发表新帖
发表新帖

When to use Yarn over NPM? What are the differences?

前端 未结
关注
6 1197
佛祖请我去吃肉
佛祖请我去吃肉 2020-12-07 10:56

What are the differences between Yarn and NPM? At the time of writing this question I can only find some articles on the Internet showing what\'s the Yarn equvalent of an NP

6条回答
  • 挽巷
    挽巷 (楼主)
    2020-12-07 11:30

    The answer by @msanford covers almost everything, however, I'm missing the security (OWASP's Known Vulnerabilities) part.

    Yarn

    You can check them using yarn audit, however, you cannot fix them. This is still an open issue on a GitHub (https://github.com/yarnpkg/yarn/issues/7075).

    npm

    You can use npm audit fix, so some of them you can fix by yourself.

    Both of them, i.e. npm audit & yarn audit have their own Continuous Integration tools. These are respectively https://github.com/IBM/audit-ci (used, works great!) and https://yarnpkg.com/package/audit-ci (haven't used).

    0 讨论(0)
 看不清?
提交回复
热议问题