Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the NPM equivalent of "yarn install --frozen-lockfile"?

Tags:

I'm using npm as part of me building the production docker image. I want to make sure the package-lock.json doesn't change and matches.

like image 354
user972014 Avatar asked Jul 31 '20 06:07

user972014


People also ask

What is npm lockfile?

What's a Lock File? A lock file describes the entire dependency tree as it is resolved when created including nested dependencies with specific versions. In npm these are called package-lock. json and in yarn they are called yarn. lock .

Does Yarn install Update lockfile?

If you are running yarn add in your ci, such as for a ci only dependency, it will update the lock file and do an install for all dependencies.

What is Yarn lockfile?

Whenever you run yarn (which is the equivalent of running yarn install ) upon a fresh install, a yarn. lock file is generated. It lists the versions of dependencies that are used at the time of the installation process. That means it looks into your package.


1 Answers

You can use npm ci.

npm ci bypasses a package’s package.json to install modules from a package’s lockfile. This ensures reproducible builds—you are getting exactly what you expect on every install.

https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable

like image 198
Andrei Tătar Avatar answered Sep 20 '22 14:09

Andrei Tătar