feat: wip support for a --from-lockfile flag on npm i

This change needs additional testing to make sure that it is actually respecting lockfile. It looks for a `--from-lockfile` flag, and if it is detected, it follows the same codepath as `npm ci`, except without cleaning out the `node_modules` directory first. Performance is going to vary wildly depending on what dependencies look like, but locally in my testing so far I see a roughly 4x speedup over `npm ci`. Of course, all of this is contingent on more testing to make sure that this isn't giving incorrect behavior in some way. `npm ci` also relies on explicitly passing in an option not to modify the lockfile. But I'm unsure of whether that's necessary here. And I'm sure that some unit tests are required too.
nmm-shumway · Apr 15, 2021 · 42d0c67 · 42d0c67
1 parent 13843f4
commit 42d0c67
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/lib/install.js b/lib/install.js
@@ -133,7 +133,24 @@ class Install extends BaseCommand {
       path: where,
       add: args,
     }
+
     const arb = new Arborist(opts)
+
+    if (this.npm.config.get('from-lockfile')) {
+      if (args.length) {
+        throw new Error('`--from-lockfile` can not be used to install a new package.');
+      }
+
+      await arb.loadVirtual().catch(er => {
+        log.verbose('loadVirtual', er.stack)
+        const msg =
+              'The `npm ci` command can only install with an existing package-lock.json or\n' +
+              'npm-shrinkwrap.json with lockfileVersion >= 1. Run an install with npm@5 or\n' +
+              'later to generate a package-lock.json file, then try again.'
+        throw new Error(msg)
+      })
+    }
+
     await arb.reify(opts)
 
     if (!args.length && !isGlobalInstall && !ignoreScripts) {