Running npm install in a clean clone of this repo modifies package-lock.json

[yokuze]

Running npm install from a clean state (e.g. right after cloning this repo) modifies the package-lock.json file, like so:

diff --git a/package-lock.json b/package-lock.json
index 4304a76..02f7223 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3784,11 +3784,11 @@
       "dev": true,
       "requires": {
         "chalk": "^2.4.1",
-        "conventional-changelog": "^3.0.6",
-        "conventional-recommended-bump": "^4.0.4",
+        "conventional-changelog": "^3.1.2",
+        "conventional-recommended-bump": "^4.1.1",
         "detect-indent": "^5.0.0",
         "detect-newline": "^2.1.0",
-        "dotgitignore": "^1.0.3",
+        "dotgitignore": "^2.1.0",
         "figures": "^2.0.0",
         "fs-access": "^1.0.0",
         "git-semver-tags": "^2.0.2",

[yokuze]

This issue is caused by the dependency on a fork of standard-version:

eslint-config-silvermine/package.json

Line 38 in 887c55e

"standard-version": "git+https://github.com/jthomerson/standard-version.git#fix-305-header-repeat"

This fork does not contain a package-lock.json file, so when we run npm install, dependencies of this dependency are updated the latest version according to the fork's package.json file, thus changing our package-lock.json file.

This fork of standard-version was created to fix an issue that we had with standard-version that caused duplicated headers in the CHANGELOG.md output. Our PR to fix that issue has since been merged, tagged, and released. The fix is available in v6.0.0 of standard-version.

Updating to the latest version of standard-version should fix this issue.

[yokuze]

This was fixed with #52