DEV Community

Cover image for The Difference Between NPM and Yarn
Samitha Wijesekara
Samitha Wijesekara

Posted on • Updated on

The Difference Between NPM and Yarn

What is Package Manager?

A package manager is a tool to create project environments and easily import external dependencies. By using a package manager we could able to automates the process of installing, upgrading, configuring, and removing the dependencies from the project environment.

What is NPM?

NPM is commonly known as node package manager, maintained by NPM, Inc. NPM is the popular package manager among JavaScript developers. It is the default package that is automatically installed whenever we install Node.js on our system. (https://www.npmjs.com/)

What is Yarn?

Yarn package manager developed in 2016 by Facebook. It is a another package manager for the JavaScript programing language. Yarn provides speed, consistency, stability, and security as an alternative to NPM.(https://yarnpkg.com/)


Speed

The main difference between NPM and Yarn is the package installation process. Yarn installs packages in parallel. Yarn is optimized to fetch and install multiple packages at once.

NPM will perform a serial installation process. It install every package independently.

So in this case Yarn has a speed installation process than NPM.

Security

NPM package manager has perform a security check on each install. Yarn checks behind the scenes to ensure you're not downloading any rogue scripts and other files that can conflict with your project's dependencies. Security is one of Yarn’s core features.

Ease of use

NPM and Yarn both package managers are user-friendly and have a good user experience.


Basic Commands

To see list of commands:
NPM - npm
Yarn - yarn

Install dependencies from package.json:
NPM - npm install
Yarn - yarn

Install a package and add to package.json:
NPM - npm install package --save
Yarn - yarn add package

Install a devDependency:
NPM - npm install package --save-dev
Yarn - yarn add package --dev

Remove a dependency:
NPM - npm uninstall package --save
Yarn - yarn remove package

Upgrade a package to its latest version:
NPM - npm update --save
Yarn - yarn upgrade

Install a package globally:
NPM - npm install package -g
Yarn - yarn global add package

Discussion (8)

Collapse
lyrod profile image
Lyrod

Since npm 5, --save is not needed. npm i package. Or dev npm i -D package.

npm remove works too.

You should check for pnpm.

Collapse
webdev03 profile image
webdev03

pnpm is awesome, I use it every day!

Collapse
skozeniuk profile image
SashaKozeniuk

Thanks for sharing your experience, it's appreciated! They are a natural way to automate the process of installing, updating, and removing third-party modules that are stored in a shared module database. I read a lot of interesting stuff about yarn vs npm here

Collapse
samithawijesekara profile image
Samitha Wijesekara Author

Thank you for sharing this. @skozeniuk

Collapse
anthonyjdella profile image
Anthony Dellavecchia

If Yarn is faster than NPM and they both have similar security checks, why isn't Yarn more popular?

Which package manager has more packages? Which has the most daily installs?

Collapse
lico profile image
SeongKuk Han

So, is yarn faster than npm in most cases? I wonder what advantages the serial installation process has. why does npm adopt it?

Collapse
patricknelson profile image
Patrick Nelson • Edited on

Not sure. I just did a test between npm, yarn and pnpm and it seems that even though pnpm is still lighter weight and generally faster than npm, yarn is reliably fast (but varies depending on the versions of everything).

I'm leaving my benchmarks below but I realized partly why npm wasn't as fast was because I was on an older node version (so, npm version 6.14.16 in my case with yarn 1.22.17). You should definitely checkout this post for a far better breakdown though: blog.logrocket.com/javascript-pack...


For example, I got the following results testing each one (note that this was just a single benchmark for each package manager) so it's fairly anecdotal, however it's fairly typical of my experience.

Fresh install: (no caches)

  • npm 1m 23s
  • pnpm 50s
  • yarn 41s

Fresh install: (with caches)

  • npm 1m 7s
  • pnpm 32s
  • yarn 15s
Collapse
iwashiding profile image
IWasHiding

nice post thank you ...