What is a package?
You can find all available JavScript Packages here: https://www.npmjs.com/
Each package can be dependent on other packages which are called “dependencies”. These dependencies are located in the package.json in the area “dependencies” and “devDependencies”. So if you install one package which is dependent on 3 other packages you will get a total number of 4 packages in your application.
What is NPM?
What is yarn?
yarn is “another” Package-Manager (similar to NPM) developed by Facebook but it is not automatically installed via Node.js.
Released in 2016 yarn has been developed because in the past NPM wasn’t very performant and did’nt have all the features developers needed like lock files.
Here an overview of which commands can be executed in NPM or in Yarn:
|Install dev package|
|Uninstall dev package|
|Global install package|
|Global uninstall package|
But not all commands are named differently:
package-lock.json vs. yarn.lock
The package.json contains the desired packages you want to use in your application including the desired version of this package.
Usually a “version string” contains a special character like *, ^ or ~ (see https://devhints.io/semver for a detailed explenation)
Therefore the package.json alone is not enough to determine which package version should be installed in your application.
Thats why NPM generates a package-lock.json each time you execute “npm install” since version 5.x (May 2017).
Yarn already included this feature in its first version, but its file is named yarn.lock.
Which is better?
Basically yarn provides the same functionality as NPM. NPM has learned from its mistakes in the past and applied many features from yarn to itself.
Therfore its more of a preference which package manager you or your team uses. If your in a team you should only determine which of these 2 all developers should use to not get into more trouble then you need.
Other Package Managers
As you can see above there is not only 1 solution for package management in JavScript. Here are some more package managers: