is npm ci supported?

[evbo]

I am noticing my package-lock.json file hasn't been getting honored by npm (not related to scalajs-bundler I don't think), which causes serious bugs due to slide versioning causing minor releases to be downloaded instead of static versions you've developed against.

What seems to definitely be the most certain way to enforce building using package-lock.json is running npm ci instead of npm install.

Is there a way to trigger this behavior through scalajs-bundler? I am currently cding into the target directory and running npm ci as a separate step:

(cd client/target/scala-2.13/scalajs-bundler/main/ && npm ci)

Is there a way to automate this as part of the sbt build?

[ghost]

background on issue here: https://stackoverflow.com/questions/45022048/why-does-npm-install-rewrite-package-lock-json?rq=1

This would be a relatively small refactor, allowing the npm "install" command to be subbed for "ci", and would add great CI capability for those building in a Jenkins environment that want guarantees everything is freshly installed from a package-lock file.

Any interest in supporting npm ci in scalajs bundler from devs?

[ptrdom]

This will be implemented with #420 by allowing you to specify install command through settings.

[evbo]

awesome!