| name | npm-dependencies |
| description | Manage npm package dependencies in this environment. Use when adding or updating npm packages, editing package.json/package-lock.json, or when network access must be constrained to `run-in-nw-sandbox -- npm install --no-scripts [--save | --save-dev] -- package-spec ...` followed by `npm rebuild` outside the sandbox. |
Npm Dependencies
Overview
Add or update npm dependencies using the approved network-safe workflow, then run install scripts locally via npm rebuild.
Workflow
- Decide dependency type and package specs.
- Run the only approved network command:
run-in-nw-sandbox -- npm install --no-scripts -- <package-spec> ...
To install from package.json (no explicit package specs), run:
run-in-nw-sandbox -- npm install --no-scripts
- For dependencies or devDependencies, include exactly one of
--save or --save-dev before the -- delimiter:
run-in-nw-sandbox -- npm install --no-scripts --save -- <package-spec> ...
run-in-nw-sandbox -- npm install --no-scripts --save-dev -- <package-spec> ...
- After the networked install completes, run install scripts locally outside the sandbox:
npm rebuild
- Continue with normal local builds/tests (no network required).
Guardrails
- Always pass
--no-scripts and the -- delimiter.
- Package specs must appear only after
--.
- If no package specs are provided,
npm install --no-scripts is allowed without --.
- Do not use other npm network commands unless the user explicitly approves a policy change.