Don't use package-lock.json for CI

Continuous Integration builds should use the latest version of
dependencies, both to ensure the package is currently installable for
downstream users (where package-lock.json isn't used) and to ensure the
code works with the latest version of its dependencies.

Signed-off-by: Kevin Locke <[email protected]>

Author: kevinoid

.travis.yml

@@ -17,6 +17,13 @@ node_js:
 
 sudo: false
 
+install:
+  # Ignore package-lock.json.  This is done for a few reasons:
+  # - To test against current versions of dependencies.
+  # - To test installability for dependents (doesn't use package-lock.json).
+  - rm -f package-lock.json
+  - npm install
+
 script:
   - npm run test-cov
 

appveyor.yml

@@ -20,6 +20,10 @@ environment:
 install:
   - ps: Install-Product node $env:nodejs_version
   - npm -g install "npm@%npm_version%"
+  # Ignore package-lock.json.  This is done for a few reasons:
+  # - To test against current versions of dependencies.
+  # - To test installability for dependents (doesn't use package-lock.json).
+  - if exist package-lock.json del package-lock.json
   - npm install
 
 test_script: