diff --git a/node_modules/libnpmversion/lib/index.js b/node_modules/libnpmversion/lib/index.js
index 525d8264e737a..c3f554834bf81 100644
--- a/node_modules/libnpmversion/lib/index.js
+++ b/node_modules/libnpmversion/lib/index.js
@@ -1,4 +1,4 @@
-const readJson = require('read-package-json-fast')
+const readJson = require('./read-json.js')
 const version = require('./version.js')
 const proclog = require('./proc-log.js')
 
diff --git a/node_modules/libnpmversion/lib/read-json.js b/node_modules/libnpmversion/lib/read-json.js
new file mode 100644
index 0000000000000..0a1f64f2f70e7
--- /dev/null
+++ b/node_modules/libnpmversion/lib/read-json.js
@@ -0,0 +1,7 @@
+// can't use read-package-json-fast, because we want to ensure
+// that we make as few changes as possible, even for safety issues.
+const {promisify} = require('util')
+const readFile = promisify(require('fs').readFile)
+const parse = require('json-parse-even-better-errors')
+
+module.exports = async path => parse(await readFile(path))
diff --git a/node_modules/libnpmversion/lib/version.js b/node_modules/libnpmversion/lib/version.js
index 31e6023f017a5..0fe1ea6213fc6 100644
--- a/node_modules/libnpmversion/lib/version.js
+++ b/node_modules/libnpmversion/lib/version.js
@@ -4,7 +4,7 @@ const retrieveTag = require('./retrieve-tag.js')
 const semver = require('semver')
 const enforceClean = require('./enforce-clean.js')
 const writeJson = require('./write-json.js')
-const readJson = require('read-package-json-fast')
+const readJson = require('./read-json.js')
 const git = require('@npmcli/git')
 const commit = require('./commit.js')
 const tag = require('./tag.js')
diff --git a/node_modules/libnpmversion/package.json b/node_modules/libnpmversion/package.json
index 3d15bbc2f7f72..0135c21e7232c 100644
--- a/node_modules/libnpmversion/package.json
+++ b/node_modules/libnpmversion/package.json
@@ -1,6 +1,6 @@
 {
   "name": "libnpmversion",
-  "version": "1.0.11",
+  "version": "1.0.12",
   "main": "lib/index.js",
   "files": [
     "lib/*.js"
@@ -30,7 +30,7 @@
   "dependencies": {
     "@npmcli/git": "^2.0.6",
     "@npmcli/run-script": "^1.8.3",
-    "read-package-json-fast": "^2.0.1",
+    "json-parse-even-better-errors": "^2.3.1",
     "semver": "^7.3.4",
     "stringify-package": "^1.0.1"
   }
diff --git a/package-lock.json b/package-lock.json
index ba74b7f0af885..6f9fa62597adb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -283,7 +283,7 @@
         "libnpmpublish": "^4.0.0",
         "libnpmsearch": "^3.1.0",
         "libnpmteam": "^2.0.2",
-        "libnpmversion": "^1.0.11",
+        "libnpmversion": "^1.0.12",
         "make-fetch-happen": "^8.0.14",
         "minipass": "^3.1.3",
         "minipass-pipeline": "^1.2.4",
@@ -4917,14 +4917,14 @@
       }
     },
     "node_modules/libnpmversion": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.11.tgz",
-      "integrity": "sha512-HKbfJ0wwx+W9Br4bvbHUMN/YIe7B8qmFtdaLZnXEUozaaTD6gGpIEf1aH1xRlGfNPocT6YBz3O6+RAgSndAgbA==",
+      "version": "1.0.12",
+      "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.12.tgz",
+      "integrity": "sha512-Z5L2+JXUHC4xH9VkN/3BiVflnMag2bH1Ijy8ISKFw8fBQv9IXNSQgZbzwtfo4VBg0y+ieaKYbzpfbgjfUr31mw==",
       "inBundle": true,
       "dependencies": {
         "@npmcli/git": "^2.0.6",
         "@npmcli/run-script": "^1.8.3",
-        "read-package-json-fast": "^2.0.1",
+        "json-parse-even-better-errors": "^2.3.1",
         "semver": "^7.3.4",
         "stringify-package": "^1.0.1"
       }
@@ -14057,13 +14057,13 @@
       }
     },
     "libnpmversion": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.11.tgz",
-      "integrity": "sha512-HKbfJ0wwx+W9Br4bvbHUMN/YIe7B8qmFtdaLZnXEUozaaTD6gGpIEf1aH1xRlGfNPocT6YBz3O6+RAgSndAgbA==",
+      "version": "1.0.12",
+      "resolved": "https://registry.npmjs.org/libnpmversion/-/libnpmversion-1.0.12.tgz",
+      "integrity": "sha512-Z5L2+JXUHC4xH9VkN/3BiVflnMag2bH1Ijy8ISKFw8fBQv9IXNSQgZbzwtfo4VBg0y+ieaKYbzpfbgjfUr31mw==",
       "requires": {
         "@npmcli/git": "^2.0.6",
         "@npmcli/run-script": "^1.8.3",
-        "read-package-json-fast": "^2.0.1",
+        "json-parse-even-better-errors": "^2.3.1",
         "semver": "^7.3.4",
         "stringify-package": "^1.0.1"
       }
diff --git a/package.json b/package.json
index 3c3324071bbfe..26857bad94ffa 100644
--- a/package.json
+++ b/package.json
@@ -74,7 +74,7 @@
     "libnpmpublish": "^4.0.0",
     "libnpmsearch": "^3.1.0",
     "libnpmteam": "^2.0.2",
-    "libnpmversion": "^1.0.11",
+    "libnpmversion": "^1.0.12",
     "make-fetch-happen": "^8.0.14",
     "minipass": "^3.1.3",
     "minipass-pipeline": "^1.2.4",