That's a sensible strategy for authoring libraries.
However for applications the best rule of thumb is: everything you need to build an application is a dependency. So bundlers, linters and tests utils (if linting and tests are part of your build pipleline) are regular dependencies, not devDependencies.
That way it's always safe to use npm ci in your CI pipeline.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
That's a sensible strategy for authoring libraries.
However for applications the best rule of thumb is: everything you need to build an application is a dependency. So bundlers, linters and tests utils (if linting and tests are part of your build pipleline) are regular dependencies, not devDependencies.
That way it's always safe to use
npm ciin your CI pipeline.