Blog

Cloudflare security incident and impact on Yarn users

Posted Feb 24, 2017 by Sebastian McKenzie

Yarn uses its own proxy to the npm registry in order to allow us to experiment with the way the Yarn client works and allow optimizations in the future around how packages are resolved. This registry is used by all Yarn users by default.

Lockfiles should be committed on all projects

Posted Nov 24, 2016 by James Kyle

Yarn is a new package manager that we built to be consistent and reliable. When installing hundreds or even thousands of third-party packages from the internet you want to be sure that you’re executing the same code across every system.

Running Yarn offline

Posted Nov 24, 2016 by Konstantin Raev

Repeatable and reliable builds for large JavaScript projects are vital. If your builds depend on dependencies being downloaded from network, this build system is neither repeatable nor reliable.

Yarn: A new package manager for JavaScript

Posted Oct 11, 2016 by Sebastian McKenzie, Christoph Pojer, James Kyle

We’re pleased to announce the open source release of Yarn, a collaboration between Facebook, Exponent, Google, and Tilde. With Yarn, engineers still have access to the npm registry, but can install packages more quickly and manage dependencies consistently across machines or in secure offline environments. Yarn enables engineers to move faster and with confidence when using shared code so they can focus on what matters — building new products and features. Read the full announcement on code.facebook.com.