Open adamlui opened 7 months ago
npm
No response
https://github.com/KudoAI/chatgpt.js/blob/main/package.json https://github.com/adamlui/js-utils/blob/main/scss-to-css/package.json
https://github.com/KudoAI/chatgpt.js/blob/main/.github/dependabot.yml https://github.com/adamlui/js-utils/blob/main/.github/dependabot.yml
@adamlui/scss-to-css from 1.0.1 to 1.1.1 sass from 1.70.0 to 1.71.0
Expected: bumps to new dependency versions in both package.json and package-lock.json Seen: bump to new dependency version in package-lock.json only
When running npm update --save it updates both manifests
npm update --save
https://github.com/KudoAI/chatgpt.js/pull/180 https://github.com/adamlui/js-utils/pull/4
https://github.com/dependabot/dependabot-core/issues/2178#issuecomment-2093932026
carlincherry
commented
4 months ago carlincherry
commented
4 months ago
Is there an existing issue for this?
Package ecosystem
npm
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
https://github.com/KudoAI/chatgpt.js/blob/main/package.json https://github.com/adamlui/js-utils/blob/main/scss-to-css/package.json
dependabot.yml content
https://github.com/KudoAI/chatgpt.js/blob/main/.github/dependabot.yml https://github.com/adamlui/js-utils/blob/main/.github/dependabot.yml
Updated dependency
@adamlui/scss-to-css from 1.0.1 to 1.1.1 sass from 1.70.0 to 1.71.0
What you expected to see, versus what you actually saw
Expected: bumps to new dependency versions in both package.json and package-lock.json Seen: bump to new dependency version in package-lock.json only
Native package manager behavior
When running
npm update --saveit updates both manifestsImages of the diff or a link to the PR, issue, or logs
https://github.com/KudoAI/chatgpt.js/pull/180 https://github.com/adamlui/js-utils/pull/4
Smallest manifest that reproduces the issue
No response