BT

Your opinion matters! Please fill in the InfoQ Survey!

Yarn 1.0 Adds Workspaces, Auto-Merge and Selective Version Resolution

| by Abel Avram Follow 4 Followers on Sep 08, 2017. Estimated reading time: 1 minute |

A note to our readers: As per your request we have developed a set of features that allow you to reduce the noise, while not losing sight of anything that is important. Get email and web notifications by choosing the topics you are interested in.

Almost a year ago we published the news Facebook Open Sources Yarn, a JavaScript Package Manager, introducing Yarn and the motivation behind its creation. The community has moved the project forward, releasing the first major version with workspaces, automatic merging, selective version resolution and many other features and fixes.

The main new features in Yarn 1.0 are:

  • Workspaces – offering the ability to aggregate and install once multiple dependencies from various package.json files. This is done to enforce dependency synchronization.
  • Auto-merge – merge conflicts in lock files can be automatically solved by running yarn install.
  • Selective version resolution – provides the ability to establish what version to use for the dependencies of a dependency.
  • Improved interactive upgrade.
  • The change log mentions many other features, improvements and bug fixes.

Yarn has received some traction after being open sourced last year. Facebook claims that "many large and small companies" are using it, including Twitter, Microsoft, Sentry, Expo and Kenzan with "improvements of 5x in install times." Also, over 190k GitHub projects include yarn.lock in their root directory and Yarn is used for over 3B package downloads a month. It also comes pre-installed with several CI tools including AppVeyor, CircleCI, and Travis CI. Facebook detailed a bit how they are using Yarn:

Here at Facebook, Yarn has been adopted across many codebases including the main Facebook app and website, Instagram, Oculus, and WhatsApp. Yarn supports hundreds of thousands of package installs on our systems every day. It was designed to scale even when a project has hundreds or thousands of direct or transitive dependencies. Installs are done quickly and securely using the offline mirror feature, and they are reliable and reproducible not only on the different machines of our engineers, but also across our continuous integration systems.

Facebook attributes the success of the package manager to the open source community with over 300 contributors of which 40 have made "impactful changes" in 2017. For the future, Facebook plans to integrate tools that deal with package change logs, semantic versioning, and version synchronization in related projects. They also want to work with npm to add support for two-factor authentication for enhanced security during the package upgrading process. They also promise not to introduce "breaking changes in minor or patch releases," and have a more streamlined release process.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT