release: Amplify JS release (#14223)

.github/CODEOWNERS

@@ -15,24 +15,24 @@
 
 # The following paths involve server-side use cases, token/user session management.
 # Changes made to these paths requires additional reviews and approvals.
-/packages/auth @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/aws-amplify/src/adapter-core @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/adapterCore @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/singleton @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/utils/convert @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/utils/WordArray.ts @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/storage @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/utils/generateRandomString.ts @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/utils/globalHelpers @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/utils/urlSafeDecode.ts @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/awsClients/cognitoIdentity @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/clients/internal @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/core/src/Hub @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/adapter-nextjs @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/rtn-web-browser @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/storage/src/providers/s3/apis/internal @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/storage/src/providers/s3/apis/server @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/api-rest/src/apis/server.ts @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/api-rest/src/apis/common/internalPost.ts @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/api-graphql/src/server @sktimalsina @cshfang @HuiSF @pranavosu
-/packages/api-graphql/src/internals/server @sktimalsina @cshfang @HuiSF @pranavosu
+/packages/auth @cshfang @HuiSF @ashika112
+/packages/aws-amplify/src/adapter-core @cshfang @HuiSF @ashika112
+/packages/core/src/adapterCore @cshfang @HuiSF @ashika112
+/packages/core/src/singleton @cshfang @HuiSF @ashika112
+/packages/core/src/utils/convert @cshfang @HuiSF @ashika112
+/packages/core/src/utils/WordArray.ts @cshfang @HuiSF @ashika112
+/packages/core/src/storage @cshfang @HuiSF @ashika112
+/packages/core/src/utils/generateRandomString.ts @cshfang @HuiSF @ashika112
+/packages/core/src/utils/globalHelpers @cshfang @HuiSF @ashika112
+/packages/core/src/utils/urlSafeDecode.ts @cshfang @HuiSF @ashika112
+/packages/core/src/awsClients/cognitoIdentity @cshfang @HuiSF @ashika112
+/packages/core/src/clients/internal @cshfang @HuiSF @ashika112
+/packages/core/src/Hub @cshfang @HuiSF @ashika112
+/packages/adapter-nextjs @cshfang @HuiSF @ashika112
+/packages/rtn-web-browser @cshfang @HuiSF @ashika112
+/packages/storage/src/providers/s3/apis/internal @cshfang @HuiSF @ashika112
+/packages/storage/src/providers/s3/apis/server @cshfang @HuiSF @ashika112
+/packages/api-rest/src/apis/server.ts @cshfang @HuiSF @ashika112
+/packages/api-rest/src/apis/common/internalPost.ts @cshfang @HuiSF @ashika112
+/packages/api-graphql/src/server @cshfang @HuiSF @ashika112
+/packages/api-graphql/src/internals/server @cshfang @HuiSF @ashika112

CONTRIBUTING.md

@@ -50,7 +50,7 @@ Our work is done directly on Github and PR's are sent to the GitHub repo by core
 
 This section should get you running with **Amplify JS** and get you familiar with the basics of the codebase. You will need [Node.js](https://nodejs.org/en/) on your system and developing locally also requires `yarn` workspaces. You can install it [here](https://classic.yarnpkg.com/en/docs/install#mac-stable).
 
-The recommended version of Node JS to work with this project is [`16.19.0`](https://nodejs.org/en/blog/release/v16.19.0/) with Yarn version [`1.22.x`](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md).
+The recommended version of Node JS to work with this project is [`18.18.0`](https://nodejs.org/en/blog/release/v18.18.0/) with Yarn version [`1.22.x`](https://github.com/yarnpkg/yarn/blob/master/CHANGELOG.md).
 
 > Note: newer versions of Yarn (2+) remove support for lerna's `--mutex` flag
 > so be sure to use Yarn v1.22.x

packages/adapter-nextjs/package.json

@@ -4,15 +4,13 @@
 	"version": "1.5.0",
 	"description": "The adapter for the supporting of using Amplify APIs in Next.js.",
 	"peerDependencies": {
-		"aws-amplify": "^6.13.0",
+		"aws-amplify": "^6.13.1",
 		"next": ">=13.5.0 <16.0.0"
 	},
 	"dependencies": {
-		"aws-jwt-verify": "^4.0.1",
-		"cookie": "^0.7.0"
+		"aws-jwt-verify": "^4.0.1"
 	},
 	"devDependencies": {
-		"@types/cookie": "^0.5.1",
 		"@types/node": "^20.3.1",
 		"@types/react": "^18.2.13",
 		"@types/react-dom": "^18.2.6",

packages/core/package.json

@@ -54,7 +54,6 @@
 		"@aws-sdk/types": "3.398.0",
 		"@smithy/util-hex-encoding": "2.0.0",
 		"@types/uuid": "^9.0.0",
-		"cookie": "^0.7.0",
 		"js-cookie": "^3.0.5",
 		"rxjs": "^7.8.1",
 		"tslib": "^2.5.0",

packages/core/src/adapterCore/serverContext/types/cookieStorage.ts

@@ -1,7 +1,104 @@
 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-import { CookieSerializeOptions } from 'cookie';
+interface CookieSerializeOptions {
+	/**
+	 * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.3|Domain Set-Cookie attribute}. By default, no
+	 * domain is set, and most clients will consider the cookie to apply to only
+	 * the current domain.
+	 */
+	domain?: string | undefined;
+
+	/**
+	 * Specifies a function that will be used to encode a cookie's value. Since
+	 * value of a cookie has a limited character set (and must be a simple
+	 * string), this function can be used to encode a value into a string suited
+	 * for a cookie's value.
+	 *
+	 * The default function is the global `encodeURIComponent`, which will
+	 * encode a JavaScript string into UTF-8 byte sequences and then URL-encode
+	 * any that fall outside of the cookie range.
+	 */
+	encode?(value: string): string;
+
+	/**
+	 * Specifies the `Date` object to be the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.1|`Expires` `Set-Cookie` attribute}. By default,
+	 * no expiration is set, and most clients will consider this a "non-persistent cookie" and will delete
+	 * it on a condition like exiting a web browser application.
+	 *
+	 * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
+	 * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
+	 * possible not all clients by obey this, so if both are set, they should
+	 * point to the same date and time.
+	 */
+	expires?: Date | undefined;
+	/**
+	 * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.6|`HttpOnly` `Set-Cookie` attribute}.
+	 * When truthy, the `HttpOnly` attribute is set, otherwise it is not. By
+	 * default, the `HttpOnly` attribute is not set.
+	 *
+	 * *Note* be careful when setting this to true, as compliant clients will
+	 * not allow client-side JavaScript to see the cookie in `document.cookie`.
+	 */
+	httpOnly?: boolean | undefined;
+	/**
+	 * Specifies the number (in seconds) to be the value for the `Max-Age`
+	 * `Set-Cookie` attribute. The given number will be converted to an integer
+	 * by rounding down. By default, no maximum age is set.
+	 *
+	 * *Note* the {@link https://tools.ietf.org/html/rfc6265#section-5.3|cookie storage model specification}
+	 * states that if both `expires` and `maxAge` are set, then `maxAge` takes precedence, but it is
+	 * possible not all clients by obey this, so if both are set, they should
+	 * point to the same date and time.
+	 */
+	maxAge?: number | undefined;
+	/**
+	 * Specifies the value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.4|`Path` `Set-Cookie` attribute}.
+	 * By default, the path is considered the "default path".
+	 */
+	path?: string | undefined;
+	/**
+	 * Specifies the `string` to be the value for the [`Priority` `Set-Cookie` attribute][rfc-west-cookie-priority-00-4.1].
+	 *
+	 * - `'low'` will set the `Priority` attribute to `Low`.
+	 * - `'medium'` will set the `Priority` attribute to `Medium`, the default priority when not set.
+	 * - `'high'` will set the `Priority` attribute to `High`.
+	 *
+	 * More information about the different priority levels can be found in
+	 * [the specification][rfc-west-cookie-priority-00-4.1].
+	 *
+	 * **note** This is an attribute that has not yet been fully standardized, and may change in the future.
+	 * This also means many clients may ignore this attribute until they understand it.
+	 */
+	priority?: 'low' | 'medium' | 'high' | undefined;
+	/**
+	 * Specifies the boolean or string to be the value for the {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|`SameSite` `Set-Cookie` attribute}.
+	 *
+	 * - `true` will set the `SameSite` attribute to `Strict` for strict same
+	 * site enforcement.
+	 * - `false` will not set the `SameSite` attribute.
+	 * - `'lax'` will set the `SameSite` attribute to Lax for lax same site
+	 * enforcement.
+	 * - `'strict'` will set the `SameSite` attribute to Strict for strict same
+	 * site enforcement.
+	 *  - `'none'` will set the SameSite attribute to None for an explicit
+	 *  cross-site cookie.
+	 *
+	 * More information about the different enforcement levels can be found in {@link https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7|the specification}.
+	 *
+	 * *note* This is an attribute that has not yet been fully standardized, and may change in the future. This also means many clients may ignore this attribute until they understand it.
+	 */
+	sameSite?: true | false | 'lax' | 'strict' | 'none' | undefined;
+	/**
+	 * Specifies the boolean value for the {@link https://tools.ietf.org/html/rfc6265#section-5.2.5|`Secure` `Set-Cookie` attribute}. When truthy, the
+	 * `Secure` attribute is set, otherwise it is not. By default, the `Secure` attribute is not set.
+	 *
+	 * *Note* be careful when setting this to `true`, as compliant clients will
+	 * not send the cookie back to the server in the future if the browser does
+	 * not have an HTTPS connection.
+	 */
+	secure?: boolean | undefined;
+}
 
 export declare namespace CookieStorage {
 	export type SetCookieOptions = Partial<