CDK released a new 1.19 version, and installing the new version, because of their need for 1.18 version of peer dependencies, gives the expected warnings about versions that could not be found:

I know dealing with those high iteration libraries, like aws-sdk itself, can be frustrating, but if they use semver strictly (which I think they do), it would be safe to rely on "peerDependencies" instead of "dependencies" and use ">=1.18.0", but at the same time make sure there are no regressions (like testing for node 10, 12 and 13 at the same time using test matrix)

EDIT: talked too soon, there are some breaking changes in aws-cdk types 😢 incompatible "Construct" base types

I have a PR up for fixing the versions: #60. Does it look right to you?

I've unfortunately had to release a new version of Punchcard every time the CDK does and am not sure how to fix it.

Maybe I need to take an explicit dependency on every cdk package? That way there are no nested CDK dependencies in the node_modules.

yeah, since CDK is choosing the path to not use carrets in version fields, that should be safer... wish they were using semver strictly and minor and patches didn't mean breaking changes at all, since they are "1.0"

@sam-goodwin maybe a @dependabot would make it easier to test it before hand as a PR, without you having to be "on alert" for new versions

another way is to match the minor to aws-cdk minor, there would be a jump to 0.19

dependabot is awesome!