to the package.json file to force a more secure minimist version to be used by a dependency. However, this causes npm ci to think the package-lock.json and package.json are out of sync and therefore the ci fails.
We could either a) fix the dependency relying on the out-of-date minimist version, b) avoid the use of npm ci (i.e. always use npm install) or c) avoid using npm <= v8.5.0.
I added
to the package.json file to force a more secure minimist version to be used by a dependency. However, this causes npm ci to think the package-lock.json and package.json are out of sync and therefore the ci fails.
We could either a) fix the dependency relying on the out-of-date minimist version, b) avoid the use of npm ci (i.e. always use npm install) or c) avoid using npm <= v8.5.0.
See here https://github.com/npm/cli/issues/4684 for more on this issue.