NPM or Yarn? Node.js devs pick their package manager

Facebook's open source JavaScript package manager is gathering steam, but don't count out NPM

Mere months since it was open-sourced by Facebook, Yarn has NPM on the run. The upstart JavaScript package manager has gained a quick foothold in the Node.js community, particularly among users of the React JavaScript UI library.

Known for faster installation, Yarn gives developers an improved ability to manage code dependencies in their Node.js projects, proponents say. It features a deterministic install algorithm and a lockfile capability that lists exact version numbers of all project dependencies. In this way, Yarn enables installation of thousands of third-party packages from the internet while ensuring code is executed the same on every system.

“Say good-bye to ‘but it works on my machine’ bugs,’ wrote Gergely Nemeth, CEO of Node.js consultant RisingStack, in a recent blog post comparing the merits of Yarn vs. NPM.

Yarn is beginning to gain traction, says Dan Shaw, co-founder of Node services provider NodeSource.

“We’re seeing about a quarter of NodeSource customers beginning to explore and adopt Yarn, and there’s a very strong correlation of that usage with React.js platform usage,” Shaw says.

Officials at both the Node.js Foundation and NodeSource see Yarn as a good option for front-end Web development. A big use case for Node.js is building front-end assets into a bundle, Node.js Foundation community manager Mikeal Rogers says.

“Yarn helps you use React,” Rogers says. Rather than using NPM to pull down assets, React developers can use Yarn. “It’s a little more tailored to that use case.” 

Indeed, Yarn can only gain traction at NPM’s expense, Nemeth says. But contributions to Yarn have tailed off lately, he notes, pointing to a GitHub tally. The contributor base for NPM is more constant, he says.

“Hopefully, we will see the improvements of Yarn incorporated into NPM as well, so both users will benefit from the improvements of the others,” Nemeth writes.

Judit Greskovits, lead creative developer for Node.js software engineering firm YLD, also lauds Yarn for the certainty it provides for dependencies, but she does not see Yarn necessarily as a competitor to NPM. Like Nemeth, she would like to see the two approaches—NPM and Yarn—merging.

NodeSource’s Shaw finds it “highly doubtful” that Yarn would ever overtake NPM. NPM founder Isaac Schlueter notes Yarn’s reliance on the NPM registry. “In fact, Yarn absolutely depends on the NPM registry because it is an NPM registry client, just like the standard NPM client is,” Schlueter says.

In a blog post published on the open-sourcing of Yarn, Schlueter lauded Yarn, saying it joins other third-party registry clients such as IED. Yarn offers a different take on NPM’s shrinkwrap capability and “clever” performance work, he wrote. “Like other third-party registry clients, Yarn takes the list of priorities that our official NPM client balances and shifts them around a little. It also solves a number of problems that Facebook was encountering using NPM at their unique global scale.”

Yarn, according to Schleuter, simply shows how open source software works.

“Yarn also shows that one of the world’s largest tech companies, which is already behind hugely popular JavaScript projects like React, is invested in and committed to the ongoing health of the NPM community.”

Yarn was built in collaboration with Google, Tilde, and Exponent.

Join the newsletter!

Error: Please check your email address.

More about ExponentFacebookGoogle

Show Comments

Market Place

[]