Yarn is my package manager of choice for the JavaScript ecosystem.
When I started programming, yarn was superior to NPM - faster, more secure, better dependency lock. Nowadays, in 2019, npm, the default package manager for node, has caught up. It doesn’t really matter which tool you use.
But now I have yarn on my system.
But yarn comes with problems, too.
For example, yarn upgrade
doesn’t update your package.json
file. The command updates dependencies in your lockfile (yarn.lock
), but it won’t show in package.json
.
Here is a workaround:
$ yarn upgrade && npx syncyarnlock -s -k && yarn install
You can make an alias for your shell. For Fish:
$ alias yup 'yarn upgrade && npx syncyarnlock -s -k && yarn install'
$ funcsave yup
The command uses syncyarnlock to update package.json
and keeps prefixes (like the ^ for dynamic packages).
You can install syncyarnlock globally for a faster experience, but I prefer using npx for a temporary install. This way, the package won’t clutter my system.
Alternatively, you can install pnpm, a new package manager that only saves one version of a package on your disk. The tool uses symlinks to save disk space.