It cannot be published.
From the npm documentation:
One key detail about package-lock.json is that it cannot be published, and it will be ignored if found in any place other than the toplevel package
See package-lock.json documentation on docs.npmjs.com.
However, you should be commiting your package-lock.json to git as per the documentation.
This file is intended to be committed into source repositories
hence the common message presented by npm:
created a lockfile as package-lock.json. You should commit this file.
EDIT: A more detailed explanation can be found here.