diff --git a/lib/manager/npm/extract/__snapshots__/locked-versions.spec.ts.snap b/lib/manager/npm/extract/__snapshots__/locked-versions.spec.ts.snap
index 809cc5f3aa0f1a8dc7c29c567da44f423c417ef2..70edc75550bde6b009f7fc606cc5a41d47f1e5a0 100644
--- a/lib/manager/npm/extract/__snapshots__/locked-versions.spec.ts.snap
+++ b/lib/manager/npm/extract/__snapshots__/locked-versions.spec.ts.snap
@@ -1,5 +1,28 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP
+exports[`manager/npm/extract/locked-versions .getLockedVersions() appends <7 to npm constraints 1`] = `
+Array [
+ Object {
+ "constraints": Object {
+ "npm": ">=6.0.0 <7",
+ },
+ "deps": Array [
+ Object {
+ "currentValue": "1.0.0",
+ "depName": "a",
+ "lockedVersion": "1.0.0",
+ },
+ Object {
+ "currentValue": "2.0.0",
+ "depName": "b",
+ "lockedVersion": "2.0.0",
+ },
+ ],
+ "npmLock": "package-lock.json",
+ },
+]
+`;
+
exports[`manager/npm/extract/locked-versions .getLockedVersions() ignores pnpm 1`] = `
Array [
Object {
@@ -21,7 +44,9 @@ Array [
exports[`manager/npm/extract/locked-versions .getLockedVersions() uses package-lock.json with npm v6.0.0 1`] = `
Array [
Object {
- "constraints": Object {},
+ "constraints": Object {
+ "npm": "<7",
+ },
"deps": Array [
Object {
"currentValue": "1.0.0",
@@ -42,9 +67,7 @@ Array [
exports[`manager/npm/extract/locked-versions .getLockedVersions() uses package-lock.json with npm v7.0.0 1`] = `
Array [
Object {
- "constraints": Object {
- "npm": ">= 7.0.0",
- },
+ "constraints": Object {},
"deps": Array [
Object {
"currentValue": "1.0.0",
diff --git a/lib/manager/npm/extract/locked-versions.spec.ts b/lib/manager/npm/extract/locked-versions.spec.ts
index 2a587ce4192465a1dbb93a82c8d8ee685d24c353..9507783895249bf5021f6ce88ae4a5637ab868bf 100644
--- a/lib/manager/npm/extract/locked-versions.spec.ts
+++ b/lib/manager/npm/extract/locked-versions.spec.ts
@@ -75,6 +75,36 @@ describe('manager/npm/extract/locked-versions', () => {
expect(packageFiles).toMatchSnapshot();
}
);
+ it('appends <7 to npm constraints', async () => {
+ npm.getNpmLock.mockReturnValue({
+ lockedVersions: {
+ a: '1.0.0',
+ b: '2.0.0',
+ c: '3.0.0',
+ },
+ lockfileVersion: 1,
+ });
+ const packageFiles = [
+ {
+ npmLock: 'package-lock.json',
+ constraints: {
+ npm: '>=6.0.0',
+ },
+ deps: [
+ {
+ depName: 'a',
+ currentValue: '1.0.0',
+ },
+ {
+ depName: 'b',
+ currentValue: '2.0.0',
+ },
+ ],
+ },
+ ];
+ await getLockedVersions(packageFiles);
+ expect(packageFiles).toMatchSnapshot();
+ });
it('ignores pnpm', async () => {
const packageFiles = [
{
diff --git a/lib/manager/npm/extract/locked-versions.ts b/lib/manager/npm/extract/locked-versions.ts
index c12fe9645d6bb019d98555e2cc9da4b0f63ef5e7..348a826640744f9a3a0be35b680c1b92db5a7530 100644
--- a/lib/manager/npm/extract/locked-versions.ts
+++ b/lib/manager/npm/extract/locked-versions.ts
@@ -39,11 +39,12 @@ export async function getLockedVersions(
logger.trace('Retrieving/parsing ' + npmLock);
lockFileCache[npmLock] = await getNpmLock(npmLock);
}
- if (!packageFile.constraints.npm) {
- // do not override if already set
- const { lockfileVersion } = lockFileCache[npmLock];
- if (lockfileVersion >= 2) {
- packageFile.constraints.npm = '>= 7.0.0';
+ const { lockfileVersion } = lockFileCache[npmLock];
+ if (lockfileVersion === 1) {
+ if (packageFile.constraints.npm) {
+ packageFile.constraints.npm += ' <7';
+ } else {
+ packageFile.constraints.npm = '<7';
}
}
for (const dep of packageFile.deps) {
diff --git a/lib/manager/npm/post-update/npm.ts b/lib/manager/npm/post-update/npm.ts
index 31c557f34f779ad06c265a8d5c6d6193d087a396..d63e6c5e0944a66f58821c24d45b159557c2857d 100644
--- a/lib/manager/npm/post-update/npm.ts
+++ b/lib/manager/npm/post-update/npm.ts
@@ -27,9 +27,9 @@ export async function generateLockFile(
let lockFile = null;
try {
let installNpm = 'npm i -g npm';
- const npmCompatibility = config.constraints?.npm;
+ const npmCompatibility = config.constraints?.npm as string;
if (validRange(npmCompatibility)) {
- installNpm += `@${quote(npmCompatibility)}`;
+ installNpm = `npm i -g ${quote(`npm@${npmCompatibility}`)}`;
}
const preCommands = [installNpm, 'hash -d npm'];
const commands = [];