pcpm ci

pcpm ci [options]

pcpm ci is the strict variant of pcpm install, designed for continuous integration. It is identical to pcpm install in what it does, but more strict in what it accepts.

What it does

1. Reads pcpm.lock directly, without re-resolving the graph.
2. Verifies that every package in the lockfile is present in the store (or downloadable).
3. Materialises the lockfile into the store and ~/.nuget/packages.
4. Runs dotnet restore.
5. Does not write to pcpm.lock. If the lockfile is stale (i.e. Directory.Packages.props and pcpm.lock disagree), pcpm ci exits with a non-zero status.

Why it exists

The bug it catches is silent on developer machines but loud on CI: someone bumps a version in Directory.Packages.props and forgets to commit the updated pcpm.lock. On a developer machine, pcpm install re-resolves and the new version slips in. On CI, pcpm ci fails and the build is red.

Options

Same as pcpm install, plus:

Flag	Effect
--strict-hash	Re-hash every package in the store. Slower, but catches corruption.

Example

# GitHub Actions
- name: Restore
  run: pcpm ci

- name: Build
  run: dotnet build --no-restore -c Release

Exit codes

In addition to the codes documented for pcpm install, pcpm ci exits with:

• 4 if pcpm.lock is stale (i.e. CPM and the lockfile disagree).
• 4 if pcpm.lock is missing entirely.
• 4 if --strict-hash is set and a store entry’s bytes don’t match its recorded hash.

See also

• CI integration — full CI guide.
• pcpm install — the developer-facing command.