| ▲ | DDerTyp 4 days ago | |
You’re right and the excerpt you quoted was poorly worded and confusing. A lockfile is designed to do exactly what you said. The package.json locked the file to ^1.3.2. If a newer version exists online that still satisfies the range in package.json (like 1.3.3 for ^1.3.2), npm install will often fetch that newer version and update your package-lock.json file automatically. That’s how I understand it / that’s my current knowledge. Maybe there is someone here who can confirm/deny that. That would be great! | ||
| ▲ | typpilol 3 days ago | parent [-] | |
You're correct | ||