npm ci broken starting with version 3.0.2

[ww-daniel-mora]

Starting in version 3.0.2, including cdk-rds-sql results in an error when using npm ci

> npm i cdk-rds-sql@3.0.0
> npm ci
// ok
> npm i cdk-rds-sql@3.0.1
> npm ci
// ok
> npm i cdk-rds-sql@3.0.2
> npm ci
npm ERR! Missing: @aws-sdk/client-sts@3.572.0 from lock file
  npm ERR! Missing: @aws-sdk/client-sso-oidc@3.572.0 from lock file
  npm ERR! Missing: @aws-sdk/client-sso-oidc@3.572.0 from lock file
  npm ERR! Missing: @aws-sdk/client-sts@3.572.0 from lock file
  npm ERR!

[ww-daniel-mora]

I was able it reproduce this bug trivially in a new directory

mkdir tmp
cd tmp
npm init
npm i cdk-rds-sql
npm ci

However, if I install from a local directory npm ci works which suggests something in the build / publish process has broken.

[ww-daniel-mora]

specifically this change 4ce8ed94b4846ebd329b32569053f957aa2b7bab

[mrgrain]

My best guess is it has to do with the bundling of @aws-sdk/client-secrets-manager

But why that worked before and not anymore eludes me...

[mrgrain]

I'm not sure why, but your bundle contains many more bundled dependencies than your package.json file implies.

The other thing I note is the versions it complains about missing: 3.572.0 The versions that are installed actually are 3.574.0

If you run npm why @aws-sdk/client-sts you get some info that might help you debugging.

[mrgrain]

projen uses pacmak under the hood, which really is just a wrapper around npm pack.

I'm guessing that projen upgrade changed the node version the publish workflow is running on, which ships with a different version of npm and now the npm pack behavior has changed (or to be blunt, seems buggy)

[berenddeboer]

Very confusing, have run projen upgrade, let's see if that does the trick. But thanks for telling me!

[ww-daniel-mora]

@berenddeboer thank you v3.0.6 resolves this issue