Gemnasium now supports Yarn, and we have support for it coming in the next few days for Gemnasium Enterprise!
So, what’s Yarn?
If it’s the same packages, why another format then?
It turns out that the people behind Yarn (Facebook, Google and other less known companies like Tilde) were pushing npm to its limits and faced some issues.
Back to Yarn.
One of the issues of the npm client is that it’s not deterministic. That means that running it multiple times could yield different results. Yes, you read that right.
Yarn is deterministic. No matter when in time or on what laptop or server you run
yarn, you will get the same packages.
It’s faster, more reliable and more secure. It also can work offline if you’ve installed a package before.
Oh, in case you didn’t know: we’re free for open source projects (and will always be)!
For your information, we’re working on adding support for more dependency management systems in the next few months…including Maven (Java) and nuget (.Net)!