Yarn vs NPM for Phoenix?

bryanhuntesl · November 29, 2019, 2:15pm

Apart from yarn caching functionality/speed does yarn have any compelling advantage over npm? Is it more secure?

sb8244 · November 29, 2019, 3:33pm

My frontend team largely tells me that yarn is out. It solved some problems that npm didn’t, but now has also solved.

They both pull from the same registries and store a lock file, so I’m not sure one would be more secure than the other?

wolfiton · November 29, 2019, 3:46pm

You may be interested in the following blog article

Ruffalo · November 29, 2019, 4:44pm

Both are fine nowadays, but it’s a good idea for a team to pick one and be consistent.

That being said, yarn plays nicer in some environments, such as in an Emacs shell.

acrolink · November 29, 2019, 8:17pm

Yarn is faster. Works fine.

egze · November 29, 2019, 8:50pm

Yarn, because I can’t figure out with npm how to set a custom path for node_modules folder.

Nicd · November 29, 2019, 9:23pm

Be careful, NPM’s default lock file behavior is more like a lock made out of putty. Meaning, running npm install may install different versions and change the lock file.

cpgo · November 29, 2019, 9:48pm

I think the “right” way of doing it is always using npm ci

bryanhuntesl · December 2, 2019, 3:56pm

I wouldn’t have even have realized you need to run that sub-command ‘ci’ in order for npm to respect the lockfile - strange that it isn’t the default behavior???