Head to database.husseinnasser.com for a discount coupon to my Introduction to Database Engineering course. Link redirects to udemy with coupon applied.

Some people think that 'npm ci' stands for "continious integration" because it mostly appears in CI build scripts. But actually it stands for "clean install". Your welcome!

Great video. One command that I use to debug my packages is npm why or yarn why, shows you the dependancy graph for a given dependancy, so you can see why it was installed.

I spent months reading articles and watching videos, and none of it stuck. Hands down, the best explanation on the topic. You're doing God's work here mate!

This is definitely a good explanation! It’s frustrating when someone posted a solution for dependency related issue by removing the lock file, it get even worst especially when a package author decided to push a breaking change as a minor update.

I've come across this explanation before, but it never quite stuck. I appreciate your communication style, thanks!

Thank you 💗💗😊😊 sir because of your videos i am learning a lot recently I received 150% hike as Backend developer this had a positive impact on me and my family ❤️❤️ Thank you once again

thanks bro now i can never forget the difference

Hi. That was great explaination between package.json and package-lock.json files. Well done.

"Keep the major version out of your f***ing mouth" - Nasser 2022

will-package-smith @4:04 reporting for slapping

Nicely explained, for the longest time I had doubts what the heck is package-lock.json or the yarn counterpart. Last week, I took some time to clear these doubts, good now. This video is now on my references list. And yes, English is hard 😢

Hussein, this video is gold! Really well explained. I didn’t know about ‘npm ci’ - how handy! 👍🏽🔥

The best one I've ever seen on this topic..Thanks.

Thanks for adding humour in teaching

Thank you!!!!!! Super clear explanation. Please do one on peer dependencies in package lock json if you get the time and interest ❤️

LOOL 4:03 "Keep the major version out of your F** mouth!" that made me laugh so hard

Man you are awesome. You explain engineering concept so well.

Good refresher 👌 I read somewhere that the ci stands for clean install?

Hello Husein. Thanks for video. I learned a lot from this. I really appreciate what you are sharing us.

Computer: knows 0 and 1 Hussein sir: **pathetic**

Thanks Hussein for covering this topic !

Ah that's the reason why everytime I contribute to a nodejs codebase, the package-lock.json changes appears in my commits ! Thanks for the video, Great content 🔥

Thank you Hussein, happy Ramadan bro. 🌹🌹

great explanation Nasser.

Thanks very much, 😭😭 these are the kind of explanation that help in building CI CD pipelines And for sure JavaScript project pipelines are hard to maintain

Hussein if you work normally with node then I very highly recommend you to use another node package manager called "pnpm", it is far more efficient for managing depenedencies than just npm

I recognized this name somewhere🤩Great nginx course on Udemy

npm ci thing ... super cool. Also, if you had just given the exact version to package.json you wouldn't have to deal with package lock. In bigger projects, resolving merge conflicts when upgrading multiple packages would be a headache. So, I would suggest use exacts and use ~ only when u know u wudbe okay with minor upgrades

i just subbed because you said "KEEP THE MAJOR VERSION OUT OF YOUR F*ING MOUNTH !"

it's "set IN stone" imagine carving INto a stone is more permanent than drawing ON a stone ;) thanks for the video

Great content! And also a touch of sense of humor. We need to add a little fun to our learning process.

In: there are fish in the sea. On: there are boats on the sea. Over: Most commercial aircraft fly over the clouds. Above: Satellites are way above the clouds. Under: You find all kinds of things lost under a sofa. Beneath: If you dig enough, you might find crude oil beneath the ocean floor.

Could we just not use ~ or ˆ in the package.json to lock the version?

Some where I read npm ci is for clean install, LOL!. Finally understood what that npm ci does. Gonna change my gitlab pipelines.

This video is different. But positive with much of humour. Thanks

What I don't understand is, why they built npm so that "install" updates the packages. In my opinion it would be far more intuitive if only "update" updated packages and the package-lock.json file and "install" (or "restore") was the "ci" equivalent

Finally got it...thanks :)

great explanations

Awesome explanation!!! Thank you so much for providing this knowledge.

👍 Good simplification

great explanation, I had always wondered the utility of package-lock.json, now I know it

you can use "npm shrinkwrap'' it'll help you to lockdown the versions of installed packages and their descendant packaages.

Great explanation video as always Hussein. Love your video. But I fell weird with the example of why we need to use `npm ci` If the author of project need to stick to specific version, they would not add `~` -> anyone pull and install the project would not need to run `npm ci` they can just use `npm install` as usual Btw. `npm install` already gives preference `package-lock.json`. But yarn gives preference `package.json`

PLEASE START A DISCORD SERVER CAUSE YOUR CONTENT IS ABSOLUTE GOLD.

Great explanation. Please make a very detailed playlist of nodejs 🙏

We also have npm-shrinkwrap.json , when we run npm ci and if our project doesn't have package-lock.json, npm CI considers shrinkwrap.json

I think the CI in npm ci stands for "Current Install"

This whole time I have been deleting package-lock.json just because VS Code complains about it too much. 😂

Haha 😆. Have you considered doing podcast. You are funny and yet so knowledgeable to the topic.

Great explanation, thank you !!!

Amazing video! npm ci is actually clean install, it has nothing to do with CI/CD!

Very clear. Big up to Will smith

Hey @hnasr, how to decide whether to use carrot or tilda ?

Good video. Thank you Hussein!

great video and your english is good! :)

The docs for `npm update` explain how the semver in package.json is used. `npm install` will use package-lock.json if it's there *and compatible with `package.json`*, `npm ci` needs the lock file and will remove node_modules if that exists.

Awesome ❤

So should we always use npm ci all the time instead of npm install just to be safe??

Straight to my gitlab CI/CD codebase and updating all npm install commands to npm ci

"Don't touch my minor" 😂

This is gold 🥇

damn Im using npm for years now I didnt know `npm ci` existed until now. this is very helpful

Why introducing a concept of package-lock.json? I need exact version? I can remove tilda. Why overcomplicating things?

awesome video man!

This is amazing

Loved it!

Always use npm ci on the build pipeline!

6:30 this is cute. You are forgetting that even if they don't release a new version of express you can still get tons of updates, because express dependencies could have released new versions :)

Hahahaha the Will Smith part was so funny and unexpected

It would be nice if adding "$" restricts only patch updates.

Why should i depends on package_lock if i can fix (without adding ^ and ~ ) my version in package.json ? 🤔

"will smith" reference caught me off guard

What MacBook are you using?

NPM CI is "Clean Install". I never understood the obsession with version-ranges in the node-community. And then having to invent a lock-file when the penny dropped.

Using npm ci is the best for deployments but bad for development. Running ci can take a LONG time depending on how many packages you have, exactly because it is removing and renstalling all node_modules. We need an inbetween command which just does a diff and installs just what it needs to. Composer install honors this, why cant npm?

pnpm alternative for npm

So why should I use npm ci instead of just locking the specific version directly on my package.json? That's what confuses me ☹️

Omg I lost it at the will smith reference lmao

The will smith troll was hilarious 😂😂

so a quick question.. if you want "4.16.1" exact, then why can't you remove the ~ or ^ and it will solve the problem, no need to use package-lock.json. Am I missing something?

I actually had a problem a month ago where I created a gitlab auto deployment pipeline job that pulls the pushed code and runs npm install on the server and it always failed because npm install was changing the lock file on the server which was considered a change in the local git repo so the git pull fails "you have uncommited changes please stash them or commit" then I found out about npm ci and the job succeeded

npm ci means clean install tho right ?

good to see you using vim :)

Upvote

This seems like a nightmare for enterprises. Do they physically host their own approved repositories?

Awesome

ci=clean-install

Hussein Smith

I feel like he went full scottish for the 'caret'

$ npm ci Great job dude! thanks for sharing

the ''carrot''

Love it 😂

lmao at Will Smith part

vim is giving me anxiety.

❤️

🔥🔥🔥

Node package management is a huge mess...

green

🤣🤣🤣👍👍