A single override does not equate to an entire lockfile of dependencies.

And yet, that one manual override and an auto-generated lockfile require basically the same level of effort, and serve the same purpose.

Edit: actually, depending on the package manager, the auto generated lockfile takes less work than the single override, as they don't have the same issue maven does to require an override in the first place.