Is it a good practice to consistently commit the yarn.lock file, considering that all versions are specified in package.json and there is no chance that someone doesn't have the same version?
To be honest, I think it just wastes my time, mostly because of the conflicts that occur.
package.json does not guarantee that everyone will have same packages, unless you have specified the exact version in package.json, and the dependencies used have also done that in their package.json and their dependencies and so on. But that never happens which is why they came up with lock files.
To be honest, I think it just wastes my time, mostly because of the conflicts that occur.
The conflicts happen because they don't have the same packages, if they had the same there would be no conflicts.
Example when you have v^1.0.0 in package json, it will install anything above v1 and below v2. The lockfile stores the exact version you installed,like v1.0.6, and the version of all the dependencies at that point of time. 3 months later installing without a lock file will install whatever new version matches the version pattern, and generate a new lock file that won't match the older one.