docs(schema): add JSDoc descriptions to config schema for TypeScript type generation

[czubocha]

Summary

• Add comprehensive JSDoc descriptions to all JSON schema properties across 30 config schema files to enable auto-generated TypeScript type definitions with inline documentation
• Add @see links (138) to official Serverless Framework and AWS documentation with verified anchors
• Add @example annotations (101) with YAML configuration snippets for all major properties
• Add @default annotations (40) validated against source code for runtime defaults
• Add @deprecated tags (11) for legacy properties like package.include, package.exclude, and provider.iam.role.permissionBoundary
• Add @since v4 tags (12) for properties introduced in Serverless Framework v4 (e.g., build, stages, licenseKey, snapStart, tenancy, capacityProviders)
• All changes are description-only -- no schema validation behavior is modified

How to test

1. Run unit tests: npm run test:unit -w @serverless/framework (65 suites, 1026 tests)
2. Generate TypeScript types from the schema using serverless/typescript and verify JSDoc comments appear in the output index.d.ts
3. Open the generated types in an IDE (VS Code / WebStorm) and verify hover documentation shows descriptions, @see links, @default values, and @example snippets

Summary by CodeRabbit

• Documentation
  • Expanded configuration schema descriptions across service, provider, functions, events, packaging, params, stages, plugins, and build settings.
  • Added examples, defaults, and reference links to many AWS event and provider options (ALB, API Gateway, S3, CloudFront, EventBridge, etc.).
  • Improved clarity for tooling integrations (esbuild, Python requirements) and validation/help text for better user guidance.

---

Note

Low Risk
Schema-only documentation additions; runtime behavior and validation constraints should be unchanged aside from potential tooling that consumes description fields.

Overview
Adds extensive description metadata (with @see, @example, @default, @deprecated, and @since annotations) across the core config-schema and many AWS plugin schema definitions to improve generated TypeScript typings and inline docs.

Updates span top-level service config (org, app, frameworkVersion, package, stages, etc.) and numerous AWS function event schemas (API Gateway REST/HTTP APIs, ALB, S3, CloudFront, EventBridge, SQS/SNS, streams, IoT, Kafka/MSK, MQ, Cognito, CloudWatch, WebSockets, AppSync) without changing validation rules—only documentation fields are enriched.

^{Written by Cursor Bugbot for commit 0e3f4fe. This will update automatically on new commits. Configure here.}

[Mmarzex]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

📝 Walkthrough

Walkthrough

Added descriptive metadata (description, examples, defaults) across many JSON schema definitions for Serverless core config, AWS event schemas, and several plugins; changes are documentation-only schema enrichments and minor schema wrappers without altering validation semantics or runtime control flow.

Changes

Cohort / File(s)	Summary
Core config schema packages/serverless/lib/config-schema.js	Added descriptions/examples/default hints to many root properties and definitions (org, app, service/serviceName, frameworkVersion, configValidationMode, package, params, stages, outputs, custom, build, licenseKey, useDotenv, etc.). Mostly wrapped simple types with descriptive objects; no behavior change.
AWS events (bulk) packages/serverless/lib/plugins/aws/package/compile/events/... (activemq.js, alb/index.js, alexa-skill.js, alexa-smart-home.js, api-gateway/index.js, cloud-front.js, cloud-watch-event.js, cloud-watch-log.js, cognito-user-pool.js, event-bridge/index.js, http-api.js, iot-fleet-provisioning.js, iot.js, kafka.js, msk/index.js, rabbitmq.js, s3/index.js, schedule.js, sns.js, sqs.js, stream.js, websockets/index.js)	Added top-level descriptions and per-field descriptions/examples/defaults across many AWS event schemas (authorizer, conditions, arn/ids, batch/window settings, filters, patterns, etc.). A few fields were changed from bare refs/primitives to described objects but preserved validation.
S3 provider & events (detailed) packages/serverless/lib/plugins/aws/package/compile/events/s3/config-schema.js, .../s3/index.js	Large addition of description metadata across provider.s3 and related S3 event schemas (notifications, lifecycle, replication, analytics, inventory, cors, object lock, website, logging, metrics). Some refs wrapped to include descriptive objects; validation semantics retained.
AWS provider support (appsync, alerts) packages/serverless/lib/plugins/aws/alerts/index.js, .../appsync/index.js, .../appsync/validation.js	Added description fields to alerts (alarms) and AppSync top-level and validation schemas (appSyncSchema, lambdaFunctionConfig, auth, dataSource). Documentation-only changes.
esbuild plugin packages/serverless/lib/plugins/esbuild/index.js	Converted some simple definitions to described objects (external, sourcemap, sourcemap.type), added descriptions/examples, declared buildConcurrency and setNodeOptions with descriptions. No runtime logic changes.
python plugin packages/serverless/lib/plugins/python/index.js	Added description for module function property; reordered named imports (no behavioral impact).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

• eahefnawy

Poem

🐰 In schema meadows I nibble and write,
Descriptions like carrots gleam in the light.
No code did I change, just labels and rhymes,
Helping configs feel cozy in good times.
Hop on — the docs now sparkle and bite! 🥕

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Merge Conflict Detection	⚠️ Warning	❌ Merge conflicts detected (33 files): ⚔️ package-lock.json (content) ⚔️ packages/serverless/lib/config-schema.js (content) ⚔️ packages/serverless/lib/plugins/aws/alerts/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/appsync/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/appsync/validation.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/activemq.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/alb/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/alexa-skill.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/alexa-smart-home.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/api-gateway/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/cloud-front.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/cloud-watch-event.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/cloud-watch-log.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/cognito-user-pool.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/event-bridge/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/http-api.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/iot-fleet-provisioning.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/iot.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/kafka.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/msk/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/rabbitmq.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/s3/config-schema.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/s3/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/schedule.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/sns.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/sqs.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/stream.js (content) ⚔️ packages/serverless/lib/plugins/aws/package/compile/events/websockets/index.js (content) ⚔️ packages/serverless/lib/plugins/aws/provider.js (content) ⚔️ packages/serverless/lib/plugins/esbuild/index.js (content) ⚔️ packages/serverless/lib/plugins/python/index.js (content) ⚔️ packages/sf-core-installer/package.json (content) ⚔️ packages/sf-core/package.json (content) These conflicts must be resolved before merging into main.	Resolve conflicts locally and push changes to this branch.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the primary change: adding JSDoc descriptions to the config schema for TypeScript type generation. It is specific, concise, and clearly communicates the main objective of the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch sc-3828

⚔️ Resolve merge conflicts (beta)

• Auto-commit resolved conflicts to branch sc-3828
• Create stacked PR with resolved conflicts
• Post resolved changes as copyable diffs in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 6

🤖 Fix all issues with AI agents

In `@packages/serverless/lib/plugins/aws/package/compile/events/alb/index.js`:
- Around line 56-60: The array schemas (authorizer, host, ip, method, path) put
the description on items instead of on the array itself; update each defineArray
call so the description is a top-level property of the array and the item schema
contains the type (e.g., change defineArray({ description: '...', type: 'string'
}) to defineArray({ description: '...', items: { type: 'string' } }) for the
authorizer, and do the same for host, ip, method, and path) so TypeScript hover
docs show the description for the array property rather than each string item.

In `@packages/serverless/lib/plugins/aws/package/compile/events/alexa-skill.js`:
- Around line 13-18: The top-level event description string for alexaSkill
currently contains a misleading remark "Alexa Skill application ID." that
duplicates and confuses the specific appId field; update the description (the
description value used for the alexaSkill event) to remove or reword that
`@remarks` so the top-level description only documents the event as a whole and
not a specific property, leaving the appId field description intact and specific
to the appId property.

In
`@packages/serverless/lib/plugins/aws/package/compile/events/alexa-smart-home.js`:
- Around line 17-19: The top-level event "description" in alexa-smart-home.js
currently includes a misleading "@remarks Alexa Smart Home application ID."
copied from the "appId" field; update the "description" field (the description
property in the Alexa Smart Home event definition) to remove that `@remarks` or
reword it to describe the Alexa Smart Home event itself (e.g., explain the
event's purpose or link), and leave the specific "appId" details only on the
"appId" field to avoid duplication and confusion.

In
`@packages/serverless/lib/plugins/aws/package/compile/events/api-gateway/index.js`:
- Around line 249-253: The inline description is being overwritten by the later
spread (authorizerSchema) because the spread comes after the inline property;
update the object literals so the schema spreads first and then the specific
description property overrides it — i.e., change the authorizer block to {
...authorizerSchema, description: `Custom/Cognito/IAM authorizer
configuration...` } and apply the same change for the cors, request, and
response objects so their inline description strings replace any description
from corsSchema/requestSchema/responseSchema.

In
`@packages/serverless/lib/plugins/aws/package/compile/events/cognito-user-pool.js`:
- Around line 41-48: The top-level `description` string for the Cognito User
Pool event includes two misleading `@remarks` lines; remove the incorrect
`@remarks Cognito User Pool authorizer for ALB.` and `@remarks ARN of the
Cognito User Pool.` and replace them with a concise remark that this schema
describes a Cognito User Pool Lambda trigger configuration (e.g., how to specify
the `pool` and `trigger` fields), or simply drop the `@remarks` entirely if
unnecessary; update the `description` literal that contains `Cognito User Pool
trigger event configuration.` to reflect this change so consumers (IDE hovers/TS
docs) see an accurate description for the trigger event schema.

In
`@packages/serverless/lib/plugins/aws/package/compile/events/s3/config-schema.js`:
- Line 346: The lifecycle rule property ExpirationInDays is missing a
description; update the cfValue call for ExpirationInDays to include a
descriptive description field (like the sibling properties do) so the schema
documents the purpose of ExpirationInDays. Locate the ExpirationInDays entry in
the lifecycle rule object and modify the cfValue({ type: 'integer', minimum: 0
}) invocation to pass a description string (e.g. describing that it sets object
expiration in days), following the pattern used for
reservedConcurrency/provisionedConcurrency.

🧹 Nitpick comments (12)

packages/serverless/lib/plugins/aws/package/compile/events/iot-fleet-provisioning.js (1)

24-37: Use single quotes for single-line description strings.

Lines 24, 28, 32, and 36 use template literals (backticks) for plain strings with no interpolation or line breaks. The multi-line string on lines 19–20 correctly uses a backtick.

Proposed fix

-          description: `Enable or disable the provisioning template.`,
+          description: 'Enable or disable the provisioning template.',
...
-          description: `IAM role ARN used by IoT Fleet Provisioning.`,
+          description: 'IAM role ARN used by IoT Fleet Provisioning.',
...
-          description: `Provisioning template document body.`,
+          description: 'Provisioning template document body.',
...
-          description: `Provisioning template name.`,
+          description: 'Provisioning template name.',

As per coding guidelines, **/*.{js,ts,jsx,tsx}: "Use single quotes for strings".

packages/serverless/lib/plugins/aws/package/compile/events/http-api.js (1)

134-145: Nit: Inconsistent @example format across properties.

The top-level httpApi description (line 83) uses a YAML snippet for @example, while method and path use single-quoted JS-style strings ('GET', '/users/{id}'). For consistent IDE hover documentation, consider picking one format. YAML snippets would align with the Serverless Framework's config format.

packages/serverless/lib/plugins/aws/package/compile/events/sns.js (2)

15-28: Noisy @remarks lines duplicate child-property descriptions.

The four @remarks on Lines 17–21 simply echo the descriptions already present on redrivePolicy, arn, topicName, and url below. They clutter the top-level hover tooltip without adding context about the SNS event itself. Consider removing them or replacing with a single meaningful remark (e.g., explaining when to use a topic ARN vs. topic name).

Proposed cleanup

       description: `SNS event configuration.
 `@see` https://www.serverless.com/framework/docs/providers/aws/events/sns
-@remarks SNS redrive (dead letter queue) policy.
-@remarks ARN of existing SNS topic.
-@remarks Name for new SNS topic.
-@remarks URL of the DLQ (SQS).
-@remarks SNS topic event.
 `@example`
 events:
   - sns:

---

66-68: Misplaced @remarks on redrivePolicy.

@remarks URL of the DLQ (SQS). describes the child property deadLetterTargetImport.url, not the redrive policy itself. This will surface misleading information in IDE hover tooltips.

Proposed fix

             redrivePolicy: {
               description: `SNS redrive (dead letter queue) policy.
-@see https://www.serverless.com/framework/docs/providers/aws/events/sns#setting-a-redrive-policy
-@remarks URL of the DLQ (SQS).`,
+@see https://www.serverless.com/framework/docs/providers/aws/events/sns#setting-a-redrive-policy`,

packages/serverless/lib/plugins/aws/package/compile/events/stream.js (1)

79-81: Nit: @example uses union-type syntax instead of a concrete example.

@example 'LATEST' | 'TRIM_HORIZON' reads like a TypeScript type union rather than a usage example. Other @example annotations in this file show a single concrete value, which is more conventional for JSDoc. Consider picking one value or showing two separate @example lines.

             startingPosition: {
               description: `Where to start reading.
 `@default` 'TRIM_HORIZON'
-@example 'LATEST' | 'TRIM_HORIZON'`,
+@example 'LATEST'`,

packages/serverless/lib/plugins/aws/package/compile/events/event-bridge/index.js (1)

60-67: Multiple @remarks tags are non-standard and add little value.

Standard JSDoc treats @remarks as a single block. Repeating it multiple times with vague topic names ("EventBridge configuration options.", "EventBridge/CloudWatch input transformer.", etc.) won't render meaningfully in most tooling and may confuse TypeScript's hover docs. Consider either consolidating into one @remarks block or removing them entirely — the @see link already directs users to the full documentation.

packages/serverless/lib/plugins/aws/package/compile/events/kafka.js (1)

31-128: Clear and accurate property descriptions!

All property descriptions are concise, accurate, and correctly reflect the validation rules defined in the schema. The descriptions will provide excellent inline documentation for TypeScript type generation.

📝 Optional: Minor style consistency suggestions

For maximum consistency with AWS terminology, consider these optional refinements:

1. Lines 36, 45: Use "IDs" instead of "ids" (capitalized as per AWS style)
2. Lines 54, 60, 66: Expand "auth" to "authentication" for clarity in documentation

-              description: `VPC subnet ids used by the event source mapping.`,
+              description: `VPC subnet IDs used by the event source mapping.`,

-              description: `VPC security group ids used by the event source mapping.`,
+              description: `VPC security group IDs used by the event source mapping.`,

-              description: `Secrets Manager ARNs for SASL/PLAIN auth.`,
+              description: `Secrets Manager ARNs for SASL/PLAIN authentication.`,

These are purely stylistic and don't impact functionality.

packages/serverless/lib/plugins/aws/package/compile/events/cloud-front.js (1)

297-301: Place description after the spread to prevent silent override.

If behaviorObjectSchema ever gains its own description (e.g., from the top-level addition at line 23 for originObjectSchema), the spread on line 300 would silently overwrite the description set on line 298. Swapping the order makes this future-proof.

♻️ Suggested reorder

          behavior: {
-           description: `CloudFront cache behavior overrides for this Lambda@Edge trigger.
-@see https://www.serverless.com/framework/docs/providers/aws/events/cloudfront#cache-behavior-configuration`,
            ...behaviorObjectSchema,
+           description: `CloudFront cache behavior overrides for this Lambda@Edge trigger.
+@see https://www.serverless.com/framework/docs/providers/aws/events/cloudfront#cache-behavior-configuration`,
          },

packages/serverless/lib/plugins/aws/package/compile/events/websockets/index.js (1)

69-74: Consider using YAML format in the @example tag.

The example currently uses TypeScript union syntax ('$connect' | '$disconnect' | '$default' | 'sendMessage'), which differs from the YAML examples used elsewhere in the schema. For consistency, consider showing an actual YAML usage example:

`@example`
route: $connect
# or
route: sendMessage

However, if the TypeScript-style notation is intentional for type generation tooling, the current format is also clear.

packages/serverless/lib/plugins/aws/package/compile/events/iot.js (1)

36-36: LGTM!

Clear description for the boolean field. Consider adding a @default true annotation if the rule is enabled by default (based on the logic at line 69 where only enabled === false explicitly disables it), though this is optional.

packages/serverless/lib/plugins/aws/package/compile/events/sqs.js (1)

14-23: Minor: redundant @remarks tags in the top-level description.

Line 16 (@remarks SQS queue ARN or CloudFormation reference.) describes the arn property rather than the event as a whole, and line 17 (@remarks SQS queue event.) just restates the first line. Consider consolidating or removing the redundant remarks so the top-level description stays focused on the event itself.

packages/serverless/lib/plugins/aws/appsync/validation.js (1)

75-76: @see link duplicates the top-level link — consider pointing to a more specific anchor.

Both the top-level appSyncSchema (Line 27) and the auth definition here link to the same URL (/events/appsync). If the docs have an authentication-specific section or anchor, a more targeted link would be more useful for consumers of the generated types.

[czubocha]

@cursor review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: dcfe876bc1

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[czubocha]

@cursor review

[cursor]

✅ Bugbot reviewed your changes and found no new issues!

Comment @cursor review or bugbot run to trigger another review on this PR