Insights & Analysis
    Find an Expert
    Career Opportunities


📦🐈 Fast, reliable, and secure dependency management.

1.17.3  •  Published 1 month ago  •  by yarnpkg  •  BSD 2-Clause "Simplified" License


Fast, reliable, and secure dependency management.

Circle Status Appveyor Status Azure Pipelines status Discord Chat Commitizen friendly

Fast: Yarn caches every package it has downloaded, so it never needs to download the same package again. It also does almost everything concurrently to maximize resource utilization. This means even faster installs.

Reliable: Using a detailed but concise lockfile format and a deterministic algorithm for install operations, Yarn is able to guarantee that any installation that works on one system will work exactly the same on another system.

Secure: Yarn uses checksums to verify the integrity of every installed package before its code is executed.


  • Offline Mode. If you’ve installed a package before, then you can install it again without an internet connection.
  • Deterministic. The same dependencies will be installed in the same exact way on any machine, regardless of installation order.
  • Network Performance. Yarn efficiently queues requests and avoids request waterfalls in order to maximize network utilization.
  • Network Resilience. A single request that fails will not cause the entire installation to fail. Requests are automatically retried upon failure.
  • Flat Mode. Yarn resolves mismatched versions of dependencies to a single version to avoid creating duplicates.
  • More emojis. 🐈

Installing Yarn

Read the Installation Guide on our website for detailed instructions on how to install Yarn.

Using Yarn

Read the Usage Guide on our website for detailed instructions on how to use Yarn.

Contributing to Yarn

Contributions are always welcome, no matter how large or small. Substantial feature requests should be proposed as an RFC. Before contributing, please read the code of conduct.

See Contributing.

Prior art

Yarn wouldn’t exist if it wasn’t for excellent prior art. Yarn has been inspired by the following projects:


Thanks to Sam Holmes for donating the npm package name!

Avoid unsafe or low quality packages
Warn or block the installation of vulnerable, badly licensed, deprecated, outdated, unmaintained, or unpopular packages. Integrates with your npm and pre-commit/build scripts
Just $9/month per developer


Weekly Downloads

Issues and PRs


Last ver 1 month ago
Created 7 years ago
Last commit 1 month ago
21 hours between commits


344 contributors


Node version: 8.6.0
5307.5K unpacked

Legal and Compliance

BSD 2-Clause "Simplified" License
OSI Approved
0 vulnerabilities

Top Experts

Konstantin Raev
Maintainer, 60 commits, 363 merges, 119 PRs
Works at Facebook
277 merges, 148 PRs
Maël Nison
Maintainer, 127 commits, 24 merges, 14 PRs
Works at datadog
Burak Yiğit Kaya
Maintainer, 141 commits
Works at Sentry
Daniel Lo Nigro
Maintainer, 34 commits, 68 merges, 66 PRs
Works at Facebook
Christoph Nakazawa
Maintainer, 51 merges, 18 PRs
Works at Facebook