1. Work Offline
Yarn offers you the ability to work in offline mode. If you have installed a package before, you can install it again without an internet connection. A typical example is shown below:
When connected to the internet, I installed two packages with Yarn like so:
Create a package.json with yarn init
Install express and jsonwebtoken packages with yarn
After the installation was complete, I went ahead and deleted the node_modules inside my orijin directory and also disconnected from the Internet. I ran Yarn like so:
Yarn installed the packages offline
Voilá! All the packages were installed again in less than two seconds. Apparently, Yarn caches every package it downloads so it never needs to do so again. It also maximizes resource utilization by parallelizing operations so that install times are faster than ever.
2. Install from Multiple Registries
By default, it scans the npm registry for your package as follows:
yarn add <pkg-name>
Install a package from a remote gzipped tarball file as follows:
yarn add <https://thatproject.code/package.tgz>
Install a package from your local file system as follows:
yarn add file:/path/to/local/folder
Install a package from a remote git repository like so:
yarn add <git remote-url>
Yarn installs from a Github repo
Yarn also automatically detects that the git repo exists as a package in the bower registry and treats it as such
3. Fetch Packages Speedily
If you have used npm for a while, you must have had experiences where you had to run
npm install, then go watch a movie, and come back to check whether all the packages you required are finished installing. Well, maybe not that long, but it takes a lot of time to traverse the dependency tree and pull dependencies in. With Yarn, installation time has really been cut down from having to wait several minutes to package installs happening in seconds.
Yarn efficiently queues up requests and avoids request waterfalls to maximize network utilization. It starts by making requests to the registry and recursively looking up each dependency. Next, it looks in a global cache directory to see whether the package has been downloaded before. If it hasn't, Yarn fetches the tarball package and places it in the global cache to enable it to work offline and eliminate the need to re-download.
During install, Yarn parallelizes operations, which makes the install process faster. I did a fresh install of three packages, jsonwebtoken, express and lodash, using npm and yarn. After Yarn was finished installing them, npm was still installing.
4. Lock Package Versions Automatically
Npm has a feature called shrinkwrap, which is intended to lock down your package dependencies for production use. The challenge with shrinkwrap is that every developer has to manually run
npm shrinkwrap to generate the
npm-shrinkwrap.json file. Developers are also humans; we can forget!
With Yarn, it's a different ball game. During installation, a
yarn.lock file is generated automatically. It is similar to the
composer.lock file that PHP developers are familiar with. The
yarn.lock file locks down the exact versions of the packages that have been installed and all their dependencies. With this file, you can be certain that every member of your engineering team have the exact package versions installed and deployments can easily be reproduced without unexpected bugs.
5. Install Dependencies the Same Way across Machines
The npm client installs dependencies in a way that can make the structure of the contents of Developer A
node_modules directory different from Developer B. It uses a non-deterministic approach to install these package dependencies. This approach is sometimes responsible for bugs that can't be easily reproduced because of the popular works on my system problem.
With Yarn, the presence of a lock file and an install algorithm ensures that the dependencies installed produce the exact same file and folder structure across development machines and when deploying applications to production.
Note: One more thing, I know I promised five but I can't help tell you how good Yarn makes me feel. Enterprise environments require the ability to be able to list a dependencies' license type. Yarn offers the ability to list the license type for a given dependency by running
yarn licenses ls in your root directory as follows:
Aside: Using Auth0 with Yarn
Auth0 issues JSON Web Tokens on every login for your users. This means that you can have a solid identity infrastructure, including single sign-on, user management, support for social identity providers (Facebook, Github, Twitter, etc.), enterprise identity providers (Active Directory, LDAP, SAML, etc.) and your own database of users with just a few lines of code.
yarn add auth0-lock
It installs the widget within seconds and locks down the exact version with the aid of the