In npm, there's a ci
command for installing the project with a clean state. In the documentation, it is claimed that:
It can be significantly faster than a regular npm install by skipping certain user-oriented features. It is also more strict than a regular install, which can help catch errors or inconsistencies caused by the incrementally-installed local environments of most npm users.
What is the closest equivalent of the npm ci
command in yarn world? Maybe the answer is that we don't need this in yarn because its architecture is such that we don't need a special mode. Maybe the answer is to use a bunch of configuration settings. However, I'm failing to find a single complete answer to this question and I believe it would be valuable to have it.
I believe it's as simple as that:
yarn install --frozen-lockfile
Unfortunately, because of the way yarn module resolution works, just doing yarn install --frozen-lockfile
is sometimes not enough. You can still be left with transitive deps that are invalid.
To truly get the same behavior as npm ci
you must do:
rm -rf node_modules && yarn install --frozen-lockfile
For newer versions of yarn you should use:
yarn install --immutable --immutable-cache --check-cache
As stated in the official Yarn docs: 😉
If the --check-cache option is set [...] This is recommended as part of your CI workflow if you're both following the Zero-Installs model and accepting PRs from third-parties, as they'd otherwise have the ability to alter the checked-in packages before submitting them.
building off of @Crafty_Shadow's recommendation, I make it a bit more integrated.
package.json
...
"scripts": {
...
"preci": "rm -fr node_modules",
"ci": "yarn install --frozen-lockfile"
},
...
npm ci
in a generic way for a yarn project).
package-lock.json
file. That is created when using npm to install. You probably need to do npm run ci
npm ci
is a native command ci
. You'll have to use npm run ci
, as pointed out in the previous comment.
Success story sharing
--immutable
instead, as it has replaced--frozen-lockfile
.--frozen-lockfile
is considered as the legacy: "For backward compatibility, we offer an alias under the name of--frozen-lockfile
, but it will be removed in a later release."