Yarn vs NPM for Phoenix?

Apart from yarn caching functionality/speed does yarn have any compelling advantage over npm? Is it more secure?

My frontend team largely tells me that yarn is out. It solved some problems that npm didn’t, but now has also solved.

They both pull from the same registries and store a lock file, so I’m not sure one would be more secure than the other?

1 Like

You may be interested in the following blog article

1 Like

Both are fine nowadays, but it’s a good idea for a team to pick one and be consistent.

That being said, yarn plays nicer in some environments, such as in an Emacs shell.

1 Like

Yarn is faster. Works fine.

1 Like

Yarn, because I can’t figure out with npm how to set a custom path for node_modules folder.

1 Like

Be careful, NPM’s default lock file behavior is more like a lock made out of putty. Meaning, running npm install may install different versions and change the lock file.

1 Like

I think the “right” way of doing it is always using npm ci

2 Likes

I wouldn’t have even have realized you need to run that sub-command ‘ci’ in order for npm to respect the lockfile - strange that it isn’t the default behavior???

3 Likes