sustainable-npm is a lightweight GitHub Action that globally sets eco-friendly npm configurations to optimize your workflows. By disabling certain npm features (like audit and update notifications), this action helps speed up installations and reduce the carbon footprint of your CI processes.
- 🔒 dependency-free
- ⚛️ small size
- 💰 saves time & money
- 🌎 reduces carbon emissions
pairs seamlessly with actions/setup-nodeand all active Node LTS versions
- Philosophy
- Usage
- Inputs
- Breaking Changes
- Environmental Impact
- Performance Benchmarks
- Contributing
- Show Your Support
Every millisecond of compute time counts—not only for performance but also for sustainability. sustainable-npm is designed with the environment in mind. By streamlining npm’s behavior, we aim to reduce unnecessary energy usage and carbon emissions, all while making your development pipeline leaner and faster.
After setting up Node with actions/setup-node, simply add this step to configure your npm settings with the eco-friendly defaults:
jobs:
test:
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
- uses: lowlydba/sustainable-npm@v1If you need to override the defaults:
- uses: lowlydba/sustainable-npm@v1
with:
audit: 'true'
fund: 'false'
progress: 'false'
save: 'false'
update-notifier: 'false'
loglevel: 'warn'The npm configuration output is only printed when debug logging is enabled (RUNNER_DEBUG == 'true'). This helps reduce unnecessary log noise in standard CI runs while preserving detailed output for troubleshooting.
jobs:
test:
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
- uses: lowlydba/sustainable-npm@v1| Input | Description | Allowed Values | Default |
|---|---|---|---|
audit |
Controls whether npm performs a security audit after installing packages. Disabling the audit can improve installation speed. | 'true' or 'false' |
'false' |
fund |
Enables or disables npm funding messages. Disabling it reduces unnecessary prompts in CI environments. | 'true' or 'false' |
'false' |
progress |
Determines if a progress bar is displayed during npm operations. Disabling it minimizes logging overhead. | 'true' or 'false' |
'false' |
save |
Controls whether npm automatically updates package.json with installed dependencies. Disabling this can prevent unintended file changes. |
'true' or 'false' |
'false' |
update-notifier |
Configures whether npm checks for updates to itself after executing commands. Disabling this reduces unnecessary network requests and delays. | 'true' or 'false' |
'false' |
prefer-offline |
Configures whether npm checks for staleness in cached data. Missing data will still be fetched online. Disabling this can reduce unnecessary network requests. | 'true' or 'false' |
'true' |
loglevel |
Sets the logging level for npm. Options include: silent, error, warn, http, info, verbose, and silly. |
silent, error, warn, http, info, verbose, silly |
'error' |
npm configuration output is now debug-mode only: The "Print npm configs" step now only executes when debug logging is enabled (RUNNER_DEBUG == 'true'). This aligns with the action's sustainability goals by reducing unnecessary CPU processing and log output in standard CI runs. Debug logging can be enabled by setting the RUNNER_DEBUG environment variable to 'true' in your workflow or step.
By using sustainable-npm, you're optimizing one of the most repeated actions in development: npm install. With frequent usage, small improvements in time and energy efficiency can lead to significant environmental benefits. Reducing unnecessary operations means lower energy consumption and a smaller carbon footprint.
Every optimization contributes to a more sustainable development process.
Below are some example performance benchmarks using hyperfine. These benchmarks compare npm commands with and without eco-friendly configurations:
$ hyperfine 'npm install' 'npm install --audit=false --fund=false --loglevel=error --update-notifier=false --progress=false' --ignore-failure --runs 20 --warmup 3
Benchmark 1: npm install
Time (mean ± σ): 2.172 s ± 0.097 s [User: 1.958 s, System: 0.750 s]
Range (min … max): 2.017 s … 2.347 s 20 runs
Benchmark 2: npm install --audit=false --fund=false --loglevel=error --update-notifier=false --progress=false
Time (mean ± σ): 1.849 s ± 0.107 s [User: 1.819 s, System: 0.668 s]
Range (min … max): 1.626 s … 2.046 s 20 runs
Summary
npm install --audit=false --fund=false --loglevel=error --update-notifier=false --progress=false ran
1.17 ± 0.09 times faster than npm installOn average, benchmarking shows a 10-20% reduction in npm install duration for projects with around 500 package dependencies.
Packages were downloaded in advance before both benchmarks to avoid networking variations on timings.
Note
The above numbers are illustrative. Your actual performance gains will depend on your configuration, network conditions, operating system, and project.
Contributions are welcome! Please open an issue or submit a pull request if you have suggestions, improvements, or encounter any issues.
If you're using sustainable-npm, you can add this badge to your repository to spread the word!
Want to link back to this project?
[](https://github.com/lowlysre/sustainable-npm)This helps promote sustainability in open source by encouraging more developers to reduce unnecessary npm operations. 🌍♻️
