npm Blog (Archive)

The npm blog has been discontinued.

Updates from the npm team are now published on the GitHub Blog and the GitHub Changelog.

Introducing `npm ci` for faster, more reliable builds

Starting today, all npm users can take advantage of a new install command called npm ci. The command offers massive improvements to both the performance and reliability of builds for continuous integration / continuous deployment processes, providing a consistent and fast experience for developers using CI/CD in their workflow.

What is it?

npm ci bypasses a package’s package.json to install modules from a package’s lockfile. This ensures reproducible builds—you are getting exactly what you expect on every install.

Previously, developers who wanted to ensure that node_modules/ and package.json stayed in sync would have to archive their node_modules folder. npm ci replaces this process with a single command.

Why?

It’s fast.

Time to install a React app in a CI workflow, in seconds

Time to install a web app using ue and Babel in a CI workflow, in seconds

npm ci is fast—in some cases, twice as fast as using npm i, representing a significant performance improvement for all developers using continuous integration.

This added speed and reliability reduces wasted time and promotes best practices. If it’s faster and easier to run tests, developers run them more often and catch errors sooner.

npm ci promises the most benefit to large teams. Giving developers the ability to “sign off” on a package lock promotes more efficient collaboration across large teams, and the ability to install exactly what is in a lockfile has the potential to save tens if not hundreds of developer hours a month, freeing teams up to spend more time building and shipping amazing things.

It improves reliability

npm ci also provides additional ways to improve the reliability of your application builds. As an additional installation command, npm ci can be used as a fallback installer in case npm i fails, and vice versa. This hugely reduces the likelihood of a failed installation.

How?

npm ci is available immediately by updating to the latest build of npm: run npm install -g npm @latest. For more details on the release, check out the Changelog

What do you think?

We want to know how this works for you, too. Have questions? Results? Interested in sharing what you & your team have built? Drop us a line.