Add the ability to use npm ci instead of npm install

[pauldburton]

It would be awesome if this image had the ability to execute npm ci instead of npm install on the node 10+ images.

[karangarg45]

Second this..Yesterday our whole app broke because it downloaded latest dependencies for some packages since we had caret symbol in front of our dependency version.

[phracek]

@pauldburton @karangarg45 Hi folks, thanks for the issue. I have read the npm ci https://docs.npmjs.com/cli/ci.html#description. As I don't know the NPM in details, can you please help me understand what is a difference? What about to create a PR and update s2i-nodejs-container? Does it make sense to you?

[karangarg45]

@phracek so any project which uses npm has a package.json file which specifies the version of every dependency that needs to be installed while running npm install.
In package.json there is an option to tell npm to install the latest version of the dependency every time by specifying some symbols like tilde(~) caret(^) depending if you want the latest of the patch version or latest of the minor version.
So suppose i have some thing like this in my package.json file
"package-a":"~1.2.3"
When i run npm install then npm checks if there is a latest version with pattern 1.2.x. So if a version 1.2.4 exists in npm it will just directly install that version. This is the reason we have a package-lock.json file which basically is used to tell the npm which versions to install. But this package-lock.json is only read when npm ci is used instead of npm install. It also does a lot of other things. This SO answer pretty much gives a detailed explanation
https://stackoverflow.com/a/53325242/7454011

[phracek]

@karangarg45 It makes sense to me know.

[phracek]

@karangarg45 @pauldburton Can you please make a pull request on it for all supported versions? 10 and 12?