“npm install"和“npm install"有什么区别?和“npm ci"? [英] What is the difference between "npm install" and "npm ci"?

查看:77
本文介绍了“npm install"和“npm install"有什么区别?和“npm ci"?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用持续集成并发现了 npm ci 命令.

我不知道在我的工作流程中使用这个命令有什么好处.

速度更快吗?这是否会使测试变得更难,好吗?之后?

解决方案

来自 npm 文档:

<块引用>

简而言之,使用 npm install 和 npm ci 的主要区别是:

  • 项目必须有一个现有的 package-lock.json 或 npm-shrinkwrap.json.
  • 如果包锁中的依赖项与 package.json 中的依赖项不匹配,npm ci 将退出并显示错误,而不是更新包锁.
  • npm ci 一次只能安装整个项目:无法使用此命令添加单个依赖项.
  • 如果 node_modules 已经存在,它将在 npm ci 开始安装之前自动删除.
  • 它永远不会写入 package.json 或任何包锁:安装基本上是冻结的.


本质上,npm install 读取 package.json 以创建依赖项列表并使用 package-lock.json 通知哪个要安装的这些依赖项的版本.如果依赖项不在 package-lock.json 中,它将由 npm install 添加.

npm ci(以 Continuous Integration 命名)直接从 package 安装依赖项-lock.json 并使用 package.json 仅用于验证没有不匹配的版本.如果缺少任何依赖项或版本不兼容,则会抛出错误.

使用 npm install 添加新的依赖项,并更新项目的依赖项.通常,您会在拉取更新依赖项列表的更改后在开发期间使用它,但在这种情况下使用 npm ci 可能是个好主意.

如果您需要确定性的、可重复的构建,请使用 npm ci.例如在持续集成、自动化作业等期间以及第一次安装依赖项时,而不是 npm install.

npm install

  • 安装包及其所有依赖项.
  • 依赖项由 npm-shrinkwrap.jsonpackage-lock.json(按此顺序)驱动.
  • 不带参数:安装本地模块的依赖项.
  • 可以安装全局包.
  • 将在 node_modules 中安装任何缺失的依赖项.
  • 它可以写入package.jsonpackage-lock.json.
    • 当与参数 (npm i packagename) 一起使用时,它可能会写入 package.json 以添加或更新依赖项.
    • 在不带参数的情况下使用时,(npm i) 它可能会写入 package-lock.json 以锁定某些依赖项的版本,如果它们不在此文件.

npm ci

  • 至少需要 npm v5.7.1.
  • 需要存在 package-lock.jsonnpm-shrinkwrap.json.
  • 如果来自这两个文件的依赖项与 package.json 不匹配,则会引发错误.
  • 删除 node_modules 并立即安装所有依赖项.
  • 它从不写入 package.jsonpackage-lock.json.

算法

虽然 npm cipackage-lock.jsonnpm-shrinkwrap.json 生成整个依赖树,npm install 使用以下算法更新 node_modules 的内容(来源):

<块引用>

从磁盘加载现有的 node_modules 树克隆树获取 package.json 和各种元数据并将其添加到克隆遍历克隆并添加任何缺少的依赖项将尽可能靠近顶部添加依赖项不破坏任何其他模块将原始树与克隆树进行比较并列出将一个转换为另一个的操作执行所有动作,最深的在前类型的操作是安装、更新、删除和移动

I'm working with continuous integration and discovered the npm ci command.

I can't figure what the advantages are of using this command for my workflow.

Is it faster? Does it make the test harder, okay, and after?

解决方案

From the npm docs:

In short, the main differences between using npm install and npm ci are:

  • The project must have an existing package-lock.json or npm-shrinkwrap.json.
  • If dependencies in the package lock do not match those in package.json, npm ci will exit with an error, instead of updating the package lock.
  • npm ci can only install entire projects at a time: individual dependencies cannot be added with this command.
  • If a node_modules is already present, it will be automatically removed before npm ci begins its install.
  • It will never write to package.json or any of the package-locks: installs are essentially frozen.


Essentially, npm install reads package.json to create a list of dependencies and uses package-lock.json to inform which versions of these dependencies to install. If a dependency is not in package-lock.json it will be added by npm install.

npm ci (named after Continuous Integration) installs dependencies directly from package-lock.json and uses package.json only to validate that there are no mismatched versions. If any dependencies are missing or have incompatible versions, it will throw an error.

Use npm install to add new dependencies, and to update dependencies on a project. Usually, you would use it during development after pulling changes that update the list of dependencies but it may be a good idea to use npm ci in this case.

Use npm ci if you need a deterministic, repeatable build. For example during continuous integration, automated jobs, etc. and when installing dependencies for the first time, instead of npm install.

npm install

  • Installs a package and all its dependencies.
  • Dependencies are driven by npm-shrinkwrap.json and package-lock.json (in that order).
  • without arguments: installs dependencies of a local module.
  • Can install global packages.
  • Will install any missing dependencies in node_modules.
  • It may write to package.json or package-lock.json.
    • When used with an argument (npm i packagename) it may write to package.json to add or update the dependency.
    • when used without arguments, (npm i) it may write to package-lock.json to lock down the version of some dependencies if they are not already in this file.

npm ci

  • Requires at least npm v5.7.1.
  • Requires package-lock.json or npm-shrinkwrap.json to be present.
  • Throws an error if dependencies from these two files don't match package.json.
  • Removes node_modules and install all dependencies at once.
  • It never writes to package.json or package-lock.json.

Algorithm

While npm ci generates the entire dependency tree from package-lock.json or npm-shrinkwrap.json, npm install updates the contents of node_modules using the following algorithm (source):

load the existing node_modules tree from disk
clone the tree
fetch the package.json and assorted metadata and add it to the clone
walk the clone and add any missing dependencies
  dependencies will be added as close to the top as is possible
  without breaking any other modules
compare the original tree with the cloned tree and make a list of
actions to take to convert one to the other
execute all of the actions, deepest first
  kinds of actions are install, update, remove and move

这篇关于“npm install"和“npm install"有什么区别?和“npm ci"?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆