npm - cdk-insights - Versions diffs - 1.7.0 → 1.8.1 - Mend

cdk-insights 1.7.0 → 1.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/analysis/templateLevel/checks/mixinUsage/complianceCriticalMixins.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Curated registry of compliance-critical CDK Mixins that cdk-insights
+ * checks for stack-wide consistency. Keep this list small and high-signal —
+ * each entry should represent a property where a partial application is
+ * almost certainly an oversight rather than a deliberate exception.
+ *
+ * `cfnResourceType` is the CloudFormation resource type the mixin targets
+ * (per the AWS docs: each mixin targets exactly one resource type and is
+ * named after it). `displayName` is the short human-readable mixin name.
+ */
+export type ComplianceCriticalMixin = {
+    fqn: string;
+    cfnResourceType: string;
+    displayName: string;
+};
+export declare const COMPLIANCE_CRITICAL_MIXINS: ComplianceCriticalMixin[];

package/dist/analysis/templateLevel/checks/mixinUsage/customMixinCrossTypeApplicationCheck.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import type { AnalysisResults, CloudFormationStack, CreateFindingFunction } from '../../../../types/analysis.types';
+/**
+ * Detects when an anonymised custom CDK Mixin (reported as `'*'` by
+ * aws-cdk-lib's analytics writer) is applied across many distinct CFN
+ * resource types in the same stack — the template-visible signature of
+ * `.with(customMixin)` being called on a parent construct, where the
+ * applicator (`withMixins`) calls `target.node.findAll()` and the mixin's
+ * default `supports()` accepts every descendant.
+ *
+ * Emits a single per-stack finding (attached to the first affected
+ * resource) at LOW severity — false-positive rates here are non-trivial,
+ * so the message is framed as a verification prompt rather than a defect.
+ */
+export declare const checkCustomMixinCrossTypeApplication: (template: CloudFormationStack, createFinding: CreateFindingFunction) => AnalysisResults;

package/dist/analysis/templateLevel/checks/mixinUsage/customMixinCrossTypeApplicationCheck.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/analysis/templateLevel/checks/mixinUsage/mixinAppliedWithoutStackCoverageCheck.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import type { AnalysisResults, CloudFormationStack, CreateFindingFunction } from '../../../../types/analysis.types';
+/**
+ * Detects when a compliance-critical CDK Mixin is applied to *some* but not
+ * *all* resources of its target type within a stack. This is the template-
+ * visible footprint of `Mixins.of(scope).apply(...)` being called without
+ * `requireAll()` — when the scope-wide application silently misses some
+ * constructs (e.g., a bucket added later, or one outside the scope), the
+ * inconsistency surfaces here.
+ *
+ * Findings fire on each resource that *lacks* the mixin, suggesting the
+ * user either add the mixin explicitly or migrate to
+ * `Mixins.of(scope).requireAll().apply(...)` to fail synth on misses.
+ *
+ * Mixin attribution is read from `__appliedMixins` populated by
+ * `parseManifestMetadata` from the `aws:cdk:analytics:mixin` manifest
+ * stream (see aws-cdk-lib core/lib/mixins/private/mixin-metadata.ts).
+ */
+export declare const checkMixinAppliedWithoutStackCoverage: (template: CloudFormationStack, createFinding: CreateFindingFunction) => AnalysisResults;

package/dist/analysis/templateLevel/checks/mixinUsage/mixinAppliedWithoutStackCoverageCheck.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/analysis/templateLevel/registry.d.ts CHANGED Viewed

@@ -4,7 +4,7 @@
  * Registers all template-level checks and provides the runner that
  * executes them against a CloudFormation template.
  */
-import type { CloudFormationStack, CreateFindingFunction, AnalysisResults } from '../../types/analysis.types';
+import type { AnalysisResults, CloudFormationStack, CreateFindingFunction } from '../../types/analysis.types';
 import type { TemplateLevelCheckDefinition } from './types';
 /**
  * Run all template-level checks against a CloudFormation stack.

package/dist/aspects/CdkInsightsAspect.d.ts CHANGED Viewed

@@ -150,8 +150,13 @@ export interface CdkInsightsAspectOptions {
 }
 /**
  * Helper function to check if CDK stack traces are enabled.
- * Users should set CDK_DEBUG=true or add context @aws-cdk/core:stackTrace: true
- * for the most reliable source location capture.
+ * Three paths CDK honours, in order of how a user typically sets them:
+ *   1. `CDK_DEBUG=true` env var (per-shell, transient).
+ *   2. `CDK_CONTEXT_JSON` env containing the `@aws-cdk/core:stackTrace` flag
+ *      (used by `cdk synth --context @aws-cdk/core:stackTrace=true`).
+ *   3. `cdk.json` `context['@aws-cdk/core:stackTrace'] = true` (durable, the
+ *      path `cdk-insights setup` configures so users don't have to remember
+ *      anything).
  */
 export declare const isCdkDebugEnabled: () => boolean;
 /**