Please make sure you have searched for information in the following guides.

• Search the issues already opened: https://github.com/googleapis/google-cloud-node-core/issues
• Search StackOverflow: http://stackoverflow.com/questions/tagged/google-cloud-platform+node.js
• Check our Troubleshooting guide: https://github.com/googleapis/google-cloud-node-core/blob/main/docs/troubleshooting.md
• Check our FAQ: https://github.com/googleapis/google-cloud-node-core/blob/main/docs/faq.md
• Check our libraries HOW-TO: https://github.com/googleapis/gax-nodejs/blob/main/client-libraries.md
• Check out our authentication guide: https://github.com/googleapis/google-auth-library-nodejs
• Check out handwritten samples for many of our APIs: https://github.com/GoogleCloudPlatform/nodejs-docs-samples
• Check the API's issue tracker: https://cloud.google.com/support/docs/issue-trackers

Link to the code that reproduces this issue. A link to a public Github Repository or gist with a minimal reproduction.

A step-by-step description of how to reproduce the issue, based on the linked reproduction.

1. Click on the link:

   google-cloud-node-core/packages/google-auth-library-nodejs/package.json

   Line 26 in 7feb4c8

   "gaxios": "7.1.3",

A clear and concise description of what the bug is, and what you expected to happen.

I expected version range for gaxios, so the new version 7.1.4 gets installed by consumers, but instead of specifying ^7.1.3 the ^ is missing so the version is locked into 7.1.3, so patches, etc. for these transient dependencies can't get picked up easily on a new npm install or with something like npm update at the consumer.

A clear and concise description WHY you expect this behavior, i.e., was it a recent change, there is documentation that points to this behavior, etc. **

It is a common practice to specify a version range, unless if there is a temporary regression that is requiring a downgrade. It looks like during the last update that was bumping the versions to the latest version here ended up removing the version range for future patch updates (perhaps unintentionally).