package-lock changes depending upon name of project folder

[robross0606]

Current Behavior:

When using npm@7, if the folder name in which the project is being built matches the name of the project in package.json, a name property is actively removed (or never set) from package-lock.json.

If the project folder does not match the name in package.json then the property is actively set.

This is a change controlled file by definition. At the very least, this can cause thrashing of package-lock.json if multiple developers are working on the same project and their working copies are in different folders.

Expected Behavior:

The folder in which a project is checked out on the local file system should have zero bearing on the content of package-lock.json.

Steps To Reproduce:

1. Check out a project into a folder with a name that matches the name of the package.
2. Do an npm install
3. Check the content of package-lock.json and confirm that odd name property does not exist.
4. Rename the project folder to something that does not match the name of the package.
5. Do an npm install
6. Note that `package-lock.json" changes.
7. Open package-lock.json and confirm that odd name property does exist.

Environment:

[robross0606]

Also note that this looks super odd and brings up all sorts of questions:

  "packages": {​​​​​​
    "": {​​​​​​  <------------------------------------------ ???
      "version": "1.2.0-dev",
      "license": "UNLICENSED",
      "dependencies": {​​​​​​

• Why is package-lock.json listing the package itself under it's own "packages"?
• Is it valid JSON to have an object property key be empty?

[ljharb]

Yes, it's perfectly valid JSON.

[mirka]

Duplicate of #2264?

[darcyclarke]

Closing - Duplicate