JSPM vs Yarn

JSPM is registry agnostic, it can pull packages from npm and github and is built in such a way it can support more.

Loads ES6, AMD, CommonJS and globals.

While Webpack and Browserify recompile the source code using Babel, jspm is the only packager that can load prebuild/minified code downloaded from the npm registry.

Create the bundle file without config and add only the modules imported.

With a simple command you could change between load the modules async by systemjs or sync with a bundle file.

It creates a packages folders which are versioned. This makes it future proof for a time where we stop bundling all the code. In the following presentation Guy Bedford calls bundling an anti-pattern.

One of the most important aspects of Yarn is determinism (predictability). The lock file ensures that the same dependencies will always be installed in the same way and order regardless of the machine for a given repository.

yarn why <query> can tell you why a package was installed and what other packages depend on it.

Yarn efficiently queues up requests and avoids request waterfalls in order to maximize network utilization.

If you've installed a package before, you can install it again without any internet connection.

Resolve mismatching versions of dependencies to a single version to avoid creating duplicates.

Install any package from either npm or Bower and keep your package workflow the same.

A single request failing won't cause an install to fail. Requests are retried upon failure.

It looks like it has good documentation.

Even though it's still in its early stages of development, security is one of the core values on which Yarn is built. It uses checksums to verify the integrity of every package before executing its code. This also helps avoiding errors related to faulty caching or captive portals.

Further steps are also being taken to improve the security of Yarn which will be implemented in the future.

Even though it's backed by Facebook, Yarn is built as a community project first and foremost. It's completely open source and hosted on Github. It's released under a standard open source client and has its own GitHub organization and set up to work under the same governance model that other successful projects have used in the past, such as Rust and Ember.

All of this means that both existing and new contributors will always work together to improve the product and introduce new features while also keeping in mind suggestions coming from the community.

Was created in a collaboration of Facebook with Exponent, Google and Tilde.