dosubot[bot] commented on issue #33881: URL: https://github.com/apache/superset/issues/33881#issuecomment-3000590368
<!-- Greeting --> Hi @Oskar-Bonde! I'm [Dosu](https://go.dosu.dev/dosubot) and I’m helping the superset team. <!-- Answer --> This error is happening because Superset's package.json specifies luxon as "^3.5.0", but the package-lock.json in the repo was generated when [email protected] was the latest version. When [email protected] was published (between June 19 and June 23, 2025), npm started expecting the lockfile to reference 3.6.1 (the latest version matching "^3.5.0"), but the lockfile still points to 3.5.0. This is a normal npm integrity check: if a new patch version is published and the lockfile isn't updated, npm ci will fail with this error. Running npm install updates the lockfile to reference [email protected], resolving the mismatch and allowing npm ci to work again. This isn't a Superset-specific bug—it's a common scenario in npm projects when dependencies release new versions and the lockfile isn't updated promptly. Best practice is to update and commit package-lock.json whenever a new compatible dependency version is published. There are no official Superset docs or issues addressing this, but it's standard npm behavior and applies to any project using unpinned dependency ranges like "^3.5.0" for luxon. No recent changes in the Superset repo caused this; it's due to the new luxon release in the npm registry. Reference: ["luxon" dependency in package.json](https://github.com/apache/superset/blob/98b35125c2a562bb2a61a26e6acd3430339320aa/superset-frontend/package.json) <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/5ebb47a7-1791-49a9-99df-8aff13419928?feedback_type=other)</sup> [](https://go.dosu.dev/discord-bot) [! [Share on X](https://img.shields.io/badge/X-share-black)](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/issues/33881) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
