undo the changes in clients/

Author: smilkuri

clients/client-accessanalyzer/package.json

@@ -3,17 +3,15 @@
   "description": "AWS SDK for JavaScript Accessanalyzer Client for Node.js, Browser and React Native",
   "version": "3.758.0",
   "scripts": {
-    "build": "concurrently 'yarn generate:version' 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types' ",
-    "build:webpack": "webpack",
+    "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-accessanalyzer",
     "build:es": "tsc -p tsconfig.es.json",
     "build:include:deps": "lerna run --scope $npm_package_name --include-dependencies build",
     "build:types": "tsc -p tsconfig.types.json",
     "build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4",
     "clean": "rimraf ./dist-* && rimraf *.tsbuildinfo",
     "extract:docs": "api-extractor run --local",
-    "generate:client": "node ../../scripts/generate-clients/single-service --solo accessanalyzer",
-    "generate:version": "node src/scripts/generate-version.js"
+    "generate:client": "node ../../scripts/generate-clients/single-service --solo accessanalyzer"
   },
   "main": "./dist-cjs/index.js",
   "types": "./dist-types/index.d.ts",
@@ -65,23 +63,10 @@
   "devDependencies": {
     "@tsconfig/node18": "18.2.4",
     "@types/node": "^18.19.69",
-    "@types/path-browserify": "^1",
-    "@types/webpack-bundle-analyzer": "^4",
-    "assert": "^2.1.0",
-    "browserify-zlib": "^0.2.0",
     "concurrently": "7.0.0",
     "downlevel-dts": "0.10.1",
-    "http2-wrapper": "^2.2.1",
-    "https-browserify": "^1.0.0",
-    "os-browserify": "^0.3.0",
-    "path-browserify": "^1.0.1",
     "rimraf": "3.0.2",
-    "stream-http": "^3.2.0",
-    "typescript": "~5.2.2",
-    "url": "^0.11.4",
-    "webpack": "^5.97.1",
-    "webpack-bundle-analyzer": "^4.10.2",
-    "webpack-cli": "^6.0.1"
+    "typescript": "~5.2.2"
   },
   "engines": {
     "node": ">=18.0.0"

clients/client-accessanalyzer/src/index.ts

@@ -0,0 +1,40 @@
+// smithy-typescript generated code
+/* eslint-disable */
+/**
+ * <p>Identity and Access Management Access Analyzer helps you to set, verify, and refine your IAM policies by providing
+ *          a suite of capabilities. Its features include findings for external and unused access,
+ *          basic and custom policy checks for validating policies, and policy generation to generate
+ *          fine-grained policies. To start using IAM Access Analyzer to identify external or unused access,
+ *          you first need to create an analyzer.</p>
+ *          <p>
+ *             <b>External access analyzers</b> help identify potential risks
+ *          of accessing resources by enabling you to identify any resource policies that grant access
+ *          to an external principal. It does this by using logic-based reasoning to analyze
+ *          resource-based policies in your Amazon Web Services environment. An external principal can be another
+ *          Amazon Web Services account, a root user, an IAM user or role, a federated user, an Amazon Web Services service, or an
+ *          anonymous user. You can also use IAM Access Analyzer to preview public and cross-account access
+ *          to your resources before deploying permissions changes.</p>
+ *          <p>
+ *             <b>Unused access analyzers</b> help identify potential
+ *          identity access risks by enabling you to identify unused IAM roles, unused access keys,
+ *          unused console passwords, and IAM principals with unused service and action-level
+ *          permissions.</p>
+ *          <p>Beyond findings, IAM Access Analyzer provides basic and custom policy checks to validate IAM
+ *          policies before deploying permissions changes. You can use policy generation to refine
+ *          permissions by attaching a policy generated using access activity logged in CloudTrail logs. </p>
+ *          <p>This guide describes the IAM Access Analyzer operations that you can call programmatically.
+ *          For general information about IAM Access Analyzer, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html">Identity and Access Management Access Analyzer</a> in the
+ *             <b>IAM User Guide</b>.</p>
+ *
+ * @packageDocumentation
+ */
+export * from "./AccessAnalyzerClient";
+export * from "./AccessAnalyzer";
+export { ClientInputEndpointParameters } from "./endpoint/EndpointParameters";
+export type { RuntimeExtension } from "./runtimeExtensions";
+export type { AccessAnalyzerExtensionConfiguration } from "./extensionConfiguration";
+export * from "./commands";
+export * from "./pagination";
+export * from "./models";
+
+export { AccessAnalyzerServiceException } from "./models/AccessAnalyzerServiceException";

clients/client-accessanalyzer/src/runtimeConfig.browser.ts

@@ -0,0 +1,44 @@
+// smithy-typescript generated code
+// @ts-ignore: package.json will be imported from dist folders
+import packageInfo from "../package.json"; // eslint-disable-line
+
+import { Sha256 } from "@aws-crypto/sha256-browser";
+import { createDefaultUserAgentProvider } from "@aws-sdk/util-user-agent-browser";
+import { DEFAULT_USE_DUALSTACK_ENDPOINT, DEFAULT_USE_FIPS_ENDPOINT } from "@smithy/config-resolver";
+import { FetchHttpHandler as RequestHandler, streamCollector } from "@smithy/fetch-http-handler";
+import { invalidProvider } from "@smithy/invalid-dependency";
+import { calculateBodyLength } from "@smithy/util-body-length-browser";
+import { DEFAULT_MAX_ATTEMPTS, DEFAULT_RETRY_MODE } from "@smithy/util-retry";
+import { AccessAnalyzerClientConfig } from "./AccessAnalyzerClient";
+import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared";
+import { loadConfigsForDefaultMode } from "@smithy/smithy-client";
+import { resolveDefaultsModeConfig } from "@smithy/util-defaults-mode-browser";
+
+/**
+ * @internal
+ */
+export const getRuntimeConfig = (config: AccessAnalyzerClientConfig) => {
+  const defaultsMode = resolveDefaultsModeConfig(config);
+  const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode);
+  const clientSharedValues = getSharedRuntimeConfig(config);
+  return {
+    ...clientSharedValues,
+    ...config,
+    runtime: "browser",
+    defaultsMode,
+    bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
+    credentialDefaultProvider:
+      config?.credentialDefaultProvider ?? ((_: unknown) => () => Promise.reject(new Error("Credential is missing"))),
+    defaultUserAgentProvider:
+      config?.defaultUserAgentProvider ??
+      createDefaultUserAgentProvider({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }),
+    maxAttempts: config?.maxAttempts ?? DEFAULT_MAX_ATTEMPTS,
+    region: config?.region ?? invalidProvider("Region is missing"),
+    requestHandler: RequestHandler.create(config?.requestHandler ?? defaultConfigProvider),
+    retryMode: config?.retryMode ?? (async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE),
+    sha256: config?.sha256 ?? Sha256,
+    streamCollector: config?.streamCollector ?? streamCollector,
+    useDualstackEndpoint: config?.useDualstackEndpoint ?? (() => Promise.resolve(DEFAULT_USE_DUALSTACK_ENDPOINT)),
+    useFipsEndpoint: config?.useFipsEndpoint ?? (() => Promise.resolve(DEFAULT_USE_FIPS_ENDPOINT)),
+  };
+};

clients/client-accessanalyzer/src/runtimeConfig.ts

@@ -0,0 +1,67 @@
+// smithy-typescript generated code
+// @ts-ignore: package.json will be imported from dist folders
+import packageInfo from "../package.json"; // eslint-disable-line
+
+import { emitWarningIfUnsupportedVersion as awsCheckVersion } from "@aws-sdk/core";
+import { defaultProvider as credentialDefaultProvider } from "@aws-sdk/credential-provider-node";
+import { NODE_APP_ID_CONFIG_OPTIONS, createDefaultUserAgentProvider } from "@aws-sdk/util-user-agent-node";
+import {
+  NODE_REGION_CONFIG_FILE_OPTIONS,
+  NODE_REGION_CONFIG_OPTIONS,
+  NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS,
+  NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS,
+} from "@smithy/config-resolver";
+import { Hash } from "@smithy/hash-node";
+import { NODE_MAX_ATTEMPT_CONFIG_OPTIONS, NODE_RETRY_MODE_CONFIG_OPTIONS } from "@smithy/middleware-retry";
+import { loadConfig as loadNodeConfig } from "@smithy/node-config-provider";
+import { NodeHttpHandler as RequestHandler, streamCollector } from "@smithy/node-http-handler";
+import { calculateBodyLength } from "@smithy/util-body-length-node";
+import { DEFAULT_RETRY_MODE } from "@smithy/util-retry";
+import { AccessAnalyzerClientConfig } from "./AccessAnalyzerClient";
+import { getRuntimeConfig as getSharedRuntimeConfig } from "./runtimeConfig.shared";
+import { loadConfigsForDefaultMode } from "@smithy/smithy-client";
+import { resolveDefaultsModeConfig } from "@smithy/util-defaults-mode-node";
+import { emitWarningIfUnsupportedVersion } from "@smithy/smithy-client";
+
+/**
+ * @internal
+ */
+export const getRuntimeConfig = (config: AccessAnalyzerClientConfig) => {
+  emitWarningIfUnsupportedVersion(process.version);
+  const defaultsMode = resolveDefaultsModeConfig(config);
+  const defaultConfigProvider = () => defaultsMode().then(loadConfigsForDefaultMode);
+  const clientSharedValues = getSharedRuntimeConfig(config);
+  awsCheckVersion(process.version);
+  const profileConfig = { profile: config?.profile };
+  return {
+    ...clientSharedValues,
+    ...config,
+    runtime: "node",
+    defaultsMode,
+    bodyLengthChecker: config?.bodyLengthChecker ?? calculateBodyLength,
+    credentialDefaultProvider: config?.credentialDefaultProvider ?? credentialDefaultProvider,
+    defaultUserAgentProvider:
+      config?.defaultUserAgentProvider ??
+      createDefaultUserAgentProvider({ serviceId: clientSharedValues.serviceId, clientVersion: packageInfo.version }),
+    maxAttempts: config?.maxAttempts ?? loadNodeConfig(NODE_MAX_ATTEMPT_CONFIG_OPTIONS, config),
+    region:
+      config?.region ??
+      loadNodeConfig(NODE_REGION_CONFIG_OPTIONS, { ...NODE_REGION_CONFIG_FILE_OPTIONS, ...profileConfig }),
+    requestHandler: RequestHandler.create(config?.requestHandler ?? defaultConfigProvider),
+    retryMode:
+      config?.retryMode ??
+      loadNodeConfig(
+        {
+          ...NODE_RETRY_MODE_CONFIG_OPTIONS,
+          default: async () => (await defaultConfigProvider()).retryMode || DEFAULT_RETRY_MODE,
+        },
+        config
+      ),
+    sha256: config?.sha256 ?? Hash.bind(null, "sha256"),
+    streamCollector: config?.streamCollector ?? streamCollector,
+    useDualstackEndpoint:
+      config?.useDualstackEndpoint ?? loadNodeConfig(NODE_USE_DUALSTACK_ENDPOINT_CONFIG_OPTIONS, profileConfig),
+    useFipsEndpoint: config?.useFipsEndpoint ?? loadNodeConfig(NODE_USE_FIPS_ENDPOINT_CONFIG_OPTIONS, profileConfig),
+    userAgentAppId: config?.userAgentAppId ?? loadNodeConfig(NODE_APP_ID_CONFIG_OPTIONS, profileConfig),
+  };
+};

clients/client-accessanalyzer/src/scripts/generate-version.js

@@ -0,0 +1,12 @@
+const fs = require("fs");
+const path = require("path");
+
+// Read the package.json file
+const packageJson = require("../../package.json");
+
+// Create the version file content
+const versionFileContent = `{ "version":"${packageJson.version}"  }`;
+
+// Write to a new file
+const outputPath = path.join(__dirname, "../../version.json");
+fs.writeFileSync(outputPath, versionFileContent);

packages/credential-providers/src/fromAwsCliV2CompatibleProviderChain.spec.ts

@@ -0,0 +1,155 @@
+import { fromEnv } from "@aws-sdk/credential-provider-env";
+import { fromIni } from "@aws-sdk/credential-provider-ini";
+import { remoteProvider } from "@aws-sdk/credential-provider-node/src/remoteProvider";
+import { fromProcess } from "@aws-sdk/credential-provider-process";
+import { fromSSO } from "@aws-sdk/credential-provider-sso";
+import { fromTokenFile } from "@aws-sdk/credential-provider-web-identity";
+import { CredentialsProviderError } from "@smithy/property-provider";
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+
+import { fromAwsCliV2CompatibleProviderChain } from "./fromAwsCliV2CompatibleProviderChain";
+
+vi.mock("@aws-sdk/credential-provider-env");
+vi.mock("@aws-sdk/credential-provider-ini");
+vi.mock("@aws-sdk/credential-provider-process");
+vi.mock("@aws-sdk/credential-provider-sso");
+vi.mock("@aws-sdk/credential-provider-web-identity");
+vi.mock("@aws-sdk/credential-provider-node/src/remoteProvider");
+
+describe("fromAwsCliV2CompatibleProviderChain", () => {
+  const mockCreds = {
+    accessKeyId: "mockAccessKeyId",
+    secretAccessKey: "mockSecretAccessKey",
+  };
+
+  const mockInit = {
+    profile: "mockProfile",
+    logger: {
+      debug: vi.fn(),
+      info: vi.fn(),
+      warn: vi.fn(),
+      error: vi.fn(),
+    },
+  };
+
+  const credentials = () => {
+    throw new CredentialsProviderError("test", true);
+  };
+
+  const finalCredentials = () => {
+    return mockCreds;
+  };
+
+  const mockEnvFn = vi.fn().mockImplementation(() => credentials());
+  const mockSsoFn = vi.fn().mockImplementation(() => credentials());
+  const mockIniFn = vi.fn().mockImplementation(() => credentials());
+  const mockProcessFn = vi.fn().mockImplementation(() => credentials());
+  const mockTokenFileFn = vi.fn().mockImplementation(() => credentials());
+  const mockRemoteProviderFn = vi.fn().mockImplementation(() => finalCredentials());
+
+  const ORIGINAL_ENV = { ...process.env };
+
+  beforeEach(() => {
+    process.env = { ...ORIGINAL_ENV };
+    delete process.env.AWS_PROFILE;
+    delete process.env.AWS_ACCESS_KEY_ID;
+    delete process.env.AWS_SECRET_ACCESS_KEY;
+
+    vi.mocked(fromEnv).mockReturnValue(mockEnvFn);
+    vi.mocked(fromSSO).mockReturnValue(mockSsoFn);
+    vi.mocked(fromIni).mockReturnValue(mockIniFn);
+    vi.mocked(fromProcess).mockReturnValue(mockProcessFn);
+    vi.mocked(fromTokenFile).mockReturnValue(mockTokenFileFn);
+    vi.mocked(remoteProvider).mockReturnValue(mockRemoteProviderFn);
+  });
+
+  afterEach(() => {
+    vi.clearAllMocks();
+    process.env = ORIGINAL_ENV;
+  });
+
+  describe("when explicit credentials are provided", () => {
+    it("should return the provided credentials", async () => {
+      const credentials = await fromAwsCliV2CompatibleProviderChain({
+        accessKeyId: "explicitAccessKey",
+        secretAccessKey: "explicitSecretKey",
+      })();
+
+      expect(credentials).toEqual({
+        accessKeyId: "explicitAccessKey",
+        secretAccessKey: "explicitSecretKey",
+      });
+    });
+  });
+
+  describe("when profile is provided", () => {
+    it("should use fromIni to resolve credentials", async () => {
+      await fromAwsCliV2CompatibleProviderChain({ profile: "mockProfile" })();
+      expect(fromIni).toHaveBeenCalledWith({ profile: "mockProfile" });
+    });
+  });
+
+  describe("credential provider chain resolution", () => {
+    it("should call providers in correct order and return valid credentials", async () => {
+      const provider = fromAwsCliV2CompatibleProviderChain(mockInit);
+
+      const receivedCreds = await provider();
+      expect(receivedCreds).toEqual(mockCreds);
+
+      expect(fromEnv).toHaveBeenCalled();
+      expect(fromSSO).toHaveBeenCalled();
+      expect(fromIni).toHaveBeenCalledWith(mockInit);
+      expect(fromProcess).toHaveBeenCalledWith(mockInit);
+      expect(fromTokenFile).toHaveBeenCalledWith(mockInit);
+      expect(remoteProvider).toHaveBeenCalledWith(mockInit);
+    });
+
+    it("should skip fromEnv when profile is explicitly provided", async () => {
+      await fromAwsCliV2CompatibleProviderChain({ profile: "mockProfile" })();
+      expect(fromEnv).not.toHaveBeenCalled();
+    });
+
+    it("should throw an error if no credentials are found", async () => {
+      vi.mocked(fromEnv).mockImplementation(() => credentials());
+      vi.mocked(fromSSO).mockImplementation(() => credentials());
+      vi.mocked(fromIni).mockImplementation(() => credentials());
+      vi.mocked(fromProcess).mockImplementation(() => credentials());
+      vi.mocked(fromTokenFile).mockImplementation(() => credentials());
+      vi.mocked(remoteProvider).mockImplementation(() => credentials());
+
+      const provider = fromAwsCliV2CompatibleProviderChain(mockInit);
+      await expect(provider()).rejects.toThrow("Could not load credentials from any providers");
+    });
+  });
+
+  describe("when AWS_PROFILE is set in the environment", () => {
+    it("should use fromIni with the environment profile", async () => {
+      process.env.AWS_PROFILE = "envProfile";
+
+      await fromAwsCliV2CompatibleProviderChain({})();
+
+      expect(fromIni).toHaveBeenCalledWith({ profile: "envProfile" });
+    });
+  });
+
+  describe("when credentials are expired or near expiration", () => {
+    it("should detect expired credentials", () => {
+      const expiration = new Date(Date.now() - 24 * 60 * 60 * 1000); // Expired
+      expect(credentialsTreatedAsExpired({ ...mockCreds, expiration })).toBe(true);
+    });
+
+    it("should detect credentials that expire in less than 5 minutes", () => {
+      const expiration = new Date(Date.now() + 299 * 1000);
+      expect(credentialsTreatedAsExpired({ ...mockCreds, expiration })).toBe(true);
+    });
+
+    it("should not mark credentials as expired if expiration is more than 5 minutes away", () => {
+      const expiration = new Date(Date.now() + 301 * 1000);
+      expect(credentialsTreatedAsExpired({ ...mockCreds, expiration })).toBe(false);
+    });
+
+    it("should assume credentials need refresh if expiration is not set", () => {
+      expect(credentialsWillNeedRefresh({ ...mockCreds })).toBe(true);
+    });
+  });
+});