Switch to npm ci for reliable builds (#135)
diff --git a/pkg/deps/npm.go b/pkg/deps/npm.go
index 129534e..63bc102 100644
--- a/pkg/deps/npm.go
+++ b/pkg/deps/npm.go
@@ -127,9 +127,11 @@
}
}
-// InstallPkgs runs command 'npm install' to install node packages
+// InstallPkgs runs command 'npm ci' to install node packages,
+// using `npm ci` instead of `npm install` to ensure the reproducible builds.
+// See https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable
func (resolver *NpmResolver) InstallPkgs() {
- cmd := exec.Command("npm", "install")
+ cmd := exec.Command("npm", "ci")
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr