feat: store flags that impact tree building in the package-lock.json

[nlf]

Is your feature request related to a problem? Please describe.

Yes. For example, if a user runs npm install --legacy-peer-deps followed by npm ls without including the --legacy-peer-deps flag, they will see errors in their tree related to peer dependencies. Running npm ls --legacy-peer-deps however, returns correctly.

Describe the solution you'd like

We should store flags that impact the shape of the dependency tree in the package-lock.json, this way future commands can be aware those flags were used and can enable them, providing our users a more consistent experience. For our users who disable package-lock.json (like ourselves, we do that) this data should be persisted in the hidden lockfile as well.

Describe alternatives you've considered

The only alternative I can think of is implicitly saving these settings to a project level .npmrc. This could be a viable approach too.

Additional context

Here's a spot to link related issues as we find them:

[ljharb]

I think it would be best to save it to both the lockfile and the npmrc, and then, if in the future the config in use doesn't match what's in the lockfile, error out and require -f.