would you consider committing the package-lock.json file to the repo? npm docs suggest to do this and it eases the burden for downstream consumers by publishing a known-good dependency configuration.
i understand this project is considered "legacy" at this point, but in a way that makes having a lockfile even more useful since breakages caused by new dependency releases are more liable to go unnoticed here.
would you consider committing the
package-lock.jsonfile to the repo? npm docs suggest to do this and it eases the burden for downstream consumers by publishing a known-good dependency configuration.i understand this project is considered "legacy" at this point, but in a way that makes having a lockfile even more useful since breakages caused by new dependency releases are more liable to go unnoticed here.