New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@flash-install/cli

Package Overview
Dependencies
Maintainers
1
Versions
30
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@flash-install/cli

A fast, drop-in replacement for npm install with deterministic caching

latest
Source
npmnpm
Version
1.8.4
Version published
Maintainers
1
Created
Source

flash-install logo

⚡ Flash Install

A blazingly fast replacement for npm install with deterministic caching

License: MIT Node.js Version npm version npm downloads Maintenance

Cache: Deterministic Cloud: Team Sharing CI/CD: Optimized

Quick Start

Installation

npm install -g @flash-install/cli

Basic Usage

# Install dependencies
flash-install install

# Create a snapshot for faster future installs
flash-install snapshot

# Restore from a snapshot (ultra-fast)
flash-install restore

# Clean up
flash-install clean

Features

  • 30-50% faster than standard npm install
  • 🔄 Deterministic caching for consistent builds
  • 📦 Snapshot support for instant dependency restoration
  • ☁️ Cloud caching for team sharing
  • 🔌 Multiple package managers support (npm, yarn, pnpm, bun)
  • 🏗️ Monorepo support with workspace detection
  • 🔍 Fallback to npm if any issues occur

Command Reference

CommandDescription
flash-installInstall dependencies (default)
flash-install installInstall dependencies
flash-install snapshotCreate a snapshot of node_modules
flash-install restoreRestore node_modules from a snapshot
flash-install cleanRemove node_modules and snapshot
flash-install clean-modulesRemove only node_modules (preserves snapshot)
flash-install clean-snapshotRemove only snapshot (preserves node_modules)
flash-install syncSynchronize dependencies with lockfile

Common Options

# Use offline mode
flash-install --offline

# Specify package manager
flash-install --package-manager yarn

# Skip dev dependencies
flash-install --no-dev

# Enable workspace support for monorepos
flash-install -w

Performance Comparison

Scenarionpm installflash-installSpeedup
First install (small project)30-60s10-15s3-4x
First install (large project)3-5min1-2min2-3x
Subsequent install (from cache)30-60s5-10s6-10x
Subsequent install (from snapshot)30-60s1-3s20-30x
CI/CD environment1-3min5-15s10-20x

Advanced Features

Cloud Caching

Share caches across your team or CI/CD environments:

flash-install --cloud-cache --cloud-provider=s3 --cloud-bucket=your-bucket-name

Workspace Support

Efficiently manage monorepo dependencies:

flash-install -w

Offline Development

Work without an internet connection:

# Create a snapshot while online
flash-install snapshot

# Later, restore dependencies while offline
flash-install restore --offline

Using Different Package Managers

# Use with Yarn
flash-install --package-manager yarn

# Use with PNPM
flash-install --package-manager pnpm

# Use with Bun
flash-install --package-manager bun

Additional Options

Here are some of the most useful options you can use with flash-install:

General Options

  • --offline: Use offline mode (requires cache or snapshot)
  • --no-cache: Disable cache usage
  • --concurrency <number>: Number of concurrent installations
  • --package-manager <manager>: Package manager to use (npm, yarn, pnpm, bun)
  • --no-dev: Skip dev dependencies
  • --verbose: Enable verbose logging
  • --quiet: Suppress all output except errors

Workspace Options

  • --workspace or -w: Enable workspace support for monorepos
  • --workspace-filter <packages...>: Filter specific workspace packages

Cloud Options

  • --cloud-cache: Enable cloud cache integration
  • --cloud-provider <provider>: Cloud provider type (s3, azure, gcp)
  • --cloud-bucket <name>: Cloud provider bucket name
  • --cloud-region <region>: Cloud provider region

For a complete list of all available options, run:

flash-install --help

GitHub Actions Integration

Add Flash Install to your GitHub Actions workflow:

steps:
  - uses: actions/checkout@v3

  - name: Install dependencies with Flash Install
    uses: flash-install-cli/flash-install-action@v1
    with:
      # Optional parameters (shown with defaults)
      command: 'install'           # Command to run (install, restore, snapshot, clean)
      cache-enabled: 'true'        # Enable GitHub Actions caching
      package-manager: 'npm'       # Package manager to use (npm, yarn, pnpm, bun)
      concurrency: '4'             # Number of concurrent downloads

How It Works

  • Dependency Resolution: Parses lockfiles to determine exact dependencies
  • Workspace Detection: Identifies workspace packages in monorepos (when enabled)
  • Cache Check: Checks if dependencies are in the global cache
  • Snapshot Check: Checks if a valid .flashpack snapshot exists
  • Installation: If no cache or snapshot is available, installs dependencies using the package manager
  • Caching: Adds newly installed packages to the cache with optional compression
  • Snapshotting: Creates a .flashpack snapshot with fingerprinting for future use

Documentation

For more detailed documentation, see the docs directory:

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

  • Fork the repository at https://github.com/flash-install-cli/flash-install
  • Create your feature branch (git checkout -b feature/amazing-feature)
  • Commit your changes (git commit -m 'Add some amazing feature')
  • Push to the branch (git push origin feature/amazing-feature)
  • Open a Pull Request

License

MIT

Acknowledgements

  • Inspired by the speed of Bun, the reliability of Yarn, and the efficiency of PNPM
  • Thanks to all the open-source projects that made this possible

Keywords

npm
install
cache
fast
dependencies
package manager

FAQs

Package last updated on 30 Apr 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation

Security News

Axios Supply Chain Attack Reaches OpenAI macOS Signing Pipeline, Forces Certificate Rotation

OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.

By Sarah Gooding  -  Apr 11, 2026
Don't Kill the Goose That Lays the Golden Eggs

Security News

Don't Kill the Goose That Lays the Golden Eggs

Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.

By Sarah Gooding  -  Apr 10, 2026
Feross on TBPN: How North Korea Hijacked Axios

Security News

Feross on TBPN: How North Korea Hijacked Axios

Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.

By Sarah Gooding  -  Apr 08, 2026