Most developers don’t understand the package-lock.json file. But the lockfile is an important configuration file of your node.js project.
Should you gitignore package-lock.json?
The short answer is, NO. package-lock.json ensures that your node_modules dependency tree is locked to a particular version of dependencies and helps to ensure the same tree is replicated across different environments.
This link explains the concept of package-lock.json entirely: