So You Think You’re Just Gonna npm install? Think Again

We embraced the birth of package lockfiles with open arms, which introduced deterministic installations across different environments and enforced dependency expectations across team collaboration.
Life is good! Or so I thought… what would have happened had I slipped some changes into the project’s package.json file but had forgotten to commit the lockfile along side of it?