I'm trying to understand how recreating the node_modules
directory for deployment works.
We're using npm ci
instead of npm install
to ensure a clean slate during deployment. However, when we run it without any flags, we get the following error:
Fix the upstream dependency conflict, or retry this command with --force, or --legacy-peer-deps to accept an incorrect (and potentially broken) dependency resolution.
The documentation for npm install
for --force
is as follows (there are no flags on npm ci
's page):
The -f or --force argument will force npm to fetch remote resources even if a local copy exists on disk.
Meanwhile, the documentation for --legacy-peer-deps
says:
--legacy-peer-deps: ignore all peerDependencies when installing, in the style of npm version 4 through version 6.
It seems that both flags will let npm ci
generate the node_modules
directory without any issues, but I am still unclear about the differences between the two.
From what I understand, --force
sounds like it will be on a last-dependency-downloaded-wins basis and will overwrite any previously downloaded dependencies. Meanwhile, --legacy-peer-deps
sounds like it will always skip peer dependencies (whatever those are) during installation even if there are no issues.
What are the differences between the two flags, and when should we use them?
In the new version of npm (v7), by default,
npm install
will fail when it encounters conflicting peerDependencies. It was not like that before.Take a look here for more info about peer dependencies in npm v7.
The differences between the two are below -
--legacy-peer-deps
: ignore all peerDependencies when installing, in the style of npm version 4 through version 6.--strict-peer-deps
: fail and abort the install process for any conflicting peerDependencies when encountered. By default, npm will only crash for peerDependencies conflicts caused by the direct dependencies of the root project.--force
: will force npm to fetch remote resources even if a local copy exists on disk.