Facebook and Google released Yarn yesterday—a new package manager that uses npm's registry but promises faster, more reliable, more secure installations. The collaboration between tech giants and focus on npm's pain points suggests npm has serious problems.
Whether Yarn succeeds depends on execution and whether developers tolerate another package manager.
npm 3 is in beta, and the biggest change is how it handles dependencies. Instead of deeply nested trees, npm 3 tries to flatten them. This seemingly small change has significant implications for how we use npm, especially for frontend code.
Something interesting is happening: developers are abandoning Bower and installing frontend dependencies with npm. This seems wrong—npm was designed for Node.js, and browser code has different constraints. But the trend is real, and understanding why reveals tensions in how we think about frontend packaging.
Twitter released Bower six months ago, and it's gaining traction for managing frontend dependencies. But using it raises an interesting question: why does frontend need a separate package manager? The answer reveals fundamental differences in how we think about server-side versus client-side code.