What is the Difference Between NPM and Yarn?
Part of being a software engineer, especially a freelance or agency software engineer, is getting used to working with many different tech stacks. Each client is unique. They started their company at different times and have had many different hands touch their codebases. Some companies reach for more out-of-the-box solutions like WordPress and Shopify while other companies want custom builds.
Some tech choices are based on fitting the right tool to the right job, but some choices come down to personal preference. Moving between projects I have found a healthy divide between companies and teams using NPM and Yarn. I began wondering about the differences between NPM and Yarn and why to prefer one instead of the other.
What is a Package Manager
Before discussing the nuanced differences between NPM and Yarn, we must first define what they are. Both NPM and Yarn are package managers focused on JavaScript code. A package manager is a collection of software tools that automates the process of installing, updating, upgrading configuring, and removing computer programs from a computer consistently.
In simpler terms, a package manager is a software that helps you download and manage software in a more streamlined manner. Sure, you could go to each software provider’s website, download their zip file, decide where to store the file, run their wizard, potentially add the software to your PATH environment and then use the software. But it is simpler to tell your package manager what software you want and let it get it for you.
A similar, but not exact example of a package manager you may be familiar with is an app store. Like a package manager, the app store combines all the apps, or software you may want to download in a single place. You do not have to worry about going to the specific app’s website to download the app, the app store links to the company’s repository directly. Along with this, you do not have to worry about keeping track of the latest version of the software because the app store tracks updates and informs you of them.
The comparison of an app store and a package manager is not perfect. The main difference between a package manager and an app store is that the app store does not manage dependencies of the package for you. Software is often built on other software that is updated over time. App stores do not keep track of what dependencies are tied to an app or if they are changed.
What is NPM?
Now that we have established what a package manager is, let us look at our first package manager: NPM. NPM was founded in 2009 as a package manager specifically for JavaScript packages. It has grown into the largest software registry in the world and was acquired by Github in 2020.
There are 3 components to NPM: a website, a command line tool, and the registry. The website is a great place to explore and discover packages and establish a presence. The command line tool is the most familiar aspect for developers as you use this tool to pull packages into your projects. The registry is the repository that houses all the code and metadata.
With NPM you can either consume or produce code. The repositories make it easy to check out others’ code, create feature or fix branches and merge changes seamlessly. NPM is a great ecosystem for both open-source packages as well as enterprises. One feature they have is being able to set the visibility of a package to either private or public. This way companies can create NPM packages for use inside their company without exposing business logic or propriety code to the world.
What is Yarn?
Yarn was created by a group of developers from companies including Facebook, Google, Exponent, and Tilde. These large engineering companies had issues managing packages and dependencies, often losing days of dev time troubleshooting. To solve these issues they looked to create a new package manager.
Yarn is mainly a new command line interface tool that allows users to deterministically manage their project’s packages. The simple CLI tool is one feature of a product that includes compatibility with both NPM and Bower and robust licensing capabilities. Though Yarn was created by big tech engineers, it remains an open-source tool today.
Is One Better Than the Other?
Most teams will not have issues with either package manager, but Yarn was created in response to issues companies had at scale. NPM uses two items to record and store package dependencies. A package.json file is used to store all direct dependencies of a project. When you download a package, the name and version are stored here.
The other item of the record is the node_modules directory. It is in this directory that each package’s dependencies are stored. Yarn developers found the node_modules directory changed from developer to developer based on the order they installed dependencies. This occurs because installed dependencies may share dependencies that require different versions.
Yarn uses an install algorithm and lock files to make installing packages deterministic, or always producing the same results. This is a big improvement for teams as it removes machine or install issues as everyone experiences the same process. This is the main benefit of Yarn over NPM
The Bottom Line
If you are developing a project as a solo developer, or even with a small team, you are likely okay to use NPM. However, if you worry about managing software for larger developer teams, you may want to consider using Yarn for its deterministic dependency management. Because of the interoperability between Yarn and NPM, you can choose either, or choose Yarn and still be able to access all packages stored in NPM’s repository.
