Open mikemaccana opened 3 years ago
I am also facing same issue with the command npm audit fix
. When I run this command I am asked to run the same command to fix the issues.
Environment:
@mikemaccana :wave: can you shoot over the redacted package.json
to help us figure out what's going on? Apologize for the delay triage but appreciate you bringing this up.
A reproducible version of this issue is in #5046 with a helpful discussion.
FYI, the bug is still present in npm 9/Node 18
(I am getting alternative upgrades and downgrades similar to (if not exactly the same problem as) https://github.com/npm/cli/issues/5046)
I have been running into this issue while trying to fix the webpack/OpenSSL bug by running npm audit fix in this repo using react scripts : https://github.com/nexmo-se/video-express-react-app
Hi there, is there any news on this bug? I would settle for a workaround as well, but getting all these vulnerability warnings on every npm install is kind of annoying....
I've upgraded to NPM 10.2.0 / Node 21.1.0 and am seeing downgrades of a bunch of packages including gulp as a function of using --force, which I run to try to fix problems with lodash. help?
Current Behavior:
npm audit fix --force
recommends runningnpm audit fix --force
(the same command) to fix issues.This obviously makes no sense.
npm audit fix --force
should itself fix the issues reported.Expected Behavior:
npm fix ---force
should resolve the issues by updating dependencies.Steps To Reproduce:
Detail above might be enough, but ifnot, LMK and I'll produce a redacted
package.json
Environment: