That hasn't always been the case, and if that is what you want that is why they recommend using npm ci instead of npm install so that package-lock.json will absolutely dictate which dependencies you install.
I mean,even if in theory npm install installs based on package-lock.json, it hasn't always been the case, and has varied from version to version of npm, and once you have a valid package-lock.json, npm ci is THE way to guarantee you are installing based on it.
No good, I know!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
That hasn't always been the case, and if that is what you want that is why they recommend using
npm ci
instead ofnpm install
so that package-lock.json will absolutely dictate which dependencies you install.I mean,even if in theory
npm install
installs based on package-lock.json, it hasn't always been the case, and has varied from version to version ofnpm
, and once you have a valid package-lock.json,npm ci
is THE way to guarantee you are installing based on it.No good, I know!