[BUG] npm audit fix --force tries to download non-existing packages #5750
Labels
Bug
thing that needs fixing
Priority 1
high priority issue
Release 9.x
work is associated with a specific npm 9 release
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
npm audit fix --force attempts to update nodemon and got. New nodemon version should be 2.0.20, but npm audit also tries to fetch got version 2.0.20 which does not exist. Closest got version is 2.0.0, which is 8 years old, latest being 12.5.2.
npm audit --audit-level high:
npm audit fix --force:
Expected Behavior
nodemon version should not "leak" to got version download.
Steps To Reproduce
dependencies:
Some packages have been removed since I cannot share them. Same goes for package-lock.json.
Environment
The problem also occurs with npm version
8.19.2
The text was updated successfully, but these errors were encountered: