Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

@aws-sdk/credential-provider-node doesn't provide @aws-sdk/client-sts #6049

Closed
3 tasks done
samuelcole opened this issue May 2, 2024 · 12 comments · Fixed by #6055
Closed
3 tasks done

@aws-sdk/credential-provider-node doesn't provide @aws-sdk/client-sts #6049

samuelcole opened this issue May 2, 2024 · 12 comments · Fixed by #6055
Assignees
Labels
bug This issue is a bug. p2 This is a standard priority issue

Comments

@samuelcole
Copy link

Checkboxes for prior research

Describe the bug

After yarn install I get:

➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.567.0 doesn't provide @aws-sdk/client-sts (pd83b4), requested by @aws-sdk/credential-provider-web-identity
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.567.0 doesn't provide @aws-sdk/client-sts (p294b1), requested by @aws-sdk/credential-provider-ini
➤ YN0002: │ @aws-sdk/credential-provider-sso@npm:3.567.0 doesn't provide @aws-sdk/client-sso-oidc (pb330e), requested by @aws-sdk/token-providers

additionally my unimported tooling reports:

1 │ @aws-sdk/client-sso-oidc at ../../node_modules/@aws-sdk/token-providers/dist-cjs/index.js
2 │ @aws-sdk/client-sts at ../../node_modules/@aws-sdk/credential-provider-ini/dist-cjs/index.js, ../../node_modules/@aws-sdk/credential-provider-web-identity/dist-cjs/fromWebToken.js

SDK version number

@aws-sdk/credential-provider-node@npm:3.567.0

Which JavaScript Runtime is this issue in?

Node.js

Details of the browser/Node.js/ReactNative version

node v20.9.0, yarn 3.5.0

Reproduction Steps

yarn install

Observed Behavior

reports warnings

Expected Behavior

no warnings

Possible Solution

add @aws-sdk/client-sts and @aws-sdk/client-sso-oidc as dependencies for @aws-sdk/credential-provider-node

Additional Information/Context

No response

@samuelcole samuelcole added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels May 2, 2024
@trivikr trivikr removed the needs-triage This issue or PR still needs to be triaged. label May 2, 2024
@trivikr
Copy link
Member

trivikr commented May 2, 2024

If you have a minimal repro, please post it in the issue comments. I'll also post my attempts in reproducing.
It'll help identify in which version it was introduced. We suspect it was introduced in either v3.564.0 or v3.565.0

The current workaround is to pin your client dependency to <3.564.0 in package.json as follows:

   "client-dynamodb": "<3.564.0",

@trivikr
Copy link
Member

trivikr commented May 2, 2024

I'm not able to repro with this simple commands in a new workspace, and dependencies are installed

$ node -v
v20.12.2

$ corepack enable && yarn set version 4.2.1

$ yarn init -y && yarn add @aws-sdk/[email protected] --exact

@trivikr
Copy link
Member

trivikr commented May 2, 2024

Minimal repro with [email protected] shows warnings

$ corepack enable && yarn set version 3.5.0

$ yarn init -y && yarn add @aws-sdk/[email protected] --exact
...
➤ YN0000: ┌ Resolution step
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.567.0 doesn't provide @aws-sdk/client-sts (pd83b4), requested by @aws-sdk/credential-provider-web-identity
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.567.0 doesn't provide @aws-sdk/client-sts (p294b1), requested by @aws-sdk/credential-provider-ini
➤ YN0002: │ @aws-sdk/credential-provider-sso@npm:3.567.0 doesn't provide @aws-sdk/client-sso-oidc (pb330e), requested by @aws-sdk/token-providers
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code
➤ YN0000: └ Completed in 0s 805ms
...

Not reproducible with 3.563.0

@trivikr trivikr added the p2 This is a standard priority issue label May 2, 2024
@trivikr
Copy link
Member

trivikr commented May 2, 2024

The warning is shown in [email protected] as direct dependency of client-sts was removed in #6028. The dependency was removed because other clients were not using it directly. The dependency, however, is required in some default credential providers like credential-provider-web-identity or credential-provider-ini.

In those credential providers, the dependency is added as a peerDependency to avoid circular dependency issue. This is not a problem for majority users, since most of the requests sent on JS SDK do not use those credential providers. For other users, most of them use npm 7+ which automatically installs peerDependencies.

However, it would be a problem for certain package managers where peerDependencies are not automatically installed (like yarn modern) and there's no workaround to install those peerDependencies (like yarn classic).

We're exploring re-adding the direct dependencies on clients.

@conico974
Copy link

@trivikr It can also cause issue if you set auto-install-peers=false in .npmrc
Also in some cases in CI, it seems that npx also doesn't install peer dependencies which make CI fail.

@trivikr
Copy link
Member

trivikr commented May 2, 2024

We're exploring re-adding the direct dependencies on clients.

PR posted at #6055

@trivikr
Copy link
Member

trivikr commented May 2, 2024

PR posted at #6055

PR is merged, and the fix is expected to be published in https://github.com/aws/aws-sdk-js-v3/releases/tag/v3.569.0 around 12:30 PM Pacific on Friday, May 3.

Reopening this issue for verification post publish.

@trivikr trivikr reopened this May 2, 2024
@trivikr trivikr self-assigned this May 3, 2024
@trivikr
Copy link
Member

trivikr commented May 3, 2024

Reopening this issue for verification post publish.

Release https://github.com/aws/aws-sdk-js-v3/releases/tag/v3.569.0 is out, and I verified that no warnings are shown in resolution step by [email protected]

v3.568.0

$ yarn init -y && yarn add @aws-sdk/[email protected] --exact
...
➤ YN0000: ┌ Resolution step
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.568.0 doesn't provide @aws-sdk/client-sts (p0dd8b), requested by @aws-sdk/credential-provider-web-identity
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.568.0 doesn't provide @aws-sdk/client-sts (p80a4c), requested by @aws-sdk/credential-provider-ini
➤ YN0002: │ @aws-sdk/credential-provider-sso@npm:3.568.0 doesn't provide @aws-sdk/client-sso-oidc (pcb0ab), requested by @aws-sdk/token-providers
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code
➤ YN0000: └ Completed in 0s 920ms
...

v3.569.0

$ yarn init -y && yarn add @aws-sdk/[email protected] --exact
...
➤ YN0000: ┌ Resolution step
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.569.0 doesn't provide @aws-sdk/client-sts (padd33), requested by @aws-sdk/credential-provider-web-identity
➤ YN0002: │ @aws-sdk/credential-provider-node@npm:3.569.0 doesn't provide @aws-sdk/client-sts (p8938b), requested by @aws-sdk/credential-provider-ini
➤ YN0002: │ @aws-sdk/credential-provider-sso@npm:3.568.0 doesn't provide @aws-sdk/client-sso-oidc (pcb0ab), requested by @aws-sdk/token-providers
➤ YN0000: │ Some peer dependencies are incorrectly met; run yarn explain peer-requirements <hash> for details, where <hash> is the six-letter p-prefixed code
➤ YN0000: └ Completed in 0s 945ms
...

$ yarn explain peer-requirements padd33
➤ YN0000: @aws-sdk/credential-provider-node@npm:3.569.0 doesn't provide @aws-sdk/client-sts, breaking the following requirements:

➤ YN0000: @aws-sdk/credential-provider-web-identity@npm:3.568.0 [37b69] → ^3.568.0 ✘

Although the warning is shown, we've ensured that the direct dependency is available in node_modules.
This issue needs more deep dive, especially checking why the warning is not shown for v3.563.0

In the mean time, if v3.569.0 is causing any bugs in your application other than warning, please create a new bug report.

@samuelcole
Copy link
Author

i can confirm it fixes my issue (which was unimported failing)!

@trivikr
Copy link
Member

trivikr commented May 3, 2024

Closing as original author confirmed the issue is fixed in their setup.

Do create a new bug report if the issue is reproducible with v3.569.0+ in your setup.

@trivikr trivikr closed this as completed May 3, 2024
@robertfmurdock
Copy link

Found this bug broke my service's ability to access DynamoDB in production today, updated the libraries to 3.569.0, and it was fixed. Guessing my toy app was broken for about 24 hours due to this.

Apparently locally testing with a local DynamoDB docker image wasn't enough to detect the problem, so I hope ya'll have added some test coverage to help ensure surprises like this don't happen again.

Thanks for the fast turnaround!

Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug This issue is a bug. p2 This is a standard priority issue
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants