2022-09-15

NVM vs NPM vs Yarn

Ventsislav VenkovJunior Developer
NVM vs NPM vs Yarn

Compared to the three technologies, NVM differs from the other two. Node Version Manager (NVM) is used to manage Node.js versions. NPM and Yarn are Node.js package managers. They allow downloading, installing, and managing packages when developing in JavaScript.

What is NVM?

As you already know, NVM is the Node Version Manager. It allows fast and convenient switching between different node versions for testing and developing an app.

Why use NVM?

NVM allows users to:
  • With a single command, you may locally download any remote Long Term Support (LTS) version of Node.js.
  • From the command line, you can quickly switch between different Node.js versions.
  • Create aliases to easily switch between different downloadable versions of Node.js.

Using NVM

If NVM is installed, you can manage any version of Node.js through a simple command.

This lists all installed local versions of Node:

nvm ls

To install a specific version, this command can be used:

nvm install <SPECIFIC_NODE_VERSION>

To use (or switch) a specific version of Node.js, use the following command:

nvm use <SPECIFIC_NODE_VERSION>

NPM vs Yarn

Node Package Manager (NPM)

NPM is the package manager by default for Node. Simple commands are supported because it is a CLI (Command Line Interface) installer. It has packages written in JSON and is open-source and cost-free. In a package.json file, the dependencies of your Node application can be listed and stored. Users can also distribute packages. The primary npm registry has more than 1.3 million packages. Automation of dependency and package management is the primary goal of NPM. Using a "package.json" file, npm may install all of a project's dependencies in a single command when used as a dependency manager for a local project.

Yarn (Yet Another Resource Negotiator)

The most latest and enhanced version of NPM is yarn. As a replacement for NPM, Facebook, Exponent, Google, and Tilde created it in 2016. It was designed to offer complex functionality that NPM was missing. To stabilise its use, NPM has added a few crucial functionalities. Yarn uses the same techniques as NPM, but it keeps track of all installation data internally to ensure compatibility across platforms. It is also more secure and stable than NPM.

The differences

Yarn caches all installed packages. Yarn installs the packages simultaneously, and that is why Yarn is faster than NPM.

They both download packages from the npm repository. Yarn generates yarn.lock to lock down the versions of the package's dependencies by default.

Yarn does a security check in the background when it downloads packages. In order to prevent downloading malicious scripts and cause dependency issues, it makes use of the package's license information. Security was a big worry for NPM in its early iterations. Since version 6, every time a package is installed, NPM performs a security audit. This ensures that there are no conflicting dependencies and helps to prevent vulnerabilities.

There are numerous fundamental similarities between Yarn and NPM:

  • Automatically generated lock files
  • Support for using Workspaces
  • Support for using remote scripts - npx vs yarn dlx
Recent changes to NPM and Yarn

Both Yarn and NPM are constantly being updated with bug fixes and new features like NPX and PnP.

NPX

Node Package Executor, abbreviated NPX. It's a feature introduced in NPM 5.2.0 and later. NPX facilitates the running of one-off instructions. Thanks to NPX, packages listed in the NPM registry may be run without being added as dependencies to your project.

In order to get familiar with NPX, read this manual.

Yarn2 (Berry)

With the release of Yarn2, also known as Berry, Yarn expanded their yarn line. Plug'n'Play, Constraints, Offline Installation, Zero-Installation, Workspaces, and Yarn Dlx are just some of the amazing new features in this edition of Yarn (the new Yarn NPX).

If you’ve done these steps described in this section correctly, you will see a new block in phpinfo().

Here are the most noteworthy enhancements:

Plug'n'Play is an alternate method of setup. Unlike Node.js, which creates a node modules directory and handles the resolution on its own, Plug'n'Play just generates one pnp.js file.

  • Eliminating node modules.
  • Package installation times have been cut by as much as 70%.
  • If you neglect to provide a dependency, Plug'n'Play will give you a warning.
  • Quicker startup of current projects.

If you want to find out more about Plug'n'Play, read this manual.

Project dependencies may be managed with the use of constraints, which let you to declare general rules in prologue (a declarative programming language). So long as there are no incompatible dependencies in your repository, you may set up rules to enforce them.

Modernized Workspaces - you may now set up a mono repository in order to control the interdependencies between several projects. Due to this, it is possible for many projects to refer to each other. Any changes made to one repository automatically update the others.

The two yarns, Yarn1 and Yarn2, are very unlike. Learn how to make the transition from Yarn1 to Yarn2 with the help of this handy tutorial.

In conclusion

There are big differences between NVM, NPM, and Yarn.

  • Node.JS can be set up with NVM.
  • NPM is the best way to install all of the packages you need.
  • Yarn works like NPM, but it is faster and more stable when installing and listing
  • dependencies for your Node.JS application.

What they have in common is that they are all used by Node applications.

At Bulcode we are used to dealing with both NPM and Yarn however the preferred choice is typically Yarn.

Tags:

Share this article:

Thank you for subscribing!

Subscribe to our newsLetter

If you need help with delivering a project using these technologies, don't hesitate to reach out.