A safer npm ci
.
Run it in any npm project to install dependencies from lock using the appropriate package-manager (supports npm, yarn and pnpm).
Use in your npm project instead of npm ci
:
npx ci
npm has a npm ci
command to install dependencies from the lock file (eg. package-lock.json
), ensuring all project contributors have the same dependencies.
This command is different across 3rd-party package-managers like yarn and pnpm, and can be confusing to remember when switching between projects.
This is where npx ci
comes in:
-
Package-manager agnostic
npx ci
is a package-manager agnosticnpm ci
. You can run this in any project and dependencies will be installed appropriately.It's great for contributing to new projects!
-
Can use in any environment with a single command
If yarn or pnpm isn't already installed,
npx ci
installs it for you.It's great for using it in CI/CD workflows!
-
Typo proof
When you accidentally type npx when typing in
npm ci
, your dependencies still get installed.It's actually the safer option too!
It's possible to detect the package manager using other signals (eg package.json#packageManager
, .yarnrc.yml
).
However, since npx ci
is strictly an alternative to npm ci
, a lock file is necessary to do a clean/immutable/frozen install.
npx link
- A safernpm link
.