Try out Yarn instead of npm


Yarn appears to address npm's most important shortcomings: reproducibility, security and performance. It's still pretty new, but given our problems with npm, I think we should give it a try.

Official announcement:

A comparison:

Timebox this to 3 days


Alex Eng
December 20, 2016, 9:59 PM

Initial research:

Run (zanata-frontend module):
(yarn) mvn clean install 124.13s user 11.78s system 141% cpu 1:35.91 total
(npm) mvn clean install 285.47s user 20.03s system 122% cpu 4:08.57 total

Jenkins (zanata-frontend):
(npm)Zanata frontend 8 min 6 sec
(yarn)Zanata frontend 6 min 19 sec

Sean Flanigan
December 15, 2016, 8:23 AM

This looks interesting: I had no idea npm was downloading all those tarballs to check shrinkwrap files, but it helps to explain the terrible performance.

The fact that yarn apparently ignores dependencies' shrinkwrap/yarn.lock files is a bit of a concern. But it seems to me that whenever you use yarn upgrade (or npm install --no-shrinkwrap; npm shrinkwrap --dev) you will get the latest version (within a semver range) of everything anyway, so it may not be much worse in practice.

Ready for Release
Your pinned fields
Click on the next to a field label to start pinning.


Alex Eng


Sean Flanigan

Tested Version/s