Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
128 views
in Technique[技术] by (71.8m points)

javascript - When to use Yarn over NPM? What are the differences?

What are the differences between Yarn and NPM? At the time of writing this question I can only find some articles on the Internet showing what's the Yarn equvalent of an NPM command like this.

Do they have the same functionalities (I know Yarn does local caching and looks like you only need to download a package once) but other than this is there any benefits for moving from NPM to Yarn?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

UPDATE: March 2018 (bit late...)

Since version 5, npm

  • generates a 'lockfile' called package-lock.json that fixes your entire dependency tree much the same way the yarn (or any other) locking mechanism does,
  • A tool has been made
  • --save is now implied for npm i
  • Better network and cache usage

npm 5.7.0 further introduced the npm ci command to install dependencies more quickly in a continuous integration environment by only installing packages found in the package-lock.json (reporting an error if the package-lock.json and package.json are not synchronized).

Personally, I still use npm.


Original

I am loathe to quote directly from docs, but they do a great job of explaining why, concisely enough that I don't see how to further summarize the ideas.

Largely:

  1. You always know you're getting the same thing on every development machine

  2. It paralellizes operations that npm does not, and

  3. It makes more efficient use of the network.

  4. It may make more efficient use of other system resources (such as RAM) as well.

What are people's production experiences with it? Who knows, it's an infant to the general public.

TL;DR from Yehuda Katz:

From the get-go, the Yarn lockfile guarantees that repeatedly running yarn on the same repository results in the same packages.

Second, Yarn attempts to have good performance, with a cold cache, but especially with a warm cache.

Finally, Yarn makes security a core value.

Nice blog post

NPM vs Yarn Cheat Sheet” by Gant Laborde

Slightly longer version from the project:

Fast: Yarn caches every package it downloads so it never needs to again. It also parallelizes operations to maximize resource utilization so install times are faster than ever.

Reliable: Using a detailed, but concise, lockfile format, and a deterministic algorithm for installs, Yarn is able to guarantee that an install that worked on one system will work exactly the same way on any other system.

Secure: Yarn uses checksums to verify the integrity of every installed package before its code is executed.

And from the README.md:

  • Offline Mode: If you've installed a package before, you can install it again without any internet connection.
  • Deterministic: The same dependencies will be installed the same exact way across every machine regardless of install order.
  • Network Performance: Yarn efficiently queues up requests and avoids request waterfalls in order to maximize network utilization.
  • Multiple Registries: Install any package from either npm or Bower and keep your package workflow the same.
  • Network Resilience: A single request failing won't cause an install to fail. Requests are retried upon failure.
  • Flat Mode: Resolve mismatching versions of dependencies to a single version to avoid creating duplicates.
  • More emojis. ??

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

1.4m articles

1.4m replys

5 comments

57.0k users

...