chore: store version only in root package.json

Store the current repo version only in the root pacakge.json in order to avoid the need to specify the version number everywhere in the codebase.

In order to achieve that, I changed all package.json files to use a version marker 999.999.999 to indicate it's a local dependency. This marker is better than 0.0.0.0 since it will make sure cache is invalidated for various languages (for example, Maven will only bring in a new version if the local cache has an older version).

Then, we needed to change a couple of other things:

- The bump script is now very simple. It merely updates the root package.json and creates the CHANGELOG. That's it.
- Before running a CI build (buildspec.yml), we run `scripts/set-version.sh` which uses lerna to update the version in all package.json files. This means that build artifacts that are produced in CI builds get the actual repo version, and dev builds all use 999.999.999.

buildspec.yaml

@@ -13,6 +13,7 @@ phases:
       - /bin/bash ./fetch-dotnet-snk.sh
   build:
     commands:
+      - /bin/bash ./scripts/align-version.sh
       - /bin/bash ./build.sh
   post_build:
     commands:

bump.sh

@@ -17,18 +17,13 @@ version=${1:-minor}
 
 echo "Starting ${version} version bump"
 
-export NODE_OPTIONS="--max-old-space-size=4096 ${NODE_OPTIONS:-}"
-
-/bin/bash ./install.sh
-
-npx lerna version ${version} --yes --exact --force-publish=* --no-git-tag-version --no-push
-
-# Another round of install to fix package-lock.jsons
-/bin/bash ./install.sh
-
-# align "peerDependencies" to actual dependencies after bump
-# this is technically only required for major version bumps, but in the meantime we shall do it in every bump
-/bin/bash scripts/fix-peer-deps.sh
+# /bin/bash ./install.sh
 
 # Generate CHANGELOG and create a commit
-npx standard-version --release --skip.tag=true --commit-all
+# --skip.tag because we create the tag as part of creating the github release
+npx standard-version \
+  --bumpFiles package.json \
+  --release-as ${version} \
+  --skip.tag=true \
+  --commit-all
+

package.json

@@ -1,6 +1,6 @@
 {
   "name": "aws-cdk",
-  "version": "0.25.0",
+  "version": "1.25.0",
   "private": true,
   "pkglint": {
     "include": "dependencies/node-version"
@@ -19,18 +19,15 @@
     "jsii-pacmak": "^0.22.0",
     "jsii-rosetta": "^0.22.0",
     "lerna": "^3.20.2",
+    "standard-version": "^7.1.0",
     "typescript": "~3.8.2"
   },
   "repository": {
     "type": "git",
     "url": "git://github.com/aws/aws-cdk"
   },
   "standard-version": {
-    "releaseCommitMessageFormat": "v{{currentTag}}",
-    "scripts": {
-      "prebump": "echo $(node -pe \"require('./lerna.json').version\")",
-      "precommit": "git add ."
-    }
+    "releaseCommitMessageFormat": "v{{currentTag}}"
   },
   "license": "Apache-2.0",
   "author": {

scripts/align-version.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+#------------------------------------------------------------------------
+# updates all package.json files to the version defined in lerna.json
+# this is called when building inside our ci/cd system
+#------------------------------------------------------------------------
+set -euo pipefail
+scriptdir=$(cd $(dirname $0) && pwd)
+
+# go to repo root
+cd ${scriptdir}/..
+
+# extract version from the root package.json which is the source of truth
+version="$(node -p "require('./package.json').version")"
+
+# align all package.json files
+npx lerna version ${version} --yes --exact --force-publish=* --no-git-tag-version --no-push
+
+# align all peer-deps based on deps
+find . -name package.json | grep -v node_modules | xargs node ${scriptdir}/sync-peer-deps.js
+
+# validation
+if find . -name package.json | grep -v node_modules | xargs grep "999.999.999"; then
+  echo "ERROR: unexpected version marker 999.999.999 in a package.json file"
+  exit 1
+fi

tools/pkglint/lib/rules.ts

@@ -657,17 +657,45 @@ export class RegularDependenciesMustSatisfyPeerDependencies extends ValidationRu
 }
 
 /**
- * Check that dependencies on @aws-cdk/ packages use point versions (not version ranges).
+ * Check that dependencies on @aws-cdk/ packages use point versions (not version ranges)
+ * and that they are also defined in `peerDependencies`.
  */
 export class MustDependonCdkByPointVersions extends ValidationRule {
   public readonly name = 'dependencies/cdk-point-dependencies';
 
   public validate(pkg: PackageJson): void {
     const expectedVersion = monoRepoVersion();
+    const ignore = [
+      '@aws-cdk/cloudformation-diff',
+      '@aws-cdk/cfnspec',
+      '@aws-cdk/cdk-assets-schema',
+      '@aws-cdk/cx-api',
+      '@aws-cdk/region-info'
+    ];
 
     for (const [depName, depVersion] of Object.entries(pkg.dependencies)) {
-      if (isCdkModuleName(depName) && depVersion !== expectedVersion) {
+      if (!isCdkModuleName(depName) || ignore.includes(depName)) {
+        continue;
+      }
+
+      const peerDep = pkg.peerDependencies[depName];
+      if (!peerDep) {
+        pkg.report({
+          ruleName: this.name,
+          message: `dependency ${depName} must also appear in peerDependencies`,
+          fix: () => pkg.addPeerDependency(depName, expectedVersion)
+        });
+      }
+
+      if (peerDep !== expectedVersion) {
+        pkg.report({
+          ruleName: this.name,
+          message: `peer dependency ${depName} should have the version ${expectedVersion}`,
+          fix: () => pkg.addPeerDependency(depName, expectedVersion)
+        });
+      }
 
+      if (depVersion !== expectedVersion) {
         pkg.report({
           ruleName: this.name,
           message: `dependency ${depName}: dependency version must be ${expectedVersion}`,
@@ -844,7 +872,7 @@ export class AllVersionsTheSame extends ValidationRule {
   private readonly usedDeps: {[pkg: string]: VersionCount[]} = {};
 
   public prepare(pkg: PackageJson): void {
-    this.ourPackages[pkg.json.name] = `^${pkg.json.version}`;
+    this.ourPackages[pkg.json.name] = pkg.json.version;
     this.recordDeps(pkg.json.dependencies);
     this.recordDeps(pkg.json.devDependencies);
   }