npm ci vs. npm install — Which Should You Use in Your Node.js Projects?
Installing and updating dependencies is easy with npm. A dependency listed on npmjs, for example the Vue.js framework, even shows the installation command that you can copy and paste into your terminal.
If you have been working with npm for a while, you’d use
npm install (or the shorter
npm i) to install or update dependencies.
While that still works, a new command was introduced in npm v6 -
In this article, I want to highlight the differences between the two, and the different use cases in which you’d use these commands.
npm install (in Short: npm i)
- It will install all the dependencies.
- If you use
~when you specify the version of your dependency, npm may not install the exact version you specified.
npm installcan update your
package-lock.jsonwhen there are changes such as when you install a new dependency.
npm ci will do the following things:
- It will delete your
node_modulesfolder to ensure a clean state.
- It will look in your
package-lock.jsonto install all the dependencies with the exact version.
npm ciwill never modify your
package-lock.json. It does however expect a
package-lock.jsonfile in your project — if you do not have this file,
npm ciwill not work and you have to use
npm ci vs. npm Install — Which to Use?
If you are on npm v6 or higher:
npm installto install new dependencies, or to update existing dependencies (e.g. going from version 1 to version 2).
npm ciwhen running in continuous integration, or if you want to install dependencies without modifying the
If you are on NPM v5 or lower:
- You can only use
npm installto install or update dependencies.
- Try to upgrade to the latest npm version. In addition to
npm ci, it also features the
npm auditcommand, which should make identifying and fixing security vulnerabilities of dependencies easier. Furthermore, installing dependencies should be faster with npm v6.
Thanks for reading this article. As you can see, both commands have their valid use cases. I’d recommend using
npm ci if possible, as it does its job reliably, and use
npm install for installing new dependencies or updating existing ones.