New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

pnpm1

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pnpm1

Fast, disk space efficient package manager

latest
Source
npmnpm
Version
1.43.1
Version published
Maintainers
1
Created
Source

pnpm

Fast, disk space efficient package manager

npm version Status Windows build status Join the chat at https://gitter.im/pnpm/pnpm Twitter Follow

Features:

  • Fast. Faster than npm and Yarn.
  • Efficient. One version of a package is saved only ever once on a disk.
  • Deterministic. Has a lockfile called shrinkwrap.yaml.
  • Strict. A package can access only dependencies that are specified in its package.json.
  • Works everywhere. Works on Windows, Linux and OS X.
  • Aliases. Install different versions of the same package or import it using a different name.

Like this project? Let people know with a tweet.

Table of Contents

Background

pnpm uses hard links and symlinks to save one version of a module only ever once on a disk. When using npm or Yarn for example, if you have 100 projects using the same version of lodash, you will have 100 copies of lodash on disk. With pnpm, lodash will be saved in a single place on the disk and a hard link will put it into the node_modules where it should be installed.

As a result, you save gigabytes of space on your disk and you have a lot faster installations! If you'd like more details about the unique node_modules structure that pnpm creates and why it works fine with the Node.js ecosystem, read this small article: Why should we use pnpm?

Install

Using a standalone script:

curl -L https://unpkg.com/@pnpm/self-installer | node

Via npm:

npm install -g pnpm

Once you first installed pnpm, you can upgrade it using pnpm:

pnpm install -g pnpm

Do you wanna use pnpm on CI servers? See: Continuous Integration.

Usage

pnpm CLI

Just use pnpm in place of npm. For instance, to install run:

pnpm install lodash

For more advanced usage, read pnpm CLI on our website.

For using the programmatic API, use pnpm's engine: supi.

pnpx CLI

npm has a great package runner called npx. pnpm offers the same tool via the pnpx command. The only difference is that pnpx uses pnpm for installing packages.

The following command installs a temporary create-react-app and calls it, without polluting global installs or requiring more than one step!

pnpx create-react-app my-cool-new-app

Benchmark

pnpm is faster than npm and Yarn. See this benchmark which compares the three package managers on different types of applications.

Here are the benchmarks on a React app:

Support

License

MIT

Keywords

dependency manager
install
installer
uninstall
remove
link

FAQs

Package last updated on 19 May 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026