In my opinion,
$ npm prune --production
is better to remove devDependencies because npm install downloads dependencies but npm prune only removes devDependencies, doesn't downloads dependencies.
Small Benchmark with your example package.json:
$ cat package.json
{
"name": "layerjs",
"version": "1.0.0",
"description": "This is the lambda layer generated for the service",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"dependencies": {
"jsonwebtoken": "^8.5.1",
"pdfkit": "^0.11.0",
"uuid4": "^2.0.2",
"xlsx": "^0.16.9"
},
"devDependencies": {
"aws-sdk": "^2.805.0"
}
}
$ npm install # reinstall all dependencies
...
$ rm -rf node_modules
$ time npm install --production
...
added 146 packages from 120 contributors and audited 158 packages in 3.491s
...
npm install --production 3.29s user 1.81s system 99% cpu 5.122 total
$ npm install # reinstall all Dependencies
...
$ time npm prune --production
...
removed 12 packages and audited 146 packages in 1.3s
...
npm prune --production 1.52s user 0.44s system 95% cpu 2.054 total