npm vs. yarn – Package Managers for JavaScript

Package managers are generally used to use and manage already made and tested code parts in your own project. The 2 most common JavaScript package managers are npm and yarn.

What is a package?

Packages are JavaScript modules, which contain reusable code for your own project.

You can find all available JavScript Packages here:

Each package can be dependent on other packages which are called “dependencies”. These dependencies are located in the package.json in the area “dependencies” and “devDependencies”. So if you install one package which is dependent on 3 other packages you will get a total number of 4 packages in your application.

What is NPM?

npm (“Node package manager”, released in 2010) will be automatically installed if you install Node.js to manage JavaScript packages.

What is yarn?

yarn is “another” Package-Manager (similar to NPM) developed by Facebook but it is not automatically installed via Node.js.

Released in 2016 yarn has been developed because in the past NPM wasn’t very performant and did’nt have all the features developers needed like lock files.

Command overview

Here an overview of which commands can be executed in NPM or in Yarn:

Install dependenciesnpm installyarn
Install packagenpm install [package]yarn add [package]
Install dev packagenpm install --save-dev [package]yarn add --dev [package]
Uninstall packagenpm uninstall [package]yarn remove [package]
Uninstall dev packagenpm uninstall --save-dev [package]yarn remove [package]
Updatenpm updateyarn upgrade
Update packagenpm update [package]yarn upgrade [package]
Global install packagenpm install --global [package]yarn global add [package]
Global uninstall packagenpm uninstall --global [package]yarn global remove [package]

But not all commands are named differently:

npm inityarn init
npm runyarn run
npm testyarn test
npm login (and logout)yarn login (and logout)
npm linkyarn link
npm publishyarn publish
npm cache cleanyarn cache clean

package-lock.json vs. yarn.lock

The package.json contains the desired packages you want to use in your application including the desired version of this package.

Usually a “version string” contains a special character like *, ^ or ~ (see for a detailed explenation)

Therefore the package.json alone is not enough to determine which package version should be installed in your application.

Thats why NPM generates a package-lock.json each time you execute “npm install” since version 5.x (May 2017).
Yarn already included this feature in its first version, but its file is named yarn.lock.

Which is better?

Basically yarn provides the same functionality as NPM. NPM has learned from its mistakes in the past and applied many features from yarn to itself.

Therfore its more of a preference which package manager you or your team uses. If your in a team you should only determine which of these 2 all developers should use to not get into more trouble then you need.

Other Package Managers

As you can see above there is not only 1 solution for package management in JavScript. Here are some more package managers:

Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.