cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon npm

[BUG] NPM audit breakes packages versions

Open mdziczkowski opened this issue 2 months ago • 0 comments

Is there an existing issue for this?

  • [x] I have searched the existing issues

This issue exists in the latest npm version

  • [x] I am using the latest npm

Current Behavior

When I had done npm audit fix after installing package with all dependencies, npm has changed the version of the package from the latest one to ^0.0.0 with breaks the application, preventing it from working.

Expected Behavior

Normal fix of audit and upgrading the version of packages to latest verstion instead of downgrading them

Steps To Reproduce

Given on example of the package react-scripts:

  1. Install the react-scripts@latest
  2. check the contest of packages.json for the version of the installed version of the package
  3. Run 'npm audit fix --force`
  4. See the output in the terminal, as well the changes to the packages.json to :^0.0.0"

Environment

  • npm: 9.2.0

  • Node.js: v20.19.2

  • OS Name: Debian (codename: trixie)

  • npm config:

; copy and paste output from `npm config ls` here

location = "project"

; node bin location = /usr/bin/node ; node version = v20.19.2 ; npm local prefix = [trunchated] ; npm version = 9.2.0 ; cwd =[trunchated] ; HOME = [trunchated]

mdziczkowski avatar Oct 09 '25 19:10 mdziczkowski