npm audit fails on node v14

[natlibfi-jonollil]

Description

Package auditing fails on node 14. This is not issue for us since it works on 16 & 18, we just move to node 18 on this, but it might be problem for someone else.

Reproduction

1. "jsonwebtoken": "^9.0.0" in package.json
2. import jwt from 'jsonwebtoken'; in js file (Babel) (Not sure if this is needed)

And when Github action runs on command 'npm audit --package-lock-only --production --audit-level=moderate'

name: Node-tests

on: push

jobs:
  build-node-versions:
    name: Node version matrix
    runs-on: ubuntu-latest

    strategy:
      matrix:
        node-version: [14.x, 16.x, 18.x]
        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/

    steps:
    - name: Checkout the code
      uses: actions/checkout@v3
    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v3
      with:
        node-version: ${{ matrix.node-version }}
        cache: 'npm'
      env:
        NPM_CONFIG_IGNORE_SCRIPTS: true
    - run: npm audit --package-lock-only --production --audit-level=moderate

1. On node 14 - Fail: npm ERR! Cannot read property 'jsonwebtoken' of undefined
2. On node 16 - OK
3. On node 18 - OK

Environment

• Version of this library used: 9.0.0
• Version of the platform or framework used, if applicable: Node 14, 16, 18
• Other relevant versions (language, server software, OS, browser):
• Other modules/plugins/libraries that might be involved: babel, passport, passport-jwt

[panva]

We're unable to help with npm issues. https://github.com/npm/cli might be the right venue for these issues.