Table of Contents
Package managers are generally used to use and manage already made and tested code parts in your own project. The 2 most common JavaScript package managers are npm and yarn.
What is a package?
Packages are JavaScript modules, which contain reusable code for your own project.
You can find all available JavScript Packages here: https://www.npmjs.com/
Each package can be dependent on other packages which are called “dependencies”. These dependencies are located in the package.json in the area “dependencies” and “devDependencies”. So if you install one package which is dependent on 3 other packages you will get a total number of 4 packages in your application.
What is NPM?
npm (“Node package manager”, released in 2010) will be automatically installed if you install Node.js to manage JavaScript packages.
What is yarn?
yarn is “another” Package-Manager (similar to NPM) developed by Facebook but it is not automatically installed via Node.js.
Released in 2016 yarn has been developed because in the past NPM wasn’t very performant and did’nt have all the features developers needed like lock files.
Command overview
Here an overview of which commands can be executed in NPM or in Yarn:
| Command | npm | yarn |
|---|---|---|
| Install dependencies | npm install | yarn |
| Install package | npm install [package] | yarn add [package] |
| Install dev package | npm install --save-dev [package] | yarn add --dev [package] |
| Uninstall package | npm uninstall [package] | yarn remove [package] |
| Uninstall dev package | npm uninstall --save-dev [package] | yarn remove [package] |
| Update | npm update | yarn upgrade |
| Update package | npm update [package] | yarn upgrade [package] |
| Global install package | npm install --global [package] | yarn global add [package] |
| Global uninstall package | npm uninstall --global [package] | yarn global remove [package] |
But not all commands are named differently:
| npm | yarn |
|---|---|
npm init | yarn init |
npm run | yarn run |
npm test | yarn test |
npm login (and logout) | yarn login (and logout) |
npm link | yarn link |
npm publish | yarn publish |
npm cache clean | yarn cache clean |
package-lock.json vs. yarn.lock
The package.json contains the desired packages you want to use in your application including the desired version of this package.
Usually a “version string” contains a special character like *, ^ or ~ (see https://devhints.io/semver for a detailed explenation)
Therefore the package.json alone is not enough to determine which package version should be installed in your application.
Thats why NPM generates a package-lock.json each time you execute “npm install” since version 5.x (May 2017).
Yarn already included this feature in its first version, but its file is named yarn.lock.
Which is better?
Basically yarn provides the same functionality as NPM. NPM has learned from its mistakes in the past and applied many features from yarn to itself.
Therfore its more of a preference which package manager you or your team uses. If your in a team you should only determine which of these 2 all developers should use to not get into more trouble then you need.
Other Package Managers
As you can see above there is not only 1 solution for package management in JavScript. Here are some more package managers: