npm ci can only install packages with an existing package-lock.json or npm-shrinkwrap.json with lockfileVersion >= 1

Question

This is the issue that I am facing when running the command npm ci to install dependencies in my GitHub Action file.

I am working on an expo managed app and using GitHub Actions as a CI for triggering builds whenever I push my code to developmemt branch.

Here's my build script:

name: EAS PIPELINE
on:
  push:
    branches:
      - development
  workflow_dispatch:

jobs:
  build:
    name: Install and build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          persist-credentials: false

      - name: Setup Node.js
        uses: actions/setup-node@v1
        with:
          node-version: 14.x

      - name: Setup Expo
        uses: expo/expo-github-action@v6
        with:
          expo-version: 4.x
          token: ${{ secrets.EXPO_TOKEN }}
          expo-cache: true

      - name: Install dependencies
        run: npm ci

      - name: Build on EAS
        run: EAS_BUILD_AUTOCOMMIT=${{1}} npx eas-cli build --platform all --non-interactive

Here's the issue that I am facing Install dependencies step.

Run npm ci
  npm ci
  shell: /usr/bin/bash -e {0}
  env:
    EXPO_TOKEN: ***
npm ERR! cipm can only install packages with an existing package-lock.json or npm-shrinkwrap.json with lockfileVersion >= 1. Run an install with npm@5 or later to generate it, then try again.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/runner/.npm/_logs/2021-10-28T15_16_06_934Z-debug.log
Error: Process completed with exit code 1.

Answer 1

After a lot of research, I was able to figure out that this happens when you are not using npm install for installing dependencies. In my case, I was only using yarn for the dependencies so I was only having yarn.lock file and no package-lock.json file.

• One way to resolve this was using npm install to install the dependencies, then you'll have a package-json.lock file and CI won't throw any error.

• And the other way if you only want to use yarn, then you need to update that step in your eas-pipeline.yml file for installing the dependencies.

*****************************************************************************************

      - name: Install dependencies
        run: |
          if [ -e yarn.lock ]; then
          yarn install --frozen-lockfile
          elif [ -e package-lock.json ]; then
          npm ci
          else
          npm i
          fi

***************************************************************************************

As I wasn't able to find any solution on StackOverflow and it is our first go-to place to look for the issue. So, I decided to write this answer here.

Here's the original answer: https://github.com/facebook/docusaurus/issues/2846#issuecomment-691706184

Answer 2

Old post, but I found this while searching for this same error. In my case I did have a package-lock.json file in my root directory. However, when opening it, I realized that there was a JSON syntax error that slipped in during a previous merge conflict. After running npm i again the file was fixed. The npm ERR! The 'npm ci' command can only install with an existing package-lock.json wasn't a super helpful error in that case.

Answer 3

I had a similar error.

`npm ci` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing.

with bunch of missing dependency name following this error.

I would run npm ci locally and it would run successfully. However, it would give me the error above when npm ci is run in the CI pipeline and in my case it was because of the version difference of the Node.js installed in the environment that Jenkins pipeline is running in.

My local Node version was 16.x and in Jenkins container it was 12.x.

Upgrading it fixed.

Answer 4

For the people who has this issue on AWS Amplify. You might have to run npm install and commit the package-lock.json file, then deploy again.

Answer 5

deleting deploy.json helped me, since the token is updated when overwritten

rm ~/.config/configstore/@vkontakte/vk-miniapps-deploy.json

but I have other services