Skip to content

Conversation

@dreamorosi
Copy link
Contributor

@dreamorosi dreamorosi commented Feb 22, 2022

Description of your changes

This PR aims at closing some of the Dependabot PRs that have been open for a while as well as removing vulnerable packages (vm2, a dev dependency of aws-cdk and hence never shipped on npm).

In doing so, since we enforced [email protected], I have realised that the package-lock.json files in the utilities packages are not used anymore and so can safely be removed. This is because we are using the workspaces feature of npm that allows to manage dependencies centrally.

The workspaces feature also allows us to run commands in one or more packages like npm run test -w packages/logger which is something we should look at in a separate effort to potentially & partially start moving away from lerna.

Actions:

  • updated packages/logger with:
  • updated packages/tracing with:
  • updated packages/metrics with:
  • updated packages/commons with:
npm i -D @typescript-eslint/[email protected] @typescript-eslint/[email protected] [email protected] [email protected] @types/[email protected] @commitlint/[email protected] -w packages/commons

As result, running npm audit returns 0 vulnerabilities:
image

Likewise, running npm run lerna-test after the changes shows all tests passing:
image

Finally, running e2e tests on the new branch also works (locally), see below:

~/Codes/aws-lambda-powertools-typescript build/fix_dependencies ❯ isengardcli run "npm run lerna-test:e2e"

[email protected] lerna-test:e2e
lerna exec -- npm run test:e2e

lerna notice cli v4.0.0
lerna info Executing command in 5 packages: "npm run test:e2e"

[email protected] test:e2e
echo 'To be implemented ...'

@aws-lambda-powertools/[email protected] test:e2e
concurrently "npm:test:e2e:nodejs12x" "npm:test:e2e:nodejs14x"

To be implemented ...

@aws-lambda-powertools/[email protected] test:e2e
echo 'Not Applicable'

Not Applicable

@aws-lambda-powertools/[email protected] test:e2e
jest --group=e2e

@aws-lambda-powertools/[email protected] test:e2e
jest --group=e2e

[test:e2e:nodejs14x]
[test:e2e:nodejs14x] > @aws-lambda-powertools/[email protected] test:e2e:nodejs14x
[test:e2e:nodejs14x] > RUNTIME=nodejs14x jest --group=e2e/logger
[test:e2e:nodejs14x]
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] > @aws-lambda-powertools/[email protected] test:e2e:nodejs12x
[test:e2e:nodejs12x] > RUNTIME=nodejs12x jest --group=e2e/logger
[test:e2e:nodejs12x]

Test Suites: 0 of 4 total
Tests: 0 total
Snapshots: 0 total
Time: 0 s, estimated 160 s

Bundling asset MetricsE2EDecoratorStack/MyFunction/Code/Stage...
Bundling asset MetricsE2EStandardFunctionsStack/MyFunction/Code/Stage...

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

...02d2979647400d1d829aa85693b24274bd1b4e40d4f40aea55657ab5/index.js 17.8kb

⚡ Done in 18ms

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
...b8b2d518b5f308eeb1354dd432abf8cc2ffcf3feba0be9fb2224c7d/index.js 1.8mb ⚠️

⚡ Done in 184ms
Bundling asset TracerIntegTest/Middleware/Code/Stage...

...e3695950011fe620902ba7d16a3b501ea04090e757b83c74da5d7da3/index.js 17.3kb

⚡ Done in 16ms

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 21 s[test:e2e:nodejs14x] Bundling asset Logger-E2E-nodejs14x-SampleRate-Decorator-1e861339-d0e6-4216-80c/testFunction/Code/Stage...
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] ...1eb88ecdd81c7c5290dd4a533a7d89bbe68b8b7d7e6fb82c9ee68e3c/index.js 93.6kb
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] ⚡ Done in 19ms
RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
...c2177f12ef8745c7b2870567b947cf09671fc2d8cab4e7d7dc61309/index.js 1.8mb ⚠️

⚡ Done in 142ms

RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Bundling asset TracerIntegTest/Decorator/Code/Stage...

RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 23 s[test:e2e:nodejs14x]
[test:e2e:nodejs14x] ...762238f1e4a05dbc5df5fbe9d52f57e4cbe5b1d8936865dddf667f[0%] start: Publishing 4c1c04a3df18becc1484b372251c432c478811fd022f8f74162639657b70d16e:current
[0%] start: Publishing 077a9f41d59d02e71b6011b5a0ea82993e2c5b41e0bcb6168610e0b98bfa5025:current

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
...658a361d20bb6121626191f0aeb613dbce656575ac66d2265ad43e1/index.js 1.8mb ⚠️

[100%] success: Published 4c1c04a3df18becc1484b372251c432c478811fd022f8f74162639657b70d16e:current
MetricsE2EStandardFunctionsStack: creating CloudFormation changeset...
[100%] success: Published 077a9f41d59d02e71b6011b5a0ea82993e2c5b41e0bcb6168610e0b98bfa5025:current
MetricsE2EDecoratorStack: creating CloudFormation changeset...

RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
...e3543f31042cb8d110466103c9b96ab51ccc62931671931abe9bfb5/index.js 1.8mb ⚠️

⚡ Done in 144ms

RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 25 s[test:e2e:nodejs12x] [50%] success: Published 33cfb47dad821cf2ab62cd48b1d3c58435b00bf5a2c99d369f2401e3e5a36391:current
[test:e2e:nodejs12x] [50%] start: Publishing c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] [0%] start: Publishing 2d5395d25b07090c9d97ddfbfbe76b70f16c5c80b70c5d81ac3cd0f8748d6c28:current
[test:e2e:nodejs14x] [0%] start: Publishing db9faa5062d88b8f2eb4881236188bb03aa1 RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 26 s[test:e2e:nodejs14x] [50%] success: Published 2d5395d25b07090c9d97ddfbfbe76b70f16c5c80b70c5d81ac3cd0f8748d6c28:current
[test:e2e:nodejs14x] [50%] start: Publishing c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] [50%] success: Published db9faa5062d88b8f2eb4881236188bb03aa1241123c23d2bab95d75b32ea86b4:current
[test:e2e:nodejs14x] [50%] start: Publishing c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] [0%] start: Publishing 33cfb47dad821cf2ab62cd48b1d3c58435b00bf5a2c99d369f2401e3e5a36391:current
[test:e2e:nodejs14x] [100%] success: Published c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] Logger-E2E-nodejs14x-BasicFeatures-Middy-1dd405db-6374-441f-974d: creating CloudFormation changeset...
[test:e2e:nodejs14x] [100%] success: Published c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] Logger-E2E-nodejs14x-ChildLogger-Manual-cd80dc3a-c355-4d4c-8985-: creating CloudFormation changeset...
[test:e2e:nodejs12x] [50%] success: Published 2d5395d25b07090c9d97ddfbfbe76b70f16c5c80b70c5d81ac3cd0f8748d6c28:current
[test:e2e:nodejs12x] [50%] start: Publishing c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs12x] [0%] start: Publishing db9faa5062d88b8f2eb4881236188bb03aa1241123c23d2bab95d75b32ea86b4:current
[test:e2e:nodejs12x] [100%] success: Published c13434f8f1aa2ea30fa577b2feb208a41 RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 27 s[test:e2e:nodejs12x] [50%] success: Published db9faa5062d88b8f2eb4881236188bb03aa1241123c23d2bab95d75b32ea86b4:current
[test:e2e:nodejs12x] [50%] start: Publishing c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[test:e2e:nodejs14x] [100%] success: Published c13434f8f1aa2ea30fa577b2feb208a41368b11787b752e10bfc71fe8eb919d5:current
[0%] start: Publishing a52ae43a290c55695509cfa1b832e09e86c97581a99357fb9b8eb46ef RUNS tests/e2e/standardFunctions.test.ts
[25%] success: Published a52ae43a290c55695509cfa1b832e09e86c97581a99357fb9b8eb46efccab5df:current
[25%] start: Publishing ec7c696a7df0924ad81d198f825ec9c046352b29edaea5a0a9b8d229b6c62260:current
[50%] success: Published ec7c696a7df0924ad81d198f825ec9c046352b29edaea5a0a9b8d229b6c62260:current
[50%] start: Publishing 5eb8596e7d02cced6ce5c01938b468e52015af4b7ad3dc2dea02b35d9188ad43:current
RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 105 s
RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts

Test Suites: 0 of 4 total
Tests: 4 passed, 4 total
Snapshots: 0 total
Time: 113 s, estimated 160 s
████████████████████████████████████████[test:e2e:nodejs14x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/childLogger.manual.test.ts (112.266 s)
[test:e2e:nodejs14x] ● Console
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] console.log
[test:e2e:nodejs14x] logGroupName /aws/lambda/Logger-E2E-nodejs14x-ChildLogger-Manual-cd80dc3a-c355-4d4c-8985-
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] at tests/e2e/childLogger.manual.test.ts:77:13
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/basicFeatures.middy.test.ts (112.454 s)
[test:e2e:nodejs14x] ● Console
RUNS tests/e2e/standardFunctions.test.ts
RUNS tests/e2e/decorator.test.ts

Test Suites: 0 of 4 total
Tests: 4 passed, 4 total
Snapshots: 0 total
Time: 114 s, estimated 160 s
████████████████████████████████████████[test:e2e:nodejs12x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/basicFeatures.middy.test.ts (112.839 s)
[test:e2e:nodejs12x] ● Console
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] console.log
[test:e2e:nodejs12x] logGroupName /aws/lambda/Logger-E2E-nodejs12x-BasicFeatures-Middy-f9bf544e-97f9-4fb5-a2fc
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] at tests/e2e/basicFeatures.middy.test.ts:77:13
[test:e2e:nodejs12x]
[test:e2e:nodejs14x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/sampleRate.decorator.test.ts (113.299 s)
[test:e2e:nodejs14x] ● Console
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] console.log
[test:e2e:nodejs14x] logGroupName /aws/lambda/Logger-E2E-nodejs14x-SampleRate-Decorator-1e861339-d0e6-4216-80c
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] at tests/e2e/sampleRate.decorator.test.ts:70:13
[test:e2e:nodejs14x]
[test:e2e:nodejs14x]
[test:e2e:nodejs14x] Test Suites: 3 passed, 3 of 8 total
[test:e2e:nodejs14x] Tests: 13 passed, 13 total
[test:e2e:nodejs14x] Snapshots: 0 total
[test:e2e:nodejs14x] Time: 114.283 s
[test:e2e:nodejs14x] Ran all test suites.
[test:e2e:nodejs14x] npm run test:e2e:nodejs14x exited with code 0
[test:e2e:nodejs12x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/childLogger.manual.test.ts (113.394 s)
PASS tests/e2e/standardFunctions.test.ts (116.314 s)
● Console

console.log
  Manual command: aws cloudwatch get-metric-statistics --namespace c14fe7f0-665f-4a93-96ad-3093b6c1bd1b --metric-name ColdStart --start-time 1645537066 --end-time 1645537267 --statistics 'Sum' --period 60 --dimensions '[{"Name":"service","Value":"MyFunctionWithStandardHandler"}]'

  at Object.<anonymous> (tests/e2e/standardFunctions.test.ts:103:13)

console.log
  Manual command: aws cloudwatch get-metric-statistics --namespace c14fe7f0-665f-4a93-96ad-3093b6c1bd1b --metric-name MyMetric --start-time 1645537066 --end-time 1645537267 --statistics 'Sum' --period 60 --dimensions '[{"Name":"service","Value":"MyFunctionWithStandardHandler"},{"Name":"MyDimension","Value":"MyValue"},{"Name":"MyExtraDimension","Value":"MyExtraValue"}]'

  at Object.<anonymous> (tests/e2e/standardFunctions.test.ts:144:13)

PASS tests/e2e/decorator.test.ts (121.791 s)
● Console

console.log
  Manual command: aws cloudwatch get-metric-statistics --namespace bb7d44b6-652b-435d-a325-5d124af1f965 --metric-name ColdStart --start-time 1645537066 --end-time 1645537273 --statistics 'Sum' --period 60 --dimensions '[{"Name":"service","Value":"decoratorService"},{"Name":"function_name","Value":"MyFunctionWithDecoratedHandler"},{"Name":"MyDimension","Value":"MyValue"}]'

  at Object.<anonymous> (tests/e2e/decorator.test.ts:108:13)

console.log
  Manual command: aws cloudwatch get-metric-statistics --namespace bb7d44b6-652b-435d-a325-5d124af1f965 --metric-name MyMetric --start-time 1645537066 --end-time 1645537273 --statistics 'Sum' --period 60 --dimensions '[{"Name":"service","Value":"decoratorService"},{"Name":"MyDimension","Value":"MyValue"},{"Name":"MyExtraDimension","Value":"MyExtraValue"}]'

  at Object.<anonymous> (tests/e2e/decorator.test.ts:149:13)

RUNS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts

Test Suites: 0 of 6 total
Tests: 0 total
Snapshots: 0 total
Time: 129 s[test:e2e:nodejs12x] PASS AWS Lambda Powertools utility: LOGGER tests/e2e/sampleRate.decorator.test.ts (127.432 s)
[test:e2e:nodejs12x] ● Console
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] console.log
[test:e2e:nodejs12x] logGroupName /aws/lambda/Logger-E2E-nodejs12x-SampleRate-Decorator-31c20176-62af-485e-a80
[test:e2e:nodejs12x]
[test:e2e:nodejs12x] at tests/e2e/sampleRate.decorator.test.ts:70:13
[test:e2e:nodejs12x]
[test:e2e:nodejs12x]
PASS AWS Lambda Powertools utility: TRACER tests/e2e/tracer.test.ts (343.597 s)
● Console

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537401 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Manual"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537402 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Middleware"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537402 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Middleware-NoCaptureErrorResponse"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537402 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Middleware-Disabled"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537402 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Decorator"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537402 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:DecoratorWithAsyncHandler"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537403 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Decorator-NoCaptureErrorResponse"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

console.log
  Manual query: aws xray get-trace-summaries --start-time 1645537125 --end-time 1645537403 --filter-expression 'resource.arn = "arn:aws:lambda:eu-west-1:264025721901:function:Decorator-Disabled"'

  at getTraces (tests/helpers/tracesUtils.ts:62:11)

Test Suites: 1 passed, 1 of 6 total
Tests: 8 passed, 8 total
Snapshots: 0 total
Time: 344.268 s
Ran all test suites.
lerna success exec Executed command in 5 packages: "npm run test:e2e"

How to verify this change

Before being able to verify this change on GitHub Actions, we need to update the workflows so that they use [email protected] instead of the default [email protected] that comes with [email protected]. A PR is coming.

TBD

Related issues, RFCs

#568
#567
#554
#541
#475

PR status

Is this ready for review?: NO
Is it a breaking change?: NO

Checklist

  • My changes meet the tenets criteria
  • I have performed a self-review of my own code
  • I have commented my code where necessary, particularly in areas that should be flagged with a TODO, or hard-to-understand areas
  • My changes generate no new warnings
  • The code coverage hasn't decreased
  • New and existing unit tests pass locally and in Github Actions
  • Any dependent changes have been merged and published in downstream module
  • The PR title follows the conventional commit semantics

Breaking change checklist

N/A


By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@dreamorosi dreamorosi self-assigned this Feb 22, 2022
@github-actions github-actions bot added the internal PRs that introduce changes in governance, tech debt and chores (linting setup, baseline, etc.) label Feb 22, 2022
@dreamorosi dreamorosi mentioned this pull request Feb 22, 2022
9 tasks
@dreamorosi dreamorosi added this to the production-ready-release milestone Feb 22, 2022
@dreamorosi dreamorosi mentioned this pull request Feb 23, 2022
13 tasks
ijemmy
ijemmy previously approved these changes Feb 23, 2022
Copy link
Contributor

@ijemmy ijemmy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you double check if we can still run npm run test on packages/logger with npm 8?

Those who are from npm6 (like me) will cd to the packages/logger run npm install and npm run test.

if it doesn't work, we need additional update on CONTRIBUTIONG.md

@dreamorosi
Copy link
Contributor Author

dreamorosi commented Feb 23, 2022

@ijemmy

reco.mp4

The video above shows a fresh clone (so no existing node_modules) of what you asked:

  • I check that recommended node and npm versions are being used
  • Change branch to this one (doing only because this is a pending PR)
  • Install commons package & run tests
  • Install logger package & run tests
  • Try to run tests in metrics package without installing, it fails
  • Install metrics package & retry - it works
  • Install tracer package & run tests

If I instead I had ran npm i in the project's root then I wouldn't have had to run npm i in all workspaces and all dependencies would have been installed there, see video below that shows this:

Screen.Recording.2022-02-23.at.13.06.47.mp4

@dreamorosi dreamorosi force-pushed the build/fix_dependencies branch from e557221 to a8e9692 Compare February 23, 2022 14:44
@dreamorosi dreamorosi marked this pull request as ready for review February 23, 2022 14:45
@dreamorosi dreamorosi changed the title WIP - chore: updated dependencies chore: updated dependencies Feb 23, 2022
@ijemmy
Copy link
Contributor

ijemmy commented Feb 23, 2022

Thanks a lot for the video. That looks much better than what we are.

ps. @AWSDB has the problem with the current source code on npm8. My last commit breaks on that version. (Also the vm2 isn't fixed yet!) Let's merge both #569 and 570 as early as possible.

I've pinged Sara to review.

@dreamorosi dreamorosi merged commit b3ca480 into main Feb 23, 2022
@dreamorosi dreamorosi deleted the build/fix_dependencies branch February 23, 2022 15:12
@dreamorosi
Copy link
Contributor Author

@ijemmy @saragerion after merging both checks are passing & vulnerabilities are gone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

internal PRs that introduce changes in governance, tech debt and chores (linting setup, baseline, etc.)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants