | ARN of the Policy Store. | +| policyStoreId | string | ID of the Policy Store. | +| policyStoreName | string | Name of the Policy Store. | +| validationSettings | IValidationSettings | Validation Settings of the Policy Store. | +| schema | ISchema | Schema definition of the Policy Store. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `policyStoreArn`Required + +```typescript +public readonly policyStoreArn: string; +``` + +- *Type:* string + +ARN of the Policy Store. + +--- + +##### `policyStoreId`Required + +```typescript +public readonly policyStoreId: string; +``` + +- *Type:* string + +ID of the Policy Store. + +--- + +##### `policyStoreName`Required + +```typescript +public readonly policyStoreName: string; +``` + +- *Type:* string + +Name of the Policy Store. + +--- + +##### `validationSettings`Required + +```typescript +public readonly validationSettings: IValidationSettings; +``` + +- *Type:* IValidationSettings + +Validation Settings of the Policy Store. + +--- + +##### `schema`Optional + +```typescript +public readonly schema: ISchema; +``` + +- *Type:* ISchema + +Schema definition of the Policy Store. + +--- + + +### PolicyTemplate + +- *Implements:* IPolicyTemplate + +#### Initializers + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +new PolicyTemplate(scope: Construct, id: string, props: PolicyTemplateProps) +``` + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| scope | constructs.Construct | *No description.* | +| id | string | *No description.* | +| props | PolicyTemplateProps | *No description.* | + +--- + +##### `scope`Required + +- *Type:* constructs.Construct + +--- + +##### `id`Required + +- *Type:* string + +--- + +##### `props`Required + +- *Type:* PolicyTemplateProps + +--- + +#### Methods + +| **Name** | **Description** | +| --- | --- | +| toString | Returns a string representation of this construct. | +| applyRemovalPolicy | Apply the given removal policy to this resource. | + +--- + +##### `toString` + +```typescript +public toString(): string +``` + +Returns a string representation of this construct. + +##### `applyRemovalPolicy` + +```typescript +public applyRemovalPolicy(policy: RemovalPolicy): void +``` + +Apply the given removal policy to this resource. + +The Removal Policy controls what happens to this resource when it stops +being managed by CloudFormation, either because you've removed it from the +CDK application or because you've made a change that requires the resource +to be replaced. + +The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS +account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). + +###### `policy`Required + +- *Type:* aws-cdk-lib.RemovalPolicy + +--- + +#### Static Functions + +| **Name** | **Description** | +| --- | --- | +| isConstruct | Checks if `x` is a construct. | +| isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. | +| isResource | Check whether the given construct is a Resource. | +| fromPolicyTemplateAttributes | Creates a PolicyStore construct that represents an external Policy Store. | +| fromPolicyTemplateId | Create a PolicyTemplate construct that represents an external policy template via policy template id. | + +--- + +##### ~~`isConstruct`~~ + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +PolicyTemplate.isConstruct(x: any) +``` + +Checks if `x` is a construct. + +###### `x`Required + +- *Type:* any + +Any object. + +--- + +##### `isOwnedResource` + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +PolicyTemplate.isOwnedResource(construct: IConstruct) +``` + +Returns true if the construct was created by CDK, and false otherwise. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `isResource` + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +PolicyTemplate.isResource(construct: IConstruct) +``` + +Check whether the given construct is a Resource. + +###### `construct`Required + +- *Type:* constructs.IConstruct + +--- + +##### `fromPolicyTemplateAttributes` + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +PolicyTemplate.fromPolicyTemplateAttributes(scope: Construct, id: string, attrs: PolicyTemplateAttributes) +``` + +Creates a PolicyStore construct that represents an external Policy Store. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `attrs`Required + +- *Type:* PolicyTemplateAttributes + +A `PolicyStoreAttributes` object. + +--- + +##### `fromPolicyTemplateId` + +```typescript +import { PolicyTemplate } from '@cdklabs/cdk-verified-permissions' + +PolicyTemplate.fromPolicyTemplateId(scope: Construct, id: string, policyTemplateId: string) +``` + +Create a PolicyTemplate construct that represents an external policy template via policy template id. + +###### `scope`Required + +- *Type:* constructs.Construct + +The parent creating construct (usually `this`). + +--- + +###### `id`Required + +- *Type:* string + +The construct's name. + +--- + +###### `policyTemplateId`Required + +- *Type:* string + +The PolicyTemplate's id. + +--- + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| policyTemplateId | string | The ID of the policy template. | +| statement | string | The statement of the policy template. | +| description | string | Description of the policy template. | +| policyStore | IPolicyStore | The Policy store that contains the template. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `policyTemplateId`Required + +```typescript +public readonly policyTemplateId: string; +``` + +- *Type:* string + +The ID of the policy template. + +--- + +##### `statement`Required + +```typescript +public readonly statement: string; +``` + +- *Type:* string + +The statement of the policy template. + +--- + +##### `description`Optional + +```typescript +public readonly description: string; +``` + +- *Type:* string + +Description of the policy template. + +--- + +##### `policyStore`Optional + +```typescript +public readonly policyStore: IPolicyStore; +``` + +- *Type:* IPolicyStore + +The Policy store that contains the template. + +--- + + +## Structs + +### AddPolicyOptions + +#### Initializer + +```typescript +import { AddPolicyOptions } from '@cdklabs/cdk-verified-permissions' + +const addPolicyOptions: AddPolicyOptions = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| policyConfiguration | PolicyDefinitionProperty | The configuration of the Policy. | +| policyId | string | The id of the Policy. | + +--- + +##### `policyConfiguration`Required + +```typescript +public readonly policyConfiguration: PolicyDefinitionProperty; +``` + +- *Type:* PolicyDefinitionProperty + +The configuration of the Policy. + +--- + +##### `policyId`Required + +```typescript +public readonly policyId: string; +``` + +- *Type:* string + +The id of the Policy. + +--- + +### CognitoUserPoolConfiguration + +#### Initializer + +```typescript +import { CognitoUserPoolConfiguration } from '@cdklabs/cdk-verified-permissions' + +const cognitoUserPoolConfiguration: CognitoUserPoolConfiguration = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| userPool | aws-cdk-lib.aws_cognito.IUserPool | Cognito User Pool. | +| clientIds | string[] | Client identifiers. | + +--- + +##### `userPool`Required + +```typescript +public readonly userPool: IUserPool; +``` + +- *Type:* aws-cdk-lib.aws_cognito.IUserPool +- *Default:* no Cognito User Pool + +Cognito User Pool. + +--- + +##### `clientIds`Optional + +```typescript +public readonly clientIds: string[]; +``` + +- *Type:* string[] +- *Default:* empty list. + +Client identifiers. + +--- + +### EntityIdentifierProperty + +#### Initializer + +```typescript +import { EntityIdentifierProperty } from '@cdklabs/cdk-verified-permissions' + +const entityIdentifierProperty: EntityIdentifierProperty = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| entityId | string | The identifier of an entity. | +| entityType | string | The type of an entity. | + +--- + +##### `entityId`Required + +```typescript +public readonly entityId: string; +``` + +- *Type:* string + +The identifier of an entity. + +--- + +##### `entityType`Required + +```typescript +public readonly entityType: string; +``` + +- *Type:* string + +The type of an entity. + +--- + +### IdentitySourceAttributes + +#### Initializer + +```typescript +import { IdentitySourceAttributes } from '@cdklabs/cdk-verified-permissions' + +const identitySourceAttributes: IdentitySourceAttributes = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| identitySourceArn | string | The identity Source ARN. | +| identitySourceId | string | The identity Source identifier. | + +--- + +##### `identitySourceArn`Optional + +```typescript +public readonly identitySourceArn: string; +``` + +- *Type:* string + +The identity Source ARN. + +--- + +##### `identitySourceId`Optional + +```typescript +public readonly identitySourceId: string; +``` + +- *Type:* string + +The identity Source identifier. + +--- + +### IdentitySourceConfiguration + +#### Initializer + +```typescript +import { IdentitySourceConfiguration } from '@cdklabs/cdk-verified-permissions' + +const identitySourceConfiguration: IdentitySourceConfiguration = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| cognitoUserPoolConfiguration | CognitoUserPoolConfiguration | Cognito User Pool Configuration. | + +--- + +##### `cognitoUserPoolConfiguration`Required + +```typescript +public readonly cognitoUserPoolConfiguration: CognitoUserPoolConfiguration; +``` + +- *Type:* CognitoUserPoolConfiguration + +Cognito User Pool Configuration. + +--- + +### IdentitySourceProps + +#### Initializer + +```typescript +import { IdentitySourceProps } from '@cdklabs/cdk-verified-permissions' + +const identitySourceProps: IdentitySourceProps = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| configuration | IdentitySourceConfiguration | Identity Source configuration. | +| policyStore | IPolicyStore | Policy Store in which you want to store this identity source. | +| principalEntityType | string | Principal entity type. | + +--- + +##### `configuration`Required + +```typescript +public readonly configuration: IdentitySourceConfiguration; +``` + +- *Type:* IdentitySourceConfiguration + +Identity Source configuration. + +--- + +##### `policyStore`Optional + +```typescript +public readonly policyStore: IPolicyStore; +``` + +- *Type:* IPolicyStore +- *Default:* No policy store is set for the identity source. + +Policy Store in which you want to store this identity source. + +--- + +##### `principalEntityType`Optional + +```typescript +public readonly principalEntityType: string; +``` + +- *Type:* string +- *Default:* No principal entity type for the identity source. + +Principal entity type. + +--- + +### PolicyAttributes + +#### Initializer + +```typescript +import { PolicyAttributes } from '@cdklabs/cdk-verified-permissions' + +const policyAttributes: PolicyAttributes = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| policyId | string | The unique ID of the new or updated policy. | +| policyType | PolicyType | The type of the policy. | + +--- + +##### `policyId`Required + +```typescript +public readonly policyId: string; +``` + +- *Type:* string + +The unique ID of the new or updated policy. + +--- + +##### `policyType`Optional + +```typescript +public readonly policyType: PolicyType; +``` + +- *Type:* PolicyType +- *Default:* Static + +The type of the policy. + +This is one of the following values: Static or TemplateLinked + +--- + +### PolicyDefinitionProperty + +#### Initializer + +```typescript +import { PolicyDefinitionProperty } from '@cdklabs/cdk-verified-permissions' + +const policyDefinitionProperty: PolicyDefinitionProperty = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| static | StaticPolicyDefinitionProperty | A structure that describes a static policy. | +| templateLinked | TemplateLinkedPolicyDefinitionProperty | A structure that describes a policy that was instantiated from a template. | + +--- + +##### `static`Optional + +```typescript +public readonly static: StaticPolicyDefinitionProperty; +``` + +- *Type:* StaticPolicyDefinitionProperty +- *Default:* Static must be set for policies created from a static definition. Otherwise, use template linked definitions. + +A structure that describes a static policy. + +--- + +##### `templateLinked`Optional + +```typescript +public readonly templateLinked: TemplateLinkedPolicyDefinitionProperty; +``` + +- *Type:* TemplateLinkedPolicyDefinitionProperty +- *Default:* Template linked must be set for policies created from a static definition. Otherwise, use static definitions. + +A structure that describes a policy that was instantiated from a template. + +--- + +### PolicyProps + +#### Initializer + +```typescript +import { PolicyProps } from '@cdklabs/cdk-verified-permissions' + +const policyProps: PolicyProps = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| definition | PolicyDefinitionProperty | Specifies the policy type and content to use for the new or updated policy. | +| policyStore | IPolicyStore | The policy store that contains the policy. | + +--- + +##### `definition`Required + +```typescript +public readonly definition: PolicyDefinitionProperty; +``` + +- *Type:* PolicyDefinitionProperty + +Specifies the policy type and content to use for the new or updated policy. + +The definition structure must include either a Static or a TemplateLinked element. + +--- + +##### `policyStore`Required + +```typescript +public readonly policyStore: IPolicyStore; +``` + +- *Type:* IPolicyStore + +The policy store that contains the policy. + +--- + +### PolicyStoreAttributes + +#### Initializer + +```typescript +import { PolicyStoreAttributes } from '@cdklabs/cdk-verified-permissions' + +const policyStoreAttributes: PolicyStoreAttributes = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| policyStoreArn | string | The ARN of the Amazon Verified Permissions Policy Store. | +| policyStoreId | string | The id of the Amazon Verified Permissions PolicyStore. | + +--- + +##### `policyStoreArn`Optional + +```typescript +public readonly policyStoreArn: string; +``` + +- *Type:* string +- *Default:* no PolicyStore arn + +The ARN of the Amazon Verified Permissions Policy Store. + +One of this, or `policyStoreId`, is required. + +--- + +##### `policyStoreId`Optional + +```typescript +public readonly policyStoreId: string; +``` + +- *Type:* string +- *Default:* no PolicyStore id + +The id of the Amazon Verified Permissions PolicyStore. + +One of this, or `policyStoreArn`, is required. + +--- + +### PolicyStoreProps + +#### Initializer + +```typescript +import { PolicyStoreProps } from '@cdklabs/cdk-verified-permissions' + +const policyStoreProps: PolicyStoreProps = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| validationSettings | IValidationSettings | The policy store's validation settings. | +| schema | ISchema | This attribute is not required from an API point of view. | + +--- + +##### `validationSettings`Required + +```typescript +public readonly validationSettings: IValidationSettings; +``` + +- *Type:* IValidationSettings +- *Default:* If not provided, the Policy store will be created with ValidationSettingsMode = "OFF" + +The policy store's validation settings. + +--- + +##### `schema`Optional + +```typescript +public readonly schema: ISchema; +``` + +- *Type:* ISchema +- *Default:* The schema (in Cedar) to be applied to the PolicyStore. + +This attribute is not required from an API point of view. + +It represents the schema (in Cedar) to be applied to the PolicyStore. + +--- + +### PolicyTemplateAttributes + +#### Initializer + +```typescript +import { PolicyTemplateAttributes } from '@cdklabs/cdk-verified-permissions' + +const policyTemplateAttributes: PolicyTemplateAttributes = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| policyTemplateId | string | The id of the Amazon Verified Permissions PolicyTemplate. | + +--- + +##### `policyTemplateId`Required + +```typescript +public readonly policyTemplateId: string; +``` + +- *Type:* string + +The id of the Amazon Verified Permissions PolicyTemplate. + +--- + +### PolicyTemplateProps + +#### Initializer + +```typescript +import { PolicyTemplateProps } from '@cdklabs/cdk-verified-permissions' + +const policyTemplateProps: PolicyTemplateProps = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| statement | string | Specifies the content that you want to use for the new policy template, written in the Cedar policy language. | +| description | string | The description to attach to the new or updated policy template. | +| policyStore | IPolicyStore | The policy store that contains the template. | + +--- + +##### `statement`Required + +```typescript +public readonly statement: string; +``` + +- *Type:* string +- *Default:* The statement to attach to the new or updated policy template. + +Specifies the content that you want to use for the new policy template, written in the Cedar policy language. + +--- + +##### `description`Optional + +```typescript +public readonly description: string; +``` + +- *Type:* string +- *Default:* No description. + +The description to attach to the new or updated policy template. + +--- + +##### `policyStore`Optional + +```typescript +public readonly policyStore: IPolicyStore; +``` + +- *Type:* IPolicyStore +- *Default:* No policy store. + +The policy store that contains the template. + +--- + +### StaticPolicyDefinitionProperty + +#### Initializer + +```typescript +import { StaticPolicyDefinitionProperty } from '@cdklabs/cdk-verified-permissions' + +const staticPolicyDefinitionProperty: StaticPolicyDefinitionProperty = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| statement | string | The policy content of the static policy, written in the Cedar policy language. | +| description | string | The description of the static policy. | + +--- + +##### `statement`Required + +```typescript +public readonly statement: string; +``` + +- *Type:* string + +The policy content of the static policy, written in the Cedar policy language. + +--- + +##### `description`Optional + +```typescript +public readonly description: string; +``` + +- *Type:* string +- *Default:* Empty description. + +The description of the static policy. + +--- + +### TemplateLinkedPolicyDefinitionProperty + +#### Initializer + +```typescript +import { TemplateLinkedPolicyDefinitionProperty } from '@cdklabs/cdk-verified-permissions' + +const templateLinkedPolicyDefinitionProperty: TemplateLinkedPolicyDefinitionProperty = { ... } +``` + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| policyTemplate | IPolicyTemplate | The unique identifier of the policy template used to create this policy. | +| principal | EntityIdentifierProperty | The principal associated with this template-linked policy. | +| resource | EntityIdentifierProperty | The resource associated with this template-linked policy. | + +--- + +##### `policyTemplate`Required + +```typescript +public readonly policyTemplate: IPolicyTemplate; +``` + +- *Type:* IPolicyTemplate + +The unique identifier of the policy template used to create this policy. + +--- + +##### `principal`Optional + +```typescript +public readonly principal: EntityIdentifierProperty; +``` + +- *Type:* EntityIdentifierProperty +- *Default:* No Principal. It is set to unspecified. + +The principal associated with this template-linked policy. + +--- + +##### `resource`Optional + +```typescript +public readonly resource: EntityIdentifierProperty; +``` + +- *Type:* EntityIdentifierProperty +- *Default:* No Resource. It is set to unspecified. + +The resource associated with this template-linked policy. + +--- ## Classes -### Hello +### Statement + +#### Initializers + +```typescript +import { Statement } from '@cdklabs/cdk-verified-permissions' + +new Statement() +``` + +| **Name** | **Type** | **Description** | +| --- | --- | --- | + +--- + + +#### Static Functions + +| **Name** | **Description** | +| --- | --- | +| fromFile | Loads the statement from a local disk path. | +| fromInline | Inline statement for policy. | + +--- + +##### `fromFile` + +```typescript +import { Statement } from '@cdklabs/cdk-verified-permissions' + +Statement.fromFile(path: string) +``` + +Loads the statement from a local disk path. + +###### `path`Required + +- *Type:* string + +A path with the policy statement. + +--- + +##### `fromInline` + +```typescript +import { Statement } from '@cdklabs/cdk-verified-permissions' + +Statement.fromInline(statement: string) +``` + +Inline statement for policy. + +###### `statement`Required + +- *Type:* string + +The actual statement. + +--- + + + +## Protocols + +### IIdentitySource + +- *Extends:* aws-cdk-lib.IResource + +- *Implemented By:* IdentitySource, IIdentitySource + + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| identitySourceArn | string | Identity Source ARN. | +| identitySourceId | string | Identity Source identifier. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required -#### Initializers +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `identitySourceArn`Required ```typescript -import { Hello } from 'cdk-verified-permissions' +public readonly identitySourceArn: string; +``` -new Hello() +- *Type:* string + +Identity Source ARN. + +--- + +##### `identitySourceId`Required + +```typescript +public readonly identitySourceId: string; ``` +- *Type:* string + +Identity Source identifier. + +--- + +### IPolicy + +- *Extends:* aws-cdk-lib.IResource + +- *Implemented By:* Policy, IPolicy + + +#### Properties + | **Name** | **Type** | **Description** | | --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| policyId | string | The unique ID of the new or updated policy. | +| policyType | PolicyType | The type of the policy. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `policyId`Required + +```typescript +public readonly policyId: string; +``` + +- *Type:* string + +The unique ID of the new or updated policy. + +--- + +##### `policyType`Required + +```typescript +public readonly policyType: PolicyType; +``` + +- *Type:* PolicyType + +The type of the policy. + +This is one of the following values: Static or TemplateLinked. --- +### IPolicyStore + +- *Extends:* aws-cdk-lib.IResource + +- *Implemented By:* PolicyStore, IPolicyStore + #### Methods | **Name** | **Description** | | --- | --- | -| sayHello | *No description.* | +| grant | Adds an IAM policy statement associated with this policy store to an IAM principal's policy. | +| grantAuth | Permits an IAM principal all auth operations on the policy store: IsAuthorized, IsAuthorizedWithToken. | +| grantRead | Permits an IAM principal all read operations on the policy store: GetIdentitySource, GetPolicy, GetPolicyStore, GetPolicyTemplate, GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates. | +| grantWrite | Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate. | + +--- + +##### `grant` + +```typescript +public grant(grantee: IGrantable, actions: string): Grant +``` + +Adds an IAM policy statement associated with this policy store to an IAM principal's policy. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +The principal (no-op if undefined). + +--- + +###### `actions`Required + +- *Type:* string + +The set of actions to allow (i.e. "verifiedpermissions:IsAuthorized", "verifiedpermissions:ListPolicies", ...). + +--- + +##### `grantAuth` + +```typescript +public grantAuth(grantee: IGrantable): Grant +``` + +Permits an IAM principal all auth operations on the policy store: IsAuthorized, IsAuthorizedWithToken. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +##### `grantRead` + +```typescript +public grantRead(grantee: IGrantable): Grant +``` + +Permits an IAM principal all read operations on the policy store: GetIdentitySource, GetPolicy, GetPolicyStore, GetPolicyTemplate, GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +##### `grantWrite` + +```typescript +public grantWrite(grantee: IGrantable): Grant +``` + +Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate. + +###### `grantee`Required + +- *Type:* aws-cdk-lib.aws_iam.IGrantable + +--- + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| policyStoreArn | string | ARN of the Policy Store. | +| policyStoreId | string | ID of the Policy Store. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. + +--- + +##### `policyStoreArn`Required + +```typescript +public readonly policyStoreArn: string; +``` + +- *Type:* string + +ARN of the Policy Store. + +--- + +##### `policyStoreId`Required + +```typescript +public readonly policyStoreId: string; +``` + +- *Type:* string + +ID of the Policy Store. + +--- + +### IPolicyTemplate + +- *Extends:* aws-cdk-lib.IResource + +- *Implemented By:* PolicyTemplate, IPolicyTemplate + + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| node | constructs.Node | The tree node. | +| env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | +| stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | +| policyTemplateId | string | The ID of the policy template. | + +--- + +##### `node`Required + +```typescript +public readonly node: Node; +``` + +- *Type:* constructs.Node + +The tree node. + +--- + +##### `env`Required + +```typescript +public readonly env: ResourceEnvironment; +``` + +- *Type:* aws-cdk-lib.ResourceEnvironment + +The environment this resource belongs to. + +For resources that are created and managed by the CDK +(generally, those created by creating new class instances like Role, Bucket, etc.), +this is always the same as the environment of the stack they belong to; +however, for imported resources +(those obtained from static methods like fromRoleArn, fromBucketName, etc.), +that might be different than the stack they were imported into. + +--- + +##### `stack`Required + +```typescript +public readonly stack: Stack; +``` + +- *Type:* aws-cdk-lib.Stack + +The stack in which this resource is defined. --- -##### `sayHello` +##### `policyTemplateId`Required ```typescript -public sayHello(): string +public readonly policyTemplateId: string; ``` +- *Type:* string +The ID of the policy template. +--- + +### ISchema + +- *Implemented By:* ISchema + + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| cedarJson | string | *No description.* | + +--- + +##### `cedarJson`Required + +```typescript +public readonly cedarJson: string; +``` + +- *Type:* string + +--- + +### IValidationSettings + +- *Implemented By:* IValidationSettings + + +#### Properties + +| **Name** | **Type** | **Description** | +| --- | --- | --- | +| mode | ValidationSettingsMode | *No description.* | + +--- + +##### `mode`Required + +```typescript +public readonly mode: ValidationSettingsMode; +``` + +- *Type:* ValidationSettingsMode + +--- + +## Enums + +### PolicyType + +PolicyType options. + +#### Members + +| **Name** | **Description** | +| --- | --- | +| STATIC | *No description.* | +| TEMPLATELINKED | *No description.* | + +--- + +##### `STATIC` + +--- + + +##### `TEMPLATELINKED` + +--- + + +### ValidationSettingsMode + +Validation Settings mode, according to the Cloudformation PolicyStore resource. + +#### Members + +| **Name** | **Description** | +| --- | --- | +| OFF | *No description.* | +| STRICT | *No description.* | +--- + +##### `OFF` + +--- + + +##### `STRICT` + +--- diff --git a/NOTICE b/NOTICE new file mode 100644 index 0000000..f48b352 --- /dev/null +++ b/NOTICE @@ -0,0 +1 @@ +Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. \ No newline at end of file diff --git a/README.md b/README.md index b3fa7dd..ba1ba05 100644 --- a/README.md +++ b/README.md @@ -1 +1,198 @@ -# replace this \ No newline at end of file +# Amazon Verified Permissions L2 CDK Construct +This repo contains the implementation of an L2 CDK Construct for Amazon Verified Permissions + +# Project Stability +This construct is still versioned with alpha/v0 major version and we could introduce breaking changes even without a major version bump. Our goal is to keep the API stable & backwards compatible as much as possible but we currently cannot guarantee that. Once we'll publish v1.0.0 the breaking changes will be introduced via major version bumps. + +# Getting Started + +## Policy Store +Define a Policy Store with defaults (No schema & Validation Settings Mode set to OFF) +```ts +const test = new PolicyStore(scope, 'PolicyStore') +``` + +Define a Policy Store without Schema definition (Validation Settings Mode must be set to OFF) +```ts +const validationSettingsOff = { + mode: ValidationSettingsMode.OFF, +}; +const test = new PolicyStore(scope, 'PolicyStore', { + validationSettings: validationSettingsOff, +}) +``` + +Define a Policy Store with Schema definition (a STRICT Validation Settings Mode is strongly suggested for Policy Stores with schemas): +```ts +const validationSettingsStrict = { + mode: ValidationSettingsMode.STRICT, +}; +const cedarJsonSchema = { + PhotoApp: { + entityTypes: { + User: {}, + Photo: {}, + }, + actions: { + viewPhoto: { + appliesTo: { + principalTypes: ['User'], + resourceTypes: ['Photo'], + }, + }, + }, + }, +}; +const cedarSchema = { + cedarJson: JSON.stringify(cedarJsonSchema), +}; +const policyStore = new PolicyStore(scope, 'PolicyStore', { + schema: cedarSchema, + validationSettings: validationSettingsStrict, +}); +``` + +## Identity Source +Define Identity Source with required properties +```ts +const userPool = new UserPool(scope, 'UserPool'); // Creating a new Cognito UserPool +new IdentitySource(scope, 'IdentitySource', { + configuration: { + cognitoUserPoolConfiguration: { + userPool: userPool, + }, + } +}); +``` + +Define Identity Source with all the properties +```ts +const validationSettingsStrict = { + mode: ValidationSettingsMode.STRICT, +}; +const cedarJsonSchema = { + PhotoApp: { + entityTypes: { + User: {}, + Photo: {}, + }, + actions: { + viewPhoto: { + appliesTo: { + principalTypes: ['User'], + resourceTypes: ['Photo'], + }, + }, + }, + }, +}; +const cedarSchema = { + cedarJson: JSON.stringify(cedarJsonSchema), +}; +const policyStore = new PolicyStore(scope, 'PolicyStore', { + schema: cedarSchema, + validationSettings: validationSettingsStrict, +}); +const userPool = new UserPool(scope, 'UserPool'); // Creating a new Cognito UserPool +new IdentitySource(scope, 'IdentitySource', { + configuration: { + cognitoUserPoolConfiguration: { + clientIds: [ + '&ExampleCogClientId;', + ], + userPool: userPool, + }, + }, + policyStore: policyStore, + principalEntityType: 'PETEXAMPLEabcdefg111111', +}); +``` + +## Policy +Define a Policy and add it to a specific Policy Store +```ts +const statement = `permit( + principal, + action in [MyFirstApp::Action::"Read"], + resource +) when { + true +};`; + +const description = 'Test policy assigned to the test store'; +const validationSettingsOff = { + mode: ValidationSettingsMode.OFF, +}; +const policyStore = new PolicyStore(scope, 'PolicyStore', { + validationSettings: validationSettingsOff, +}); + +// Create a policy and add it to the policy store +const policy = new Policy(scope, 'MyTestPolicy', { + definition: { + static: { + statement, + description, + }, + }, + policyStore: policyStore, +}); +``` + +Define a policy with a template linked definition +```ts +const validationSettingsOff = { + mode: ValidationSettingsMode.OFF, +}; +const policyStore = new PolicyStore(scope, 'PolicyStore', { + validationSettings: validationSettingsOff, +}); +const policyTemplateStatement = ` +permit ( + principal == ?principal, + action in [TinyTodo::Action::"ReadList", TinyTodo::Action::"ListTasks"], + resource == ?resource +);`; +const template = new PolicyTemplate(scope, 'PolicyTemplate', { + statement: policyTemplateStatement, +}); + +const policy = new Policy(scope, 'MyTestPolicy', { + definition: { + templateLinked: { + policyTemplate: template, + principal: { + entityId: 'exampleId', + entityType: 'exampleType', + }, + resource: { + entityId: 'exampleId', + entityType: 'exampleType', + }, + }, + }, + policyStore: policyStore, +}); + +``` + +## Policy Template +Define a Policy Template referring to a Cedar Statement in local file +```ts +const validationSettingsOff = { + mode: ValidationSettingsMode.OFF, +}; +const policyStore = new PolicyStore(scope, 'PolicyStore', { + validationSettings: validationSettingsOff, +}); +new PolicyTemplate(scope, 'PolicyTemplate', { + description: 'Allows sharing photos in full access mode', + policyStore: policyStore, + statement: Statement.fromFile('assets/template-statement.cedar'), +}); +``` + +# Notes +* This project is following the AWS CDK Official Design Guidelines (see https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) and the AWS CDK New Constructs Creation Guide (see here https://github.com/aws/aws-cdk/blob/main/docs/NEW_CONSTRUCTS_GUIDE.md). + +* Feedback is a gift: if you find something wrong or you've ideas to improve please open an issue or a pull request diff --git a/package.json b/package.json index 818929f..6c1a89b 100644 --- a/package.json +++ b/package.json @@ -1,11 +1,13 @@ { - "name": "cdk-verified-permissions", + "name": "@cdklabs/cdk-verified-permissions", + "description": "L2 AWS CDK Constructs for Amazon Verified Permissions", "repository": { "type": "git", "url": "https://github.com/cdklabs/cdk-verified-permissions.git" }, "scripts": { "build": "npx projen build", + "bump": "npx projen bump", "clobber": "npx projen clobber", "compat": "npx projen compat", "compile": "npx projen compile", @@ -25,9 +27,11 @@ "post-compile": "npx projen post-compile", "post-upgrade": "npx projen post-upgrade", "pre-compile": "npx projen pre-compile", + "release": "npx projen release", "rosetta:extract": "npx projen rosetta:extract", "test": "npx projen test", "test:watch": "npx projen test:watch", + "unbump": "npx projen unbump", "upgrade": "npx projen upgrade", "upgrade-cdklabs-projen-project-types": "npx projen upgrade-cdklabs-projen-project-types", "upgrade-dev-deps": "npx projen upgrade-dev-deps", @@ -46,7 +50,7 @@ "@types/node": "^18", "@typescript-eslint/eslint-plugin": "^6", "@typescript-eslint/parser": "^6", - "aws-cdk-lib": "2.1.0", + "aws-cdk-lib": "2.92.0", "cdklabs-projen-project-types": "^0.1.187", "constructs": "10.0.5", "eslint": "^8", @@ -60,16 +64,22 @@ "jsii-pacmak": "^1.94.0", "jsii-rosetta": "^5.3.9", "projen": "^0.79.7", + "standard-version": "^9", "ts-jest": "^29.1.2", "ts-node": "^10.9.2", "typescript": "^5.3.3" }, "peerDependencies": { - "aws-cdk-lib": "^2.1.0", + "aws-cdk-lib": "^2.92.0", "constructs": "^10.0.5" }, "keywords": [ - "cdk" + "authorization", + "aws", + "aws-cdk", + "awscdk", + "cdk", + "verified-permissions" ], "engines": { "node": ">= 18.12.0" @@ -132,12 +142,12 @@ } }, "python": { - "distName": "cdk-verified-permissions", - "module": "cdk_verified_permissions" + "distName": "cdklabs.cdk-verified-permissions", + "module": "cdklabs.cdk_verified_permissions" }, "dotnet": { - "namespace": "CdklabsCdkVerifiedPermissions", - "packageId": "CdklabsCdkVerifiedPermissions" + "namespace": "Cdklabs.CdkVerifiedPermissions", + "packageId": "Cdklabs.CdkVerifiedPermissions" }, "go": { "moduleName": "github.com/cdklabs/cdk-verified-permissions-go" diff --git a/rosetta/default.ts-fixture b/rosetta/default.ts-fixture index 33ecad8..abd1030 100644 --- a/rosetta/default.ts-fixture +++ b/rosetta/default.ts-fixture @@ -1,13 +1,12 @@ // Fixture with packages imported, but nothing else +import { IdentitySource, Policy, PolicyType, PolicyTemplate, AddPolicyOptions, PolicyStore, ValidationSettingsMode, Statement } from '@cdklabs/cdk-verified-permissions'; +import { UserPool } from 'aws-cdk-lib/aws-cognito'; +import { Stack } from 'aws-cdk-lib'; import { Construct } from 'constructs'; -import { - Stack, -} from 'aws-cdk-lib'; class Fixture extends Stack { constructor(scope: Construct, id: string) { super(scope, id); - /// here } } \ No newline at end of file diff --git a/src/identity-source.ts b/src/identity-source.ts new file mode 100644 index 0000000..f33912c --- /dev/null +++ b/src/identity-source.ts @@ -0,0 +1,236 @@ +import { IUserPool, IUserPoolClient } from 'aws-cdk-lib/aws-cognito'; +import { CfnIdentitySource } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { ArnFormat, IResource, Lazy, Resource, Stack } from 'aws-cdk-lib/core'; +import { Construct } from 'constructs'; +import { IPolicyStore } from './policy-store'; + +export interface CognitoUserPoolConfiguration { + /** + * Client identifiers. + * + * @default - empty list. + */ + readonly clientIds?: string[]; + + /** + * Cognito User Pool. + * + * @default - no Cognito User Pool + */ + readonly userPool: IUserPool; +} + +export interface IdentitySourceConfiguration { + /** + * Cognito User Pool Configuration. + * + * @attribute + */ + readonly cognitoUserPoolConfiguration: CognitoUserPoolConfiguration; +} + +export interface IIdentitySource extends IResource { + /** + * Identity Source ARN. + * + * @attribute + */ + readonly identitySourceArn: string; + + /** + * Identity Source identifier. + * + * @attribute + */ + readonly identitySourceId: string; +} + +abstract class IdentitySourceBase extends Resource implements IIdentitySource { + abstract readonly identitySourceArn: string; + abstract readonly identitySourceId: string; +} + +export interface IdentitySourceAttributes { + /** + * The identity Source ARN. + * + * @attribute + */ + readonly identitySourceArn?: string; + + /** + * The identity Source identifier + * + * @attribute + */ + readonly identitySourceId?: string; +} + +export interface IdentitySourceProps { + /** + * Identity Source configuration. + */ + readonly configuration: IdentitySourceConfiguration; + + /** + * Policy Store in which you want to store this identity source + * + * @default - No policy store is set for the identity source. + */ + readonly policyStore?: IPolicyStore; + + /** + * Principal entity type + * + * @default - No principal entity type for the identity source. + */ + readonly principalEntityType?: string; +} + +export class IdentitySource extends IdentitySourceBase { + /** + * Create an Identity Source from its ARN + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param identitySourceArn The Identity Source ARN. + */ + public static fromIdentitySourceArn( + scope: Construct, + id: string, + identitySourceArn: string, + ): IIdentitySource { + return IdentitySource.fromIdentitySourceAttributes(scope, id, { + identitySourceArn, + }); + } + + /** + * Creates Identity Source from its attributes + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param attrs An `IdentitySourceAttributes` object. + */ + public static fromIdentitySourceAttributes( + scope: Construct, + id: string, + attrs: IdentitySourceAttributes, + ): IIdentitySource { + class Import extends IdentitySourceBase { + readonly identitySourceArn: string; + readonly identitySourceId: string; + + constructor(identitySourceArn: string, identitySourceId: string) { + super(scope, id); + + this.identitySourceArn = identitySourceArn; + this.identitySourceId = identitySourceId; + } + } + + let identitySourceArn: string; + let identitySourceId: string; + const stack = Stack.of(scope); + + if (!attrs.identitySourceId) { + if (!attrs.identitySourceArn) { + throw new Error( + 'One of identitySourceId or identitySourceArn is required!', + ); + } + + identitySourceArn = attrs.identitySourceArn; + const maybeId = stack.splitArn( + attrs.identitySourceArn, + ArnFormat.SLASH_RESOURCE_NAME, + ).resourceName; + + if (!maybeId) { + throw new Error( + `ARN for IdentitySource must be in the form: ${ArnFormat.SLASH_RESOURCE_NAME}`, + ); + } + + identitySourceId = maybeId; + } else { + if (attrs.identitySourceArn) { + throw new Error( + 'Only one of identitySourceArn or identitySourceId can be provided', + ); + } + + identitySourceId = attrs.identitySourceId; + identitySourceArn = stack.formatArn({ + resource: 'identity-source', + resourceName: attrs.identitySourceId, + service: 'verifiedpermissions', + }); + } + + return new Import(identitySourceArn, identitySourceId); + } + + /** + * Create an Identity Source from its identifier + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param identitySourceId The Identity Source identifier. + */ + public static fromIdentitySourceId( + scope: Construct, + id: string, + identitySourceId: string, + ): IIdentitySource { + return IdentitySource.fromIdentitySourceAttributes(scope, id, { + identitySourceId, + }); + } + + private readonly identitySource: CfnIdentitySource; + readonly clientIds: string[]; + readonly discoveryUrl: string; + readonly identitySourceArn: string; + readonly identitySourceId: string; + readonly openIdIssuer: string; + readonly userPoolArn: string; + readonly policyStore?: IPolicyStore; + + constructor(scope: Construct, id: string, props: IdentitySourceProps) { + super(scope, id); + + this.clientIds = + props.configuration.cognitoUserPoolConfiguration.clientIds ?? []; + this.userPoolArn = + props.configuration.cognitoUserPoolConfiguration.userPool.userPoolArn; + this.identitySource = new CfnIdentitySource(this, id, { + configuration: { + cognitoUserPoolConfiguration: { + clientIds: Lazy.list({ produce: () => this.clientIds }), + userPoolArn: this.userPoolArn, + }, + }, + policyStoreId: props.policyStore?.policyStoreId, + principalEntityType: props.principalEntityType, + }); + this.discoveryUrl = this.identitySource.attrDetailsDiscoveryUrl; + this.identitySourceId = this.identitySource.attrIdentitySourceId; + this.identitySourceArn = this.stack.formatArn({ + resource: 'identity-source', + resourceName: this.identitySourceId, + service: 'verifiedpermissions', + }); + this.openIdIssuer = this.identitySource.attrDetailsOpenIdIssuer; + this.policyStore = props.policyStore; + } + + /** + * Add a User Pool Client + * + * @param userPoolClient The User Pool Client Construct. + */ + public addUserPoolClient(userPoolClient: IUserPoolClient): void { + this.clientIds.push(userPoolClient.userPoolClientId); + } +} diff --git a/src/index.ts b/src/index.ts index 92c94b8..48919b9 100644 --- a/src/index.ts +++ b/src/index.ts @@ -1,5 +1,5 @@ -export class Hello { - public sayHello() { - return 'hello, world!'; - } -} \ No newline at end of file +export * from './identity-source'; +export * from './policy-store'; +export * from './policy-template'; +export * from './policy'; +export * from './statement'; diff --git a/src/policy-store.ts b/src/policy-store.ts new file mode 100644 index 0000000..038d8a6 --- /dev/null +++ b/src/policy-store.ts @@ -0,0 +1,324 @@ +import * as iam from 'aws-cdk-lib/aws-iam'; +import { CfnPolicyStore } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { ArnFormat, IResource, Resource, Stack } from 'aws-cdk-lib/core'; +import { Construct } from 'constructs'; +import { Policy, PolicyDefinitionProperty } from './policy'; +import { + AUTH_ACTIONS, + READ_ACTIONS, + WRITE_ACTIONS, +} from './private/permissions'; + +export interface ISchema { + cedarJson: string; +} + +export interface IValidationSettings { + mode: ValidationSettingsMode; +} + +/** + * Validation Settings mode, according to the Cloudformation PolicyStore resource + */ +export enum ValidationSettingsMode { + OFF = 'OFF', + STRICT = 'STRICT', +} + +export interface IPolicyStore extends IResource { + /** + * ARN of the Policy Store. + * + * @attribute + */ + readonly policyStoreArn: string; + + /** + * ID of the Policy Store. + * + * @attribute + */ + readonly policyStoreId: string; + + /** + * + * Adds an IAM policy statement associated with this policy store to an IAM + * principal's policy. + * + * @param grantee The principal (no-op if undefined) + * @param actions The set of actions to allow (i.e. "verifiedpermissions:IsAuthorized", "verifiedpermissions:ListPolicies", ...) + */ + grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant; + + /** + * Permits an IAM principal all read operations on the policy store: GetIdentitySource, + * GetPolicy, GetPolicyStore, GetPolicyTemplate, + * GetSchema, ListIdentitySources, ListPolicies, ListPolicyTemplates. + * + * @param grantee + */ + grantRead(grantee: iam.IGrantable): iam.Grant; + + /** + * Permits an IAM principal all write & read operations on the policy store: CreateIdentitySource, + * CreatePolicy,CreatePolicyTemplate, DeleteIdentitySource, DeletePolicy, + * DeletePolicyTemplate, PutSchema, UpdateIdentitySource, UpdatePolicy, UpdatePolicyTemplate. + * + * @param grantee + */ + grantWrite(grantee: iam.IGrantable): iam.Grant; + + /** + * Permits an IAM principal all auth operations on the policy store: + * IsAuthorized, IsAuthorizedWithToken + * @param grantee + */ + grantAuth(grantee: iam.IGrantable): iam.Grant; +} + +export interface PolicyStoreProps { + /** + * This attribute is not required from an API point of view. + * It represents the schema (in Cedar) to be applied to the PolicyStore. + * + * @default - The schema (in Cedar) to be applied to the PolicyStore. + */ + readonly schema?: ISchema; + + /** + * The policy store's validation settings. + * + * @default - If not provided, the Policy store will be created with ValidationSettingsMode = "OFF" + */ + readonly validationSettings: IValidationSettings; +} + +export interface AddPolicyOptions { + /** + * The id of the Policy. + */ + readonly policyId: string; + + /** + * The configuration of the Policy. + */ + readonly policyConfiguration: PolicyDefinitionProperty; +} + +export interface PolicyStoreAttributes { + /** + * The ARN of the Amazon Verified Permissions Policy Store. + * One of this, or `policyStoreId`, is required. + * + * @default - no PolicyStore arn + */ + readonly policyStoreArn?: string; + + /** + * The id of the Amazon Verified Permissions PolicyStore. + * One of this, or `policyStoreArn`, is required. + * + * @default - no PolicyStore id + */ + readonly policyStoreId?: string; +} + +abstract class PolicyStoreBase extends Resource implements IPolicyStore { + abstract readonly policyStoreArn: string; + abstract readonly policyStoreId: string; + + public grant(grantee: iam.IGrantable, ...actions: string[]): iam.Grant { + return iam.Grant.addToPrincipal({ + grantee, + actions, + resourceArns: [this.policyStoreArn], + scope: this, + }); + } + + public grantAuth(grantee: iam.IGrantable): iam.Grant { + return this.grant(grantee, ...AUTH_ACTIONS); + } + + public grantRead(grantee: iam.IGrantable): iam.Grant { + return this.grant(grantee, ...READ_ACTIONS); + } + + public grantWrite(grantee: iam.IGrantable): iam.Grant { + return this.grant(grantee, ...WRITE_ACTIONS.concat(READ_ACTIONS)); + } +} + +export class PolicyStore extends PolicyStoreBase { + /** + * Create a PolicyStore construct that represents an external policy store via policy store id. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param policyStoreId The PolicyStore's id. + */ + public static fromPolicyStoreId( + scope: Construct, + id: string, + policyStoreId: string, + ): IPolicyStore { + return PolicyStore.fromPolicyStoreAttributes(scope, id, { policyStoreId }); + } + + /** + * Create a PolicyStore construct that represents an external PolicyStore via policy store arn. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param policyStoreArn The PolicyStore's ARN. + */ + public static fromPolicyStoreArn( + scope: Construct, + id: string, + policyStoreArn: string, + ): IPolicyStore { + return PolicyStore.fromPolicyStoreAttributes(scope, id, { policyStoreArn }); + } + + /** + * Creates a PolicyStore construct that represents an external Policy Store. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param attrs A `PolicyStoreAttributes` object. + */ + public static fromPolicyStoreAttributes( + scope: Construct, + id: string, + attrs: PolicyStoreAttributes, + ): IPolicyStore { + class Import extends PolicyStoreBase { + readonly policyStoreArn: string; + readonly policyStoreId: string; + + constructor(policyStoreArn: string, policyStoreId: string) { + super(scope, id); + + this.policyStoreArn = policyStoreArn; + this.policyStoreId = policyStoreId; + } + } + + let policyStoreId: string; + let policyStoreArn: string; + const stack = Stack.of(scope); + + if (!attrs.policyStoreId) { + if (!attrs.policyStoreArn) { + throw new Error('One of policyStoreId or policyStoreArn is required!'); + } + + policyStoreArn = attrs.policyStoreArn; + const maybeId = stack.splitArn( + attrs.policyStoreArn, + ArnFormat.SLASH_RESOURCE_NAME, + ).resourceName; + + if (!maybeId) { + throw new Error( + `ARN for PolicyStore must be in the form: ${ArnFormat.SLASH_RESOURCE_NAME}`, + ); + } + + policyStoreId = maybeId; + } else { + if (attrs.policyStoreArn) { + throw new Error( + 'Only one of policyStoreArn or policyStoreId can be provided', + ); + } + + policyStoreId = attrs.policyStoreId; + policyStoreArn = stack.formatArn({ + resource: 'policy-store', + resourceName: attrs.policyStoreId, + service: 'verifiedpermissions', + }); + } + + return new Import(policyStoreArn, policyStoreId); + } + + private readonly policyStore: CfnPolicyStore; + /** + * ARN of the Policy Store. + * + * @attribute + */ + readonly policyStoreArn: string; + /** + * ID of the Policy Store. + * + * @attribute + */ + readonly policyStoreId: string; + + /** + * Name of the Policy Store. + */ + readonly policyStoreName: string; + + /** + * Schema definition of the Policy Store. + */ + readonly schema?: ISchema; + + /** + * Validation Settings of the Policy Store. + */ + readonly validationSettings: IValidationSettings; + + constructor( + scope: Construct, + id: string, + props: PolicyStoreProps = { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }, + ) { + super(scope, id); + + this.policyStore = new CfnPolicyStore(this, id, { + schema: props.schema + ? { + cedarJson: props.schema.cedarJson, + } + : undefined, + validationSettings: props.validationSettings, + }); + this.policyStoreArn = this.getResourceArnAttribute( + this.policyStore.attrArn, + { + resource: 'policy-store', + resourceName: this.physicalName, + service: 'verifiedpermissions', + }, + ); + this.policyStoreName = this.getResourceNameAttribute(this.policyStore.ref); + this.policyStoreId = this.policyStore.attrPolicyStoreId; + this.schema = props.schema; + this.validationSettings = props.validationSettings; + } + + /** + * Add multiple policies to the policy store + * + * @param policyDefinitions An array of policy options for the policy stores policies. + * @returns An array of created policy constructs. + */ + public addPolicies(policyDefinitions: AddPolicyOptions[]): Policy[] { + let policies = policyDefinitions.map((policyOption) => { + return new Policy(this, policyOption.policyId, { + policyStore: this, + definition: policyOption.policyConfiguration, + }); + }); + return policies; + } +} diff --git a/src/policy-template.ts b/src/policy-template.ts new file mode 100644 index 0000000..7dde342 --- /dev/null +++ b/src/policy-template.ts @@ -0,0 +1,131 @@ +import { CfnPolicyTemplate } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { IResource, Resource } from 'aws-cdk-lib/core'; +import { Construct } from 'constructs'; +import { IPolicyStore } from './policy-store'; + +export interface IPolicyTemplate extends IResource { + /** + * The ID of the policy template. + * + * @attribute + */ + readonly policyTemplateId: string; +} + +export interface PolicyTemplateProps { + /** + * Specifies the content that you want to use for the new policy template, written in the Cedar policy language. + * + * @default - The statement to attach to the new or updated policy template. + */ + readonly statement: string; + + /** + * The description to attach to the new or updated policy template. + * + * @default - No description. + */ + readonly description?: string; + + /** + * The policy store that contains the template. + * + * @default - No policy store. + */ + readonly policyStore?: IPolicyStore; +} + +export interface PolicyTemplateAttributes { + /** + * The id of the Amazon Verified Permissions PolicyTemplate. + */ + readonly policyTemplateId: string; +} + +abstract class PolicyTemplateBase extends Resource implements IPolicyTemplate { + abstract readonly policyTemplateId: string; +} + +export class PolicyTemplate extends PolicyTemplateBase { + /** + * Create a PolicyTemplate construct that represents an external policy template via policy template id. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param policyTemplateId The PolicyTemplate's id. + */ + public static fromPolicyTemplateId( + scope: Construct, + id: string, + policyTemplateId: string, + ): IPolicyTemplate { + return PolicyTemplate.fromPolicyTemplateAttributes(scope, id, { + policyTemplateId, + }); + } + + /** + * Creates a PolicyStore construct that represents an external Policy Store. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct's name. + * @param attrs A `PolicyStoreAttributes` object. + */ + public static fromPolicyTemplateAttributes( + scope: Construct, + id: string, + attrs: PolicyTemplateAttributes, + ): IPolicyTemplate { + class Import extends PolicyTemplateBase { + readonly policyTemplateId: string; + + constructor(policyTemplateId: string) { + super(scope, id); + + this.policyTemplateId = policyTemplateId; + } + } + + let policyTemplateId: string; + policyTemplateId = attrs.policyTemplateId; + + return new Import(policyTemplateId); + } + + private readonly policyTemplate: CfnPolicyTemplate; + /** + * The ID of the policy template. + * + * @attribute + */ + readonly policyTemplateId: string; + + /** + * The statement of the policy template. + */ + readonly statement: string; + + /** + * Description of the policy template. + */ + readonly description?: string; + + /** + * The Policy store that contains the template. + */ + readonly policyStore?: IPolicyStore; + + constructor(scope: Construct, id: string, props: PolicyTemplateProps) { + super(scope, id); + + this.policyTemplate = new CfnPolicyTemplate(this, id, { + statement: props.statement, + description: props.description, + policyStoreId: props.policyStore?.policyStoreId, + }); + this.policyTemplateId = this.policyTemplate.attrPolicyTemplateId; + this.statement = this.policyTemplate.statement; + this.description = props.description; + this.policyStore = props.policyStore; + } +} diff --git a/src/policy.ts b/src/policy.ts new file mode 100644 index 0000000..f0506b6 --- /dev/null +++ b/src/policy.ts @@ -0,0 +1,220 @@ +import { CfnPolicy } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { IResource, Resource } from 'aws-cdk-lib/core'; +import { Construct } from 'constructs'; +import { IPolicyStore } from './policy-store'; +import { IPolicyTemplate } from './policy-template'; + +export interface EntityIdentifierProperty { + /** + * The identifier of an entity. + */ + readonly entityId: string; + + /** + * The type of an entity. + */ + readonly entityType: string; +} + +export interface TemplateLinkedPolicyDefinitionProperty { + /** + * The unique identifier of the policy template used to create this policy. + */ + readonly policyTemplate: IPolicyTemplate; + + /** + * The principal associated with this template-linked policy. + * + * @default - No Principal. It is set to unspecified. + */ + readonly principal?: EntityIdentifierProperty; + + /** + * The resource associated with this template-linked policy. + * + * @default - No Resource. It is set to unspecified. + */ + readonly resource?: EntityIdentifierProperty; +} + +export interface StaticPolicyDefinitionProperty { + /** + * The policy content of the static policy, written in the Cedar policy language. + */ + readonly statement: string; + + /** + * The description of the static policy. + * + * @default - Empty description. + */ + readonly description?: string; +} + +export interface PolicyDefinitionProperty { + /** + * A structure that describes a static policy. + * + * @default - Static must be set for policies created from a static definition. Otherwise, use template linked definitions. + */ + readonly static?: StaticPolicyDefinitionProperty; + + /** + * A structure that describes a policy that was instantiated from a template. + * + * @default - Template linked must be set for policies created from a static definition. Otherwise, use static definitions. + */ + readonly templateLinked?: TemplateLinkedPolicyDefinitionProperty; +} + +export interface IPolicy extends IResource { + /** + * The unique ID of the new or updated policy. + * + * @attribute + */ + readonly policyId: string; + + /** + * The type of the policy. This is one of the following values: Static or TemplateLinked. + * + * @attribute + */ + readonly policyType: PolicyType; +} + +export interface PolicyAttributes { + /** + * The unique ID of the new or updated policy. + */ + readonly policyId: string; + + /** + * The type of the policy. This is one of the following values: Static or TemplateLinked + * + * @default - Static + */ + readonly policyType?: PolicyType; +} + +export interface PolicyProps { + /** + * Specifies the policy type and content to use for the new or updated policy. + * The definition structure must include either a Static or a TemplateLinked element. + */ + readonly definition: PolicyDefinitionProperty; + + /** + * The policy store that contains the policy. + */ + readonly policyStore: IPolicyStore; +} + +abstract class PolicyBase extends Resource implements IPolicy { + abstract readonly policyId: string; + abstract readonly policyType: PolicyType; +} + +export class Policy extends PolicyBase { + /** + * Import a policy into the CDK using its id. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct id. + * @param policyId The policy id. + */ + public static fromPolicyId( + scope: Construct, + id: string, + policyId: string, + ): IPolicy { + return Policy.fromPolicyAttributes(scope, id, { policyId }); + } + + /** + * Import a Policy construct from attributes. + * + * @param scope The parent creating construct (usually `this`). + * @param id The construct id. + * @param attrs A `PolicyAttributes` object. + * @returns + */ + public static fromPolicyAttributes( + scope: Construct, + id: string, + attrs: PolicyAttributes, + ): IPolicy { + class Import extends PolicyBase { + public readonly policyId: string; + public readonly policyType: PolicyType; + + constructor(policyType: PolicyType, policyId: string) { + super(scope, id); + this.policyType = policyType; + this.policyId = policyId; + } + } + const policyType = attrs.policyType ?? PolicyType.STATIC; + + return new Import(policyType, attrs.policyId); + } + + readonly policyId: string; + readonly policyType: PolicyType; + readonly definition: PolicyDefinitionProperty; + readonly policyStoreId: string; + private readonly policy: CfnPolicy; + + constructor(scope: Construct, id: string, props: PolicyProps) { + super(scope, id); + + // validations + if (props.definition.static && props.definition.templateLinked) { + throw new Error('Policy can either be static or templateLinked'); + } + if (!props.definition.static && !props.definition.templateLinked) { + throw new Error('Policy must either be static or templateLinked'); + } + + var definition; + if (props.definition.static) { + definition = { + static: { + ...props.definition.static, + statement: props.definition.static!.statement, + }, + }; + } else { + definition = { + templateLinked: { + policyTemplateId: + props.definition.templateLinked!.policyTemplate.policyTemplateId, + principal: props.definition.templateLinked!.principal, + resource: props.definition.templateLinked!.resource, + }, + }; + } + + // resource + this.policy = new CfnPolicy(this, id, { + definition: definition, + policyStoreId: props.policyStore.policyStoreId, + }); + + // assign construct props + this.policyId = this.policy.attrPolicyId; + this.policyType = props.definition.static + ? PolicyType.STATIC + : PolicyType.TEMPLATELINKED; + this.definition = props.definition; + this.policyStoreId = props.policyStore.policyStoreId; + } +} + +/** + * PolicyType options + */ +export enum PolicyType { + STATIC = 'Static', + TEMPLATELINKED = 'TemplateLinked', +} diff --git a/src/private/permissions.ts b/src/private/permissions.ts new file mode 100644 index 0000000..6a392eb --- /dev/null +++ b/src/private/permissions.ts @@ -0,0 +1,28 @@ +export const AUTH_ACTIONS = [ + 'verifiedpermissions:IsAuthorized', + 'verifiedpermissions:IsAuthorizedWithToken', +]; + +export const READ_ACTIONS = [ + 'verifiedpermissions:GetIdentitySource', + 'verifiedpermissions:GetPolicy', + 'verifiedpermissions:GetPolicyStore', + 'verifiedpermissions:GetPolicyTemplate', + 'verifiedpermissions:GetSchema', + 'verifiedpermissions:ListIdentitySources', + 'verifiedpermissions:ListPolicies', + 'verifiedpermissions:ListPolicyTemplates', +]; + +export const WRITE_ACTIONS = [ + 'verifiedpermissions:CreateIdentitySource', + 'verifiedpermissions:CreatePolicy', + 'verifiedpermissions:CreatePolicyTemplate', + 'verifiedpermissions:DeleteIdentitySource', + 'verifiedpermissions:DeletePolicy', + 'verifiedpermissions:DeletePolicyTemplate', + 'verifiedpermissions:PutSchema', + 'verifiedpermissions:UpdateIdentitySource', + 'verifiedpermissions:UpdatePolicy', + 'verifiedpermissions:UpdatePolicyTemplate', +]; \ No newline at end of file diff --git a/src/statement.ts b/src/statement.ts new file mode 100644 index 0000000..ce1eca5 --- /dev/null +++ b/src/statement.ts @@ -0,0 +1,29 @@ +import { readFileSync } from 'fs'; +/* + * Represents the Policy Statement. + */ +export class Statement { + /** + * Inline statement for policy + * @returns `InlineStatement` with inline statement. + * @param statement The actual statement + */ + public static fromInline(statement: string): string { + if (statement.length === 0) { + throw new Error('Policies inline statement cannot be empty'); + } + return statement; + } + + /** + * Loads the statement from a local disk path. + * @returns `DirectoryStatement` with statement from file path. + * @param path A path with the policy statement + */ + public static fromFile(path: string): string { + if (path.length === 0) { + throw new Error('Policy path cannot be empty'); + } + return readFileSync(path, 'utf-8'); + } +} diff --git a/test/hello.test.ts b/test/hello.test.ts deleted file mode 100644 index acbacd4..0000000 --- a/test/hello.test.ts +++ /dev/null @@ -1,5 +0,0 @@ -import { Hello } from '../src'; - -test('hello', () => { - expect(new Hello().sayHello()).toBe('hello, world!'); -}); \ No newline at end of file diff --git a/test/identity-source.test.ts b/test/identity-source.test.ts new file mode 100644 index 0000000..844d275 --- /dev/null +++ b/test/identity-source.test.ts @@ -0,0 +1,207 @@ +import { ArnFormat, Aws, Stack } from 'aws-cdk-lib'; +import { Match, Template } from 'aws-cdk-lib/assertions'; +import { CfnUserPool, UserPool, UserPoolClient } from 'aws-cdk-lib/aws-cognito'; +import { CfnPolicyStore } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { getResourceLogicalId } from './utils'; +import { IdentitySource } from '../src/identity-source'; +import { PolicyStore, ValidationSettingsMode } from '../src/policy-store'; + + +describe('Identity Source creation', () => { + + test('Creating Identity Source with required properties', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const userPool = new UserPool(stack, 'UserPool'); + new IdentitySource(stack, 'IdentitySource', { + configuration: { + cognitoUserPoolConfiguration: { + userPool: userPool, + }, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::VerifiedPermissions::IdentitySource', { + Configuration: { + CognitoUserPoolConfiguration: { + UserPoolArn: { + 'Fn::GetAtt': [ + getResourceLogicalId(userPool, CfnUserPool), + 'Arn', + ], + }, + }, + }, + }); + }); + + test('Creating Identity Source with all properties', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const userPool = new UserPool(stack, 'UserPool'); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId(policyStore, CfnPolicyStore); + new IdentitySource(stack, 'IdentitySource', { + configuration: { + cognitoUserPoolConfiguration: { + clientIds: [ + '&ExampleCogClientId;', + ], + userPool: userPool, + }, + }, + policyStore: policyStore, + principalEntityType: 'PETEXAMPLEabcdefg111111', + }); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::VerifiedPermissions::IdentitySource', { + Configuration: { + CognitoUserPoolConfiguration: { + ClientIds: [ + '&ExampleCogClientId;', + ], + UserPoolArn: { + 'Fn::GetAtt': [ + getResourceLogicalId(userPool, CfnUserPool), + 'Arn', + ], + }, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [policyStoreLogicalId, 'PolicyStoreId'], + }, + PrincipalEntityType: 'PETEXAMPLEabcdefg111111', + }); + }); +}); + +describe('Identity Source reference existing Identity Source', () => { + test('Referencing existing Identity Source providing Identity Source ARN', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const identitySourceArn = 'arn:aws:verifiedpermissions:us-east-1::identity-source/ArE4uRLVgxtSX1Bx56NRTY'; + const identitySource = IdentitySource.fromIdentitySourceArn(stack, 'ImportedIdentitySource', identitySourceArn); + + // THEN + expect(identitySource.identitySourceArn).toBe(identitySourceArn); + + const extractedIdentitySourceIdFromArn = stack.splitArn(identitySource.identitySourceArn, ArnFormat.SLASH_RESOURCE_NAME).resourceName; + + expect(identitySource.identitySourceId).toBe(extractedIdentitySourceIdFromArn); + }); + + test('Referencing existing Identity Source providing Identity Source ARN and Identity Source identifier', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const identitySourceId = 'ArE4uRLVgxtSX1Bx56NRTY'; + const identitySourceArn = `arn:aws:verifiedpermissions:us-east-1::policy-store/${identitySourceId}`; + + // THEN + expect( + () => IdentitySource.fromIdentitySourceAttributes(stack, 'ImportedIdentitySource', { + identitySourceArn: identitySourceArn, identitySourceId: identitySourceId, + }), + ).toThrow(/Only one of identitySourceArn or identitySourceId can be provided/); + }); + + test('Referencing existing Identity Source without providing Identity Source ARN nor Identity Source id', () => { + // GIVEN + const stack = new Stack(); + + // THEN + expect( + () => IdentitySource.fromIdentitySourceAttributes(stack, 'ImportedIdentitySource', {}), + ).toThrow(/One of identitySourceId or identitySourceArn is required!/); + }); + + test('Referencing existing Identity Source providing Identity Source identifier', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const identitySourceId = 'ArE4uRLVgxtSX1Bx56NRTY'; + const identitySource = IdentitySource.fromIdentitySourceId(stack, 'ImportedIdentitySource', identitySourceId); + + // THEN + expect(identitySource.identitySourceId).toBe(identitySourceId); + expect(identitySource.identitySourceArn).toBe(`arn:${Aws.PARTITION}:verifiedpermissions:${Aws.REGION}:${Aws.ACCOUNT_ID}:identity-source/${identitySourceId}`); + }); + + test('Referencing existing Identity Source providing Identity Source malformed ARN', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const identitySourceArn = 'arn:aws:verifiedpermissions:us-east-1::policy-store/'; + const error = `ARN for IdentitySource must be in the form: ${ArnFormat.SLASH_RESOURCE_NAME}`; + + // THEN + expect( + () => IdentitySource.fromIdentitySourceArn(stack, 'ImportedIdentitySource', identitySourceArn), + ).toThrow(error); + }); +}); + +describe('User Pool Client addition', () => { + test('Adding a User Pool Client', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const userPool = new UserPool(stack, 'UserPool'); + const userPoolClient = new UserPoolClient(stack, 'UserPoolClient', { userPool: userPool }); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId(policyStore, CfnPolicyStore); + const identitySource = new IdentitySource(stack, 'IdentitySource', { + configuration: { + cognitoUserPoolConfiguration: { + userPool: userPool, + }, + }, + policyStore: policyStore, + }); + + identitySource.addUserPoolClient(userPoolClient); + + // THEN + Template.fromStack(stack).hasResourceProperties('AWS::VerifiedPermissions::IdentitySource', { + Configuration: { + CognitoUserPoolConfiguration: { + ClientIds: [ + Match.objectEquals({ + Ref: Match.stringLikeRegexp('UserPoolClient*'), + }), + ], + UserPoolArn: { + 'Fn::GetAtt': [ + getResourceLogicalId(userPool, CfnUserPool), + 'Arn', + ], + }, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [policyStoreLogicalId, 'PolicyStoreId'], + }, + }); + }); +}); diff --git a/test/policy-store.test.ts b/test/policy-store.test.ts new file mode 100644 index 0000000..276dfdc --- /dev/null +++ b/test/policy-store.test.ts @@ -0,0 +1,441 @@ +import { ArnFormat, Aws, Stack } from 'aws-cdk-lib'; +import { Template } from 'aws-cdk-lib/assertions'; +import * as iam from 'aws-cdk-lib/aws-iam'; +import { CfnPolicy, CfnPolicyStore } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { getResourceLogicalId } from './utils'; +import { PolicyDefinitionProperty } from '../src/policy'; +import { + AddPolicyOptions, + PolicyStore, + ValidationSettingsMode, +} from '../src/policy-store'; +import { + AUTH_ACTIONS, + READ_ACTIONS, + WRITE_ACTIONS, +} from '../src/private/permissions'; +import { Statement } from '../src/statement'; + +const cedarJsonSchemaExample = { + PhotoApp: { + entityTypes: { + User: {}, + Photo: {}, + }, + actions: { + viewPhoto: { + appliesTo: { + principalTypes: ['User'], + resourceTypes: ['Photo'], + }, + }, + }, + }, +}; + +describe('Policy Store creation', () => { + test('Creating Policy Store only with validation settings (mode = OFF)', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyStore', + { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }, + ); + }); + + test('Creating Policy Store with defaults', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + new PolicyStore(stack, 'PolicyStore'); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyStore', + { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }, + ); + }); + + test('Creating Policy Store with validation settings and schema (mode = STRICT)', () => { + // GIVEN + const cedarJsonSchema = cedarJsonSchemaExample; + const stack = new Stack(undefined, 'Stack'); + + // WHEN + new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.STRICT, + }, + schema: { + cedarJson: JSON.stringify(cedarJsonSchema), + }, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyStore', + { + ValidationSettings: { + Mode: ValidationSettingsMode.STRICT, + }, + Schema: { + CedarJson: JSON.stringify(cedarJsonSchema), + }, + }, + ); + }); +}); + +describe('Policy Store grant to IGrantable', () => { + test('Creating Policy Store with validation settings (mode = OFF), granting read to a role', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const role = new iam.Role(stack, 'myCustomIAMRole', { + assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'), + roleName: 'myCustomRole', + }); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId( + policyStore, + CfnPolicyStore, + ); + + policyStore.grantRead(role); + + // THEN + const template = Template.fromStack(stack); + + template.hasResourceProperties('AWS::VerifiedPermissions::PolicyStore', { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: READ_ACTIONS, + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [policyStoreLogicalId, 'Arn'], + }, + }, + ], + }, + }); + }); + + test('Creating Policy Store with validation settings (mode = OFF), granting write to a role', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const role = new iam.Role(stack, 'myCustomIAMRole', { + assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'), + roleName: 'myCustomRole', + }); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId( + policyStore, + CfnPolicyStore, + ); + + policyStore.grantWrite(role); + + // THEN + const template = Template.fromStack(stack); + + template.hasResourceProperties('AWS::VerifiedPermissions::PolicyStore', { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: WRITE_ACTIONS.concat(READ_ACTIONS), + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [policyStoreLogicalId, 'Arn'], + }, + }, + ], + }, + }); + }); + + test('Creating Policy Store with validation settings (mode = OFF), granting auth to a role', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const role = new iam.Role(stack, 'myCustomIAMRole', { + assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'), + roleName: 'myCustomRole', + }); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId( + policyStore, + CfnPolicyStore, + ); + + policyStore.grantAuth(role); + + // THEN + const template = Template.fromStack(stack); + + template.hasResourceProperties('AWS::VerifiedPermissions::PolicyStore', { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: AUTH_ACTIONS, + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [policyStoreLogicalId, 'Arn'], + }, + }, + ], + }, + }); + }); + + test('Creating Policy Store with validation settings (mode = OFF), using generic grant() method on PolicyStore', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const role = new iam.Role(stack, 'myCustomIAMRole', { + assumedBy: new iam.ServicePrincipal('sns.amazonaws.com'), + roleName: 'myCustomRole', + }); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId( + policyStore, + CfnPolicyStore, + ); + + policyStore.grant( + role, + ...AUTH_ACTIONS.concat(READ_ACTIONS).concat(WRITE_ACTIONS), + ); + + // THEN + const template = Template.fromStack(stack); + + template.hasResourceProperties('AWS::VerifiedPermissions::PolicyStore', { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }); + template.hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: [ + { + Action: AUTH_ACTIONS.concat(READ_ACTIONS).concat(WRITE_ACTIONS), + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [policyStoreLogicalId, 'Arn'], + }, + }, + ], + }, + }); + }); +}); + +describe('Policy Store add Policies', () => { + test('Creating Policy Store and adding Policies', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + const statement = `permit( + principal, + action in [MyFirstApp::Action::"Read"], + resource + ) when { + true + };`; + const description = 'Test policy assigned to the test store'; + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const policyId = 'MyBeautifulPolicy'; + const staticDefinition = { + description: description, + statement: Statement.fromInline(statement), + }; + const policiesToBeAdded: AddPolicyOptions[] = [ + { + policyId: policyId, + policyConfiguration: { + static: staticDefinition, + }, + }, + ]; + const addedPolicies = policyStore.addPolicies(policiesToBeAdded); + + // THEN + const template = Template.fromStack(stack); + expect(addedPolicies.length).toBe(1); + addedPolicies.map((policy) => { + const policyDefinition = policy.definition as PolicyDefinitionProperty; + expect(policyDefinition.static).toBe(staticDefinition); + }); + + template.hasResourceProperties('AWS::VerifiedPermissions::PolicyStore', { + ValidationSettings: { + Mode: ValidationSettingsMode.OFF, + }, + }); + const policyStoreLogicalId = getResourceLogicalId( + policyStore, + CfnPolicyStore, + ); + template.hasResourceProperties('AWS::VerifiedPermissions::Policy', { + Definition: { + Static: { + Description: description, + Statement: statement, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [policyStoreLogicalId, 'PolicyStoreId'], + }, + }); + const policyLogicalId = getResourceLogicalId(addedPolicies[0], CfnPolicy); + expect(policyLogicalId).toContain(policyId); + }); +}); + +describe('Policy Store reference existing policy store', () => { + test('Referencing existing policy store providing policy store id', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyStoreId = 'ArE4uRLVgxtSX1Bx56NRTY'; + const policyStore = PolicyStore.fromPolicyStoreId( + stack, + 'ImportedPolicyStore', + policyStoreId, + ); + + // THEN + expect(policyStore.policyStoreId).toBe(policyStoreId); + expect(policyStore.policyStoreArn).toBe( + `arn:${Aws.PARTITION}:verifiedpermissions:${Aws.REGION}:${Aws.ACCOUNT_ID}:policy-store/${policyStoreId}`, + ); + }); + + test('Referencing existing policy store providing policy store ARN', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyStoreArn = + 'arn:aws:verifiedpermissions:us-east-1::policy-store/ArE4uRLVgxtSX1Bx56NRTY'; + const policyStore = PolicyStore.fromPolicyStoreArn( + stack, + 'ImportedPolicyStore', + policyStoreArn, + ); + + // THEN + expect(policyStore.policyStoreArn).toBe(policyStoreArn); + const extractedPolicyStoreIdFromArn = stack.splitArn( + policyStore.policyStoreArn, + ArnFormat.SLASH_RESOURCE_NAME, + ).resourceName; + expect(policyStore.policyStoreId).toBe(extractedPolicyStoreIdFromArn); + }); + + test('Referencing existing policy store providing policy store malformed ARN', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyStoreArn = + 'arn:aws:verifiedpermissions:us-east-1::policy-store/'; + const error = `ARN for PolicyStore must be in the form: ${ArnFormat.SLASH_RESOURCE_NAME}`; + // THEN + expect(() => + PolicyStore.fromPolicyStoreArn( + stack, + 'ImportedPolicyStore', + policyStoreArn, + ), + ).toThrow(error); + }); + + test('Referencing existing policy store providing policy store ARN and policy store id', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyStoreId = 'ArE4uRLVgxtSX1Bx56NRTY'; + const policyStoreArn = `arn:aws:verifiedpermissions:us-east-1::policy-store/${policyStoreId}`; + + // THEN + expect(() => + PolicyStore.fromPolicyStoreAttributes(stack, 'ImportedPolicyStore', { + policyStoreArn: policyStoreArn, + policyStoreId: policyStoreId, + }), + ).toThrow(/Only one of policyStoreArn or policyStoreId can be provided/); + }); + + test('Referencing existing policy store without providing policy store ARN nor policy store id', () => { + // GIVEN + const stack = new Stack(); + + // THEN + expect(() => + PolicyStore.fromPolicyStoreAttributes(stack, 'ImportedPolicyStore', {}), + ).toThrow(/One of policyStoreId or policyStoreArn is required!/); + }); +}); diff --git a/test/policy-template.test.ts b/test/policy-template.test.ts new file mode 100644 index 0000000..516b377 --- /dev/null +++ b/test/policy-template.test.ts @@ -0,0 +1,104 @@ +import { Stack } from 'aws-cdk-lib'; +import { Template } from 'aws-cdk-lib/assertions'; +import { CfnPolicyStore } from 'aws-cdk-lib/aws-verifiedpermissions'; +import { getResourceLogicalId } from './utils'; +import { PolicyStore, ValidationSettingsMode } from '../src/policy-store'; +import { PolicyTemplate } from '../src/policy-template'; +import { Statement } from '../src/statement'; + +const policyTemplateStatement = ` +permit ( + principal == ?principal, + action in [TinyTodo::Action::"ReadList", TinyTodo::Action::"ListTasks"], + resource == ?resource +);`; + +describe('Policy Template creation', () => { + test('Policy Template creation only with Statement', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + new PolicyTemplate(stack, 'PolicyTemplate', { + statement: Statement.fromInline(policyTemplateStatement), + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyTemplate', + { + Statement: policyTemplateStatement, + }, + ); + }); + + test('Policy Template creation with Statement and Description', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + new PolicyTemplate(stack, 'PolicyTemplate', { + statement: Statement.fromInline(policyTemplateStatement), + description: 'Test Description for Policy Template', + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyTemplate', + { + Statement: policyTemplateStatement, + Description: 'Test Description for Policy Template', + }, + ); + }); + + test('Policy Template creation with Statement and Description and PolicyStoreId', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // WHEN + new PolicyTemplate(stack, 'PolicyTemplate', { + statement: Statement.fromInline(policyTemplateStatement), + description: 'Test Description for Policy Template', + policyStore: policyStore, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::PolicyTemplate', + { + Statement: policyTemplateStatement, + Description: 'Test Description for Policy Template', + PolicyStoreId: { + 'Fn::GetAtt': [ + getResourceLogicalId(policyStore, CfnPolicyStore), + 'PolicyStoreId', + ], + }, + }, + ); + }); +}); + +describe('Policy template reference existing policy template', () => { + test('Referencing existing policy template providing policy template id', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyTemplateId = 'testId'; + const policyTemplate = PolicyTemplate.fromPolicyTemplateId( + stack, + 'ImportedPolicyTemplate', + policyTemplateId, + ); + + // THEN + expect(policyTemplate.policyTemplateId).toBe(policyTemplateId); + }); +}); diff --git a/test/policy.test.ts b/test/policy.test.ts new file mode 100644 index 0000000..8f97151 --- /dev/null +++ b/test/policy.test.ts @@ -0,0 +1,339 @@ +import { Stack } from 'aws-cdk-lib'; +import { Template } from 'aws-cdk-lib/assertions'; +import { + CfnPolicyStore, + CfnPolicyTemplate, +} from 'aws-cdk-lib/aws-verifiedpermissions'; +import { getResourceLogicalId } from './utils'; +import { Policy, PolicyType } from '../src/policy'; +import { PolicyStore, ValidationSettingsMode } from '../src/policy-store'; +import { PolicyTemplate } from '../src/policy-template'; +import { Statement } from '../src/statement'; + +describe('Policy creation', () => { + // Example static statement to reuse + const statementString = `permit ( + principal, + action in [MyFirstApp::Action::"Read"], + resource +) +when { true };`; + + const policyTemplateStatement = `permit ( + principal == ?principal, + action in [TinyTodo::Action::"ReadList", TinyTodo::Action::"ListTasks"], + resource == ?resource + );`; + + // Example description to reuse + const description = 'Test policy assigned to the test store'; + + test('Creating a policy with a static definition should have the defined properties', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // Create a policy and add it to the policy store + const policy = new Policy(stack, 'MyTestPolicy', { + definition: { + static: { + statement: Statement.fromInline(statementString), + description, + }, + }, + policyStore: policyStore, + }); + + // THEN + // Validate Cfn properties + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::Policy', + { + Definition: { + Static: { + Description: description, + Statement: statementString, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [ + getResourceLogicalId(policyStore, CfnPolicyStore), + 'PolicyStoreId', + ], + }, + }, + ); + + // Validate construct properties + expect(policy.policyId).toBeDefined(); + expect(policy.policyType).toEqual(PolicyType.STATIC); + expect(policy.definition).toEqual({ + static: { + statement: Statement.fromInline(statementString), + description, + }, + }); + }); + + test('Creating a policy with a static definition from path', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // Create a policy and add it to the policy store + const policy = new Policy(stack, 'MyTestPolicy', { + definition: { + static: { + statement: Statement.fromFile('test/statement.cedar'), + description, + }, + }, + policyStore: policyStore, + }); + + // THEN + // Validate Cfn properties + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::Policy', + { + Definition: { + Static: { + Description: description, + Statement: statementString, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [ + getResourceLogicalId(policyStore, CfnPolicyStore), + 'PolicyStoreId', + ], + }, + }, + ); + + // Validate construct properties + expect(policy.policyId).toBeDefined(); + expect(policy.policyType).toEqual(PolicyType.STATIC); + }); + + test('Creating a policy with a static definition from path', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // Create a policy and add it to the policy store + const policy = new Policy(stack, 'MyTestPolicy', { + definition: { + static: { + statement: Statement.fromFile('test/statement.cedar'), + description, + }, + }, + policyStore: policyStore, + }); + + // THEN + // Validate Cfn properties + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::Policy', + { + Definition: { + Static: { + Description: description, + Statement: statementString, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [ + getResourceLogicalId(policyStore, CfnPolicyStore), + 'PolicyStoreId', + ], + }, + }, + ); + + // Validate construct properties + expect(policy.policyId).toBeDefined(); + expect(policy.policyType).toEqual(PolicyType.STATIC); + }); + + test('Creating a policy with a template linked definition should have the defined properties', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const template = new PolicyTemplate(stack, 'PolicyTemplate', { + statement: Statement.fromInline(policyTemplateStatement), + }); + + // Create a policy and add it to the policy store + const policy = new Policy(stack, 'MyTestPolicy', { + definition: { + templateLinked: { + policyTemplate: template, + principal: { + entityId: 'id', + entityType: 'type', + }, + resource: { + entityId: 'id', + entityType: 'type', + }, + }, + }, + policyStore: policyStore, + }); + + // THEN + Template.fromStack(stack).hasResourceProperties( + 'AWS::VerifiedPermissions::Policy', + { + Definition: { + TemplateLinked: { + PolicyTemplateId: { + 'Fn::GetAtt': [ + getResourceLogicalId(template, CfnPolicyTemplate), + 'PolicyTemplateId', + ], + }, + Principal: { + EntityId: 'id', + EntityType: 'type', + }, + Resource: { + EntityId: 'id', + EntityType: 'type', + }, + }, + }, + PolicyStoreId: { + 'Fn::GetAtt': [ + getResourceLogicalId(policyStore, CfnPolicyStore), + 'PolicyStoreId', + ], + }, + }, + ); + + // Validate construct properties + expect(policy.policyId).toBeDefined(); + expect(policy.policyType).toEqual(PolicyType.TEMPLATELINKED); + expect(policy.definition).toEqual({ + templateLinked: { + policyTemplate: template, + principal: { + entityId: 'id', + entityType: 'type', + }, + resource: { + entityId: 'id', + entityType: 'type', + }, + }, + }); + }); + + test('Creating a policy with a static and template linked definition should throw an error', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + const template = new PolicyTemplate(stack, 'PolicyTemplate', { + statement: Statement.fromInline(policyTemplateStatement), + }); + + // THEN + expect(() => { + new Policy(stack, 'MyTestPolicy', { + definition: { + static: { + statement: Statement.fromInline(statementString), + }, + templateLinked: { + policyTemplate: template, + }, + }, + policyStore: policyStore, + }); + }).toThrow('Policy can either be static or templateLinked'); + }); + + test('Creating a policy without a definition should throw an error', () => { + // GIVEN + const stack = new Stack(undefined, 'Stack'); + + // WHEN + const policyStore = new PolicyStore(stack, 'PolicyStore', { + validationSettings: { + mode: ValidationSettingsMode.OFF, + }, + }); + + // THEN + expect(() => { + new Policy(stack, 'MyTestPolicy', { + definition: {}, + policyStore: policyStore, + }); + }).toThrow('Policy must either be static or templateLinked'); + }); + + describe('Import existing policy', () => { + test('Referencing existing policy providing the policy id and type', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyId = 'myid'; + const policyType = PolicyType.STATIC; + const policy = Policy.fromPolicyAttributes(stack, 'ImportedPolicy', { + policyId: policyId, + policyType: policyType, + }); + + // THEN + expect(policy.policyId).toBe(policyId); + expect(policy.policyType).toBe(policyType); + }); + + test('Referencing existing policy providing the policy id', () => { + // GIVEN + const stack = new Stack(); + + // WHEN + const policyId = 'myid'; + const policy = Policy.fromPolicyId(stack, 'ImportedPolicy', policyId); + + // THEN + expect(policy.policyId).toBe(policyId); + }); + }); +}); diff --git a/test/statement.cedar b/test/statement.cedar new file mode 100644 index 0000000..9040abf --- /dev/null +++ b/test/statement.cedar @@ -0,0 +1,6 @@ +permit ( + principal, + action in [MyFirstApp::Action::"Read"], + resource +) +when { true }; \ No newline at end of file diff --git a/test/statement.test.ts b/test/statement.test.ts new file mode 100644 index 0000000..c9ff572 --- /dev/null +++ b/test/statement.test.ts @@ -0,0 +1,41 @@ +import { readFileSync } from 'fs'; +import { Statement } from '../src/statement'; + +describe('Statement creation', () => { + // Example static statement to reuse + const statementString = `permit ( + principal, + action in [MyFirstApp::Action::"Read"], + resource +) +when { true };`; + + test('Creating a statement from inline', () => { + // WHEN + const statement = Statement.fromInline(statementString); + // THEN + expect(statement).toEqual(statementString); + }); + + test('Creating a statement from file path', () => { + // WHEN + const statement = Statement.fromFile('test/statement.cedar'); + // THEN + expect(statement).toEqual(readFileSync('test/statement.cedar', 'utf-8')); + }); +}); + +describe('Statement creation errors', () => { + test('Creating a statement from an empty string', () => { + // THEN + expect(() => { + Statement.fromInline(''); + }).toThrow('Policies inline statement cannot be empty'); + }); + + test('Creating a statement from and empty file path', () => { + expect(() => { + Statement.fromFile(''); + }).toThrow('Policy path cannot be empty'); + }); +}); diff --git a/test/utils.ts b/test/utils.ts new file mode 100644 index 0000000..887c32b --- /dev/null +++ b/test/utils.ts @@ -0,0 +1,19 @@ +import { CfnResource, Stack } from 'aws-cdk-lib'; +import { Construct } from 'constructs'; + +/** + * Function to get the logicalId of a resource + * @param resource - The input resource for which the logicalId should be found + * @param cfnResource - The Cfn resource type to look for + * @returns - logicalId of the Cfn resource + */ +export function getResourceLogicalId(resource: Construct, cfnResource: any) { + let resourceNode = resource.node.children.find((e) => { + return (e as CfnResource) instanceof cfnResource; + }); + const resourceLogicalId = Stack.of(resource).resolve( + (resourceNode!! as CfnResource).logicalId, + ); + + return resourceLogicalId; +} diff --git a/yarn.lock b/yarn.lock index aa0f74d..7f09321 100644 --- a/yarn.lock +++ b/yarn.lock @@ -15,6 +15,21 @@ "@jridgewell/gen-mapping" "^0.3.0" "@jridgewell/trace-mapping" "^0.3.9" +"@aws-cdk/asset-awscli-v1@^2.2.200": + version "2.2.202" + resolved "https://registry.yarnpkg.com/@aws-cdk/asset-awscli-v1/-/asset-awscli-v1-2.2.202.tgz#4627201d71f6a5c60db36385ce09cb81005f4b32" + integrity sha512-JqlF0D4+EVugnG5dAsNZMqhu3HW7ehOXm5SDMxMbXNDMdsF0pxtQKNHRl52z1U9igsHmaFpUgSGjbhAJ+0JONg== + +"@aws-cdk/asset-kubectl-v20@^2.1.2": + version "2.1.2" + resolved "https://registry.yarnpkg.com/@aws-cdk/asset-kubectl-v20/-/asset-kubectl-v20-2.1.2.tgz#d8e20b5f5dc20128ea2000dc479ca3c7ddc27248" + integrity sha512-3M2tELJOxQv0apCIiuKQ4pAbncz9GuLwnKFqxifWfe77wuMxyTRPmxssYHs42ePqzap1LT6GDcPygGs+hHstLg== + +"@aws-cdk/asset-node-proxy-agent-v6@^2.0.1": + version "2.0.1" + resolved "https://registry.yarnpkg.com/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac" + integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg== + "@aws-cdk/aws-service-spec@0.0.45": version "0.0.45" resolved "https://registry.yarnpkg.com/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.45.tgz#ffe1eece531ee8ea091b1f77acd4571b727edaf3" @@ -24,19 +39,19 @@ "@cdklabs/tskb" "^0.0.3" "@aws-cdk/integ-runner@latest": - version "2.124.0-alpha.0" - resolved "https://registry.yarnpkg.com/@aws-cdk/integ-runner/-/integ-runner-2.124.0-alpha.0.tgz#83c1d46b8f33e6580fe7c9a253426cf80aaa3510" - integrity sha512-bWi0jzwAnUfv+gpBH+x7GoVl5PwtShnik2WpyNRPcif1/Gkw+KnzOnlheh3ppa1jKUq5HLlnBTBDefyafWDLjQ== + version "2.125.0-alpha.0" + resolved "https://registry.yarnpkg.com/@aws-cdk/integ-runner/-/integ-runner-2.125.0-alpha.0.tgz#1908654da765f973e7feb071d45fa23597fb4b0b" + integrity sha512-ercATpCWp45QN79IjfF3xr4Gmgdfl1vtJ+5KtCKAL01490grBqXZfwgRYDobFsIVKxJIEpNcBg7MDdVooK1TIA== dependencies: "@aws-cdk/aws-service-spec" "0.0.45" - aws-cdk "2.124.0" + aws-cdk "2.125.0" optionalDependencies: fsevents "2.3.2" "@aws-cdk/integ-tests-alpha@latest": - version "2.124.0-alpha.0" - resolved "https://registry.yarnpkg.com/@aws-cdk/integ-tests-alpha/-/integ-tests-alpha-2.124.0-alpha.0.tgz#3eb8cc6ce02aabbaf24fcc25b07e9a341dcc1531" - integrity sha512-wklv1q0vPxakV6DZd2++VKZ2gde/gockdc8GOV9IlHcCvaMu1qe1IA8u3B4hrilEZ2D6FiQKIPC0KLdUi2+DdA== + version "2.125.0-alpha.0" + resolved "https://registry.yarnpkg.com/@aws-cdk/integ-tests-alpha/-/integ-tests-alpha-2.125.0-alpha.0.tgz#a5957867e3f99bbd6b4572c45d348a5da44d0c18" + integrity sha512-5+LhkoY0rge0wloOYvl/H1RhFftGFzfc1R60K7yvkjWB0ggLMifF6wz2xxrUM0ihjXVoKFGfyxecw+Fhq7I96g== "@aws-cdk/service-spec-types@^0.0.45": version "0.0.45" @@ -400,6 +415,11 @@ resolved "https://registry.yarnpkg.com/@humanwhocodes/object-schema/-/object-schema-2.0.2.tgz#d9fae00a2d5cb40f92cfe64b47ad749fbc38f917" integrity sha512-6EwiSjwWYP7pTckG6I5eyFANjPhmPjUX9JRLUSfNPC7FX7zK9gyZAfUEaECL6ALTpGX5AjnBq3C9XmVWPitNpw== +"@hutson/parse-repository-url@^3.0.0": + version "3.0.2" + resolved "https://registry.yarnpkg.com/@hutson/parse-repository-url/-/parse-repository-url-3.0.2.tgz#98c23c950a3d9b6c8f0daed06da6c3af06981340" + integrity sha512-H9XAx3hc0BQHY6l+IFSWHDySypcXsvsuLhgYLUGywmJ5pswRVQJUHpOsobnLYp2ZUaUlKiKDrgWWhosOwAEM8Q== + "@iarna/toml@^2.2.5": version "2.2.5" resolved "https://registry.yarnpkg.com/@iarna/toml/-/toml-2.2.5.tgz#b32366c89b43c6f8cefbdefac778b9c828e3ba8c" @@ -855,6 +875,11 @@ resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-5.1.2.tgz#07508b45797cb81ec3f273011b054cd0755eddca" integrity sha512-K0VQKziLUWkVKiRVrx4a40iPaxTUefQmjtkQofBkYRcoaaL/8rhwDWww9qWbrgicNOgnpIsMxyNIUM4+n6dUIA== +"@types/minimist@^1.2.0": + version "1.2.5" + resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.5.tgz#ec10755e871497bcd83efe927e43ec46e8c0747e" + integrity sha512-hov8bUuiLiyFPGyFPE1lwWhmzYbirOXQNNo40+y3zow8aFVTeyn3VWL0VFFfdNddA8S4Vf0Tc062rzyNr7Paag== + "@types/node@*": version "20.11.16" resolved "https://registry.yarnpkg.com/@types/node/-/node-20.11.16.tgz#4411f79411514eb8e2926f036c86c9f0e4ec6708" @@ -869,6 +894,11 @@ dependencies: undici-types "~5.26.4" +"@types/normalize-package-data@^2.4.0": + version "2.4.4" + resolved "https://registry.yarnpkg.com/@types/normalize-package-data/-/normalize-package-data-2.4.4.tgz#56e2cc26c397c038fab0e3a917a12d5c5909e901" + integrity sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA== + "@types/semver@^7.5.0": version "7.5.6" resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.5.6.tgz#c65b2bfce1bec346582c07724e3f8c1017a20339" @@ -987,6 +1017,14 @@ resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.8.10.tgz#a1337ca426aa61cef9fe15b5b28e340a72f6fa99" integrity sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw== +JSONStream@^1.0.4: + version "1.3.5" + resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.5.tgz#3208c1f08d3a4d99261ab64f92302bc15e111ca0" + integrity sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ== + dependencies: + jsonparse "^1.2.0" + through ">=2.2.7 <3" + acorn-jsx@^5.3.2: version "5.3.2" resolved "https://registry.yarnpkg.com/acorn-jsx/-/acorn-jsx-5.3.2.tgz#7ed5bb55908b3b2f1bc55c6af1653bada7f07937" @@ -1002,6 +1040,11 @@ acorn@^8.4.1, acorn@^8.9.0: resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.11.3.tgz#71e0b14e13a4ec160724b38fb7b0f233b1b81d7a" integrity sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg== +add-stream@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/add-stream/-/add-stream-1.0.0.tgz#6a7990437ca736d5e1288db92bd3266d5f5cb2aa" + integrity sha512-qQLMr+8o0WC4FZGQTcJiKBVC59JylcPSrTtk6usvmIDFUOCKegapy1VHQwRbFMOFyb/inzUVqHs+eMYKDM1YeQ== + ajv@^6.12.4: version "6.12.6" resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" @@ -1012,7 +1055,7 @@ ajv@^6.12.4: json-schema-traverse "^0.4.1" uri-js "^4.2.2" -ajv@^8.12.0: +ajv@^8.0.1, ajv@^8.12.0: version "8.12.0" resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.12.0.tgz#d1a0527323e22f53562c567c00991577dfbe19d1" integrity sha512-sRu1kpcO9yLtYxBKvqfTeh9KzZEwO3STyX1HT+4CaDzC6HpTGYhIhPIzj9XuKU7KYDwnaeh5hcOwjy1QuJzBPA== @@ -1086,6 +1129,11 @@ array-buffer-byte-length@^1.0.0: call-bind "^1.0.5" is-array-buffer "^3.0.4" +array-ify@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/array-ify/-/array-ify-1.0.0.tgz#9e528762b4a9066ad163a6962a364418e9626ece" + integrity sha512-c5AMf34bKdvPhQ7tBGhqkgKNUzMr4WUs+WDtC2ZUGOUncbxKMTvqxYctiseW3+L4bA8ec+GcZ6/A/FW4m8ukng== + array-includes@^3.1.7: version "3.1.7" resolved "https://registry.yarnpkg.com/array-includes/-/array-includes-3.1.7.tgz#8cd2e01b26f7a3086cbc87271593fe921c62abda" @@ -1151,35 +1199,44 @@ arraybuffer.prototype.slice@^1.0.2: is-array-buffer "^3.0.2" is-shared-array-buffer "^1.0.2" -at-least-node@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2" - integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg== +arrify@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" + integrity sha512-3CYzex9M9FGQjCGMGyi6/31c8GJbgb0qGyrx5HWxPd0aCwh4cB2YjMb2Xf9UuoogrMrlO9cTqnB5rI5GHZTcUA== + +astral-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31" + integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ== available-typed-arrays@^1.0.5, available-typed-arrays@^1.0.6: version "1.0.6" resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.6.tgz#ac812d8ce5a6b976d738e1c45f08d0b00bc7d725" integrity sha512-j1QzY8iPNPG4o4xmO3ptzpRxTciqD3MgEHtifP/YnJpIo58Xu+ne4BejlbkuaLfXn/nz6HFiw29bLpj2PNMdGg== -aws-cdk-lib@2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.1.0.tgz#2497484cfd4e2eeaba99b070bbfa54486d52ae34" - integrity sha512-W607G3aSrWpawpcqzIuUYKlU+grfvkbszyqikyVYqJgMHFCCQXq0S1ynPMzfQ49CwjlwZsu4LIsPM+dNR+Yj6g== +aws-cdk-lib@2.92.0: + version "2.92.0" + resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.92.0.tgz#6f036e8fb73dc7196aac71e4b22658d8226b8ce5" + integrity sha512-J+SUFSnOt9u2GbY5QIABgjGNiw8bL/v0S3zsPhhO1dVwK+G7oE+bhLcAi3iILrw2sIpirNWH9K3W0by9K+cyMw== dependencies: + "@aws-cdk/asset-awscli-v1" "^2.2.200" + "@aws-cdk/asset-kubectl-v20" "^2.1.2" + "@aws-cdk/asset-node-proxy-agent-v6" "^2.0.1" "@balena/dockerignore" "^1.0.2" case "1.6.3" - fs-extra "^9.1.0" - ignore "^5.1.9" - jsonschema "^1.4.0" - minimatch "^3.0.4" - punycode "^2.1.1" - semver "^7.3.5" + fs-extra "^11.1.1" + ignore "^5.2.4" + jsonschema "^1.4.1" + minimatch "^3.1.2" + punycode "^2.3.0" + semver "^7.5.4" + table "^6.8.1" yaml "1.10.2" -aws-cdk@2.124.0: - version "2.124.0" - resolved "https://registry.yarnpkg.com/aws-cdk/-/aws-cdk-2.124.0.tgz#b07bbdb03a8b585dad85702295d234d782067e17" - integrity sha512-kUOfqwIAaTEx4ZozojZEhWa8G+O9KU+P0tERtDVmTw9ip4QXNMwTTkjj/IPtoH8qfXGdeibTQ9MJwRvHOR8kXQ== +aws-cdk@2.125.0: + version "2.125.0" + resolved "https://registry.yarnpkg.com/aws-cdk/-/aws-cdk-2.125.0.tgz#e5944cd3d17feaf2b6730f2ada547f9758fcddcd" + integrity sha512-6qFtaDPzhddhwIbCpqBjMePzZS7bfthGFQYfcwF1OhqMv2f3VpHQQ0f7kz4UxXJXUIR5BbgCnlpawH3c0aNzKw== optionalDependencies: fsevents "2.3.2" @@ -1313,6 +1370,15 @@ callsites@^3.0.0: resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" integrity sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ== +camelcase-keys@^6.2.2: + version "6.2.2" + resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-6.2.2.tgz#5e755d6ba51aa223ec7d3d52f25778210f9dc3c0" + integrity sha512-YrwaA0vEKazPBkn0ipTiMpSajYDSe+KjQfrjhcBMxJt/znbvlHd8Pw/Vamaz5EB4Wfhs3SUR3Z9mwRu/P3s3Yg== + dependencies: + camelcase "^5.3.1" + map-obj "^4.0.0" + quick-lru "^4.0.1" + camelcase@^5.3.1: version "5.3.1" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320" @@ -1469,11 +1535,29 @@ commonmark@^0.31.0: minimist "~1.2.5" string.prototype.repeat "^1.0.0" +compare-func@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/compare-func/-/compare-func-2.0.0.tgz#fb65e75edbddfd2e568554e8b5b05fff7a51fcb3" + integrity sha512-zHig5N+tPWARooBnb0Zx1MFcdfpyJrfTJ3Y5L+IFvUm8rM74hHz66z0gw0x4tijh5CorKkKUCnW82R2vmpeCRA== + dependencies: + array-ify "^1.0.0" + dot-prop "^5.1.0" + concat-map@0.0.1: version "0.0.1" resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg== +concat-stream@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-2.0.0.tgz#414cf5af790a48c60ab9be4527d56d5e41133cb1" + integrity sha512-MWufYdFw53ccGjCA+Ol7XJYpAlW6/prSMzuPOTRnJGcGzuhLn4Scrz7qf6o8bROZ514ltazcIFJZevcfbo0x7A== + dependencies: + buffer-from "^1.0.0" + inherits "^2.0.3" + readable-stream "^3.0.2" + typedarray "^0.0.6" + constructs@10.0.5: version "10.0.5" resolved "https://registry.yarnpkg.com/constructs/-/constructs-10.0.5.tgz#48c0402f1b98bbf5664efff74a8015e6e8a9f41e" @@ -1484,17 +1568,175 @@ constructs@^10.0.0: resolved "https://registry.yarnpkg.com/constructs/-/constructs-10.3.0.tgz#4c246fce9cf8e77711ad45944e9fbd41f1501965" integrity sha512-vbK8i3rIb/xwZxSpTjz3SagHn1qq9BChLEfy5Hf6fB3/2eFbrwt2n9kHwQcS0CPTRBesreeAcsJfMq2229FnbQ== -conventional-changelog-config-spec@^2.1.0: +conventional-changelog-angular@^5.0.12: + version "5.0.13" + resolved "https://registry.yarnpkg.com/conventional-changelog-angular/-/conventional-changelog-angular-5.0.13.tgz#896885d63b914a70d4934b59d2fe7bde1832b28c" + integrity sha512-i/gipMxs7s8L/QeuavPF2hLnJgH6pEZAttySB6aiQLWcX3puWDL3ACVmvBhJGxnAy52Qc15ua26BufY6KpmrVA== + dependencies: + compare-func "^2.0.0" + q "^1.5.1" + +conventional-changelog-atom@^2.0.8: + version "2.0.8" + resolved "https://registry.yarnpkg.com/conventional-changelog-atom/-/conventional-changelog-atom-2.0.8.tgz#a759ec61c22d1c1196925fca88fe3ae89fd7d8de" + integrity sha512-xo6v46icsFTK3bb7dY/8m2qvc8sZemRgdqLb/bjpBsH2UyOS8rKNTgcb5025Hri6IpANPApbXMg15QLb1LJpBw== + dependencies: + q "^1.5.1" + +conventional-changelog-codemirror@^2.0.8: + version "2.0.8" + resolved "https://registry.yarnpkg.com/conventional-changelog-codemirror/-/conventional-changelog-codemirror-2.0.8.tgz#398e9530f08ce34ec4640af98eeaf3022eb1f7dc" + integrity sha512-z5DAsn3uj1Vfp7po3gpt2Boc+Bdwmw2++ZHa5Ak9k0UKsYAO5mH1UBTN0qSCuJZREIhX6WU4E1p3IW2oRCNzQw== + dependencies: + q "^1.5.1" + +conventional-changelog-config-spec@2.1.0, conventional-changelog-config-spec@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/conventional-changelog-config-spec/-/conventional-changelog-config-spec-2.1.0.tgz#874a635287ef8b581fd8558532bf655d4fb59f2d" integrity sha512-IpVePh16EbbB02V+UA+HQnnPIohgXvJRxHcS5+Uwk4AT5LjzCZJm5sp/yqs5C6KZJ1jMsV4paEV13BN1pvDuxQ== +conventional-changelog-conventionalcommits@4.6.3, conventional-changelog-conventionalcommits@^4.5.0: + version "4.6.3" + resolved "https://registry.yarnpkg.com/conventional-changelog-conventionalcommits/-/conventional-changelog-conventionalcommits-4.6.3.tgz#0765490f56424b46f6cb4db9135902d6e5a36dc2" + integrity sha512-LTTQV4fwOM4oLPad317V/QNQ1FY4Hju5qeBIM1uTHbrnCE+Eg4CdRZ3gO2pUeR+tzWdp80M2j3qFFEDWVqOV4g== + dependencies: + compare-func "^2.0.0" + lodash "^4.17.15" + q "^1.5.1" + +conventional-changelog-core@^4.2.1: + version "4.2.4" + resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-4.2.4.tgz#e50d047e8ebacf63fac3dc67bf918177001e1e9f" + integrity sha512-gDVS+zVJHE2v4SLc6B0sLsPiloR0ygU7HaDW14aNJE1v4SlqJPILPl/aJC7YdtRE4CybBf8gDwObBvKha8Xlyg== + dependencies: + add-stream "^1.0.0" + conventional-changelog-writer "^5.0.0" + conventional-commits-parser "^3.2.0" + dateformat "^3.0.0" + get-pkg-repo "^4.0.0" + git-raw-commits "^2.0.8" + git-remote-origin-url "^2.0.0" + git-semver-tags "^4.1.1" + lodash "^4.17.15" + normalize-package-data "^3.0.0" + q "^1.5.1" + read-pkg "^3.0.0" + read-pkg-up "^3.0.0" + through2 "^4.0.0" + +conventional-changelog-ember@^2.0.9: + version "2.0.9" + resolved "https://registry.yarnpkg.com/conventional-changelog-ember/-/conventional-changelog-ember-2.0.9.tgz#619b37ec708be9e74a220f4dcf79212ae1c92962" + integrity sha512-ulzIReoZEvZCBDhcNYfDIsLTHzYHc7awh+eI44ZtV5cx6LVxLlVtEmcO+2/kGIHGtw+qVabJYjdI5cJOQgXh1A== + dependencies: + q "^1.5.1" + +conventional-changelog-eslint@^3.0.9: + version "3.0.9" + resolved "https://registry.yarnpkg.com/conventional-changelog-eslint/-/conventional-changelog-eslint-3.0.9.tgz#689bd0a470e02f7baafe21a495880deea18b7cdb" + integrity sha512-6NpUCMgU8qmWmyAMSZO5NrRd7rTgErjrm4VASam2u5jrZS0n38V7Y9CzTtLT2qwz5xEChDR4BduoWIr8TfwvXA== + dependencies: + q "^1.5.1" + +conventional-changelog-express@^2.0.6: + version "2.0.6" + resolved "https://registry.yarnpkg.com/conventional-changelog-express/-/conventional-changelog-express-2.0.6.tgz#420c9d92a347b72a91544750bffa9387665a6ee8" + integrity sha512-SDez2f3iVJw6V563O3pRtNwXtQaSmEfTCaTBPCqn0oG0mfkq0rX4hHBq5P7De2MncoRixrALj3u3oQsNK+Q0pQ== + dependencies: + q "^1.5.1" + +conventional-changelog-jquery@^3.0.11: + version "3.0.11" + resolved "https://registry.yarnpkg.com/conventional-changelog-jquery/-/conventional-changelog-jquery-3.0.11.tgz#d142207400f51c9e5bb588596598e24bba8994bf" + integrity sha512-x8AWz5/Td55F7+o/9LQ6cQIPwrCjfJQ5Zmfqi8thwUEKHstEn4kTIofXub7plf1xvFA2TqhZlq7fy5OmV6BOMw== + dependencies: + q "^1.5.1" + +conventional-changelog-jshint@^2.0.9: + version "2.0.9" + resolved "https://registry.yarnpkg.com/conventional-changelog-jshint/-/conventional-changelog-jshint-2.0.9.tgz#f2d7f23e6acd4927a238555d92c09b50fe3852ff" + integrity sha512-wMLdaIzq6TNnMHMy31hql02OEQ8nCQfExw1SE0hYL5KvU+JCTuPaDO+7JiogGT2gJAxiUGATdtYYfh+nT+6riA== + dependencies: + compare-func "^2.0.0" + q "^1.5.1" + +conventional-changelog-preset-loader@^2.3.4: + version "2.3.4" + resolved "https://registry.yarnpkg.com/conventional-changelog-preset-loader/-/conventional-changelog-preset-loader-2.3.4.tgz#14a855abbffd59027fd602581f1f34d9862ea44c" + integrity sha512-GEKRWkrSAZeTq5+YjUZOYxdHq+ci4dNwHvpaBC3+ENalzFWuCWa9EZXSuZBpkr72sMdKB+1fyDV4takK1Lf58g== + +conventional-changelog-writer@^5.0.0: + version "5.0.1" + resolved "https://registry.yarnpkg.com/conventional-changelog-writer/-/conventional-changelog-writer-5.0.1.tgz#e0757072f045fe03d91da6343c843029e702f359" + integrity sha512-5WsuKUfxW7suLblAbFnxAcrvf6r+0b7GvNaWUwUIk0bXMnENP/PEieGKVUQrjPqwPT4o3EPAASBXiY6iHooLOQ== + dependencies: + conventional-commits-filter "^2.0.7" + dateformat "^3.0.0" + handlebars "^4.7.7" + json-stringify-safe "^5.0.1" + lodash "^4.17.15" + meow "^8.0.0" + semver "^6.0.0" + split "^1.0.0" + through2 "^4.0.0" + +conventional-changelog@3.1.25: + version "3.1.25" + resolved "https://registry.yarnpkg.com/conventional-changelog/-/conventional-changelog-3.1.25.tgz#3e227a37d15684f5aa1fb52222a6e9e2536ccaff" + integrity sha512-ryhi3fd1mKf3fSjbLXOfK2D06YwKNic1nC9mWqybBHdObPd8KJ2vjaXZfYj1U23t+V8T8n0d7gwnc9XbIdFbyQ== + dependencies: + conventional-changelog-angular "^5.0.12" + conventional-changelog-atom "^2.0.8" + conventional-changelog-codemirror "^2.0.8" + conventional-changelog-conventionalcommits "^4.5.0" + conventional-changelog-core "^4.2.1" + conventional-changelog-ember "^2.0.9" + conventional-changelog-eslint "^3.0.9" + conventional-changelog-express "^2.0.6" + conventional-changelog-jquery "^3.0.11" + conventional-changelog-jshint "^2.0.9" + conventional-changelog-preset-loader "^2.3.4" + +conventional-commits-filter@^2.0.7: + version "2.0.7" + resolved "https://registry.yarnpkg.com/conventional-commits-filter/-/conventional-commits-filter-2.0.7.tgz#f8d9b4f182fce00c9af7139da49365b136c8a0b3" + integrity sha512-ASS9SamOP4TbCClsRHxIHXRfcGCnIoQqkvAzCSbZzTFLfcTqJVugB0agRgsEELsqaeWgsXv513eS116wnlSSPA== + dependencies: + lodash.ismatch "^4.4.0" + modify-values "^1.0.0" + +conventional-commits-parser@^3.2.0: + version "3.2.4" + resolved "https://registry.yarnpkg.com/conventional-commits-parser/-/conventional-commits-parser-3.2.4.tgz#a7d3b77758a202a9b2293d2112a8d8052c740972" + integrity sha512-nK7sAtfi+QXbxHCYfhpZsfRtaitZLIA6889kFIouLvz6repszQDgxBu7wf2WbU+Dco7sAnNCJYERCwt54WPC2Q== + dependencies: + JSONStream "^1.0.4" + is-text-path "^1.0.1" + lodash "^4.17.15" + meow "^8.0.0" + split2 "^3.0.0" + through2 "^4.0.0" + +conventional-recommended-bump@6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/conventional-recommended-bump/-/conventional-recommended-bump-6.1.0.tgz#cfa623285d1de554012f2ffde70d9c8a22231f55" + integrity sha512-uiApbSiNGM/kkdL9GTOLAqC4hbptObFo4wW2QRyHsKciGAfQuLU1ShZ1BIVI/+K2BE/W1AWYQMCXAsv4dyKPaw== + dependencies: + concat-stream "^2.0.0" + conventional-changelog-preset-loader "^2.3.4" + conventional-commits-filter "^2.0.7" + conventional-commits-parser "^3.2.0" + git-raw-commits "^2.0.8" + git-semver-tags "^4.1.1" + meow "^8.0.0" + q "^1.5.1" + convert-source-map@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-2.0.0.tgz#4b560f649fc4e918dd0ab75cf4961e8bc882d82a" integrity sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg== -core-util-is@^1.0.3: +core-util-is@^1.0.3, core-util-is@~1.0.0: version "1.0.3" resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.3.tgz#a6042d3634c2b27e9328f837b965fac83808db85" integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== @@ -1526,11 +1768,21 @@ cross-spawn@^7.0.2, cross-spawn@^7.0.3: shebang-command "^2.0.0" which "^2.0.1" +dargs@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/dargs/-/dargs-7.0.0.tgz#04015c41de0bcb69ec84050f3d9be0caf8d6d5cc" + integrity sha512-2iy1EkLdlBzQGvbweYRFxmFath8+K7+AKB0TlhHWkNuH+TmovaMH/Wp7V7R4u7f4SnX3OgLsU9t1NI9ioDnUpg== + date-format@^4.0.14: version "4.0.14" resolved "https://registry.yarnpkg.com/date-format/-/date-format-4.0.14.tgz#7a8e584434fb169a521c8b7aa481f355810d9400" integrity sha512-39BOQLs9ZjKh0/patS9nrT8wc3ioX3/eA/zgbKNopnF2wCqJEoxywwwElATYvRsXdnOxA/OQeQoFZ3rFjVajhg== +dateformat@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/dateformat/-/dateformat-3.0.3.tgz#a6e37499a4d9a9cf85ef5872044d62901c9889ae" + integrity sha512-jyCETtSl3VMZMWeRo7iY1FL19ges1t55hMo5yaam4Jrsm5EPL89UQkoQRyiI+Yf4k8r2ZpdngkV8hr1lIdjb3Q== + debug@^3.2.7: version "3.2.7" resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.7.tgz#72580b7e9145fb39b6676f9c5e5fb100b934179a" @@ -1545,6 +1797,19 @@ debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.4: dependencies: ms "2.1.2" +decamelize-keys@^1.1.0: + version "1.1.1" + resolved "https://registry.yarnpkg.com/decamelize-keys/-/decamelize-keys-1.1.1.tgz#04a2d523b2f18d80d0158a43b895d56dff8d19d8" + integrity sha512-WiPxgEirIV0/eIOMcnFBA3/IJZAZqKnwAwWyvvdi4lsr1WCN22nhdf/3db3DoZcUjTV2SqfzIwNyp6y2xs3nmg== + dependencies: + decamelize "^1.1.0" + map-obj "^1.0.0" + +decamelize@^1.1.0: + version "1.2.0" + resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-1.2.0.tgz#f6534d15148269b20352e7bee26f501f9a191290" + integrity sha512-z2S+W9X73hAUUki+N+9Za2lBlun89zigOyGrsax+KUQ6wKW4ZoWpEYBkGhQjwAjjDCkWxhY0VKEhk8wzY7F5cA== + decamelize@^5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-5.0.1.tgz#db11a92e58c741ef339fb0a2868d8a06a9a7b1e9" @@ -1588,12 +1853,17 @@ detect-indent@^5.0.0: resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-5.0.0.tgz#3871cc0a6a002e8c3e5b3cf7f336264675f06b9d" integrity sha512-rlpvsxUtM0PQvy9iZe640/IWwWYyBsTApREbA1pHOpmOUIl9MkP/U4z7vTtg4Oaojvqhxt7sdufnT0EzGaR31g== +detect-indent@^6.0.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/detect-indent/-/detect-indent-6.1.0.tgz#592485ebbbf6b3b1ab2be175c8393d04ca0d57e6" + integrity sha512-reYkTUJAZb9gUuZ2RvVCNhVHdg62RHnJ7WJl8ftMi4diZ6NWlciOzQN88pUhSELEwflJht4oQDv0F0BMlwaYtA== + detect-newline@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/detect-newline/-/detect-newline-2.1.0.tgz#f41f1c10be4b00e87b5f13da680759f2c5bfd3e2" integrity sha512-CwffZFvlJffUg9zZA0uqrjQayUTC8ob94pnr5sFwaVv3IOmkfUHcWH+jXaQK3askE51Cqe8/9Ql/0uXNwqZ8Zg== -detect-newline@^3.0.0: +detect-newline@^3.0.0, detect-newline@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/detect-newline/-/detect-newline-3.1.0.tgz#576f5dfc63ae1a192ff192d8ad3af6308991b651" integrity sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA== @@ -1629,6 +1899,21 @@ doctrine@^3.0.0: dependencies: esutils "^2.0.2" +dot-prop@^5.1.0: + version "5.3.0" + resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.3.0.tgz#90ccce708cd9cd82cc4dc8c3ddd9abdd55b20e88" + integrity sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q== + dependencies: + is-obj "^2.0.0" + +dotgitignore@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/dotgitignore/-/dotgitignore-2.1.0.tgz#a4b15a4e4ef3cf383598aaf1dfa4a04bcc089b7b" + integrity sha512-sCm11ak2oY6DglEPpCB8TixLjWAxd3kJTs6UIcSasNYxXdFPV+YKlye92c8H4kKFqV5qYMIh7d+cYecEg0dIkA== + dependencies: + find-up "^3.0.0" + minimatch "^3.0.4" + downlevel-dts@^0.11.0: version "0.11.0" resolved "https://registry.yarnpkg.com/downlevel-dts/-/downlevel-dts-0.11.0.tgz#514a2d723009c5845730c1db6c994484c596ed9c" @@ -1996,6 +2281,13 @@ fb-watchman@^2.0.0: dependencies: bser "2.1.1" +figures@^3.1.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/figures/-/figures-3.2.0.tgz#625c18bd293c604dc4a8ddb2febf0c88341746af" + integrity sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg== + dependencies: + escape-string-regexp "^1.0.5" + file-entry-cache@^6.0.1: version "6.0.1" resolved "https://registry.yarnpkg.com/file-entry-cache/-/file-entry-cache-6.0.1.tgz#211b2dd9659cb0394b073e7323ac3c933d522027" @@ -2010,6 +2302,20 @@ fill-range@^7.0.1: dependencies: to-regex-range "^5.0.1" +find-up@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-2.1.0.tgz#45d1b7e506c717ddd482775a2b77920a3c0c57a7" + integrity sha512-NWzkk0jSJtTt08+FBFMvXoeZnOJD+jTtsRmBYbAIzJdX6l7dLgR7CTubCM5/eDdPUBvLCeVasP1brfVR/9/EZQ== + dependencies: + locate-path "^2.0.0" + +find-up@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/find-up/-/find-up-3.0.0.tgz#49169f1d7993430646da61ecc5ae355c21c97b73" + integrity sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg== + dependencies: + locate-path "^3.0.0" + find-up@^4.0.0, find-up@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/find-up/-/find-up-4.1.0.tgz#97afe7d6cdc0bc5928584b7c8d7b16e8a9aa5d19" @@ -2056,6 +2362,15 @@ fs-extra@^10.1.0: jsonfile "^6.0.1" universalify "^2.0.0" +fs-extra@^11.1.1: + version "11.2.0" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-11.2.0.tgz#e70e17dfad64232287d01929399e0ea7c86b0e5b" + integrity sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + fs-extra@^8.1.0: version "8.1.0" resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0" @@ -2065,16 +2380,6 @@ fs-extra@^8.1.0: jsonfile "^4.0.0" universalify "^0.1.0" -fs-extra@^9.1.0: - version "9.1.0" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.1.0.tgz#5954460c764a8da2094ba3554bf839e6b9a7c86d" - integrity sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ== - dependencies: - at-least-node "^1.0.0" - graceful-fs "^4.2.0" - jsonfile "^6.0.1" - universalify "^2.0.0" - fs.realpath@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" @@ -2136,6 +2441,16 @@ get-package-type@^0.1.0: resolved "https://registry.yarnpkg.com/get-package-type/-/get-package-type-0.1.0.tgz#8de2d803cff44df3bc6c456e6668b36c3926e11a" integrity sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q== +get-pkg-repo@^4.0.0: + version "4.2.1" + resolved "https://registry.yarnpkg.com/get-pkg-repo/-/get-pkg-repo-4.2.1.tgz#75973e1c8050c73f48190c52047c4cee3acbf385" + integrity sha512-2+QbHjFRfGB74v/pYWjd5OhU3TDIC2Gv/YKUTk/tCvAz0pkn/Mz6P3uByuBimLOcPvN2jYdScl3xGFSrx0jEcA== + dependencies: + "@hutson/parse-repository-url" "^3.0.0" + hosted-git-info "^4.0.0" + through2 "^2.0.0" + yargs "^16.2.0" + get-stream@^6.0.0: version "6.0.1" resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-6.0.1.tgz#a262d8eef67aced57c2852ad6167526a43cbf7b7" @@ -2156,6 +2471,40 @@ get-tsconfig@^4.5.0: dependencies: resolve-pkg-maps "^1.0.0" +git-raw-commits@^2.0.8: + version "2.0.11" + resolved "https://registry.yarnpkg.com/git-raw-commits/-/git-raw-commits-2.0.11.tgz#bc3576638071d18655e1cc60d7f524920008d723" + integrity sha512-VnctFhw+xfj8Va1xtfEqCUD2XDrbAPSJx+hSrE5K7fGdjZruW7XV+QOrN7LF/RJyvspRiD2I0asWsxFp0ya26A== + dependencies: + dargs "^7.0.0" + lodash "^4.17.15" + meow "^8.0.0" + split2 "^3.0.0" + through2 "^4.0.0" + +git-remote-origin-url@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/git-remote-origin-url/-/git-remote-origin-url-2.0.0.tgz#5282659dae2107145a11126112ad3216ec5fa65f" + integrity sha512-eU+GGrZgccNJcsDH5LkXR3PB9M958hxc7sbA8DFJjrv9j4L2P/eZfKhM+QD6wyzpiv+b1BpK0XrYCxkovtjSLw== + dependencies: + gitconfiglocal "^1.0.0" + pify "^2.3.0" + +git-semver-tags@^4.0.0, git-semver-tags@^4.1.1: + version "4.1.1" + resolved "https://registry.yarnpkg.com/git-semver-tags/-/git-semver-tags-4.1.1.tgz#63191bcd809b0ec3e151ba4751c16c444e5b5780" + integrity sha512-OWyMt5zBe7xFs8vglMmhM9lRQzCWL3WjHtxNNfJTMngGym7pC1kh8sP6jevfydJ6LP3ZvGxfb6ABYgPUM0mtsA== + dependencies: + meow "^8.0.0" + semver "^6.0.0" + +gitconfiglocal@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/gitconfiglocal/-/gitconfiglocal-1.0.0.tgz#41d045f3851a5ea88f03f24ca1c6178114464b9b" + integrity sha512-spLUXeTAVHxDtKsJc8FkFVgFtMdEN9qPGpL23VfSHx4fP4+Ds097IXLvymbnDH8FnmxX5Nr9bPw3A+AQ6mWEaQ== + dependencies: + ini "^1.3.2" + glob-parent@^5.1.2: version "5.1.2" resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" @@ -2238,7 +2587,7 @@ gopd@^1.0.1: dependencies: get-intrinsic "^1.1.3" -graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.4, graceful-fs@^4.2.9: +graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.4, graceful-fs@^4.2.9: version "4.2.11" resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.11.tgz#4183e4e8bf08bb6e05bbb2f7d2e0c8f712ca40e3" integrity sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ== @@ -2248,6 +2597,23 @@ graphemer@^1.4.0: resolved "https://registry.yarnpkg.com/graphemer/-/graphemer-1.4.0.tgz#fb2f1d55e0e3a1849aeffc90c4fa0dd53a0e66c6" integrity sha512-EtKwoO6kxCL9WO5xipiHTZlSzBm7WLT627TqC/uVRd0HKmq8NXyebnNYxDoBi7wt8eTWrUrKXCOVaFq9x1kgag== +handlebars@^4.7.7: + version "4.7.8" + resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.7.8.tgz#41c42c18b1be2365439188c77c6afae71c0cd9e9" + integrity sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ== + dependencies: + minimist "^1.2.5" + neo-async "^2.6.2" + source-map "^0.6.1" + wordwrap "^1.0.0" + optionalDependencies: + uglify-js "^3.1.4" + +hard-rejection@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/hard-rejection/-/hard-rejection-2.1.0.tgz#1c6eda5c1685c63942766d79bb40ae773cecd883" + integrity sha512-VIZB+ibDhx7ObhAe7OVtoEbuP4h/MuOTHJ+J8h/eBXotJYl0fBgR72xDFCKgIh22OJZIOVNxBMWuhAr10r8HdA== + has-bigints@^1.0.1, has-bigints@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/has-bigints/-/has-bigints-1.0.2.tgz#0871bd3e3d51626f6ca0966668ba35d5602d6eaa" @@ -2299,6 +2665,18 @@ hasown@^2.0.0: dependencies: function-bind "^1.1.2" +hosted-git-info@^2.1.4: + version "2.8.9" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.9.tgz#dffc0bf9a21c02209090f2aa69429e1414daf3f9" + integrity sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw== + +hosted-git-info@^4.0.0, hosted-git-info@^4.0.1: + version "4.1.0" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-4.1.0.tgz#827b82867e9ff1c8d0c4d9d53880397d2c86d224" + integrity sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA== + dependencies: + lru-cache "^6.0.0" + html-escaper@^2.0.0: version "2.0.2" resolved "https://registry.yarnpkg.com/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" @@ -2309,11 +2687,6 @@ human-signals@^2.1.0: resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-2.1.0.tgz#dc91fcba42e4d06e4abaed33b3e7a3c02f514ea0" integrity sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw== -ignore@^5.1.9: - version "5.3.0" - resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.0.tgz#67418ae40d34d6999c95ff56016759c718c82f78" - integrity sha512-g7dmpshy+gD7mh88OC9NwSGTKoc3kyLAZQRU1mt53Aw/vnvfXnbC+F/7F7QoYVKbV+KNvJx8wArewKy1vXMtlg== - ignore@^5.2.0, ignore@^5.2.4: version "5.3.1" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.1.tgz#5073e554cd42c5b33b394375f538b8593e34d4ef" @@ -2340,6 +2713,11 @@ imurmurhash@^0.1.4: resolved "https://registry.yarnpkg.com/imurmurhash/-/imurmurhash-0.1.4.tgz#9218b9b2b928a238b13dc4fb6b6d576f231453ea" integrity sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA== +indent-string@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-4.0.0.tgz#624f8f4497d619b2d9768531d58f4122854d7251" + integrity sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg== + inflight@^1.0.4: version "1.0.6" resolved "https://registry.yarnpkg.com/inflight/-/inflight-1.0.6.tgz#49bd6331d7d02d0c09bc910a1075ba8165b56df9" @@ -2348,11 +2726,16 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2: +inherits@2, inherits@^2.0.3, inherits@~2.0.3: version "2.0.4" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== +ini@^1.3.2: + version "1.3.8" + resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" + integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== + ini@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ini/-/ini-2.0.0.tgz#e5fd556ecdd5726be978fa1001862eacb0a94bc5" @@ -2405,7 +2788,7 @@ is-callable@^1.1.3, is-callable@^1.1.4, is-callable@^1.2.7: resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.7.tgz#3bc2a85ea742d9e36205dcacdd72ca1fdc51b055" integrity sha512-1BC0BVFhS/p0qtw6enp8e+8OD0UrK0oFLztSjNzhcKA3WDuJxxAPXzPuPtKkjEY9UUoEWlX/8fgKeu2S8i9JTA== -is-core-module@^2.11.0, is-core-module@^2.13.0, is-core-module@^2.13.1: +is-core-module@^2.11.0, is-core-module@^2.13.0, is-core-module@^2.13.1, is-core-module@^2.5.0: version "2.13.1" resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.13.1.tgz#ad0d7532c6fea9da1ebdc82742d74525c6273384" integrity sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw== @@ -2458,11 +2841,21 @@ is-number@^7.0.0: resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== +is-obj@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" + integrity sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w== + is-path-inside@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/is-path-inside/-/is-path-inside-3.0.3.tgz#d231362e53a07ff2b0e0ea7fed049161ffd16283" integrity sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ== +is-plain-obj@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" + integrity sha512-yvkRyxmFKEOQ4pNXCmJG5AEQNlXJS5LaONXo5/cLdTZdWvsZ1ioJEonLGAosKlMWE8lwUy/bJzMjcw8az73+Fg== + is-regex@^1.1.4: version "1.1.4" resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.4.tgz#eef5663cd59fa4c0ae339505323df6854bb15958" @@ -2497,6 +2890,13 @@ is-symbol@^1.0.2, is-symbol@^1.0.3: dependencies: has-symbols "^1.0.2" +is-text-path@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-text-path/-/is-text-path-1.0.1.tgz#4e1aa0fb51bfbcb3e92688001397202c1775b66e" + integrity sha512-xFuJpne9oFz5qDaodwmmG08e3CawH/2ZV8Qqza1Ko7Sk8POWbkRdwIoAWVhqvq0XeUzANEhKo2n0IXUGBm7A/w== + dependencies: + text-extensions "^1.0.0" + is-typed-array@^1.1.10, is-typed-array@^1.1.12, is-typed-array@^1.1.9: version "1.1.13" resolved "https://registry.yarnpkg.com/is-typed-array/-/is-typed-array-1.1.13.tgz#d6c5ca56df62334959322d7d7dd1cca50debe229" @@ -2516,6 +2916,11 @@ isarray@^2.0.5: resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.5.tgz#8af1e4c1221244cc62459faf38940d4e644a5723" integrity sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw== +isarray@~1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" + integrity sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ== + isexe@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/isexe/-/isexe-2.0.0.tgz#e8fbf374dc556ff8947a10dcb0572d633f2cfa10" @@ -3123,6 +3528,11 @@ json-buffer@3.0.1: resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13" integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ== +json-parse-better-errors@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9" + integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw== + json-parse-even-better-errors@^2.3.0: version "2.3.1" resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" @@ -3143,6 +3553,11 @@ json-stable-stringify-without-jsonify@^1.0.1: resolved "https://registry.yarnpkg.com/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz#9db7b59496ad3f3cfef30a75142d2d930ad72651" integrity sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw== +json-stringify-safe@^5.0.1: + version "5.0.1" + resolved "https://registry.yarnpkg.com/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz#1296a2d58fd45f19a0f6ce01d65701e2c735b6eb" + integrity sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA== + json5@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/json5/-/json5-1.0.2.tgz#63d98d60f21b313b77c4d6da18bfa69d80e1d593" @@ -3171,7 +3586,12 @@ jsonfile@^6.0.1: optionalDependencies: graceful-fs "^4.1.6" -jsonschema@^1.4.0: +jsonparse@^1.2.0: + version "1.3.1" + resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280" + integrity sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg== + +jsonschema@^1.4.1: version "1.4.1" resolved "https://registry.yarnpkg.com/jsonschema/-/jsonschema-1.4.1.tgz#cc4c3f0077fb4542982973d8a083b6b34f482dab" integrity sha512-S6cATIPVv1z0IlxdN+zUk5EPjkGCdnhN4wVSBlvoUO1tOLJootbo9CquNJmbIh4yikWHiUedhRYrNPn1arpEmQ== @@ -3183,6 +3603,11 @@ keyv@^4.5.3: dependencies: json-buffer "3.0.1" +kind-of@^6.0.3: + version "6.0.3" + resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-6.0.3.tgz#07c05034a6c349fa06e24fa35aa76db4580ce4dd" + integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw== + kleur@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/kleur/-/kleur-3.0.3.tgz#a79c9ecc86ee1ce3fa6206d1216c501f147fc07e" @@ -3206,6 +3631,32 @@ lines-and-columns@^1.1.6: resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.2.4.tgz#eca284f75d2965079309dc0ad9255abb2ebc1632" integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg== +load-json-file@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-4.0.0.tgz#2f5f45ab91e33216234fd53adab668eb4ec0993b" + integrity sha512-Kx8hMakjX03tiGTLAIdJ+lL0htKnXjEZN6hk/tozf/WOuYGdZBJrZ+rCJRbVCugsjB3jMLn9746NsQIf5VjBMw== + dependencies: + graceful-fs "^4.1.2" + parse-json "^4.0.0" + pify "^3.0.0" + strip-bom "^3.0.0" + +locate-path@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-2.0.0.tgz#2b568b265eec944c6d9c0de9c3dbbbca0354cd8e" + integrity sha512-NCI2kiDkyR7VeEKm27Kda/iQHyKJe1Bu0FlTbYp3CqJu+9IFe9bLyAjMxf5ZDDbEg+iMPzB5zYyUTSm8wVTKmA== + dependencies: + p-locate "^2.0.0" + path-exists "^3.0.0" + +locate-path@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-3.0.0.tgz#dbec3b3ab759758071b58fe59fc41871af21400e" + integrity sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A== + dependencies: + p-locate "^3.0.0" + path-exists "^3.0.0" + locate-path@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-5.0.0.tgz#1afba396afd676a6d42504d0a67a3a7eb9f62aa0" @@ -3220,6 +3671,11 @@ locate-path@^6.0.0: dependencies: p-locate "^5.0.0" +lodash.ismatch@^4.4.0: + version "4.4.0" + resolved "https://registry.yarnpkg.com/lodash.ismatch/-/lodash.ismatch-4.4.0.tgz#756cb5150ca3ba6f11085a78849645f188f85f37" + integrity sha512-fPMfXjGQEV9Xsq/8MTSgUf255gawYRbjwMyDbcvDhXgV7enSZA0hynz6vMPnpAb5iONEzBHBPsT+0zes5Z301g== + lodash.memoize@4.x: version "4.1.2" resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe" @@ -3230,6 +3686,16 @@ lodash.merge@^4.6.2: resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a" integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ== +lodash.truncate@^4.4.2: + version "4.4.2" + resolved "https://registry.yarnpkg.com/lodash.truncate/-/lodash.truncate-4.4.2.tgz#5a350da0b1113b837ecfffd5812cbe58d6eae193" + integrity sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw== + +lodash@^4.17.15: + version "4.17.21" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" + integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== + log4js@^6.9.1: version "6.9.1" resolved "https://registry.yarnpkg.com/log4js/-/log4js-6.9.1.tgz#aba5a3ff4e7872ae34f8b4c533706753709e38b6" @@ -3274,11 +3740,38 @@ makeerror@1.0.12: dependencies: tmpl "1.0.5" +map-obj@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" + integrity sha512-7N/q3lyZ+LVCp7PzuxrJr4KMbBE2hW7BT7YNia330OFxIf4d3r5zVpicP2650l7CPN6RM9zOJRl3NGpqSiw3Eg== + +map-obj@^4.0.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-4.3.0.tgz#9304f906e93faae70880da102a9f1df0ea8bb05a" + integrity sha512-hdN1wVrZbb29eBGiGjJbeP8JbKjq1urkHJ/LIP/NY48MZ1QVXUsQBV1G1zvYFHn1XE06cwjBsOI2K3Ulnj1YXQ== + mdurl@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/mdurl/-/mdurl-1.0.1.tgz#fe85b2ec75a59037f2adfec100fd6c601761152e" integrity sha512-/sKlQJCBYVY9Ers9hqzKou4H6V5UWc/M59TH2dvkt+84itfnq7uFOMLpOiOS4ujvHP4etln18fmIxA5R5fll0g== +meow@^8.0.0: + version "8.1.2" + resolved "https://registry.yarnpkg.com/meow/-/meow-8.1.2.tgz#bcbe45bda0ee1729d350c03cffc8395a36c4e897" + integrity sha512-r85E3NdZ+mpYk1C6RjPFEMSE+s1iZMuHtsHAqY0DT3jZczl0diWUZ8g6oU7h0M9cD2EL+PzaYghhCLzR0ZNn5Q== + dependencies: + "@types/minimist" "^1.2.0" + camelcase-keys "^6.2.2" + decamelize-keys "^1.1.0" + hard-rejection "^2.1.0" + minimist-options "4.1.0" + normalize-package-data "^3.0.0" + read-pkg-up "^7.0.1" + redent "^3.0.0" + trim-newlines "^3.0.0" + type-fest "^0.18.0" + yargs-parser "^20.2.3" + merge-stream@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-2.0.0.tgz#52823629a14dd00c9770fb6ad47dc6310f2c1f60" @@ -3302,6 +3795,11 @@ mimic-fn@^2.1.0: resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== +min-indent@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/min-indent/-/min-indent-1.0.1.tgz#a63f681673b30571fbe8bc25686ae746eefa9869" + integrity sha512-I9jwMn07Sy/IwOj3zVkVik2JTvgpaykDZEigL6Rx6N9LbMywwUSMtxET+7lVoDLLd3O3IXwJwvuuns8UB/HeAg== + minimatch@9.0.3: version "9.0.3" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-9.0.3.tgz#a6e00c3de44c3a542bfaae70abfc22420a6da825" @@ -3323,7 +3821,16 @@ minimatch@^5.0.1: dependencies: brace-expansion "^2.0.1" -minimist@>=1.2.2, minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.6, minimist@~1.2.5: +minimist-options@4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/minimist-options/-/minimist-options-4.1.0.tgz#c0655713c53a8a2ebd77ffa247d342c40f010619" + integrity sha512-Q4r8ghd80yhO/0j1O3B2BjweX3fiHg9cdOwjJd2J76Q135c+NDxGCqdYKQ1SKBuFfgWbAUzBfvYjPUEeNgqN1A== + dependencies: + arrify "^1.0.1" + is-plain-obj "^1.1.0" + kind-of "^6.0.3" + +minimist@>=1.2.2, minimist@^1.2.0, minimist@^1.2.3, minimist@^1.2.5, minimist@^1.2.6, minimist@~1.2.5: version "1.2.8" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c" integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA== @@ -3333,6 +3840,11 @@ mkdirp@^1.0.4: resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e" integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw== +modify-values@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/modify-values/-/modify-values-1.0.1.tgz#b3939fa605546474e3e3e3c63d64bd43b4ee6022" + integrity sha512-xV2bxeN6F7oYjZWTe/YPAy6MN2M+sL4u/Rlm2AHCIVGfo2p1yGmBHQ6vHehl4bRTZBdHu3TSkWdYgkwpYzAGSw== + ms@2.1.2: version "2.1.2" resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" @@ -3348,6 +3860,11 @@ natural-compare@^1.4.0: resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw== +neo-async@^2.6.2: + version "2.6.2" + resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f" + integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw== + node-int64@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b" @@ -3358,6 +3875,26 @@ node-releases@^2.0.14: resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-2.0.14.tgz#2ffb053bceb8b2be8495ece1ab6ce600c4461b0b" integrity sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw== +normalize-package-data@^2.3.2, normalize-package-data@^2.5.0: + version "2.5.0" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.5.0.tgz#e66db1838b200c1dfc233225d12cb36520e234a8" + integrity sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA== + dependencies: + hosted-git-info "^2.1.4" + resolve "^1.10.0" + semver "2 || 3 || 4 || 5" + validate-npm-package-license "^3.0.1" + +normalize-package-data@^3.0.0: + version "3.0.3" + resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-3.0.3.tgz#dbcc3e2da59509a0983422884cd172eefdfa525e" + integrity sha512-p2W1sgqij3zMMyRC067Dg16bfzVH+w7hyegmpIvZ4JNjqtGOVAIvLmjBx3yP7YTe9vKJgkoNOPjwQGogDoMXFA== + dependencies: + hosted-git-info "^4.0.1" + is-core-module "^2.5.0" + semver "^7.3.4" + validate-npm-package-license "^3.0.1" + normalize-path@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/normalize-path/-/normalize-path-3.0.0.tgz#0dcd69ff23a1c9b11fd0978316644a0388216a65" @@ -3449,7 +3986,14 @@ optionator@^0.9.3: prelude-ls "^1.2.1" type-check "^0.4.0" -p-limit@^2.2.0: +p-limit@^1.1.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-1.3.0.tgz#b86bd5f0c25690911c7590fcbfc2010d54b3ccb8" + integrity sha512-vvcXsLAJ9Dr5rQOPk7toZQZJApBl2K4J6dANSsEuh6QI41JYcsS/qhTGa9ErIUUgK3WNQoJYvylxvjqmiqEA9Q== + dependencies: + p-try "^1.0.0" + +p-limit@^2.0.0, p-limit@^2.2.0: version "2.3.0" resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.3.0.tgz#3dd33c647a214fdfffd835933eb086da0dc21db1" integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w== @@ -3463,6 +4007,20 @@ p-limit@^3.0.2, p-limit@^3.1.0: dependencies: yocto-queue "^0.1.0" +p-locate@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-2.0.0.tgz#20a0103b222a70c8fd39cc2e580680f3dde5ec43" + integrity sha512-nQja7m7gSKuewoVRen45CtVfODR3crN3goVQ0DDZ9N3yHxgpkuBhZqsaiotSQRrADUrne346peY7kT3TSACykg== + dependencies: + p-limit "^1.1.0" + +p-locate@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-3.0.0.tgz#322d69a05c0264b25997d9f40cd8a891ab0064a4" + integrity sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ== + dependencies: + p-limit "^2.0.0" + p-locate@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-4.1.0.tgz#a3428bb7088b3a60292f66919278b7c297ad4f07" @@ -3477,6 +4035,11 @@ p-locate@^5.0.0: dependencies: p-limit "^3.0.2" +p-try@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/p-try/-/p-try-1.0.0.tgz#cbc79cdbaf8fd4228e13f621f2b1a237c1b207b3" + integrity sha512-U1etNYuMJoIz3ZXSrrySFjsXQTWOx2/jdi86L+2pRvph/qMKL6sbcCYdH23fqsbm8TH2Gn0OybpT4eSFlCVHww== + p-try@^2.0.0: version "2.2.0" resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6" @@ -3489,7 +4052,15 @@ parent-module@^1.0.0: dependencies: callsites "^3.0.0" -parse-json@^5.2.0: +parse-json@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-4.0.0.tgz#be35f5425be1f7f6c747184f98a788cb99477ee0" + integrity sha512-aOIos8bujGN93/8Ox/jPLh7RwVnPEysynVFE+fQZyg6jKELEHwzgKdLRFHUgXJL6kylijVSBC4BvN9OmsB48Rw== + dependencies: + error-ex "^1.3.1" + json-parse-better-errors "^1.0.1" + +parse-json@^5.0.0, parse-json@^5.2.0: version "5.2.0" resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-5.2.0.tgz#c76fc66dee54231c962b22bcc8a72cf2f99753cd" integrity sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg== @@ -3499,6 +4070,11 @@ parse-json@^5.2.0: json-parse-even-better-errors "^2.3.0" lines-and-columns "^1.1.6" +path-exists@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-3.0.0.tgz#ce0ebeaa5f78cb18925ea7d810d7b59b010fd515" + integrity sha512-bpC7GYwiDYQ4wYLe+FA8lhRjhQCMcQGuSgGGqDkg/QerRWw9CmGRT0iSOVRSZJ29NMLZgIzqaljJ63oaL4NIJQ== + path-exists@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-4.0.0.tgz#513bdbe2d3b95d7762e8c1137efa195c6c61b5b3" @@ -3519,6 +4095,13 @@ path-parse@^1.0.7: resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== +path-type@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/path-type/-/path-type-3.0.0.tgz#cef31dc8e0a1a3bb0d105c0cd97cf3bf47f4e36f" + integrity sha512-T2ZUsdZFHgA3u4e5PfPbjd7HDDpxPnQb5jN0SrDsjNSuVXHJqtwTnWqG0B1jZrgmJ/7lj1EmVIByWt1gxGkWvg== + dependencies: + pify "^3.0.0" + path-type@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b" @@ -3534,6 +4117,16 @@ picomatch@^2.0.4, picomatch@^2.2.3, picomatch@^2.3.1: resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42" integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA== +pify@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c" + integrity sha512-udgsAY+fTnvv7kI7aaxbqwWNb0AHiB0qBO89PZKPkoTmGOgdbrHDKD+0B2X4uTfJ/FT1R09r9gTsjUjNJotuog== + +pify@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176" + integrity sha512-C3FsVNH1udSEX48gGX1xfvwTWfsYWj5U+8/uK15BGzIGrKoUpghX8hWZwa/OFnakBiiVNmBvemTJR5mcy7iPcg== + pirates@^4.0.4: version "4.0.6" resolved "https://registry.yarnpkg.com/pirates/-/pirates-4.0.6.tgz#3018ae32ecfcff6c29ba2267cbf21166ac1f36b9" @@ -3560,6 +4153,11 @@ pretty-format@^29.0.0, pretty-format@^29.7.0: ansi-styles "^5.0.0" react-is "^18.0.0" +process-nextick-args@~2.0.0: + version "2.0.1" + resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2" + integrity sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag== + projen@^0.79.7: version "0.79.7" resolved "https://registry.yarnpkg.com/projen/-/projen-0.79.7.tgz#b679640617d032de7a03677168c2605c9abafc36" @@ -3588,7 +4186,7 @@ prompts@^2.0.1: kleur "^3.0.3" sisteransi "^1.0.5" -punycode@^2.1.0, punycode@^2.1.1: +punycode@^2.1.0, punycode@^2.3.0: version "2.3.1" resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.3.1.tgz#027422e2faec0b25e1549c3e1bd8309b9133b6e5" integrity sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg== @@ -3598,16 +4196,84 @@ pure-rand@^6.0.0: resolved "https://registry.yarnpkg.com/pure-rand/-/pure-rand-6.0.4.tgz#50b737f6a925468679bff00ad20eade53f37d5c7" integrity sha512-LA0Y9kxMYv47GIPJy6MI84fqTd2HmYZI83W/kM/SkKfDlajnZYfmXFTxkbY+xSBPkLJxltMa9hIkmdc29eguMA== +q@^1.5.1: + version "1.5.1" + resolved "https://registry.yarnpkg.com/q/-/q-1.5.1.tgz#7e32f75b41381291d04611f1bf14109ac00651d7" + integrity sha512-kV/CThkXo6xyFEZUugw/+pIOywXcDbFYgSct5cT3gqlbkBE1SJdwy6UQoZvodiWF/ckQLZyDE/Bu1M6gVu5lVw== + queue-microtask@^1.2.2: version "1.2.3" resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.3.tgz#4929228bbc724dfac43e0efb058caf7b6cfb6243" integrity sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A== +quick-lru@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-4.0.1.tgz#5b8878f113a58217848c6482026c73e1ba57727f" + integrity sha512-ARhCpm70fzdcvNQfPoy49IaanKkTlRWF2JMzqhcJbhSFRZv7nPTvZJdcY7301IPmvW+/p0RgIWnQDLJxifsQ7g== + react-is@^18.0.0: version "18.2.0" resolved "https://registry.yarnpkg.com/react-is/-/react-is-18.2.0.tgz#199431eeaaa2e09f86427efbb4f1473edb47609b" integrity sha512-xWGDIW6x921xtzPkhiULtthJHoJvBbF3q26fzloPCK0hsvxtPVelvftw3zjbHWSkR2km9Z+4uxbDDK/6Zw9B8w== +read-pkg-up@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-3.0.0.tgz#3ed496685dba0f8fe118d0691dc51f4a1ff96f07" + integrity sha512-YFzFrVvpC6frF1sz8psoHDBGF7fLPc+llq/8NB43oagqWkx8ar5zYtsTORtOjw9W2RHLpWP+zTWwBvf1bCmcSw== + dependencies: + find-up "^2.0.0" + read-pkg "^3.0.0" + +read-pkg-up@^7.0.1: + version "7.0.1" + resolved "https://registry.yarnpkg.com/read-pkg-up/-/read-pkg-up-7.0.1.tgz#f3a6135758459733ae2b95638056e1854e7ef507" + integrity sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg== + dependencies: + find-up "^4.1.0" + read-pkg "^5.2.0" + type-fest "^0.8.1" + +read-pkg@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-3.0.0.tgz#9cbc686978fee65d16c00e2b19c237fcf6e38389" + integrity sha512-BLq/cCO9two+lBgiTYNqD6GdtK8s4NpaWrl6/rCO9w0TUS8oJl7cmToOZfRYllKTISY6nt1U7jQ53brmKqY6BA== + dependencies: + load-json-file "^4.0.0" + normalize-package-data "^2.3.2" + path-type "^3.0.0" + +read-pkg@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/read-pkg/-/read-pkg-5.2.0.tgz#7bf295438ca5a33e56cd30e053b34ee7250c93cc" + integrity sha512-Ug69mNOpfvKDAc2Q8DRpMjjzdtrnv9HcSMX+4VsZxD1aZ6ZzrIE7rlzXBtWTyhULSMKg076AW6WR5iZpD0JiOg== + dependencies: + "@types/normalize-package-data" "^2.4.0" + normalize-package-data "^2.5.0" + parse-json "^5.0.0" + type-fest "^0.6.0" + +readable-stream@3, readable-stream@^3.0.0, readable-stream@^3.0.2: + version "3.6.2" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.2.tgz#56a9b36ea965c00c5a93ef31eb111a0f11056967" + integrity sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA== + dependencies: + inherits "^2.0.3" + string_decoder "^1.1.1" + util-deprecate "^1.0.1" + +readable-stream@~2.3.6: + version "2.3.8" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.8.tgz#91125e8042bba1b9887f49345f6277027ce8be9b" + integrity sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA== + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~2.0.0" + safe-buffer "~5.1.1" + string_decoder "~1.1.1" + util-deprecate "~1.0.1" + rechoir@^0.6.2: version "0.6.2" resolved "https://registry.yarnpkg.com/rechoir/-/rechoir-0.6.2.tgz#85204b54dba82d5742e28c96756ef43af50e3384" @@ -3615,6 +4281,14 @@ rechoir@^0.6.2: dependencies: resolve "^1.1.6" +redent@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/redent/-/redent-3.0.0.tgz#e557b7998316bb53c9f1f56fa626352c6963059f" + integrity sha512-6tDA8g98We0zd0GvVeMT9arEOnTw9qM03L9cJXaCjrip1OO764RDBLBfrB4cwzNGDj5OA5ioymC9GkizgWJDUg== + dependencies: + indent-string "^4.0.0" + strip-indent "^3.0.0" + regexp.prototype.flags@^1.5.1: version "1.5.1" resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.5.1.tgz#90ce989138db209f81492edd734183ce99f9677e" @@ -3666,7 +4340,7 @@ resolve.exports@^2.0.0: resolved "https://registry.yarnpkg.com/resolve.exports/-/resolve.exports-2.0.2.tgz#f8c934b8e6a13f539e38b7098e2e36134f01e800" integrity sha512-X2UW6Nw3n/aMgDVy+0rSqgHlv39WZAlZrXCdnbyEiKm17DSqHX4MmQMaST3FbeWR5FTuRcUwYAziZajji0Y7mg== -resolve@^1.1.6, resolve@^1.20.0, resolve@^1.22.4: +resolve@^1.1.6, resolve@^1.10.0, resolve@^1.20.0, resolve@^1.22.4: version "1.22.8" resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.22.8.tgz#b6c87a9f2aa06dfab52e3d70ac8cde321fa5a48d" integrity sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw== @@ -3709,6 +4383,16 @@ safe-array-concat@^1.0.1: has-symbols "^1.0.3" isarray "^2.0.5" +safe-buffer@~5.1.0, safe-buffer@~5.1.1: + version "5.1.2" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d" + integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g== + +safe-buffer@~5.2.0: + version "5.2.1" + resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" + integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== + safe-regex-test@^1.0.0: version "1.0.2" resolved "https://registry.yarnpkg.com/safe-regex-test/-/safe-regex-test-1.0.2.tgz#3ba32bdb3ea35f940ee87e5087c60ee786c3f6c5" @@ -3725,12 +4409,17 @@ semver-intersect@^1.4.0, semver-intersect@^1.5.0: dependencies: semver "^6.3.0" -semver@^6.3.0, semver@^6.3.1: +"semver@2 || 3 || 4 || 5": + version "5.7.2" + resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8" + integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g== + +semver@^6.0.0, semver@^6.3.0, semver@^6.3.1: version "6.3.1" resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.1.tgz#556d2ef8689146e46dcea4bfdd095f3434dffcb4" integrity sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA== -semver@^7.3.2, semver@^7.3.5, semver@^7.5.3, semver@^7.5.4: +semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.5.3, semver@^7.5.4: version "7.5.4" resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== @@ -3810,6 +4499,15 @@ slash@^3.0.0: resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q== +slice-ansi@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-4.0.0.tgz#500e8dd0fd55b05815086255b3195adf2a45fe6b" + integrity sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ== + dependencies: + ansi-styles "^4.0.0" + astral-regex "^2.0.0" + is-fullwidth-code-point "^3.0.0" + sort-json@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/sort-json/-/sort-json-2.0.1.tgz#7338783bef807185dc37d5b02e3afd905d537cfb" @@ -3832,11 +4530,51 @@ source-map@^0.6.0, source-map@^0.6.1: resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263" integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g== +spdx-correct@^3.0.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.2.0.tgz#4f5ab0668f0059e34f9c00dce331784a12de4e9c" + integrity sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA== + dependencies: + spdx-expression-parse "^3.0.0" + spdx-license-ids "^3.0.0" + +spdx-exceptions@^2.1.0: + version "2.4.0" + resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.4.0.tgz#c07a4ede25b16e4f78e6707bbd84b15a45c19c1b" + integrity sha512-hcjppoJ68fhxA/cjbN4T8N6uCUejN8yFw69ttpqtBeCbF3u13n7mb31NB9jKwGTTWWnt9IbRA/mf1FprYS8wfw== + +spdx-expression-parse@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz#cf70f50482eefdc98e3ce0a6833e4a53ceeba679" + integrity sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q== + dependencies: + spdx-exceptions "^2.1.0" + spdx-license-ids "^3.0.0" + +spdx-license-ids@^3.0.0: + version "3.0.16" + resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.16.tgz#a14f64e0954f6e25cc6587bd4f392522db0d998f" + integrity sha512-eWN+LnM3GR6gPu35WxNgbGl8rmY1AEmoMDvL/QD6zYmPWgywxWqJWNdLGT+ke8dKNWrcYgYjPpG5gbTfghP8rw== + spdx-license-list@^6.8.0: version "6.8.0" resolved "https://registry.yarnpkg.com/spdx-license-list/-/spdx-license-list-6.8.0.tgz#92a99cd6c8b97fe98ae83c54deaffd4d9d503f74" integrity sha512-5UdM7r9yJ1EvsPQZWfa41AZjLQngl9iMMysm9XBW7Lqhq7aF8cllfqjS+rFCHB8FFMGSM0yFWue2LUV9mR0QzQ== +split2@^3.0.0: + version "3.2.2" + resolved "https://registry.yarnpkg.com/split2/-/split2-3.2.2.tgz#bf2cf2a37d838312c249c89206fd7a17dd12365f" + integrity sha512-9NThjpgZnifTkJpzTZ7Eue85S49QwpNhZTq6GRJwObb6jnLFNGB7Qm73V5HewTROPyxD0C29xqmaI68bQtV+hg== + dependencies: + readable-stream "^3.0.0" + +split@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/split/-/split-1.0.1.tgz#605bd9be303aa59fb35f9229fbea0ddec9ea07d9" + integrity sha512-mTyOoPbrivtXnwnIxZRFYRrPNtEFKlpB2fvjSnCQUiAA6qAZzqwna5envK4uk6OIeP17CsdF3rSBGYVBsU0Tkg== + dependencies: + through "2" + sprintf-js@~1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" @@ -3849,6 +4587,26 @@ stack-utils@^2.0.3: dependencies: escape-string-regexp "^2.0.0" +standard-version@^9: + version "9.5.0" + resolved "https://registry.yarnpkg.com/standard-version/-/standard-version-9.5.0.tgz#851d6dcddf5320d5079601832aeb185dbf497949" + integrity sha512-3zWJ/mmZQsOaO+fOlsa0+QK90pwhNd042qEcw6hKFNoLFs7peGyvPffpEBbK/DSGPbyOvli0mUIFv5A4qTjh2Q== + dependencies: + chalk "^2.4.2" + conventional-changelog "3.1.25" + conventional-changelog-config-spec "2.1.0" + conventional-changelog-conventionalcommits "4.6.3" + conventional-recommended-bump "6.1.0" + detect-indent "^6.0.0" + detect-newline "^3.1.0" + dotgitignore "^2.1.0" + figures "^3.1.0" + find-up "^5.0.0" + git-semver-tags "^4.0.0" + semver "^7.1.1" + stringify-package "^1.0.1" + yargs "^16.0.0" + stream-chain@^2.2.5: version "2.2.5" resolved "https://registry.yarnpkg.com/stream-chain/-/stream-chain-2.2.5.tgz#b30967e8f14ee033c5b9a19bbe8a2cba90ba0d09" @@ -3927,6 +4685,25 @@ string.prototype.trimstart@^1.0.7: define-properties "^1.2.0" es-abstract "^1.22.1" +string_decoder@^1.1.1: + version "1.3.0" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.3.0.tgz#42f114594a46cf1a8e30b0a84f56c78c3edac21e" + integrity sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA== + dependencies: + safe-buffer "~5.2.0" + +string_decoder@~1.1.1: + version "1.1.1" + resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.1.1.tgz#9cf1611ba62685d7030ae9e4ba34149c3af03fc8" + integrity sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg== + dependencies: + safe-buffer "~5.1.0" + +stringify-package@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/stringify-package/-/stringify-package-1.0.1.tgz#e5aa3643e7f74d0f28628b72f3dad5cecfc3ba85" + integrity sha512-sa4DUQsYciMP1xhKWGuFM04fB0LG/9DlluZoSVywUMRNvzid6XucHK0/90xGxRoHrAaROrcHK1aPKaijCtSrhg== + strip-ansi@^6.0.0, strip-ansi@^6.0.1: version "6.0.1" resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" @@ -3949,6 +4726,13 @@ strip-final-newline@^2.0.0: resolved "https://registry.yarnpkg.com/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA== +strip-indent@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-3.0.0.tgz#c32e1cee940b6b3432c771bc2c54bcce73cd3001" + integrity sha512-laJTa3Jb+VQpaC6DseHhF7dXVqHTfJPCRDaEbid/drOhgitgYku/letMUqOXFoWV0zIIUbjpdH2t+tYj4bQMRQ== + dependencies: + min-indent "^1.0.0" + strip-json-comments@^3.1.1: version "3.1.1" resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-3.1.1.tgz#31f1281b3832630434831c310c01cccda8cbe006" @@ -3980,6 +4764,17 @@ supports-preserve-symlinks-flag@^1.0.0: resolved "https://registry.yarnpkg.com/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz#6eda4bd344a3c94aea376d4cc31bc77311039e09" integrity sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w== +table@^6.8.1: + version "6.8.1" + resolved "https://registry.yarnpkg.com/table/-/table-6.8.1.tgz#ea2b71359fe03b017a5fbc296204471158080bdf" + integrity sha512-Y4X9zqrCftUhMeH2EptSSERdVKt/nEdijTOacGD/97EKjhQ/Qs8RTlEGABSJNNN8lac9kheH+af7yAkEWlgneA== + dependencies: + ajv "^8.0.1" + lodash.truncate "^4.4.2" + slice-ansi "^4.0.0" + string-width "^4.2.3" + strip-ansi "^6.0.1" + tapable@^2.2.0: version "2.2.1" resolved "https://registry.yarnpkg.com/tapable/-/tapable-2.2.1.tgz#1967a73ef4060a82f12ab96af86d52fdb76eeca0" @@ -3994,11 +4789,36 @@ test-exclude@^6.0.0: glob "^7.1.4" minimatch "^3.0.4" +text-extensions@^1.0.0: + version "1.9.0" + resolved "https://registry.yarnpkg.com/text-extensions/-/text-extensions-1.9.0.tgz#1853e45fee39c945ce6f6c36b2d659b5aabc2a26" + integrity sha512-wiBrwC1EhBelW12Zy26JeOUkQ5mRu+5o8rpsJk5+2t+Y5vE7e842qtZDQ2g1NpX/29HdyFeJ4nSIhI47ENSxlQ== + text-table@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" integrity sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw== +through2@^2.0.0: + version "2.0.5" + resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd" + integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ== + dependencies: + readable-stream "~2.3.6" + xtend "~4.0.1" + +through2@^4.0.0: + version "4.0.2" + resolved "https://registry.yarnpkg.com/through2/-/through2-4.0.2.tgz#a7ce3ac2a7a8b0b966c80e7c49f0484c3b239764" + integrity sha512-iOqSav00cVxEEICeD7TjLB1sueEL+81Wpzp2bY17uZjZN0pWZPuo4suZ/61VujxmqSGFfgOcNuTZ85QJwNZQpw== + dependencies: + readable-stream "3" + +through@2, "through@>=2.2.7 <3": + version "2.3.8" + resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5" + integrity sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg== + tmpl@1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/tmpl/-/tmpl-1.0.5.tgz#8683e0b902bb9c20c4f726e3c0b69f36518c07cc" @@ -4016,6 +4836,11 @@ to-regex-range@^5.0.1: dependencies: is-number "^7.0.0" +trim-newlines@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-3.0.1.tgz#260a5d962d8b752425b32f3a7db0dcacd176c144" + integrity sha512-c1PTsA3tYrIsLGkJkzHF+w9F2EyxfXGo4UyJc4pFL++FMjnq0HJS69T3M7d//gKrFKwy429bouPescbjecU+Zw== + ts-api-utils@^1.0.1: version "1.0.3" resolved "https://registry.yarnpkg.com/ts-api-utils/-/ts-api-utils-1.0.3.tgz#f12c1c781d04427313dbac808f453f050e54a331" @@ -4076,6 +4901,11 @@ type-detect@4.0.8: resolved "https://registry.yarnpkg.com/type-detect/-/type-detect-4.0.8.tgz#7646fb5f18871cfbb7749e69bd39a6388eb7450c" integrity sha512-0fr/mIH1dlO+x7TlcMy+bIDqKPsw/70tVyeHW787goQjhmqaZe10uwLujubK9q9Lg6Fiho1KUKDYz0Z7k7g5/g== +type-fest@^0.18.0: + version "0.18.1" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.18.1.tgz#db4bc151a4a2cf4eebf9add5db75508db6cc841f" + integrity sha512-OIAYXk8+ISY+qTOwkHtKqzAuxchoMiD9Udx+FSGQDuiRR+PJKJHc2NJAXlbhkGwTt/4/nKZxELY1w3ReWOL8mw== + type-fest@^0.20.2: version "0.20.2" resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" @@ -4086,6 +4916,16 @@ type-fest@^0.21.3: resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.21.3.tgz#d260a24b0198436e133fa26a524a6d65fa3b2e37" integrity sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w== +type-fest@^0.6.0: + version "0.6.0" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.6.0.tgz#8d2a2370d3df886eb5c90ada1c5bf6188acf838b" + integrity sha512-q+MB8nYR1KDLrgr4G5yemftpMC7/QLqVndBmEEdqzmNj5dcFOO4Oo8qlwZE3ULT3+Zim1F8Kq4cBnikNhlCMlg== + +type-fest@^0.8.1: + version "0.8.1" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.8.1.tgz#09e249ebde851d3b1e48d27c105444667f17b83d" + integrity sha512-4dbzIzqvjtgiM5rw1k5rEHtBANKmdudhGyBEajN01fEyhaAIhsoKNy6y7+IN93IfpFtwY9iqi7kD+xwKhQsNJA== + typed-array-buffer@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/typed-array-buffer/-/typed-array-buffer-1.0.0.tgz#18de3e7ed7974b0a729d3feecb94338d1472cd60" @@ -4125,6 +4965,11 @@ typed-array-length@^1.0.4: for-each "^0.3.3" is-typed-array "^1.1.9" +typedarray@^0.0.6: + version "0.0.6" + resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" + integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA== + typescript@^5.3.3, typescript@~5.3: version "5.3.3" resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.3.3.tgz#b3ce6ba258e72e6305ba66f5c9b452aaee3ffe37" @@ -4145,6 +4990,11 @@ typescript@~5.2: resolved "https://registry.yarnpkg.com/typescript/-/typescript-5.2.2.tgz#5ebb5e5a5b75f085f22bc3f8460fba308310fa78" integrity sha512-mI4WrpHsbCIcwT9cF4FZvr80QUeKvsUsUvKDoR+X/7XHQH98xYD8YHZg7ANtz2GtZt/CBq2QJ0thkGJMHfqc1w== +uglify-js@^3.1.4: + version "3.17.4" + resolved "https://registry.yarnpkg.com/uglify-js/-/uglify-js-3.17.4.tgz#61678cf5fa3f5b7eb789bb345df29afb8257c22c" + integrity sha512-T9q82TJI9e/C1TAxYvfb16xO120tMVFZrGA3f9/P4424DNu6ypK103y0GPFVa17yotwSyZW5iYXgjYHkGrJW/g== + unbox-primitive@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/unbox-primitive/-/unbox-primitive-1.0.2.tgz#29032021057d5e6cdbd08c5129c226dff8ed6f9e" @@ -4185,6 +5035,11 @@ uri-js@^4.2.2: dependencies: punycode "^2.1.0" +util-deprecate@^1.0.1, util-deprecate@~1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" + integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw== + uuid@^8.3.2: version "8.3.2" resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.2.tgz#80d5b5ced271bb9af6c445f21a1a04c606cefbe2" @@ -4204,6 +5059,14 @@ v8-to-istanbul@^9.0.1: "@types/istanbul-lib-coverage" "^2.0.1" convert-source-map "^2.0.0" +validate-npm-package-license@^3.0.1: + version "3.0.4" + resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a" + integrity sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew== + dependencies: + spdx-correct "^3.0.0" + spdx-expression-parse "^3.0.0" + walker@^1.0.8: version "1.0.8" resolved "https://registry.yarnpkg.com/walker/-/walker-1.0.8.tgz#bd498db477afe573dc04185f011d3ab8a8d7653f" @@ -4240,6 +5103,11 @@ which@^2.0.1: dependencies: isexe "^2.0.0" +wordwrap@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/wordwrap/-/wordwrap-1.0.0.tgz#27584810891456a4171c8d0226441ade90cbcaeb" + integrity sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q== + workerpool@^6.5.1: version "6.5.1" resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-6.5.1.tgz#060f73b39d0caf97c6db64da004cd01b4c099544" @@ -4287,6 +5155,11 @@ xmlbuilder@^15.1.1: resolved "https://registry.yarnpkg.com/xmlbuilder/-/xmlbuilder-15.1.1.tgz#9dcdce49eea66d8d10b42cae94a79c3c8d0c2ec5" integrity sha512-yMqGBqtXyeN1e3TGYvgNgDVZ3j84W4cwkOXQswghol6APgZWaff9lnbvN7MHYJOiXsvGPXtjTYJEiC9J2wv9Eg== +xtend@~4.0.1: + version "4.0.2" + resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54" + integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ== + y18n@^5.0.5: version "5.0.8" resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" @@ -4312,7 +5185,7 @@ yaml@^2.2.2, yaml@^2.3.4: resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.3.4.tgz#53fc1d514be80aabf386dc6001eb29bf3b7523b2" integrity sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA== -yargs-parser@^20.2.2: +yargs-parser@^20.2.2, yargs-parser@^20.2.3: version "20.2.9" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== @@ -4322,7 +5195,7 @@ yargs-parser@^21.0.1, yargs-parser@^21.1.1: resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.1.1.tgz#9096bceebf990d21bb31fa9516e0ede294a77d35" integrity sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw== -yargs@^16.2.0: +yargs@^16.0.0, yargs@^16.2.0: version "16.2.0" resolved "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz#1c82bf0f6b6a66eafce7ef30e376f49a12477f66" integrity sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==