re: When not to use package-lock.json VIEW POST


I understand that even if you have the package-lock it will have no effect on any npm install ran on you machine, docker or CI/CD. That's why it is always updated after an npm install.

It only makes a difference if you ran npm ci, right?


As far as I know, yes. (Although I'm aware you wanted the author to answer you).

npm ci is has been very useful for consistent development and ci-build environments, for me at least.

code of conduct - report abuse