Closed jeffwidman closed 5 months ago
Either relax the strictness here:
https://github.com/dependabot/fetch-metadata/blob/dc2c459ae6444ea1d108233ed87ce5ff16cf2fa2/.npmrc#L1
Or update the node and npm versions here to at least the versions mentioned in the error message:
another alternative if we don't care about pinning the minor version is:
"engines": {
"node": ">=20.x",
"npm": ">=10.x"
},
we might have to get rid of engine-strict=true
for it to work
After looking at this, I think dropping engine-strict
(since it defaults to false
) will probably suffice for the fetch-metadata
usecase.
I'm normally a fan of pinning, but given that if we do break something it's not hard to temp pin to an older version, then I'm okay if we relax this for now... and if it becomes a problem in the future, then we can tighten the screws again.
Fixed by:
And :dependabot: is now working again in https://github.com/dependabot/fetch-metadata/pull/453!
From https://github.com/dependabot/fetch-metadata/network/updates/803622934:
My guess is something in https://github.com/dependabot/fetch-metadata/pull/443 is a little too strict or pinned to the wrong version...