[BUG] audit fix does not update version in package.json #7178
Labels
Awaiting Information
further information is requested
Bug
thing that needs fixing
Release 9.x
work is associated with a specific npm 9 release
Is there an existing issue for this?
This issue exists in the latest npm version
Current Behavior
I am using axios in my project, and now npm audit tells me that there is a vulnerability in axios. After running npm audit fix, the version of axios in my package.json does not update. In the package-lock.json, my first level axios is also not updated, but a few levels deeper it is update as an dependency for another package.
Expected Behavior
I would expect that the version in the package.json will also be updatetd.
Steps To Reproduce
No response
Environment
The text was updated successfully, but these errors were encountered: