@brodybits Regarding your commit message > dep fix in npm-shrinkwrap.json to fix npm audit issue NOTE: This was done by hand, probably would have been better to use npm
AFAIK you _have_ to do this by hand. However, you can prune the dependencies after that. What worked for me was this approach: 1. Edit the spec for the dependency that you want to change in their dependents' `requires` block. 1. Stage your changes 1. Run `npm install` again. This will prune the dependency tree a bit, using the new version for the edited dependency. However, sometimes this also resets the edit from 1., so you might have to re-apply it. 1. Stage and commit your changes If you run `npm install` again after that, it will undo your changes in my experience. So this is really a last resort, but for the release use-case it should be fine, as it's not expected that someone continues to work with that manually updated file. [ Full content available at: https://github.com/apache/cordova-cli/pull/326 ] This message was relayed via gitbox.apache.org for devnull@infra.apache.org
