@types package consumption should warn users about breaking changes

[ghost]

The page on consuming types packages (https://www.typescriptlang.org/docs/handbook/declaration-files/consumption.html) tells people to run npm install --save @types/lodash. This looks like a normal npm package install, and normal npm packages follow semver, so users might assume that's all they have to do. But DefinitelyTyped packages make breaking changes in patch versions. We should tell users to lock their dependencies or install a particular version.

[LinusU]

Educating about package-lock.json and yarn.lock could also be a good idea, specifically for types one might want to lock down the version in package.json as well tough 🤔

There is --save-exact, we could change to command to that: npm install --save-exact @types/lodash