Say I have in package.json a dependency on package A; in package-lock.json, I see that package A has a sub-dependency with version ^0.7.28.
When running npm update, will NPM download version 0.7.29 of package B (assuming there is such version)?
If not, does npm update download the versions as they are specified in package-lock, ignoring the ^ and ~?
Will npm update A download version 0.7.29 of package B?
Since I know the decision of NPM relies on what was defined as @latest in the package's registry, does it matter that the latest version of B is in a different major? (Meaning 1..?) If a package has a bigger major version than what is specified in package.json file or package-lock.json file, will NPM still download the latest minor or patch in case of a version described with ~ or ^?
