If you have jq, a lightweight and flexible command-line JSON processor, installed in your computer, it's easy to manipulate the command to update d...
For further actions, you may consider blocking this person and/or reporting abuse
How about
npm updateandnpm update --dev? (ref)Because it does not always update packages to the latest versions if those are caret/tilde dependencies:
docs.npmjs.com/cli-commands/update...
It means that
npm updatetries to update while keep satisfying app's package dependencies.