A safer npm ci.

Run it in any npm project to install dependencies from lock using the appropriate package-manager (supports npm, yarn and pnpm).

Use in your npm project instead of npm ci:

npx ci

npm has a npm ci command to install dependencies from the lock file (eg. package-lock.json), ensuring all project contributors have the same dependencies.

This command is different across 3rd-party package-managers like yarn and pnpm, and can be confusing to remember when switching between projects.

This is where npx ci comes in:

• Package-manager agnostic

  npx ci is a package-manager agnostic npm ci. You can run this in any project and dependencies will be installed appropriately.

  It's great for contributing to new projects!

• Can use in any environment with a single command

  If yarn or pnpm isn't already installed, npx ci installs it for you.

  It's great for using it in CI/CD workflows!

• Typo proof

  When you accidentally type npx when typing in npm ci, your dependencies still get installed.

  It's actually the safer option too!

It's possible to detect the package manager using other signals (eg package.json#packageManager, .yarnrc.yml).

However, since npx ci is strictly an alternative to npm ci, a lock file is necessary to do a clean/immutable/frozen install.

• npx link - A safer npm link.