Skip to content
Latchkey

bun install: Install Dependencies in CI

bun install reads package.json, resolves the dependency tree, and installs it into node_modules, writing or honoring bun.lock.

bun install is the entry point for any Bun pipeline. It is fast because it installs in parallel and caches globally, but in CI you want it deterministic, which means installing from the committed lockfile.

What it does

bun install resolves every dependency in package.json (and workspace packages), downloads them into the global cache at ~/.bun/install/cache, and links them into node_modules. It writes a text lockfile bun.lock (the older binary bun.lockb is still read). With no arguments it installs everything; pass a package name to add one.

Common usage

Terminal
bun install
bun install --frozen-lockfile      # CI: fail if lockfile would change
bun install --production            # skip devDependencies
bun install --ignore-scripts        # do not run postinstall scripts

Options

FlagWhat it does
--frozen-lockfileDo not update the lockfile; fail if it is out of date
--production / -pInstall only dependencies, not devDependencies
--ignore-scriptsSkip lifecycle scripts like postinstall
--no-saveDo not write package.json or the lockfile
--dry-runResolve and report without installing
--verbosePrint detailed resolution and link output

In CI

Always run bun install --frozen-lockfile in CI so a stale or hand-edited bun.lock fails the build instead of silently resolving new versions. Cache ~/.bun/install/cache keyed on the lockfile hash, and use oven-sh/setup-bun to pin the Bun version. setup-bun also exposes a built-in cache for the global store.

Common errors in CI

"error: lockfile had changes, but lockfile is frozen" means package.json and bun.lock disagree under --frozen-lockfile; run bun install locally and commit the updated bun.lock. "error: failed to resolve" or "package <x> not found" points at a private registry without auth (set a bunfig.toml registry token) or a typo in the version range. "EACCES" on node_modules means a read-only or root-owned workspace.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →