the full flow
Works with any CI system that can make HTTP requests.
Create your account
Send your manifests
package.json, lockfile, Node version, and architecture.We resolve the cache
npm ci.Extract and continue
tar, extract it, and run the rest of your pipeline as normal.cache hit vs. first-run build
Both paths start the same. We determine if there is a cached build.
First-run builds count against your plan limits. Repeat builds are always free.
the integration in practice
Drop the nmc binary into your CI workflow and it handles the rest. Request, extraction, retries, and fallback in one go.
# Download the binary — all platforms at https://www.node-modules-cache.com/nmc-cli
curl -fsSL "https://www.node-modules-cache.com/nmc-cli/nmc-linux-amd64" \
-o nmc && chmod +x nmc
export NMC_TOKEN="${NMC_ACCESS_TOKEN}"
export NMC_BASE_DIR="/path/to/project"
export NMC_DOCKER_IMAGE="node:22.15.0"
export NMC_ARCHITECTURE="x64"
./nmcPrefer shell, JavaScript, PHP, or Python?
Implementation guideCache hits skip the registry entirely
Every live npm ci is a pull from a public registry. That creates a window where a silently replaced or compromised package could reach your build without you knowing.
When a cache hit is returned, your runner downloads a pre-built archive that was produced when the cache was warm — not a fresh pull from npm. Less registry exposure means fewer opportunities for supply chain interference to affect your pipeline.
Ready to integrate?
Start free. The implementation guide walks you through the full setup in one page.