Is there an existing issue for this?
This issue exists in the latest npm version
This is not just a request to bump a dependency for a CVE
Current Behavior
% npm list -g
/Users/liangmi/.vite-plus/js_runtime/node/22.18.0/lib
...
└── cowsay@npm:typescript@6.0.2
~
% npm outdated -g
Package Current Wanted Latest Location Depended by
cowsay 6.0.2 1.6.0 1.6.0 node_modules/cowsay global
Expected Behavior
For global alias packages, the current version should be the alias spec instead of alias package's version directly, as well as npm update -g.
% npm outdated -g
Package Current Wanted Latest Location Depended by
cowsay typescript@6.0.2 typescript@6.0.3 typescript@6.0.3 node_modules/cowsay global
Steps To Reproduce
For example, cowsay and typescript
npm install -g cowsay@npm:typescript@5.0.0 # Install outdated typescript as an alias
npm outdated -g
npm update -g
Environment
- npm: v11.18.0
- Node.js: v22.18.0
- OS Name: macOS
- System Model Name: arm64
- npm config:
; "user" config from /Users/liangmi/.npmrc
//registry.npmjs.org/:_authToken = (protected)
; node bin location = /Users/liangmi/.vite-plus/js_runtime/node/22.18.0/bin/node
; node version = v22.18.0
; npm local prefix = /Users/liangmi
; npm version = 11.18.0
; cwd = /Users/liangmi
; HOME = /Users/liangmi
Is there an existing issue for this?
This issue exists in the latest npm version
This is not just a request to bump a dependency for a CVE
Current Behavior
% npm list -g /Users/liangmi/.vite-plus/js_runtime/node/22.18.0/lib ... └── cowsay@npm:typescript@6.0.2 ~ % npm outdated -g Package Current Wanted Latest Location Depended by cowsay 6.0.2 1.6.0 1.6.0 node_modules/cowsay globalExpected Behavior
For global alias packages, the current version should be the alias spec instead of alias package's version directly, as well as
npm update -g.Steps To Reproduce
For example,
cowsayandtypescriptnpm install -g cowsay@npm:typescript@5.0.0 # Install outdated typescript as an alias npm outdated -g npm update -gEnvironment