Why to commit your lock files
When we run CICD pipeline, we want to make sure every environemtn that it ran to have same version for external/public packages downloaded to build our app.
If you look into package.json file, most of the version will have one of below prefex
'~' : '^' :