pnpm install
命令別名:i
使用 pnpm install 來為專案安裝所有相依套件。
在 CI 環境中,如果 lockfile 存在但需要更新時,會使安裝失敗。
在 workspace 中,pnpm install 會安裝所有專案的相依套件。 如要停用此行為,請將 recursive-install 設為 false。
命令摘要
| 命令 | 效果 |
|---|---|
pnpm i --offline | 僅從儲存區離線安裝套件 |
pnpm i --frozen-lockfile | 不更新 pnpm-lock.yaml |
pnpm i --lockfile-only | 僅更新 pnpm-lock.yaml |
Options for filtering dependencies
Without a lockfile, pnpm has to create one, and it must be consistent regardless of dependencies filtering, so running pnpm install --prod on a directory without a lockfile would still resolve the dev dependencies, and it would error if the resolution is unsuccessful. The only exception for this rule are link: dependencies.
Without --frozen-lockfile, pnpm will check for outdated information from file: dependencies, so running pnpm install --prod without --frozen-lockfile on an environment where the target of file: has been removed would error.
--prod, -P
- 預設值:false
- 型別:Boolean
If true, pnpm will not install any package listed in devDependencies and will remove those insofar they were already installed. If false, pnpm will install all packages listed in devDependencies and dependencies.
--dev, -D
Only devDependencies are installed and dependencies are removed insofar they were already installed.
--no-optional
optionalDependencies 未安裝。
--no-runtime
Added in: v11.1.0
Skip installing runtime entries (e.g. Node.js downloaded via devEngines.runtime). The lockfile is left untouched, so frozen installs still validate; only the runtime fetch and bin-linking are skipped.
This is useful in CI matrices where the runtime is provisioned externally (e.g. via pnpm runtime -g set node <version>) before pnpm install runs.
This can also be set via the runtime=false config in pnpm-workspace.yaml.
選項
--force
Force reinstall dependencies: refetch packages modified in store, recreate a lockfile and/or modules directory created by a non-compatible version of pnpm. Install all optionalDependencies even they don't satisfy the current environment(cpu, os, arch).
--offline
- 預設值:false
- 型別:Boolean
此值為 true 時,pnpm 只使用儲存區中可用的套件。 如果在本機無法找到套件,則安裝會失敗。
--prefer-offline
- 預設值:false
- 型別:Boolean
此值為 true 時,將不檢查快取資料是否過時,但將從伺服器請求遺漏的資料。 若要強制啟用完全離線模式,請使用 --offline。
--no-lockfile
Don't read or generate a pnpm-lock.yaml file.
--lockfile-only
- 預設值:false
- 型別:Boolean
使用此選項時,僅更新 pnpm-lock.yaml 與 package.json。 不會對 node_modules 目錄寫入任何檔案。
--fix-lockfile
自動修復損壞的 lockfile。
--update-checksums
Added in: v11.4.0
Refresh the locked tarball integrity values from what the registry currently serves, when a downloaded tarball's hash doesn't match the integrity recorded in pnpm-lock.yaml.
By default, since v11.4.0, an integrity mismatch is a hard failure: pnpm install exits with ERR_PNPM_TARBALL_INTEGRITY rather than silently re-resolving from the registry and overwriting the locked integrity. This protects projects that ship a committed lockfile from a compromised registry, proxy, or republished version substituting attacker-controlled content on a clean machine.
--update-checksums is the narrowly-scoped opt-in for the legitimate case (e.g. a registry rewrote its tarballs and you've verified the new bytes are correct). A warning still prints when the bypass takes effect so the operation is auditable.
--force and pnpm update deliberately do not bypass the integrity check. --frozen-lockfile is unchanged, and --fix-lockfile keeps its documented purpose (filling in missing lockfile entries) and is also not a bypass.
--frozen-lockfile
- 預設值:
- 非 CI:false
- CI:當 lockfile 存在時為 true
- 型別:Boolean
此值為 true 時,pnpm 不會產生 lockfile,並且在 lockfile 與清單不同步、需要更新,或 lockfile 不存在時,會使安裝失敗。
此設定值在 CI 環境中預設為 true。 用來偵測 CI 環境的程式碼如下:
exports.isCI = !!(
env.CI || // Travis CI, CircleCI, Cirrus CI, GitLab CI, Appveyor, CodeShip, dsari
env.CONTINUOUS_INTEGRATION || // Travis CI, Cirrus CI
env.BUILD_NUMBER || // Jenkins, TeamCity
env.RUN_ID || // TaskCluster, dsari
exports.name ||
false
)
--merge-git-branch-lockfiles
Merge all git branch lockfiles. Read more about git branch lockfiles.
--reporter=<name>
- 預設值:
- For TTY stdout: default
- For non-TTY stdout: append-only
- 類型:default、append-only、ndjson、silent
Allows you to choose the reporter that will log debug info to the terminal about the installation progress.
- silent - 不輸出紀錄至主控台,即使嚴重錯誤也一樣
- default - 當 stdout 為 TTY 時的預設 reporter
- append-only - 總是將輸出結果附加在尾端。 不會進行游標操作
- ndjson -- 最詳盡的 reporter Prints all logs in ndjson format
If you want to change what type of information is printed, use the loglevel setting.
--shamefully-hoist
- 預設值:false
- 類型:Boolean
Creates a flat node_modules structure, similar to that of npm or yarn. WARNING: This is highly discouraged.
--ignore-scripts
- 預設值:false
- 型別:Boolean
Do not execute any scripts defined in the project package.json and its dependencies.
--filter <package_selector>
--resolution-only
Re-runs resolution: useful for printing out peer dependency issues.
--cpu=<name>
新增於 v10.14.0
Override CPU architecture of native modules to install. Acceptable values are same as cpu field of package.json, which comes from process.arch.
--os=<name>
新增於 v10.14.0
Override OS of native modules to install. Acceptable values are same as os field of package.json, which comes from process.platform.
--libc=<name>
新增於 v10.14.0
Override libc of native modules to install. Acceptable values are same as libc field of package.json.