Skip to content

Instantly share code, notes, and snippets.

@Aupajo

Aupajo/the-story-of-npm-and-yarn.md

Last active November 9, 2021 04:04
Show Gist options
  • Star 44 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save Aupajo/1a24d85fb53b8800dc680d0f3e188635 to your computer and use it in GitHub Desktop.
Save Aupajo/1a24d85fb53b8800dc680d0f3e188635 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
the-story-of-npm-and-yarn.md

The Story of NPM and Yarn

In the beginning there was NPM, and for a time it was good. Packages went forth and multiplied. The New Gods proclaimed the great demon Dependency Management had been slain. But The Old Gods knew better, for they had seen much and knew that the demon can never be killed, only held at bay.

The Old Gods were ignored. In the folly of a young age grew an abundance of packages and with them grew the scourge of dependency. In the depths beneath the earth, in a place beyond memory, the great demon stirred.

The first sign something was wrong was non-deterministic package version mismatches. “This is fine!” The New Gods declared. “A temporary setback, nothing more! We can fix it.” And so they introduced shrinkwrap, a lamp to combat the growing darkness.

But it proved to be too little, too late, and dusk continued to fall. The New Gods suffered their first major defeat at the Battle of Left-pad. There was much wailing and gnashing of thinkpieces. It was no longer possible to ignore that NPM was flawed, and that the battle was being lost.

In their desperation, The New Gods turned to The Old Gods for help. They summoned forth the Prophet Yehuda, who had defeated the demon once with The Jewelled Hammer of Bundler in the Ruby Isles and again with The Golden Cargo in the Rusted Lands.

From his head, The Prophet Yehuda plucked a strand of his hair and – with the help of The New Gods – wove it into a magic thread. The woven thread was spun into Yarn, a protective layer into which NPM was placed for its own good.

As long as NPM remains in Yarn, the demon cannot attack the integrity of packages, the performance of the cache, or the determinism of package versions. Instead he must be content to lurk in the minds of developers, whispering encouragement and making false promises about the value of adding dependencies to their project.

--

This comment was originally written as the description for a pull request on a private repo entitled “Add Yarn support”. Special thanks to Sebastian McKenzie and James Kyle, who were instrumental in Yarn's creation, and whose names I regret not including in the original.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment