← Back to Blog

npm, pnpm, Yarn, and npx…

Package managers are a core part of modern Node.js development. They allow developers to install, manage, and publish external dependencies, making dependencies in a project much easier to maintain.

Before package managers, dependencies had to be handled manually. Developers would either:

  • Download and add files directly into their project folders
  • Load libraries via CDN <script> tags in HTML

This approach was difficult to scale and maintain, especially as projects grew in complexity.

Today, several package managers exist in the Node.js ecosystem. While they serve the same general purpose, they differ in how they handle:

  • Dependency resolution
  • Lockfile formats
  • Package storage strategies
  • Monorepo and workspace support

Let’s look at the most common ones.

npm

From the npm site:

“npm is the world's largest software registry. Open source developers from every continent use npm to share and borrow packages, and many organizations use npm to manage private development as well.”

Despite the name, npm is not actually an acronym for “Node Package Manager.” According to the official documentation, it is a recursive backronym for “npm is not an acronym.” 🙃

Contrary to popular belief, npm is not an acronym for "Node Package Manager." It is a recursive backronymic abbreviation for "npm is not an acronym" (if the project were named "ninaa," then it would be an acronym). The precursor to npm was actually a bash utility named "pm", which was the shortform name of "pkgmakeinst" - a bash function that installed various things on various platforms. If npm were ever considered an acronym, it would be as "node pm" or, potentially, "new pm".

npm is the default package manager for Node.js and was first released in 2010. It comes bundled with Node, so it is automatically available once Node.js is installed.

Key Benefits

  • As the largest open source registry, npm has extensive documentation, community support, and available packages.

  • You can define scripts in package.json to automate tasks like builds, tests, and deployments.

  • npm handles versioning and dependency trees using package-lock.json.

Drawbacks

  • Historically slower than alternatives, though newer versions have improved significantly.
  • package-lock.json can be large and difficult to read, and can sometimes lead to merge conflicts.

Common Commands

Bash

npm -v                      # Check npm version
npm install                 # Install all dependencies
npm install <package>       # Install a dependency
npm install <package> -D    # Install a dev dependency
npm init                    # Initialize a new project (creates package.json)
npm init -y                 # Initialize with default settings
npm uninstall <package>     # Remove a dependency
npm update                  # Update dependencies based on version ranges
npm update <package>        # Update a specific package
npm list                    # List installed dependencies
npm outdated                # Show outdated packages
npm run <script>            # Run a script from package.json
npm start                   # Run the "start" script
npm run build               # Run the "build" script

Yarn

Yarn (originally referred to as “Yet Another Resource Negotiator”) was introduced in 2016 by Facebook to address early npm issues related to performance, reliability, and security.

Yarn introduced features that later influenced npm, such as lockfiles and improved install consistency.

There are two main versions:

  • Yarn Classic (v1), now in maintenance mode
  • Yarn Modern (v2+), also called Berry

Key Benefits

  • Strong support for managing multiple packages in a monorepo
  • Offline caching allows installs without an internet connection after the first run
  • Plug and Play (modern Yarn) removes the need for node_modules in many cases

Drawbacks

  • Learning curve, especially with modern Yarn features
  • Some ecosystem tools still expect a traditional node_modules structure
  • Requires separate installation and does not ship with Node

Installation & command commands

Bash

npm install -g yarn        # Install Yarn globally
yarn -v                    # Check Yarn version
yarn install               # Install all dependencies
yarn add <package>         # Add a dependency
yarn add <package> -D      # Add a dev dependency
yarn remove <package>      # Remove a dependency
yarn upgrade               # Upgrade dependencies
yarn run <script>          # Run a script from package.json
yarn dev                   # Run a script (shortcut for "yarn run dev")

pnpm

pnpm is a fast and disk-efficient alternative to npm. Instead of installing separate copies of dependencies for each project, pnpm uses a global content-addressable store. It links dependencies into your project using symlinks or hard links. This means only one copy of each package version exists on your system.

Key Benefits

  • Faster installs, especially for projects with many dependencies
  • Reduced disk usage by sharing dependencies across projects
  • Strict dependency resolution prevents access to undeclared packages
  • Built-in support for monorepos

Drawbacks

  • Not as widely adopted as npm, though it is growing quickly
  • Requires installation and does not ship with Node

Installation & command commands

Bash

npm install -g pnpm        # Install pnpm globally using npm
pnpm install               # Install all dependencies from package.json
pnpm add <package>         # Add package a dependency             # Add react as a dependency
pnpm add <package> -D      # Add package as a dev dependency
pnpm remove <package>      # Remove a dependency
pnpm update                # Update dependencies based on version ranges
pnpm update <package>      # Update a specific package
pnpm list                  # List installed dependencies
pnpm outdated              # Show outdated packages
pnpm exec <command>        # Run a command using local dependencies
pnpm dlx <package>         # Run a package without installing (like npx)

npx

npx is not a package manager. It is a package runner that comes bundled with npm version 5.2 and above.

npx is great for running one-off commands, scaffolding new projects, and trying tools without installing them globally. It helps keep your global environment clean while still giving you access to powerful CLI tools when you need them.

With npx, a package manager like npm is still required, but npx adds the ability to execute packages on demand without installing them globally.

Common Commands

Bash

npx create-next-app@latest my-app  # Scaffold a new Next.js application
npx <package-name>                 # Execute a package without installing it globally
npx -v                             # Check npx version
npx cowsay "hello"                 # Run a fun CLI tool without installing it
npx eslint .                       # Run a local or remote package (lint your project)
npx prettier --write .             # Format files using prettier

Final Thoughts

When starting a new project, it usually makes sense to begin with npm since it ships with Node.js and lets you get up and running quickly. As your project grows and dependencies become more complex, or if you move toward a monorepo setup, pnpm becomes a strong option thanks to its speed, efficient disk usage, and built-in workspace support.