@yarnpkg/core
Advanced tools
@yarnpkg/core is a core library for the Yarn package manager, providing essential functionalities for managing dependencies, workspaces, and scripts in JavaScript projects. It allows developers to programmatically interact with Yarn's features, making it easier to automate and customize package management tasks.
Dependency Management
This code demonstrates how to programmatically install dependencies for a project using @yarnpkg/core. It initializes the configuration and project, then calls the install method to install the dependencies.
const { Configuration, Project } = require('@yarnpkg/core');
const { npath } = require('@yarnpkg/fslib');
(async () => {
const configuration = await Configuration.find(npath.toPortablePath(__dirname), null, {
useRc: false,
});
const { project } = await Project.find(configuration, npath.toPortablePath(__dirname));
await project.install();
})();Workspace Management
This code demonstrates how to list all workspaces in a project using @yarnpkg/core. It initializes the configuration and project, then iterates over the workspaces to log their paths.
const { Configuration, Project } = require('@yarnpkg/core');
const { npath } = require('@yarnpkg/fslib');
(async () => {
const configuration = await Configuration.find(npath.toPortablePath(__dirname), null, {
useRc: false,
});
const { project } = await Project.find(configuration, npath.toPortablePath(__dirname));
const workspaces = project.workspaces;
workspaces.forEach(workspace => {
console.log(`Workspace: ${workspace.cwd}`);
});
})();Script Execution
This code demonstrates how to execute a script in a workspace using @yarnpkg/core. It initializes the configuration and project, retrieves the workspace, and then executes the 'build' script.
const { Configuration, Project, scriptUtils } = require('@yarnpkg/core');
const { npath } = require('@yarnpkg/fslib');
(async () => {
const configuration = await Configuration.find(npath.toPortablePath(__dirname), null, {
useRc: false,
});
const { project } = await Project.find(configuration, npath.toPortablePath(__dirname));
const workspace = project.getWorkspaceByCwd(npath.toPortablePath(__dirname));
await scriptUtils.executeWorkspaceScript(workspace, 'build', []);
})();npm is the default package manager for Node.js and provides functionalities for managing dependencies, scripts, and versioning. Unlike @yarnpkg/core, npm does not offer a core library for programmatic access, but it provides a CLI tool that covers similar functionalities.
pnpm is a fast, disk space-efficient package manager that also supports workspaces and dependency management. It offers a CLI tool similar to Yarn but does not provide a core library like @yarnpkg/core for programmatic access.
Lerna is a tool for managing JavaScript projects with multiple packages, providing functionalities for versioning, publishing, and dependency management. It is similar to Yarn Workspaces but focuses more on monorepo management and does not offer a core library for programmatic access.
3.0.0
yup anymore (we migrated to Typanion as part of Clipanion v3).
workspace-tools, remove it from your .yarnrc.yml, upgrade, then import it back.enableImmutableInstalls will now default to true on CI (we still recommend to explicitly use --immutable on the CLI).
YARN_ENABLE_IMMUTABLE_INSTALLS=false in your environment variables.initVersion and initLicense configuration options have been removed. initFields should be used instead..pnp.cjs files (instead of .pnp.js) when using PnP, regardless of what the type field inside the manifest is set to.$$virtual into __virtual__.-a alias flag of yarn workspaces foreach got removed; use -A,--all instead, which is strictly the same..vscode/pnpify) won't be cleaned up anymore.--skip-builds flag from yarn install got renamed into --mode=skip-build.bstatePath configuration option has been removed. The build state (.yarn/build-state.yml) has been moved into the install state (.yarn/install-state.gz)@yarnpkg/pnpify has been refactored into 3 packages:
@yarnpkg/sdks now contains the Editor SDKs@yarnpkg/pnpify now contains the PnPify CLI compatibility tool that creates in-memory node_modules@yarnpkg/nm now contains the node_modules tree builder and hoister@yarnpkg/plugin-node-modules has been renamed to @yarnpkg/plugin-nm--clipanion=definitions commands supported by our CLIs will now expose the definitions on the entry point (rather than on .command)structUtils.requirableIdent got removed; use structUtils.stringifyIdent instead, which is strictly the same.configuration.format got removed; use formatUtils.pretty instead, which is strictly the same, but type-safe.httpUtils.Options['json'] got removed; use httpUtils.Options['jsonResponse'] instead, which is strictly the same.PackageExtension['description'] got removed, use formatUtils.json(packageExtension, formatUtils.Type.PACKAGE_EXTENSION) instead, which is strictly the same.Project.generateBuildStateFile has been removed, the build state is now in Project.storedBuildState.Project.tryWorkspaceByDescriptor and Project.getWorkspaceByDescriptor now match on virtual descriptors.Workspaces now get self-references even when under the node-modules linker (just like how it already worked with the pnp linker). This means that a workspace called foo can now safely assume that calls to require('foo/package.json') will always work, removing the need for absolute aliases in the majority of cases.
The node-modules linker now does its best to support the portal: protocol. This support comes with two important limitations:
--preserve-symlinks Node option if they wish to access their dependencies.portal: must be hoisted outside of the portal. Failing that (for example if the portal package depends on something incompatible with the version hoisted via another package), the linker will produce an error and abandon the install.The node-modules linker can now utilize hardlinks. The new setting nmMode: classic | hardlinks-local | hardlinks-global specifies which node_modules strategy should be used:
classic - standard node_modules layout, without hardlinkshardlinks-local - standard node_modules layout with hardlinks inside the project onlyhardlinks-global - standard node_modules layout with hardlinks pointing to global content storage across all the projects using this optionnode-modules linker will now ensure that the generated install layouts are terminal, by doing several rounds when needed.node-modules linker will no longer print warnings about postinstall scripts when a workspace depends on another workspace listing install scripts.${ENV_VAR} syntax.preinstall, install, postinstall fail, the remaining scripts will be skipped.git: protocol will now default to fetching HEAD (rather than the hardcoded master).SIGTERM signal will now be propagated to child processes.yarn config unset will now correctly unset non-nested propertiesinitFields edge cases have been fixed.preferAggregateCacheInfo flag will now also aggregate cleanup reports.enableMessageNames flag can be set to false to exclude the YNxxxx from the output.yarn init can now be run even from within existing projects (will create missing files).yarn init and yarn set version will set the packageManager field.yarn set version now downloads binaries from the official Yarn website (rather than GitHub).yarn set version from sources will now upgrade the builtin plugins as well unless --skip-plugins is set.yarn version apply now supports a new --prerelease flag which replaces how prereleases were previously handled.yarn run should be significantly faster to boot on large projects.yarn workspaces foreach --verbose will now print when processes start and end, even if they don't have an output.yarn workspaces foreach now supports a --from <glob> flag, which when combined with -R will target workspaces reachable from the 'from' glob.yarn patch-commit can now be used as many times as you want on the same patch folder.yarn patch-commit now supports a new -s,--save flag which will save the patch instead of just printing it.yarn up now supports a new -R,--recursive flag which will upgrade the specified package, regardless where it is.yarn config unset is a new command that will remove a setting from the local configuration (or home if -H is set).yarn exec got support for running shell scripts using Yarn's portable shell.yarn plugin import can now install specific versions of the official plugins.yarn plugin import will now download plugins compatible with the current CLI by default.yarn unlink has been added which removes resolutions previously set by yarn link.yarn install inside a Yarn v1 project will now automatically enable the node-modules linker. This should solve most of the problems people have had in their migrations. We still recommend to keep the default PnP for new projects, but the choice is yours.bigint, and fstat.@yarnpkg/esbuild-plugin-pnp. We use it to bundle Yarn itself!exports field - regardless of the Node version.node: protocol (new in Node 16)plugins configuration property.FAQs
Unknown package
The npm package @yarnpkg/core receives a total of 302,148 weekly downloads. As such, @yarnpkg/core popularity was classified as popular.
We found that @yarnpkg/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.