Currently, if you have an .npmrc config in the root of an npm library with package-lock=false inside, if you perform an npm update, a package-lock file will be created. Since it's not created if npm i is used, it looks suspicious to me.
npm update should not create a package-lock file if I explicitly told it not to create one!
Please correct me if I'm wrong or this issue is officially a feature or has been fixed since (on npm >=v6).
hi all!
Currently, if you have an
.npmrcconfig in the root of an npm library withpackage-lock=falseinside, if you perform annpm update, apackage-lockfile will be created. Since it's not created ifnpm iis used, it looks suspicious to me.npm updateshould not create apackage-lockfile if I explicitly told it not to create one!Please correct me if I'm wrong or this issue is officially a feature or has been fixed since (on npm >=v6).
I'm using:
Thank you.