pnpm is an npm compatible package manager for JavaScript that offers significant improvements in both speed and disk space usage. With the release of version 5.0, it is time to take a serious look at what differentiates pnpm from the competition.
npm, Yarn, and pnpm are the most popular package managers in the JavaScript ecosystem. At their core, the three package managers behave quite similarly. They all use the same package.json file to manage dependencies, and use a lock file that ensures consistent installs across multiple machines/installations.
What differentiates pnpm is the way packages are managed. While npm and Yarn install separate copies of the packages in every project, pnpm keeps a single copy of every package and uses hard links/symlinks to reference the original installation.
This approach offers two significant benefits - reduced disk space usage and a faster installation process.
Many companies/developers work on multiple projects that share at least some of their dependencies. The duplicated packages result in wasted disk space that often forces the use of larger CI/CD build machines. The duplication also limits the amount of available storage space within local developer laptops.
While this duplication may sound negligible, package sizes have been growing steadily over the years, and it's not uncommon to see dependency folders consume 1000MB of disk space. These sizes are easy to explain when you realize that an empty React project consumes just under 200MB, while an empty Angular project weighs in at nearly 300MB.
Until pnpm 5.0 the duplication was managed at the package level, and so if the same Lodash version was used twice, the same package was installed once and linked to the two projects.
pnpm 5.0 improves the project by introducing a new content-addressable storage system that allows pnpm to test the difference between individual files. As a result, pnpm can enumerate identical files that were installed in separate packages and reuse them. For example, the latest Lodash release only changed nine files out of nearly 300 total files. The new system eliminates the need to duplicate the vast majority of files that remain unchanged.
Another advantage of the pnpm linking strategy is improved installation speed. While NPM and Yarn will cache packages locally to avoid downloading the same package multiple times, they still copy the package on each installation. This process is inherently slower than generating a new symlink.
The improvement in installation speed depends on the project/packages that are being used. Still, based on the benchmarks provided by pnpm, developers can expect a significant reduction in installation time in most use cases.
A complete list of changes in pnpm 5.0 can be found in the official release notes.
pnpm is released under the MIT license. Additional information on pnpm can be found on the official website