npm ci command | only refer package-lock.json to install dependencies | ci/cd
npm is the default package manager for Node.js projects.
You must have used either npm install or npm i to install dependencies if the project is npm based.
Now npm v6 has release new command : npm ci
npm ci command is similar to npm install, except it’s meant to be used in automated environments such as test platforms, continuous integration (ci), and deployment (cd) — or any situation where you want to make sure you’re doing a clean install of your dependencies.
npm ci
will be significantly faster when:
- There is a
package-lock.json
ornpm-shrinkwrap.json
file. - The
node_modules
folder is missing or empty.
Lets see how npm install or npm i works first
- It will install all the dependencies.
- If you use
^
or~
when you specify the version of your dependency, npm may not install the exact version you specified. npm install
can update yourpackage-lock.json
when there are changes such as when you install a new dependency.
Now lets see how npm ci is different from npm i
- The project must have an existing
package-lock.json
ornpm-shrinkwrap.json
. - If dependencies in the package lock do not match those in
package.json
,npm ci
will exit with an error, instead of updating the package lock. npm ci
can only install entire projects at a time: individual dependencies cannot be added with this command.- If a
node_modules
is already present, it will be automatically removed beforenpm ci
begins its install. - It will never write to
package.json
or any of the package-locks: installs are essentially frozen. - It will delete your node_modules folder to ensure a clean state.
- It will look in your package-lock.json to install all the dependencies with the exact version.
- Unlike npm install, npm ci will never modify your package-lock.json.
which to use and when (assuming you already have npm v6 else update it):
- Use
npm install
to install new dependencies, or to update existing dependencies (e.g. going from version 1 to version 2). - Use
npm ci
when running in continuous integration, or if you want to install dependencies without modifying thepackage-lock.json
.
I hope this article will help you guys to decide when to use npm i and npm ci in a better way.
Stay tuned and subscribe to my Medium Channel!!!
Thanks!!!