So we all must be thinking what is so different about YARN?
Facebook in its blog post has given a detailed description about its new npm client.
“In the Node ecosystem, dependencies get placed within a node_modules directory in your project. However, this file structure can differ from the actual dependency tree as duplicate dependencies are merged together. The npm client installs dependencies into the node_modules directory non-deterministically. This means that based on the order dependencies are installed, the structure of anode_modules directory could be different from one person to another. These differences can cause “works on my machine” bugs that take a long time to hunt down.
Yarn resolves these issues around versioning and non-determinism by using lockfiles and an install algorithm that is deterministic and reliable. These lockfiles lock the installed dependencies to a specific version, and ensure that every install results in the exact same file structure in node_modules across all machines. The written lockfile uses a concise format with ordered keys to ensure that changes are minimal and review is simple.”
As a Developers at least you could ask for a deterministic implementation of installs but npm client is not deterministic. To get packages Yarn uses the npm registry and the packages are cached once the package retrieval is done. These packages can be installed locally without an internet connection and slowly it decreases the dependency on npm registry.
The most important thing here is that to install Yarn it is required to use the npm client. Above all this, there is a serious issue that it is not clear whether Yarn has the capability of replacing or be a fork of the npm registry. The Yarn is currently accessing the registry as provided by Npmjs.com, the authentication is not provided so cannot be worked with private packages.