Add support for package-lock.json

[nexdrew]

At this time, I honestly don't know what the proper usage of package-lock.json (from npm 5) is, but I'm aware of its existence and its similarity to npm-shrinkwrap.json, so thought I'd go ahead and create an issue.

If anyone is using rewrite-shrinkwrap-urls and needs support for package-lock.json, please add a comment to this issue and we'll go from there. Thanks!

[anselmhou]

It will be great! We are siting in a multi-site environment and using rewrite-shrinkwrap-urls to rewrite our internal (site specific npm registry url) and public/internet registry url (depends where the developer sits on).

Now planning to make the move from npm4 to npm5 for new projects (planning to leave the shrinkwrap hell so hoping to package-lock.json alone), it will be great if the rewrite-shrinkwrap-urls to rewrite package-lock.json as well.

[nexdrew]

@anselmhou Thanks for the feedback! From my understanding, package-lock.json is meant to be shared between project developers (and, thus, committed to source control) while npm-shrinkwrap.json is meant to be published for apps. So use of one doesn't necessarily mean you can/should stop using the other, since they have different purposes. Here's some useful pictographs explaining the difference.

That being said, note that rewrite-shrinkwrap-urls@0.2.0 already supported package-lock.json, but I went ahead and added tests to verify it in #9.

I also took the chance to publish rewrite-shrinkwrap-urls@1.0.0, bumping the major version since this project has 100% test coverage (lcov) and now requires Node 4+.

Let me know if you have any problems/questions. You can start using version 1.0.0 immediately via npm i -g rewrite-shrinkwrap-urls@latest. To update a package-lock.json file, just specify the filename as the first "flagless" argument when running the CLI. Happy rewriting! 👍