make css generate a different package-lock.json on master

[lunny]

Don't know if this is related with #6952

$ make css
npx lesshint public/less/
npx lessc --clean-css="--s0 -b" public/less/index.less public/css/index.css
npx lessc --clean-css="--s0 -b" public/less/themes/arc-green.less > public/css/theme-arc-green.css;
npx postcss --use autoprefixer --no-map --replace public/css/*

/Volumes/data/Projects/gitea/gitea on  master! ⌚ 20:08:29
$ ls
BSDmakefile       Dockerfile        README.md         contrib           docker            go.sum            main.go           options           routers           templates
CHANGELOG.md      LICENSE           README_ZH.md      coverage.out      docs              indexers          models            package-lock.json scripts           vendor
CONTRIBUTING.md   MAINTAINERS       assets            custom            gitea             integrations      modules           package.json      snap
DCO               Makefile          cmd               data              go.mod            log               node_modules      public            sqlite-log

/Volumes/data/Projects/gitea/gitea on  master! ⌚ 20:08:32
$ git status
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git checkout -- <file>..." to discard changes in working directory)

	modified:   package-lock.json

no changes added to commit (use "git add" and/or "git commit -a")

[silverwind]

make css can itself not generate package-lock.json, only npm install can. I think what you're seeing is that you are on a different version of npm which writes a different lockfile.

Generally, I think it's best to actually remove package-lock.json from git, it's purpose is rather questionable in my point of view. Will get a PR up for this later.