Skip to content

fix(ci): pin npm version to avoid self-upgrade corruption#785

Merged
jesseturner21 merged 1 commit intoaws:mainfrom
aidandaly24:fix/pin-npm-version
Apr 7, 2026
Merged

fix(ci): pin npm version to avoid self-upgrade corruption#785
jesseturner21 merged 1 commit intoaws:mainfrom
aidandaly24:fix/pin-npm-version

Conversation

@aidandaly24
Copy link
Copy Markdown
Contributor

@aidandaly24 aidandaly24 commented Apr 7, 2026

Summary

  • Pin npm install -g npm@11.5.1 instead of npm@latest in the release workflow
  • npm@latest fails on GitHub Actions runners because npm corrupts its own promise-retry dependency during self-upgrade
  • npm 11.5.1 is the minimum version needed for OIDC trusted publishing

Context

Same fix as aws/agentcore-l3-cdk-constructs#138. The release workflow failed at the Ensure npm 11.5.1+ for trusted publishing step with:

npm error code MODULE_NOT_FOUND
npm error Cannot find module 'promise-retry'

Test plan

  • Re-run the release workflow and verify the npm upgrade step succeeds

@aidandaly24
fix(ci): pin npm version to avoid self-upgrade corruption
940766a 
npm install -g npm@latest fails on GitHub Actions runners when npm
tries to replace its own modules mid-installation, corrupting the
promise-retry dependency. Pin to npm@11.5.1 which is the minimum
version needed for OIDC trusted publishing.
@aidandaly24 aidandaly24 requested a review from a team April 7, 2026 22:00
@github-actions github-actions bot added the size/xs PR size: XS label Apr 7, 2026
@jesseturner21 jesseturner21 merged commit 9c10f2c into aws:main Apr 7, 2026
18 of 19 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jesseturner21 jesseturner21 jesseturner21 approved these changes

Assignees

No one assigned

Labels

size/xs PR size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aidandaly24 @jesseturner21