I added the npm ci (npm clean install) command after npm install to ensure a consistent dependency management and reproducibility. These are more detailed reasons why i believe npm ci will be more adequate for contributors and build environments:
npm ci strictly follows the package-lock.json file, installing the exact versions of the dependencies specified there, and bypassing the package.json file. This ensures all contributors and build environments use the exact same versions of dependencies, minimizing compatibility issues.
Note that the usage of npm ci assumes the prior generation of package-lock.json file by previously running npm install. Once the package-lock.json file is generated, you can use npm ci in subsequent installations to ensure a consistent environment.
npm install allows for updates and more flexibility with version ranges specified in the package.json, while npm ci is stricter, guarenteeing a stable environment by installing the exact versions specified in the package-lock.json, exceling in scenarios requiring strict reproducibility.
npm ci offers faster and more deterministic installations compared to npm install by relying solely on the lock file for dependency resolution. This predictability is particularly beneficial preventing unexpected updates during builds.
npm ci operates in strict mode, which means it will exit with an error if the package-lock.json file is out of sync with the package.json file. This ensures that any changes to the dependencies are intentional and that the lock file is always up to date, maintaining the build process stability.
Screenshots (if applicable)
In step 5:In step 8:
Checklist
[X] I have tested these changes
[X] I have updated the relevant documentation
[X] I have commented my code, particularly in hard-to-understand areas
[X] I have made corresponding changes to the codebase
[X] My changes generate no new warnings or errors
[X] The title of my pull request is clear and descriptive
Description
I added the npm ci (npm clean install) command after npm install to ensure a consistent dependency management and reproducibility. These are more detailed reasons why i believe npm ci will be more adequate for contributors and build environments:
npm ci strictly follows the package-lock.json file, installing the exact versions of the dependencies specified there, and bypassing the package.json file. This ensures all contributors and build environments use the exact same versions of dependencies, minimizing compatibility issues.
Note that the usage of npm ci assumes the prior generation of package-lock.json file by previously running npm install. Once the package-lock.json file is generated, you can use npm ci in subsequent installations to ensure a consistent environment.
npm install allows for updates and more flexibility with version ranges specified in the package.json, while npm ci is stricter, guarenteeing a stable environment by installing the exact versions specified in the package-lock.json, exceling in scenarios requiring strict reproducibility.
npm ci offers faster and more deterministic installations compared to npm install by relying solely on the lock file for dependency resolution. This predictability is particularly beneficial preventing unexpected updates during builds.
npm ci operates in strict mode, which means it will exit with an error if the package-lock.json file is out of sync with the package.json file. This ensures that any changes to the dependencies are intentional and that the lock file is always up to date, maintaining the build process stability.
Screenshots (if applicable)
In step 5:
In step 8:
Checklist