Try out Yarn instead of npm

Description

Yarn appears to address npm's most important shortcomings: reproducibility, security and performance. It's still pretty new, but given our problems with npm, I think we should give it a try.

Official announcement: https://code.facebook.com/posts/1840075619545360

A comparison: https://www.sitepoint.com/yarn-vs-npm/

Notes:
Timebox this to 3 days

Activity

Show:
Sean Flanigan
December 15, 2016, 8:23 AM

This looks interesting: https://medium.com/@boennemann/avoid-yarn-for-packages-and-fully-enjoy-its-benefits-for-application-development-8bdd4deb33cf#.6f3gni2jq I had no idea npm was downloading all those tarballs to check shrinkwrap files, but it helps to explain the terrible performance.

The fact that yarn apparently ignores dependencies' shrinkwrap/yarn.lock files is a bit of a concern. But it seems to me that whenever you use yarn upgrade (or npm install --no-shrinkwrap; npm shrinkwrap --dev) you will get the latest version (within a semver range) of everything anyway, so it may not be much worse in practice.

Alex Eng
December 20, 2016, 9:59 PM
Edited

Initial research:

Run (zanata-frontend module):
(yarn) mvn clean install 124.13s user 11.78s system 141% cpu 1:35.91 total
(npm) mvn clean install 285.47s user 20.03s system 122% cpu 4:08.57 total

Jenkins (zanata-frontend):
(npm)Zanata frontend 8 min 6 sec
(yarn)Zanata frontend 6 min 19 sec

Ready for Release

Assignee

Alex Eng

Reporter

Sean Flanigan

Tested Version/s

None

Story Points

2

Epic Link

Components

Sprint

None

Fix versions

Priority

unspecified
Configure