npm lock file is platform-dependent, so people are reluctant to check it in.