# Homebrew
brew update
brew install yarn
# Bash script
curl -o- -L https://yarnpkg.com/install.sh | bash
# Manually
cd /opt
wget https://yarnpkg.com/latest.tar.gz
# Yarn is now in /opt/yarn-[version]/
tar zvxf yarn-*.tar.gz
# npm
npm install --global yarn
yarn --version
Yarn is able to parallelize operations, which maximizes resource utilization and makes the install process faster. Throughout this entire process, Yarn imposes strict guarantees around package installation. You have control over which lifecycle scripts are executed for which packages. Package checksums are also stored in the lockfile to ensure that you get the same package every single time.
The install process is broken down into three steps. By breaking these steps down cleanly and having deterministic results.
-
Resolution: Yarn starts resolving dependencies by making requests to the registry and recursively looking up each dependency.
-
Fetching: Next, Yarn looks in a global cache directory to see if the package needed has already been downloaded. If it hasn't, Yarn fetches the tarball for the package and places it in the global cache so it can work offline and won't need to download dependencies more than once. Dependencies can also be placed in source control as tarballs for full offline installs.
-
Linking: Finally, Yarn links everything together by copying all the files needed from the global cache into the local node_modules directory.
-
Speed
-
Automatic shrinkwrap with the yarn lockfile
Yarn lockfile guarantees that repeatedly running yarn on the same repository results in the same packages.
- Security-centric design
yarn
<=>npm install
yarn
command (yarn install
) will read your package.json, fetch packages from the npm registry, and populate your node_modules
folder.
yarn install --har
yarn install --no-lockfile
yarn install --pure-lockfile
If your package only allows one version of a given dependency. In package.json
, use { "flat": true }
-
yarn install --flat
-
yarn add <name>
<=>npm install --save <name>
-
yarn add <name>
<=>npm install --save <name>@latest
This will automatically add the [package]<name>
to your dependencies in your package.json. It will also update your
yarn.lock` to reflect the change.
yarn add [package]
yarn add [package]@[version] >> yarn add package-1@1.2.3 >> yarn add package-2@^1.0.0
yarn add [package]@[tag] >> yarn add package-3@beta
-
yarn add <name> --dev
<=>npm install --save-dev <name>
-
yarn add <name> --exact
<=>npm install --save-exact <name>
-
yarn add <name> --optional
<=>npm install --save-optional <name>
-
yarn add <name> --peer
// to add to peerDependencies -
yarn global add <name>
<=>npm install --global <name>@latest
-
yarn remove <name>
<=>npm uninstall --save <name>
-
yarn upgrade
<=>rm -rf node_modules && npm install
<=>npm update --save
yarn upgrade [package]
yarn upgrade [package]@[version]
yarn upgrade [package]@[tag]
-
yarn init
<=>npm init
-
yarn link
<=>npm link
-
yarn outdated
<=>npm outdated
-
yarn publish
<=>npm publish
-
yarn run
<=>npm run
-
yarn cache clean
<=>npm cache clean
-
yarn login
<=>npm login (and logout)
-
yarn test
<=>npm test
-
yarn ls
<=>npm ls
-
yarn licenses
Allows you to inspect the licenses of your dependencies
yarn licenses generate
Automatically create your license dependency disclaimer
yarn why <name>
Identify why package is installed, detailing which other packages depend upon it
yarn.lock
file is auto-generated and should be handled entirely by Yarn. As you add/upgrade/remove dependencies with the Yarn CLI, it will automatically update your yarn.lock
file. Do not edit this file directly as it is easy to break something.
yarn.lock
files should be checked into source control. This allows Yarn
to install the same exact dependency tree across all machines, whether it be your coworker’s laptop or a CI server.