Skip to content

Commit

Permalink
feat(builtin): use npm ci as default behaviour for installing node_mo…
Browse files Browse the repository at this point in the history
…dules

To be more hermetic with the install of the dependencies use npm ci to install the exact version from the package-lock.json file.

To update a dependency use the vendored npm binary with `bazel run @nodejs//:npm install <dep-name>`.

Fixes #159
  • Loading branch information
Lukas Holzer committed Dec 2, 2020
1 parent c344401 commit cddd4fe
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion internal/npm_install/npm_install.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,11 @@ def _npm_install_impl(repository_ctx):
is_windows_host = is_windows_os(repository_ctx)
node = repository_ctx.path(get_node_label(repository_ctx))
npm = get_npm_label(repository_ctx)
npm_args = ["install"] + repository_ctx.attr.args

# Use npm ci to have hermetic installs that only install the exact version
# from the package-lock.json file. To update or install a different version
# use the bazel managed binary `bazel run @nodejs//:npm install`.
npm_args = ["ci"] + repository_ctx.attr.args

# If symlink_node_modules is true then run the package manager
# in the package.json folder; otherwise, run it in the root of
Expand Down

0 comments on commit cddd4fe

Please sign in to comment.