npm
and yarn
are both npm clients used to manage node.js project dependencies. They are somehow different in some behavior, and thus can affect project running.
This package provides ready-to-use functionality to check current npm client. When used as pre commands in npm scripts, it will check if the script is executed by specific npm client (yarn
or npm
). If it is restricted, then the script execution will be aborted early.
yarn
uses yarn.lock to ensure versions of dependencies, but npm
use package-lock.json to do that instead. If you use yarn
to install dependencies in a project which is actually managed by npm
and package-lock.json
, the actually installed dependencies in node_modules
might be different due to semver behavior, and this could lead to some un-expected exception while code running.
This is common when working with others because people tends to use yarn
or npm
as their wishes.
$ npm install check-npm-client
or alternatively, with yarn
:
$ yarn add check-npm-client
This package provide a command line tool to invoke checking functionality:
# the user must use `npm` to execute the script
$ check-npm-client --npm-only
# the user must use `yarn` to execute the script
$ check-npm-client --yarn-only
# automatically check according to current working directory lock files if exists
$ check-npm-client
Besides, you can use it programmatically:
const { checkNpmClient } = require('check-npm-client');
console.log(checkNpmClient('yarn')); // true/false
Add the script in your package.json
to ensure that user must install dependencies with yarn
:
{
"scripts": {
"preinstall": "npx check-npm-client --yarn-only"
}
}
Note #1: npx
is required to execute checking because before your project installation, the command check-npm-client
won't be available.
Note #2: yarn
and npm
treat preinstall
script a little differently. npm
execute it only before npm install
(not before npm install <module>
), but yarn
always run it before any installation. See issue here. So if specified as --yarn-only
and user use npm
to install another dependency, the preinstall
will not be invoked (so the ensurance will fail).
Add the script in your package.json
to ensure that user must use npm
to run the script my-task
:
{
"scripts": {
"premy-task": "check-npm-client --npm-only",
"my-task": "node my-task.js"
}
}