Due to a known npm bug (https://github.com/npm/cli/issues/4263) a lot of the dependencies in the lockfile have their resolve and integrity fields missing. This might be okay for npm to run properly, but it breaks tools that rely on these fields to achieve reproducibility when building npm packages.
The lockfile should be regenerated via npm i, and contributors should avoid accidentally changing the lockfile by running npm i locally — use npm ci instead
Due to a known npm bug (https://github.com/npm/cli/issues/4263) a lot of the dependencies in the lockfile have their resolve and integrity fields missing. This might be okay for npm to run properly, but it breaks tools that rely on these fields to achieve reproducibility when building npm packages.
The lockfile should be regenerated via
npm i, and contributors should avoid accidentally changing the lockfile by runningnpm ilocally — usenpm ciinstead