Gar

This would be quite a breaking change if implemented. The correct change would be to not remove optional deps from the lockfile if they end up not being installed.

I mean removing them from the lockfile altogether. What we're functionally wanting here is no different than if I did `npm ci --omit=dev`. The dev dependencies would not be reified,...

We've seen this before but never had a reproduction case for it. That would go a long way to fixing this.

Yes the root cause here is if there is a valid tree but NO package-lock, there is no integrity for npm to pull from because that is not something that...

@boneskull can you reliably reproduce this in an isolated case? We're still fuzzy on what the root cause is here.

> Resolve the conflict in packages/something/package.json by combining the changes. What exactly is being ran here?

No, to resolve the conflict.

This also happens w/ `os` and `libc` fields: https://github.com/npm/cli/issues/7493 Same root cause: when npm reads from node_modules only to populate lockfile info.

This needs tests

I'm not so sure about this, `--json` is for computer parsing, not human reading. We do sort the results in what's called the `prettyView`. I do have a PR underway...