Nodejs web development has achieved such a huge acclamation all over the world just because of its large ecosystem of libraries known as NPM modules. It is the largest software package library in the world, with over 500,000+ packages.
Each time a Command Line Interface (CLI) for NPM comes as an add-on with Nodejs installation which allows developers to connect with packages locally on their machine.
The idea of NPM modules had come with some technical advancement in package management like reusable components, with easy installation via an online repository, with version and dependency management.
In general, NPM is a default package manager for every Nodejs development project. NPM eases the installing and updating dependencies processes. A dependency list on npmjs even provides you with the installation command, so that you can simply copy and paste in the terminal to initiate installation procedures.
All NPM users have an advantage of a new install command called “NPM CI(i.e. NPM continuous integration)”. These commands provide enormous improvements to both the performance and reliability of default builds for continuous integration processes. In turn, it enables a consistent and fast experience for developers using continuous integration in their workflow.
In NPM install, it reads the package.json to generate a list of dependencies and uses package-lock.json to know the exact version of these dependencies to install. If the dependency is found in package-lock.json, it will be added by NPM install.
Whereas here, the NPM CI (continuous integration) installs dependencies from package-lock.json directly and uses up package.json just to verify that there are no mismatched versions exist. If any dependencies mismatching versions, it will show an error.
NPM install and NPM CI: When to use them?
Use NPM install to add a new dependency and to upgrade dependencies on a project. During the development process, developers use it to make changes that update the list of dependencies. But in this case, using NPM CI is not a good idea.
Use NPM CI, if the requirement needs a determined and repeatable build. This NPM CI used in the continuous integration for the first-time installation of dependencies, instead of choosing NPM to install.
Let’s differentiate both:
- It installs all the dependencies related to a package.
- Each dependency is driven by npm-shrinkwrap.json and package-lock.json in respective order.
- It installs local module dependencies without any disagreement.
- Allows installing even global packages.
- It also installs missing dependencies in node_modules.
- When used with an argument it tends to write package.json into packages to add the dependency.
- When used without arguments, it tends to write package-lock.json to hold the version of some dependencies.
- It requires package-lock.json to be present.
- If the dependencies of two files don’t match in package.json, it shows an error.
- It installs all dependencies at the same time by removing node_modules
- Writing to package.json or package-lock.json will never happen in NPM CI.
- NPM CI will never modify your package-lock.json like NPM install.
Thanks for reading this blog. As you can see, both commands have their valid use scenarios. I’d recommend using NPM CI for reliable builds, and use NPM install for installing any new dependencies.
Contact us to know more about the Nodejs web development with the implication of NPM install and NPM CI.