I understand that even if you have the package-lock it will have no effect on any npm install ran on you machine, docker or CI/CD. That's why it is always updated after an npm install.
It only makes a difference if you ran npm ci, right?
As far as I know, yes. (Although I'm aware you wanted the author to answer you).
npm ci is has been very useful for consistent development and ci-build environments, for me at least.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.