[BUG] `npm ci` succeeds when `package-lock.json` doesn't match `package.json`

[icatalina]

Current Behavior:

npm ci does not fail when package.json doesn't match package-lock.json

Expected Behavior:

npm ci refuses to install when the lock file is invalid.

Steps To Reproduce:

1. Manually bump a major version of a dependency in package.json
2. Run npm ci
3. It should fail but performs the whole installation

npm@7

npm@6

Environment:

• OS: Mac OS
• Node: 14.15.3
• npm: 7.5.4