cli
cli copied to clipboard
npm
[BUG] `npm audit fix --force` trying to update package to `undefined`
Is there an existing issue for this?
- [X] I have searched the existing issues
This issue exists in the latest npm version
- [X] I am using the latest npm
Current Behavior
npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating @docusaurus/core to undefined,which is a SemVer major change.
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @docusaurus/core@undefined.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/charliefish/.npm/_logs/2022-02-05T18_43_57_293Z-debug.log
Expected Behavior
No errors to occur when running npm audit fix --force.
Steps To Reproduce
- With the
package.jsonfile listed below & nopackage-lock.jsonfile - Run
npm i - Then
npm audit fix --force
package.json:
{
"name": "docs",
"version": "0.0.0",
"private": true,
"scripts": {
"start": "docusaurus start",
"build": "npm run prebuild && docusaurus build",
"swizzle": "docusaurus swizzle",
"prebuild": "cd .. && npm run build && cd docs && node process.js"
},
"dependencies": {
"@docusaurus/core": "^2.0.0-beta.15",
"@docusaurus/preset-classic": "^2.0.0-beta.15",
"classnames": "^2.3.1",
"jsdoc-to-markdown": "^7.1.1",
"mkdirp": "^1.0.4",
"npm-to-yarn": "^1.0.1",
"react": "^17.0.2",
"react-dom": "^17.0.2",
"simple-git": "^3.1.1"
},
"browserslist": {
"production": [
">0.2%",
"not dead",
"not op_mini all"
],
"development": [
"last 1 chrome version",
"last 1 firefox version",
"last 1 safari version"
]
}
}
Environment
- npm: 8.1.2
- Node.js: v16.13.2
- OS Name: macOS
- System Model Name: Macbook Pro
- npm config:
; "user" config from /Users/charliefish/.npmrc
//npm.pkg.github.com/:_authToken = (protected)
//registry.npmjs.com/:_authToken = (protected)
registry = "https://npm.network.charlie.fish/"
; node bin location = /Users/charliefish/.nvm/versions/node/v16.13.2/bin/node
; cwd = /Users/charliefish/Developer/dynamoose/dynamoose/docs
; HOME = /Users/charliefish
; Run `npm config ls -l` to show all defaults.
I'm unable to reproduce the issue in npm v8.5.0. Does the same problem occur using the default registry and with the latest version of npm? Please re-open with your logs included if so.
@fritzy Same issue. Please reopen.
The repo is also open source if you want to check it out: https://github.com/dynamoose/dynamoose/tree/main/docs. It's just the docs folder. I ran npm install, then npm audit fix --force --registry=https://registry.npmjs.com, and the error occurred.
npm -v
8.5.0
npm audit fix --force --registry=https://registry.npmjs.com
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating @docusaurus/core to undefined,which is a SemVer major change.
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @docusaurus/core@undefined.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/charliefish/.npm/_logs/2022-02-17T02_55_36_444Z-debug-0.log
2022-02-17T02_55_36_444Z-debug-0.log
dynamoose/docs on main via ⬢ v17.5.0
❯ rm -rf node_modules
dynamoose/docs on main via ⬢ v17.5.0 took 2s
❯ npm i
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
added 1243 packages, and audited 1244 packages in 4s
196 packages are looking for funding
run `npm fund` for details
21 vulnerabilities (8 moderate, 13 high)
To address all issues, run:
npm audit fix
Run `npm audit` for details.
dynamoose/docs on main via ⬢ v17.5.0 took 4s
❯ npm audit fix --force --registry=https://registry.npmjs.com
npm WARN using --force Recommended protections disabled.
up to date, audited 1244 packages in 27s
196 packages are looking for funding
run `npm fund` for details
# npm audit report
nth-check <2.0.1
Severity: moderate
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix`
node_modules/@slorber/static-site-generator-webpack-plugin/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/@slorber/static-site-generator-webpack-plugin/node_modules/css-select
cheerio 0.19.0 - 1.0.0-rc.3
...
@fishcharlie i'm not able to reproduce this one either. i cloned your repo, changed dirs into the docs direct and no amount of npm install or npm audit fix --force raises this error. is this still happening for you with [email protected]?
@nlf Just installed npm 8.5.3, and issue persists.
I did just try to remove my node_modules folder and package-lock.json file, and run those commands again, and the issue did not occur.
Therefore I think it's an issue with my package-lock.json file. I have uploaded that here as well.
I have the exact same issue:
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating @docusaurus/core to undefined,which is a SemVer major change.
npm ERR! code ETARGET
npm ERR! notarget No matching version found for @docusaurus/core@undefined.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/jan/.npm/_logs/2022-07-27T09_56_08_631Z-debug-0.log
2022-07-27T09_56_08_631Z-debug-0.log
