Install npm packages from package-lock file
April 10, 2022 ‐ 1 min read
yarn package manager for node modules has the
--frozen-lockfile option for its
install command. Using this option will ensure that the exact package versions are installed as they are defined in the
yarn with its
npm allows you to install the packages as defined in the
package-lock.json file with the
$ npm ci
If the name of the subcommand is confusing to you;
ci is short for continuous integration. This since it was introduced to increase the performance and reliability of builds in a continuous integration (and continuous deployment) process.
npm ci or
--frozen-lockfile option is useful when installing dependencies in production or in a continuous integration environment because it guarantees that you will get the same versions of packages that you used in local development. This makes it less likely that you encounter new bugs in your production builds.
The performance boost is due to the fact that the
ci command bypasses the package.json file and no version resolutions are required: the
package-lock.json defines the exact required packages.