package-lock.json version does not match package.json

when running an npm install, a package-lock.json file is generated with a mismatched version number. package.json version number is 0.0.0--ignored while package-lock.json is 0.0.1. i wouldn’t expect the package lock to pick up the note at the end of the version, but i would expect it to at least not increment unexpectedly.

$ npm --versions
{ 'repo': '0.0.0--ignored',
  npm: '6.8.0',
  ares: '1.15.0',
  cldr: '33.1',
  http_parser: '2.8.0',
  icu: '62.1',
  modules: '64',
  napi: '3',
  nghttp2: '1.34.0',
  node: '10.15.1',
  openssl: '1.1.0j',
  tz: '2018e',
  unicode: '11.0',
  uv: '1.23.2',
  v8: '6.8.275.32-node.12',
  zlib: '1.2.11' }
$ node -p process.platform
darwin

omitting the version field (for a non-publishing project) might be the right way to do this now that i think about it. npm and yarn and their lock files seem to behave okay when it’s missing, and it communicates the intent that this project isn’t governed by semver.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.