[Bug]: package-lock.json not up to date with specified node version

[doug-s-nava]

Contact Details

[email protected]

What happened?

The package.json specifies:

  "engines": {
    "node": ">=20.0.0"
  },

However, when running an npm install with node version 20.17.0, the following messages are received, and a newly formatted package-lock.json file is generated:

npm warn old lockfile The package-lock.json file was created with an old version of npm,
npm warn old lockfile so supplemental metadata must be fetched from the registry.
npm warn old lockfile
npm warn old lockfile This is a one-time fix-up, please be patient...

Most importantly, the lockfileVersion of the package-lock changes from 1 to 3 as a result of this change, and the json shape of the file changes significantly.

The likely fix is to ensure that all users are ready to move to node > v 20 and then check in the new package-lock.

Steps to reproduce the behavior

1. nvm install 20
2. nvm use 20
3. npm install
4. git diff
5. VALIDATE: a large diff in the package-lock.json

Priority

medium (please fix soon)

Relevant log output

-> npm install

...

npm warn old lockfile The package-lock.json file was created with an old version of npm,
npm warn old lockfile so supplemental metadata must be fetched from the registry.
npm warn old lockfile
npm warn old lockfile This is a one-time fix-up, please be patient...

...

Screenshots and additional context

No response

Code of Conduct

• I agree to follow this project's Code of Conduct