A safer npm ci.
Run it in any npm project to install dependencies from lock using the appropriate package-manager (supports npm, yarn and pnpm).
Use in your npm project instead of npm ci:
npx cinpm has a npm ci command to install dependencies from the lock file (eg. package-lock.json), ensuring all project contributors have the same dependencies.
This command is different across 3rd-party package-managers like yarn and pnpm, and can be confusing to remember when switching between projects.
This is where npx ci comes in:
-
Package-manager agnostic
npx ciis a package-manager agnosticnpm ci. You can run this in any project and dependencies will be installed appropriately.It's great for contributing to new projects!
-
Can use in any environment with a single command
If yarn or pnpm isn't already installed,
npx ciinstalls the appropriate version for you. WhenpackageManageris set, it uses the locally available pnpm directly (compatible with corepack).It's great for using it in CI/CD workflows!
-
Typo proof
When you accidentally type npx when typing in
npm ci, your dependencies still get installed.It's actually the safer option too!
A lock file is required — npx ci is strictly an alternative to npm ci, so a clean/immutable/frozen install needs a lock file.
The lock file determines which package manager to use. If packageManager is set in package.json, pnpm is run directly (works with corepack). Otherwise, the pnpm version is guessed from the Node.js version and lockfile version.
npx link- A safernpm link.
