Updating from 7.0.9 to 7.1.0 breaks audit-ci

[daviddelusenet]

I'm using the audit-ci package in my project. When I update my @semantic-release/npm dependency from version 7.0.9 to 7.1.0 audit-ci breaks working.

The error I'm getting is:

Cannot convert undefined or null to object
Exiting...

I've already opened an issue in audit-ci: IBM/audit-ci#176

Please let me know if you need any more information.

[gr2m]

let's wait for them to ship npm7 support and see if the problem persists. Please keep us posted

[daviddelusenet]

Probably not. 😄

However, shouldn't have been the update from NPM 6 to 7 be a breaking change? Since it's actually breaking stuff..

[danez]

npm should only be used internally here. I'm not really sure why audit-ci is using the version that semantic-release installs. To me this sounds like a problem in audit-ci as it is using the wrong npm version but does not specify any dependency on npm itself.

[amclin]

#357 may be related

Seems mixing NPM 7 as a dependency into stacks that don't explicitly use NPM 7 is problematic.