search

zkat / npx

execute npm package binaries (moved)
https://github.com/npm/npx
Other
2.63k stars 105 forks source link

Feature Request: if package exists then skip install #154

Open bluelovers opened 6 years ago

bluelovers commented 6 years ago

npx -v 9.7.1

node -v v9.4.0

can we have a option skip install package when it already installed in global/localy

joeledwards commented 6 years ago

Perhaps a simple check can be performed to determine if the installed version is the latest; then if there is a package-lock.json present no further update work is performed.

compulim commented 6 years ago

Also the "locally" installed package could mean a package installed in parent folder, it should check ../node_modules/cross-env up to the root.

zkat commented 6 years ago

npx already does this. Why do you think it's not the case?

ljharb commented 6 years ago

I believe there’s a case when you use —package with a version specified where it always installs even if a matching version is installed locally?

zkat commented 6 years ago

That's by design then :)

ljharb commented 6 years ago

Can you elaborate on why? Taking the extra time to install a redundant package has led my team members to avoid using the npm run-script (that uses npm this way) that’s provided.

zkat commented 6 years ago

If you wanna specify a version, and you wanna use that version a lot, install it as a devDependency. That's the workflow it's designed for.

I'm not going to cache things like npx foo@1.2.3 because I don't want to have to manage yet another global caching scheme and figuring out how to invalidate things. As far as npx is concerned, if it has to install something, then it's going to throw it away when it's done so it doesn't start filling your system up with crud -- that is, in fact, one of the main features of it, vs global installs.

If you have a run-script, you have a package.json. If you have a package.json you have almost definitely done an npm install. If you have done an npm install, you can have devDependencies. If you're relying on npm install --only=prod, then install it as a regular dependency.

ljharb commented 6 years ago

That all makes sense - the reason these things aren’t dev deps is because having them increases the install time for 1000 engs when only 1-5 engs use the command a week; but those devs also are sensitive to slowdowns.

This may just need to be a tradeoff we make, obviously, but i thought it was worth bringing up.