What is yarn?
Yarn is a fast, reliable, and secure dependency management tool that is used to manage project dependencies in JavaScript and Node.js environments. It caches every package it downloads, so it never needs to download the same package again. It also parallelizes operations to maximize resource utilization, and it uses checksums to verify the integrity of every installed package before its code is executed.
What are yarn's main functionalities?
Adding a dependency
This command adds the lodash package to the project's dependencies.
yarn add lodash
Upgrading a dependency
This command upgrades the react package to its latest version according to the version range specified in the package.json file.
yarn upgrade react
Removing a dependency
This command removes the moment package from the project's dependencies.
yarn remove moment
Installing all dependencies
This command installs all the dependencies listed in the project's package.json file.
yarn install
Locking down dependency versions
This command installs dependencies based on the yarn.lock file without generating a new lock file, ensuring reproducibility across installations.
yarn install --frozen-lockfile
Other packages similar to yarn
npm
npm is the default package manager for Node.js and is bundled with it. It serves a similar purpose to Yarn, allowing users to install, share, and manage dependencies in their projects. Compared to Yarn, npm has a different CLI syntax and handles package installations and lock files differently. npm has improved its performance in recent versions, but Yarn is often cited for its faster and more reliable installations due to its caching and parallelization features.
pnpm
pnpm is another alternative to Yarn that focuses on performance and disk space efficiency. It uses a content-addressable filesystem to store packages, which means that a package version is saved only once on a disk and then hard-linked into the node_modules directories of projects that use it. This results in faster installations and less disk space usage. pnpm also has a strictness that prevents implicit dependencies, which can lead to more predictable and secure projects.
Fast, reliable, and secure dependency management.
Fast: Yarn caches every package it downloads so it never needs to download the same package again. It also parallelizes operations to maximize resource utilization so install times are faster than ever.
Reliable: Using a detailed, but concise, lockfile format, and a deterministic algorithm for installs, Yarn is able to guarantee that an install that worked on one system will work exactly the same way on any other system.
Secure: Yarn uses checksums to verify the integrity of every installed package before its code is executed.
Features
- Offline Mode: If you've installed a package before, you can install it again without any internet connection.
- Deterministic: The same dependencies will be installed the same exact way across every machine regardless of install order.
- Network Performance: Yarn efficiently queues up requests and avoids request waterfalls in order to maximize network utilization.
- Multiple Registries: Install any package from either npm or Bower and keep your package workflow the same.
- Network Resilience: A single request failing won't cause an install to fail. Requests are retried upon failure.
- Flat Mode: Resolve mismatching versions of dependencies to a single version to avoid creating duplicates.
- More emojis. 🐈
Installing Yarn
Read the Installation Guide on our website for detailed instructions on how to install Yarn on your operating system.
Contributing to Yarn
Contributions are always welcome, no matter how large or small. Before contributing,
please read the code of conduct.
See Contributing.
Prior art
Yarn wouldn't exist if it wasn't for excellent prior art. Yarn has been inspired by the following projects:
Credits
Thanks to Sam Holmes for donating the npm package name!