Understanding "npm install" vs "npm ci"

When working with Node.js projects, you'll probably need to manage their dependencies (the external code libraries your project needs to run).

Two common commands to do this are npm install and npm ci.

They might seem similar, but they have different purposes and behaviors.

Let's look at them:

npm install

It's mainly used when you're working on your project and need to add, remove, or update the libraries it uses.

How it works

It looks at your project's package.json file, which lists your dependencies and determines which versions to install. If there's a package-lock.json file, it will also use this but might update it to match what's in package.json.

It would be best to use this command during your day-to-day development when changing your project's libraries.

npm ci

This command sets up your project consistently and reliably, using exactly the versions of libraries specified in your package-lock.json.

How it works

It ignores package.json and only uses package-lock.json to install dependencies. This ensures you get the same setup every time, which is great for automated environments like continuous integration (CI) systems.

Use this command to ensure your project runs the same way every time without any surprises from updated dependencies. You probably don't need it while developing.

Key Differences

• Updating Dependencies: npm install can change which versions of libraries are used, based on package.json. npm ci sticks strictly to package-lock.json.
• Changing the Lock File: npm install might change package-lock.json, but npm ci won't.
• Speed: npm ci is usually faster than npm install because it skips some steps, like checking for newer versions of your libraries.