Currently, if you have an .npmrc config in the root of an npm library with package-lock=false inside, if you perform an npm update, a package-lock file will be created. Since it's not created if npm i is used, it looks suspicious to me.
npm update should not create a package-lock file if I explicitly told it not to create one!
Please correct me if I'm wrong or this issue is officially a feature or has been fixed since (on npm >=v6).
hi all!
Currently, if you have an
.npmrc
config in the root of an npm library withpackage-lock=false
inside, if you perform annpm update
, apackage-lock
file will be created. Since it's not created ifnpm i
is used, it looks suspicious to me.npm update
should not create apackage-lock
file if I explicitly told it not to create one!Please correct me if I'm wrong or this issue is officially a feature or has been fixed since (on npm >=v6).
I'm using:
Thank you.