Skip to content

refactor: extract zip utilities into shared @aws-cdk/tools package#1512

Merged
mrgrain merged 1 commit into
mainfrom
mrgrain/refactor/tools/extract-zip-into-shared-tools-package
Jun 12, 2026
Merged

refactor: extract zip utilities into shared @aws-cdk/tools package#1512
mrgrain merged 1 commit into
mainfrom
mrgrain/refactor/tools/extract-zip-into-shared-tools-package

Conversation

@mrgrain

@mrgrain mrgrain commented May 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Both cdk-assets-lib and toolkit-lib carried their own copy of the zip utilities (zipDirectory, zipString) wrapping archiver and fast-glob. This duplication made it easy for the implementations to drift apart — the toolkit-lib version had already lost the deterministic date reset, for example.

This PR introduces a new private (unpublished) @aws-cdk/tools package that hosts small, self-contained utilities. Each tool lives in its own subdirectory under lib/, is type-checked by tsc, and bundled by esbuild with --packages=external — so the bundled output contains only the code we wrote, while third-party packages stay as plain require(...) calls.

Consumer packages cherry-pick tools at pre-compile time via a useTools option on the new CdkTypeScriptWorkspace projen construct, using typed tool references (e.g. useTools: [tools.zip]). For each tool it:

  • copies the bundled .js/.d.ts into lib/private/tools/<name>/. These files are committed, so tsc --build of dependent projects (e.g. the CLI) can resolve them without first running this package's pre-compile step.
  • adds the tool's declared runtime dependencies (e.g. archiver, fast-glob) to the consuming package.

Keeping those dependencies external to the bundle (rather than inlining them) is deliberate. The aws-cdk CLI bundles cdk-assets-lib and toolkit-lib together; if each shipped its own inlined copy of archiver (and its lodash/fast-glob deps), the CLI bundle would carry the implementation multiple times. Declaring the deps and keeping them external lets the bundler resolve them to a single shared copy, matching the pre-refactor footprint.

Adding a new tool is just: create lib/<tool>/index.ts in the tools package, declare its third-party deps in toolDeps, and useTools: [tools.<tool>] in each consumer.

Checklist

  • This change contains a major version upgrade for a dependency and I confirm all breaking changes are addressed
    • Release notes for the new version:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions Bot added the p2 label May 14, 2026
@aws-cdk-automation aws-cdk-automation requested a review from a team May 14, 2026 14:39
@github-actions

github-actions Bot commented May 14, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 5 package(s) with unknown licenses.
See the Details below.

License Issues

packages/@aws-cdk/private-tools/package.json

PackageVersionLicenseIssue Type
archiver^7.0.1NullUnknown License
fast-glob^3.3.3NullUnknown License

packages/aws-cdk/package.json

PackageVersionLicenseIssue Type
@aws-cdk/private-tools^0.0.0NullUnknown License

yarn.lock

PackageVersionLicenseIssue Type
@aws-cdk/private-tools@workspace:packages/0.0.0-use.localNullUnknown License
cdklabs-projen-project-types0.5.2NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/cdklabs-projen-project-types ^0.5.2 UnknownUnknown
npm/@aws-cdk/private-tools ^0.0.0 UnknownUnknown
npm/esbuild ^0.28.0 UnknownUnknown
npm/@cdklabs/eslint-plugin ^2.0.8 UnknownUnknown
npm/@stylistic/eslint-plugin ^3 UnknownUnknown
npm/@types/archiver ^7.0.0 UnknownUnknown
npm/@types/jest ^29.5.14 UnknownUnknown
npm/@types/node ^20 UnknownUnknown
npm/@typescript-eslint/eslint-plugin ^8 UnknownUnknown
npm/@typescript-eslint/parser ^8 UnknownUnknown
npm/archiver ^7.0.1 UnknownUnknown
npm/constructs ^10.0.0 UnknownUnknown
npm/eslint ^9 UnknownUnknown
npm/eslint-config-prettier ^10.1.8 UnknownUnknown
npm/eslint-import-resolver-typescript ^4.4.5 UnknownUnknown
npm/eslint-plugin-import ^2.32.0 UnknownUnknown
npm/eslint-plugin-jest ^29.15.2 UnknownUnknown
npm/eslint-plugin-jsdoc ^62.9.0 UnknownUnknown
npm/eslint-plugin-prettier ^4.2.5 UnknownUnknown
npm/fast-glob ^3.3.3 UnknownUnknown
npm/jest ^29.7.0 UnknownUnknown
npm/jest-junit ^16 UnknownUnknown
npm/jszip ^3.10.1 UnknownUnknown
npm/nx ^22.7.5 UnknownUnknown
npm/prettier ^2.8 UnknownUnknown
npm/projen ^0.99.70 UnknownUnknown
npm/ts-jest ^29.4.9 UnknownUnknown
npm/typescript 5.9 UnknownUnknown
npm/@aws-cdk/private-tools ^0.0.0 UnknownUnknown
npm/esbuild ^0.28.0 UnknownUnknown
npm/@aws-cdk/private-tools ^0.0.0 UnknownUnknown
npm/@aws-cdk/private-tools@workspace:packages/ 0.0.0-use.local UnknownUnknown
npm/@types/archiver 7.0.0 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 25/29 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy🟢 10security policy file detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
npm/cdklabs-projen-project-types 0.5.2 UnknownUnknown
npm/ts-jest 29.4.9 🟢 5.4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow⚠️ 0dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 10all dependencies are pinned
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST🟢 10SAST tool is run on all commits

Scanned Files

  • package.json
  • packages/@aws-cdk/cdk-assets-lib/package.json
  • packages/@aws-cdk/private-tools/package.json
  • packages/@aws-cdk/toolkit-lib/package.json
  • packages/aws-cdk/package.json
  • yarn.lock

@mrgrain mrgrain force-pushed the mrgrain/refactor/tools/extract-zip-into-shared-tools-package branch from 619a9b9 to 6a6d511 Compare June 5, 2026 09:51
@codecov-commenter

codecov-commenter commented Jun 5, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.64%. Comparing base (3ec7934) to head (6fb9c8e).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1512   +/-   ##
=======================================
  Coverage   88.64%   88.64%           
=======================================
  Files          77       77           
  Lines       11293    11293           
  Branches     1565     1565           
=======================================
  Hits        10011    10011           
  Misses       1253     1253           
  Partials       29       29
Flag Coverage Δ
suite.unit 88.64% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@mrgrain mrgrain force-pushed the mrgrain/refactor/tools/extract-zip-into-shared-tools-package branch from 9fca289 to cecbc10 Compare June 5, 2026 10:42
@github-actions

github-actions Bot commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

Total lines changed 2254 is greater than 1000. Please consider breaking this PR down.

@codecov-commenter

codecov-commenter commented Jun 10, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.73%. Comparing base (1705f43) to head (73d8f7e).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1512   +/-   ##
=======================================
  Coverage   88.73%   88.73%           
=======================================
  Files          77       77           
  Lines       11359    11359           
  Branches     1585     1584    -1     
=======================================
  Hits        10079    10079           
  Misses       1250     1250           
  Partials       30       30
Flag Coverage Δ
suite.unit 88.73% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

rix0rrr
rix0rrr reviewed Jun 11, 2026
View reviewed changes
Comment thread .projenrc.ts Outdated
@mrgrain
refactor(tools): use mixin pattern and rename to `@aws-cdk/private-to…
73d8f7e 
…ols`

Replace the custom `CdkTypeScriptWorkspace` subclass with a `ToolMixin`
that implements projen's `IMixin` interface. Consumers now use:

  const project = new yarn.TypeScriptWorkspace({ ... });
  project.with(tools.zip);

Also renames `@aws-cdk/tools` to `@aws-cdk/private-tools` to make it
clear this is not a published package.

The `defineTools` function now accepts a formal `tools: Record<string, ToolDefinition>`
where each tool declares its `deps` and optional `devDeps`.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees

No one assigned

Labels

p2 pr/exempt-size-check Skips PR size check

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mrgrain @codecov-commenter @rix0rrr @aws-cdk-automation