Why does the 2.7.3 tagged package-lock file show this as v3.0.0 now?

[MartinFalatic]

I notice that there's a discrepancy between package.json and package-lock.json:

In https://github.com/JoshGlazebrook/socks/blob/2.7.3/package.json we see "version": "2.7.3"

But in https://github.com/JoshGlazebrook/socks/blob/2.7.3/package-lock.json we see "version": "3.0.0"

https://github.com/JoshGlazebrook/socks/compare/2.7.1...2.7.3

I've had a devil of a time trying to get this to upgrade as part of [email protected] (it refuses for no obvious reason to go past socks 2.7.1 despite its specifying the dependency as ^2.7.1):

https://github.com/TooTallNate/proxy-agents/issues/293#issuecomment-1960652215

Originally posted by @MartinFalatic in https://github.com/JoshGlazebrook/socks/issues/95#issuecomment-1960664658

[JoshGlazebrook]

Ugh I think this happened when I was working on publishing the fix for the ip package. Let me publish 2.7.4, and also publish 2.8.0.

[JoshGlazebrook]

Okay I've published [email protected] and I also published [email protected] both with correct package-lock.json

[wraithgar]

The package-lock is ignored on published modules. It only comes into use when interacting with the package directly, not as a dependency.

[MartinFalatic]

I verified my cache, but ended up deleting it today. Installing socks installs 2.8.1.

I'm curious why 2.7.4 is "beta" but as long as 2.8.1 is the proper one I'm fine with that.

npm dist-tag ls socks
beta: 2.7.2
latest: 2.8.1

[JoshGlazebrook]

npm dist-tag ls socks
latest: 2.8.1