[BUG] audit fix does not update version in package.json

[apmyp1990]

Is there an existing issue for this?

• I have searched the existing issues

This issue exists in the latest npm version

• I am using the latest npm

Current Behavior

I am using axios in my project, and now npm audit tells me that there is a vulnerability in axios. After running npm audit fix, the version of axios in my package.json does not update. In the package-lock.json, my first level axios is also not updated, but a few levels deeper it is update as an dependency for another package.

Expected Behavior

I would expect that the version in the package.json will also be updatetd.

Steps To Reproduce

No response

Environment

• npm: 9.8.1
• Node.js: 16.15.0
• OS Name: Windows 11
• System Model Name:
• npm config:

; node bin location = C:\Program Files\nodejs\node.exe   
; node version = v16.15.0
; npm local prefix = censored   
; npm version = 9.8.1
; cwd = censored
; HOME = censored
; Run `npm config ls -l` to show all defaults.

[milaninfy]

@apmyp1990 Can you please share what package version is mentioned in your package.json before npm audit fix? what exact package version you installed to replicate this issue?

[milaninfy]

Closing due to age. If this is still a problem please feel free to reopen this issue, or create a new issue w/ steps to reproduce.