install --save should dedupe if new dependency satisfies package.json constrains

[bestander]

Test is implemented in #76 install --save with new dependency should be deterministic 2.

Scenario:

1. Install
   [email protected] -> mime-db@~1.0.1
   Both deps get hoisted on top level
2. install --save [email protected]
   1.0.3 should satisfy mime-types dependency on mime-db but instead [email protected] gets hoisted on second level.

[sebmck]

I think the only way we can do this is if we completely ignore the lockfile when adding new packages...

[bestander]

Would it download all packages from the node repo again?
Yeah, that would not be very good.

[sebmck]

Closing this as this would require modifying the lockfile for transitive dependencies of other dependencies.

It'd result in lots of merge conflicts in the lockfile since we'd be touching different parts of the lockfile than what is directly relevant (ie. when adding a new dependency we'd modify the dependencies of other modules which would produce more conflicts when others do the same).

I can also forsee this having potential issues since if a package doesn't strictly follow semver and we change another dependency to use our new one with undesirable behaviour it'd break a previously functional dependency.