Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Tech Talk - Comparing JS package managers

Marko Arsić
September 16, 2021

Tech Talk - Comparing JS package managers

In modern application development, we don't write everything from scratch. Instead, we prefer to use existing open-source packages. Each of these packages has its own maintainers and community. So, using a package in our projects gives us some advantages like faster development, access to new, regular updates, and better security than custom-created script.

Package managers are tools that automatically handle the dependencies of a project. We will explore the pros and cons of the most popular package managers today and take a closer look at speed, security, ease of use, stability ...

If you are searching for a solution that gives you better speed and efficient memory usage after this lecture you will have a better understanding of what you should choose.

Marko Arsić

September 16, 2021
Tweet

More Decks by Marko Arsić

Other Decks in Programming

Transcript

  1. • npm was the first package manager to introduce the

    concepts • released back in 2010 and officially adopted by the Node.js • online registry for JavaScript packages as well as a command-line tool
  2. Companies like Facebook and Google joined efforts to develop a

    better version of npm and call it Yarn Ukrainian developer Zoltan developed pnpm
  3. All of these package managers are open-source, meaning you have

    full access to check the inner workings of each one
  4. • Automatically generates a package-lock.json • Manage local or global

    dependencies • can handle multiple versions of dependencies • Official registry Benefits
  5. • Yarn fixes many issues that appear in a Monorepo

    • Use of an offline cache mechanism (~/.yarn-cache) • Use of a lock file called - yarn.lock • Built-in license checker • Uses an approach called parallel downloads • Automatically retry the HTTP request in case of failure Benefits
  6. • Offers significantly better disk space usage and speed •

    installs all packages on a single location and then uses symlinks to reference them • introduces a new Yarn-bash-like setting called shell-emulator, a cross-platform shell environment • has a strict access control mechanism Benefits
  7. npm, Yarn, and pnpm offer almost identical commands for their

    various operations, and they are all easy to use
  8. Speed There’s no match to pnpm when it comes to

    the speed and performance of these package managers Benchmark
  9. The speeds of Yarn and npm are comparable if we

    perform an install operation by just using node_modules and skip cache and lock file functionality, then npm could offer 5x better speed if we use all three functionalities, then Yarn could boost its performance and becomes 11x faster than npm
  10. Security The major advantage of Yarn over npm is that

    it verifies the integrity of each package using checksums npm is a bit more forgiving when it comes to working with bad packages.
  11. Stability Over time, their codebase has matured because they’ve received

    tons of contributions from the open-source community.
  12. Monorepos But both Yarn and pnpm have complete support for

    monorepos, thanks to their concept of workspaces.
  13. If you are searching for a solution that gives you

    better speed and efficient memory usage, you should strongly consider using pnpm
  14. If you are handling monorepos, you can use pnpm or

    Yarn to do so. However, keep in mind that Yarn sends usage data to Facebook, which may not make Yarn a suitable choice in some scenarios.
  15. HypeTech Tech education and shaping ideas into hype products hypetech.io

    | reactweek.dev Marko Arsić Founder and CEO @ HypeTech Founder of HypeTech Education Lecturer @ ReactWeek.dev Independent Tech Consultant Helping companies set up teams and standardize the development process github.com/marsicdev