I'm looking for an equivalent for yarn's --pure-lockfile flag.
This flag is useful when installing dependencies in CI, when you want it to read your lockfile but not modify it.
Does npm v5 have an equivalent?
npm 5.7 introduced the npm ci subcommand:
the main differences between using
npm installandnpm ciare:
- The project must have an existing
package-lock.jsonornpm-shrinkwrap.json.- If dependencies in the package lock do not match those in
package.json,npm ciwill exit with an error, instead of updating the package lock.npm cican only install entire projects at a time: individual dependencies cannot be added with this command.- If a
node_modulesis already present, it will be automatically removed beforenpm cibegins its install.- It will never write to
package.jsonor any of the package-locks: installs are essentially frozen.
this is how I did in my dockerfile
RUN npm install --pure-lockfile
it should work perfect.
来源:https://stackoverflow.com/questions/44800747/npm5-equivalent-to-yarns-pure-lockfile-flag