Small knowledge, big challenge! This article is participating in the creation activity of “Essential Tips for Programmers”.
preface
When I was running the project before, I saw NPM install written on the project document and encountered a problem, but my colleague ran the project and it could run in master.
Here’s what happened earlier:
Xiao Le: Xiao Yu, running background project, this error occurs, do you want to modify something?
Xiao Yu: Reload
Xiao Le: OK, I’ll try it on
After a while.
Xiao Le: I see that node_modules folder, there is a corresponding folder, access to the page is still not working, what should I do?
Xiao Yu: Hold on, let me see. Why does my master work?
NPM install, package-lock.json should be modified after installation
Yu: You should never use NPM install, use NPM CI. If you have package-lock in your project, use NPM CI
Good is:
NPM install will modify the package-lock.json file of the project. Let’s take a look.
npm install 和 npm ciWhat’s the difference?
npm install
NPM install, or NPM I, is typically used to install dependencies:
- It will install all dependencies of the Node.js project;
- If you are using
^或~To match the version of the dependency, then NPM may not be able to install the exact version; - using
npm installPackage-lock. json is updated when a new dependency is installed.
npm ci
Don’t be fooled by the name. NPM CI is not only suitable for continuous integration systems, it is very useful in daily development. Unlike NPM install, NPM CI installs dependencies based on package-lock.json, which ensures that the entire development team is using the same version of dependencies and avoids wasting time troubleshooting strange problems caused by inconsistent dependencies.
Not only that, but NPM CI has a nice side effect of speeding up node module installation. Because NPM CI is installed directly based on the version specified in package-lock.json, it can greatly speed up node module installation in most cases without calculating dependency satisfaction issues.
Using NPM CI, this occurs:
- Automatically deletes node_modules. when
npm ciIf node_modules exists, it is automatically deleted. This ensures a clean node_modules environment and avoids the side effects of legacy libraries. - Package-lock. json must exist.
package-lock.jsonUsed to lock the version number of a package to avoid build errors or runtime errors caused by the version in the production environment, which is also useful for front-end engineering. In a nutshell, it isnpm ciAccording to thepackage-lock.jsonInstall dependencies - Don’t like
npm install.npm ciYou won’t be modifiedpackage-lock.json. But it does expect one in your projectpackage-lock.jsonFile. – If you don’t have this file,npm ciWill not work, must be used in this casenpm install. - Cannot be packed separately. This one is easy to explain because it is suitable for continuous integration environments and cannot be packaged separately, for example, simply by installation
lodash.
npm ci vs. npm install— Which one should I use?
If you use NPM v6+ :
- Install new dependencies with NPM Install, or update existing dependencies (for example, from version 1 to version 2);
- Used at run time in the continuous integration tool
npm ciOr some dependencies can be installed without modifying package-lock.json.
If you use NPM V5 or lower:
- Only through
npm installTo install or update dependencies; - Try to upgrade to the latest NPM version. In addition to
npm ciBesides, it also hasnpm auditCommand to make it easier to identify and fix security vulnerabilities in dependencies. In addition, usenpm v6Installing dependencies should be faster.
Wrote last
For a scenario using NPM CI, it would look like this:
In package-lock.json projects, we can recommend using NPM CI instead of NPM install to avoid unnecessary complications.
The resources
- NPM practical tips you may not know
- npm ci vs. npm install
- Use NPM CI instead of NPM I in production environments
To the end.