To first set some basic things into motion. NPM and Yarn are both package manager. But what is a package manager? A package manager helps developers share software packages with others, reuse them, create and upload new ones. The two most popular package managers are Yarn and npm. I will try to explain the difference between npm and Yarn and help you select the right tool if you’re at the crossroads. We will do our best to keep it short so that you quickly find the answers to need. Let’s go, Yarn vs npm.
NPM and it's bonuses
NPM (Node Package Manager) is considered to be the largest software registry in the world. It is free, open-source, installed with Node.js. The main purpose of NPM is to provide automated dependency and package management. Those who use npm say it helps to improve your experience and the overall efficiency of Node.js development by allowing you to install the exact modules you need.
The advantages of NPM is:
- ease of use for developers
- local package installation which helps save on space
- helps reduce the development time
That’s pretty much it, it’s very simple and performs its main function – uploading, storing, sharing, reusing software packages.
How to install NPM
NPM should be automatically installed when you install Node.js. To check is you have Node.js installed, run this command in your terminal:
If you already have Node.js installed and want to verify whether you also have NPM, run the following command in your terminal:
FYI, npm updates happen more frequently than Node.js, and there are many npm versions out there, so you might want to keep your npm up to date, and possibly even update it right after you installed Node.js. To do that, run the following command:
npm install npm@latest -g
It might also be a good idea to use a version manager with your Node.js package, e.g. nodist or NVM.
Despite the fact that npm is a lot older than Yarn and has a bigger number of downloads (and is a part of the Node.js package). There are some drawbacks that make users seriously consider switching to Yarn – a newer alternative. In fact, Yarn apppeared as an attempt to solve some of the problems with npm and althought npm is struggling to keep up and introduces its counter-solutions with each new update, it is still not enough.
- there is a single npm registry of packages, which is unreliable in case of any performance issues (which often take place)
- network is required to install packages
- If you compare Yarn vs npm in terms of the CLI side of things, Yarn has a cleaner input of CLI commands
- Yarn vs npm in terms of security: Yarn is stronger here as well, although npm offers some built-in assessments and warning, it also allows packages to run code while being installed
Yarn and its bonuses
Yarn is a new package manager for node.js. It is a common project developed by such companies as Facebook, Exponent, Google, and Tilde. It is distributed under the BSD license. At the time of writing this post, the current Yarn version is 0.17.10. When considering npm and Yarn, the main reason why developers choose to transition to Yarn is its stability. In the case of npm, when we need to deploy the project on different machines, the versions of installed packages can be different. I think that was the reason Yarn appeared in the first place. The main benefits of Yarn are:
- can install packages from the local cache
- strongly binds package versions
- allows parallel packages installation
- has an active user community
NPM vs Yarn: the Difference
Yarn has a few differences from npm. First of all, Yarn caches all installed packages. Yarn is installing the packages simultaneously, and that is why Yarn is faster than NPM. They both download packages from npm repository. Yarn generates yarn.lock to lock down the versions of package’s dependencies by default. On the contrary, npm for this purpose offers shrinkwrap CLI command.
Why migrate to Yarn
There are separate reasons to use Yarn in small or big projects. Its main advantage is the fact that it helps to avoid any possible problems related to different versions of node.js system modules, on which the project will be mounted.
Any Problems with Yarn? Yes, Unfortunately.
Yarn has been developed just recently. Here are 2 main issues which appeared while I was transferring my project from NPM to Yarn:
- Problems with installing native modules
- Yarn doesn’t work with any node.js version older than 5
How to install Yarn
Yarn offers a few ways of installation: install with the brew, Chocolatey (Windows) or from Linux repositories. In my case, the installation was made from Linux repository:
curl - sS https: //dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee / etc / apt / sources.list.d / yarn.list
sudo apt-get install yarn
Then we need to remove our node_modules folder and install all packages with Yarn:
Yarn uses and stores all the packages that were installed in your local cache. When you are installing the package, Yarn is looking for the package in the local cache, and if the package is not found, then Yarn tries to download it from the Internet. In order to perform the Yarn upgrade, run:
curl --compressed -o- -L https://yarnpkg.com/install.sh | bash
Yarn is also pretty easy to navigate. If you want to see all licenses for the packages installed with Yarn, use the command:
yarn licenses list
A pretty useful tool that Yarn offers is the possibility to install packages globally on your operating system (using the Yarn global prefix for your commands).
Installing Yarn Packages
You can install Yarn packages from the command line:
yarn add packageName
Yarn install package and then update package lock.json and yarn.lock files. There are many ways to install the packages using Yarn: Installing from
- NPM repository
- local cache
Yarn advantages over npm fully compensate for all its defects. Yarn allows deploying projects with more comfort and convenience. In addition, it helps to avoid these unpleasant moments, which occur while using npm. If you found this usful then please share this and follow me! Also check out my BuyMeACoffee.