[BUG] npm removes invalid references instead of failing with an error starting in 9.6.6
#6742
Open
2 tasks done
Labels
Bug
thing that needs fixing
Needs Triage
needs review for next steps
Release 9.x
work is associated with a specific npm 9 release
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
Starting with npm
9.6.6
if we runnpm install fetch-factory@0.0.2 --package-lock-only
with apackage.json
containing invalid references, it succeeds and removes the invalid references instead of failing with a validation error like previous versionsnpm install
fails as expectedI went over the release notes of 9.6.6 and I could not find any mention about this change in behavior. Was this intentional?
Expected Behavior
In
9.6.5
the same command fails with the errornpm ERR! must provide string spec
Steps To Reproduce
Reproducer : https://github.com/yeikel/npm-invalid-dependency-removed
Logs : https://github.com/yeikel/npm-invalid-dependency-removed/actions/runs/5994585281/job/16256409062
git clone https://github.com/yeikel/npm-invalid-dependency-removed.git
nvm install 18
nvm use 18
9.6.7
npm install fetch-factory@0.0.2 --package-lock-only
Expected : npm should fail with the following error
npm ERR! must provide string spec
Actual :
package.json
Environment
The text was updated successfully, but these errors were encountered: