I have a number of JavaScript packages hosted in private GitHub repositories. I've found that the more of those packages I include as dependencies the more processes npm install spins up. This is getting to the point where a single run of npm install eats all 16 CPU cores, spawns hundreds of npm install processes, and takes hours to complete, if it does not fail altogether.

This image shows some of the packages I have authored and am using and the way in which they depend on one another:

• Running an install at the Node level takes about 6 seconds and spawns no additional processes.
• Running an install at the Lambda level takes about 13 seconds and spawns 3 additional processes.
• Running an install at the Entity level takes about 3 minutes and spawns 22 additional processes.
• Running an install at the Core level takes about 26 minutes and spawns at least 150 additional processes (some complete before others spawn, so it is difficult to get an exact count).
• Running an install in a project that includes the Core package takes about 2 hours and spawns hundreds of additional processes.

I am running Node 20.18.0 with NVM 0.39.1.

My private dependencies are specified in the package.json dependencies section in the format:

"package-name": "github:username/repo.name#semver:X.X.X"

I have no problems with authentication and retrieving the packages is very fast. The issue seems to occur after the packages have been downloaded.

The Util and Test packages are ES modules, the rest are CommonJS2.

I've deleted the package-lock.json files and node_modules directories and tried running a fresh install.

I've tried installing the private dependencies one by one.

I have tried some hacky methods to try to determine the underlying cause, such as bundling the lower level dependencies using webpack and changing the private dependencies to dev-dependencies.

I've also tried using yarn, but it has the same problem.