Another benefit: it allows fixing and patching dependencies without having to wait for an upstream release.
I know of repository-pinned dependencies [1], but those may be hard to keep track of, especially for patches on unmaintained software. They are akin to git submodules, which are a pain to work with.
The node_modules folder includes compiled native libraries (.so, .dylib, etc.), so this also has the benefit of not working if anyone has a different architecture or OS than anyone else.
I know of repository-pinned dependencies [1], but those may be hard to keep track of, especially for patches on unmaintained software. They are akin to git submodules, which are a pain to work with.
[1] https://docs.npmjs.com/cli/v8/configuring-npm/package-json#g...