fix: invalid jsii target parameters are not validated #2398
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Arguments to the jsii `targets` array that did not make sense in the target language were not being validated, leading to confusing compile-time errors. Add validation for a bunch of these.
mrgrain
approved these changes
Nov 3, 2025
aws-cdk-automation
pushed a commit
that referenced
this pull request
Nov 3, 2025
Arguments to the jsii `targets` array that did not make sense in the target language were not being validated, leading to confusing compile-time errors. Add validation for a bunch of these. --- By submitting this pull request, I confirm that my contribution is made under the terms of the [Apache 2.0 license]. [Apache 2.0 license]: https://www.apache.org/licenses/LICENSE-2.0 (cherry picked from commit 08a499a)
Collaborator
💚 All backports created successfully
Questions ?Please refer to the Backport tool documentation and see the Github Action logs for details |
github-merge-queue bot
pushed a commit
that referenced
this pull request
Nov 3, 2025
#2399) # Backport This will backport the following commits from `main` to `maintenance/v5.8`: - [fix: invalid jsii target parameters are not validated (#2398)](#2398) <!--- Backport version: 9.5.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) Co-authored-by: Rico Hermans <rix0rrr@gmail.com>
mrgrain
added a commit
that referenced
this pull request
Nov 11, 2025
Adds validation for target language package names in .jsiirc.json files to ensure they contain only valid identifier characters. This extends the validation added in #2398 for package.json to also cover submodule-specific target configurations. The validation checks: - Go: packageName must be a valid identifier - .NET: namespace parts must be valid identifiers - Java: package parts must be valid identifiers - Python: module parts must be valid identifiers Type guards ensure validation only runs when proper target structures exist, maintaining backward compatibility with arbitrary target values used in tests.
mrgrain
added a commit
that referenced
this pull request
Nov 11, 2025
Adds validation for target language package names in .jsiirc.json files to ensure they contain only valid identifier characters. This extends the validation added in #2398 for package.json to also cover submodule-specific target configurations. The validation checks: - Go: packageName must be a valid identifier - .NET: namespace parts must be valid identifiers - Java: package parts must be valid identifiers - Python: module parts must be valid identifiers Type guards ensure validation only runs when proper target structures exist, maintaining backward compatibility with arbitrary target values used in tests.
github-merge-queue bot
pushed a commit
that referenced
this pull request
Nov 12, 2025
Extends the target configuration validation from #2398 to also validate `.jsiirc.json` files used for submodule-specific target configurations. Additionally enhances validation to ensure target configurations are well-formed objects with only valid keys for each language. ## Why Submodules can have their own target configurations via `.jsiirc.json` files (for directory-based submodules) or `.<filename>.jsiirc.json` files (for file-based submodules). These configurations were not being validated, allowing invalid configurations to slip through until code generation time. This PR ensures configuration errors are caught early during compilation with clear error messages, rather than failing later during package generation. ## Changes * Exports `validateTargets` function from `project-info.ts` for reuse * Calls `validateTargets` when loading `.jsiirc.json` files in `assembler.ts` * Adds comprehensive validation for target configuration structure * Adds 21 new tests covering: - File-based `.jsiirc.json` validation (e.g., `.subfile.jsiirc.json`) - Namespace conflict detection across all target languages - Target configuration structure validation - Unknown language and key detection ## Validation Rules ### Identifier Validation Target language package names must contain only valid identifier characters: * **Go**: `packageName` must be a valid identifier * **.NET**: `namespace` parts (split by `.`) must be valid identifiers * **Java**: `package` parts (split by `.`) must be valid identifiers * **Python**: `module` parts (split by `.`) must be valid identifiers An identifier is defined as matching the regex: `/^[\w_][\w\d_]*$/u` ### Structure Validation * Target language entries must be objects (not strings or primitives) * Only known target languages are allowed: `java`, `python`, `dotnet`, `go` * Only valid configuration keys are allowed for each language: - **Java**: `package`, `maven`, `versionSuffix` - **Python**: `module`, `distName`, `classifiers` - **.NET**: `namespace`, `packageId`, `iconUrl`, `versionSuffix` - **Go**: `moduleName`, `packageName`, `versionSuffix` ### Namespace Conflict Detection Warns when multiple submodules emit to the same target language namespace, which would cause conflicts during code generation. --- By submitting this pull request, I confirm that my contribution is made under the terms of the [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0). --------- Signed-off-by: github-actions <github-actions@github.com> Co-authored-by: github-actions <github-actions@github.com>
aws-cdk-automation
pushed a commit
that referenced
this pull request
Nov 12, 2025
Extends the target configuration validation from #2398 to also validate `.jsiirc.json` files used for submodule-specific target configurations. Additionally enhances validation to ensure target configurations are well-formed objects with only valid keys for each language. ## Why Submodules can have their own target configurations via `.jsiirc.json` files (for directory-based submodules) or `.<filename>.jsiirc.json` files (for file-based submodules). These configurations were not being validated, allowing invalid configurations to slip through until code generation time. This PR ensures configuration errors are caught early during compilation with clear error messages, rather than failing later during package generation. ## Changes * Exports `validateTargets` function from `project-info.ts` for reuse * Calls `validateTargets` when loading `.jsiirc.json` files in `assembler.ts` * Adds comprehensive validation for target configuration structure * Adds 21 new tests covering: - File-based `.jsiirc.json` validation (e.g., `.subfile.jsiirc.json`) - Namespace conflict detection across all target languages - Target configuration structure validation - Unknown language and key detection ## Validation Rules ### Identifier Validation Target language package names must contain only valid identifier characters: * **Go**: `packageName` must be a valid identifier * **.NET**: `namespace` parts (split by `.`) must be valid identifiers * **Java**: `package` parts (split by `.`) must be valid identifiers * **Python**: `module` parts (split by `.`) must be valid identifiers An identifier is defined as matching the regex: `/^[\w_][\w\d_]*$/u` ### Structure Validation * Target language entries must be objects (not strings or primitives) * Only known target languages are allowed: `java`, `python`, `dotnet`, `go` * Only valid configuration keys are allowed for each language: - **Java**: `package`, `maven`, `versionSuffix` - **Python**: `module`, `distName`, `classifiers` - **.NET**: `namespace`, `packageId`, `iconUrl`, `versionSuffix` - **Go**: `moduleName`, `packageName`, `versionSuffix` ### Namespace Conflict Detection Warns when multiple submodules emit to the same target language namespace, which would cause conflicts during code generation. --- By submitting this pull request, I confirm that my contribution is made under the terms of the [Apache 2.0 license](https://www.apache.org/licenses/LICENSE-2.0). --------- Signed-off-by: github-actions <github-actions@github.com> Co-authored-by: github-actions <github-actions@github.com> (cherry picked from commit 558c3ee)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Arguments to the jsii
targetsarray that did not make sense in the target language were not being validated, leading to confusing compile-time errors.Add validation for a bunch of these.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.