Figure out npm v7 and lockfileVersion 2

[Conduitry]

Running npm install with npm 7 on the repo currently doubles the length of the lockfile as part of converting it to version 2. I'm not sure what's going on here. When I just had to add a new dependency, I ended up manually editing some of the changes to the lockfile back out. At least npm ci with npm v7 seems to leave things unchanged.

(Maybe this is a good opportunity to switch to using pnpm?)

[benmccann]

The v2 file is backwards compatible with the v1 file (perhaps that's why it's larger?). I can't imagine the size of it really matters. I'd say we just go ahead and upgrade

[Conduitry]

I remember running into other issues before too, like none of the node_modules/.bin files being created, although I can't seem to reproduce that now. I'd like to take another look at that first at least.

[benmccann]

For the time being I've taken to running npm install -g npm@6 when working on Svelte and then npm install -g npm@latest when I'm done so I can go back to working on my other projects. This is a painfully stupid workflow but at least I'm unblocked

[MeerBiene]

I remember running into a similar issue, where I was the one messing up the lockfile, but as someone pointed out in the resulting conversation, you can use npm ci to make it respect the lockfile

[Conduitry]

Through the passage of time, I've stopped really caring about this. I'm fine if we want to upgrade to lockfile v2.

[benmccann]

Don't have to tell me twice: #6614