未加星标

Facebook’s Yarn rewrites npm from scratch

字体大小 | |
[前端(javascript) 所属分类 前端(javascript) | 发布者 店小二05 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

Facebook’s Yarn rewrites npm from scratch

Newcomer image via Shutterstock

Facebook has been using the npm client for years but they started running into problems with performance, security and consistency once the size of their codebase and the number of engineers started to grow. This is how Yarn, “a fast, reliable, and secure alternative npm client” came into being.

“With Yarn, engineers still have access to the npm registry, but can install packages more quickly and manage dependencies consistently across machines or in secure offline environments,” according to the official announcement . “Yarn enables engineers to move faster and with confidence when using shared code so they can focus on what matters ― building new products and features.”

Many projects at Facebook depend on code in the npm registry but as they scaled internally, they faced consistency, performance and security problems. Although they tried to build solutions (to check in package.json and askengineers to manually run npm install .,check all of node_modules into the repository and to zip the entire node_modules folder and upload it to an internal CDN) around these issues, new problems arose so they needed to find a different solution.

Yarn to the rescue

Facebook joined forces with developers fromExponent, Google, and Tilde and “built out the Yarn client and tested and validated its performance on every major JS framework and for additional use cases outside of Facebook.”

Although the new package managerreplaces the existing workflow for the npm client or other package managers, it is still compatible with the npm registry. Yarn claims it makes installs faster and more reliable but there are also other features that simplifythe dependency management workflow such as the ability to restrict licenses of installed modules and a means for outputting license information, compatibility with both the npm and bower workflows and supports mixing registries and more.

SEE ALSO:Lessons learned from npm fiasco: How much harm can 11 javascript lines of code can do?

What does npm have to say about Yarn?

After Facebook released Yarn, npmwrote on its blog that even though they “haven’t had time to run extensive tests on the compatibility of Yarn, it seems to work great with public packages.”

We’re pleased to see Yarn get off to such a great start, and look forward to seeing where it goes.

However, due to the fact that it does not authenticate to the registry the way the official client does, Yarn cannot work with private packages at the moment.

Why choose Yarn?

Shuvo Habib,Front End Engineer at GG, Basundhara Group , urged people via a Medium post to go for Yarn because it has some features that npmdoesn’t have, including the fact that “you can check the licenses of your dependencies and you can also generate your license dependencies.” Plus, it’s faster and itallows developers to upload the libraries or code block they created.

Yarn is now available on GitHub .

本文前端(javascript)相关术语:javascript是什么意思 javascript下载 javascript权威指南 javascript基础教程 javascript 正则表达式 javascript设计模式 javascript高级程序设计 精通javascript javascript教程

主题: FacebookGitJavaScriptCDNGitHubJava
分页:12
转载请注明
本文标题:Facebook’s Yarn rewrites npm from scratch
本站链接:http://www.codesec.net/view/483983.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 前端(javascript) | 评论(0) | 阅读(26)