Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Spin me a Yarn
Search
Serena Fritsch
May 02, 2017
Programming
85
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Spin me a Yarn
DublinJS 2017
Serena Fritsch
May 02, 2017
More Decks by Serena Fritsch
See All by Serena Fritsch
Let Me Ember this for You
serenaf
0
290
Emberconf 2017 - Spin me a Yarn
serenaf
0
180
Crafting the Perfect Computed Property
serenaf
0
69
Other Decks in Programming
See All in Programming
【SRE NEXT 2026 Lunch Session】一人目専任SREの立ち上げを加速する ― AIと進めたオンボーディングで2分を0.04秒にした話
pkshadeck
PRO
0
2.3k
エンジニア向け会社紹介/Findy Company Profile
findyinc
6
360k
LaravelLive Japan の裏方のすべて — 第188回 PHP勉強会@東京 (2026-06-24)
suguruooki
2
150
どこまでゆるくて許されるのか
tk3fftk
0
470
AI時代の仕事技芸論〜ソフトウェア開発で「遊ぶように働く」職人的熟達のすすめ(スクフェス仙台 2026バージョン)
kuranuki
0
610
Hunting Vulnerabilities in Symfony with LLMs
vinceamstoutz
0
580
LLMによるContent Moderationの本番運用の裏側と品質担保への挑戦
suikabar
3
840
Haskell/Servantを通してWebミドルウェアを捉え直す
pizzacat83
1
480
20260623_Loop Engineeringで自分の分身の問い合わせBotを作る
ryugen04
0
200
Creating Composable Callables in Contemporary C++
rollbear
0
200
共通化で考えるべきは、実装より公開する型だった
codeegg
0
210
霧の中の代数的エフェクト
funnyycat
1
340
Featured
See All Featured
Believing is Seeing
oripsolob
1
170
Java REST API Framework Comparison - PWX 2021
mraible
34
9.5k
Ethics towards AI in product and experience design
skipperchong
2
330
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
460
New Earth Scene 8
popppiees
3
2.4k
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
helenjbeal
1
260
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
190
Color Theory Basics | Prateek | Gurzu
gurzu
0
390
Large-scale JavaScript Application Architecture
addyosmani
515
110k
Noah Learner - AI + Me: how we built a GSC Bulk Export data pipeline
techseoconnect
PRO
0
220
Code Review Best Practice
trishagee
74
20k
Transcript
Spin me a Yarn Serena Fritsch @serifritsch
[email protected]
DublinJS 2017
None
Once upon a time…
๏ First release in 2010
๏ First release in 2010 ๏ NPM Registry
๏ First release in 2010 ๏ NPM Registry ๏ 347184
published packages https://unpm.nodesource.com/
๏ First release in 2010 ๏ NPM Registry ๏ 347184
published packages ๏ 11,164 packages per week https://unpm.nodesource.com/
None
None
xkdc.com and reddit
๏ Non-Determinism
๏ Non-Determinism ๏ Performance
๏ Uses npm registry
๏ Uses npm registry ๏ Consistent and reliable dependency resolution
๏ Uses npm registry ๏ Consistent and reliable dependency resolution
๏ Improved performance
Dependency Resolution? Non-Determinism? Performance?
None
In the beginning…
Disclaimer ✓ You use a package manager ✓ You are
familiar with the npm eco system
What are packages?
Piece of software that can be downloaded
May depend on other packages
What are dependencies? a^1.0.0 b^1.0.0 App
Specified inside the package.json a^1.0.0 b^1.0.0 App
a^1.0.0 b^1.0.0 App Follow semantic versioning
https://xkcd.com/1172/
Multiple levels of dependencies a^1.0.0 s^1.0.0 App b^1.0.0 s^2.0.0
a^1.0.0 s^1.0.0 App b^1.0.0 s^2.0.0 No dependency conflicts
Under the hood
Project Code
Project Code Manifest +
Project Code Manifest + Dependency Code
goo.gl/LJSNmP
None
Disclaimer ✓ First-time installation ✓ Empty node_modules folder ✓ No
pre-cached packages
Install Phases 1. Dependency Resolution Make requests to the registry
and look up dependencies recursively
Install Phases 2. Fetching Packages Fetch package tarballs and place
in global cache
Install Phases 3. Linking Packages Copying files from global cache
to local node_modules folder
https://github.com/ashleygwilliams/npm-sandbox package.json
https://github.com/ashleygwilliams/npm-sandbox package.json Dependency Graph a^1.0.0 b^1.0.0 App s^1.0.0 s^2.0.0
. . node_modules folder a^1.0.0 b^1.0.0 App s^1.0.0 s^2.0.0
. node_modules folder a1 b1 App s1 s2
. . a1 s1 b1 s2 a1 b1 App s1
s2
. Dependency Resolution 1. Load the existing node_modules tree from
disc a1 b1 App s1 s2
. Dependency Resolution 2. Clone the current tree a1 b1
App s1 s2
. Dependency Resolution 3.Build the ideal tree a1 b1 App
s1 s2
. Dependency Resolution a1 b1 App s1 s2
. Dependency Resolution a1 a1 b1 App s1 s2
. Dependency Resolution a1 a1 b1 App s1 s2
a1 s1 . Dependency Resolution a1 b1 App s1 s2
a1 s1 . Dependency Resolution a1 b1 App s1 s2
a1 s1 b1 . . Dependency Resolution a1 b1 App
s1 s2
a1 s1 b1 . Dependency Resolution a1 b1 App s1
s2
. a1 s1 b1 s2 Dependency Resolution a1 b1 App
s1 s2
. Dependency Resolution 4.Generate Actions to take add
[email protected]
add
[email protected]
add
[email protected]
add
[email protected]
a1 s1 b1 s2 a1 b1 App s1 s2
. Package Fetching and Linking a1 s1 b1 a1 s1
b1 s2
. Dependency Resolution 1.Create a list of Package Requests a1
b1 App s1 s2
. Dependency Resolution 2. Find Version on Registry a1 b1
App s1 s2
. Dependency Resolution 3. Check existing dependencies a1 b1 App
s1 s2
. Dependency Resolution 4. Create a new Package Request and
repeat… a1 b1 App s1 s2 a1
. Dependency Resolution a1 b1 App s1 s2 a1
a1 s1 . Dependency Resolution a1 b1 App s1 s2
a1 s1 . Dependency Resolution a1 b1 App s1 s2
a1 s1 b1 . . Dependency Resolution a1 b1 App
s1 s2
a1 s1 b1 . . Dependency Resolution a1 b1 App
s1 s2
a1 s1 b1 . Dependency Resolution a1 b1 App s1
s2 a1 s1 b1 s2
. Package Fetching and Linking a1 s1 b1 a1 s1
b1 s2
. . Save Lockfile a1 s1 b1 a1 s1 b1
s2
“To make it more clear, your package.json states “what i
want” for the project whereas your lock file says “what I had” in terms of dependencies” -Dan Abramov . . Save Lockfile
.
Differences
None
a1 b1 App s1 s2 c1 s1 a1 b1 s2
s1 c1 https://docs.npmjs.com/how-npm-works/npm3-nondet
Upgrade of Package A a2 b1 App s2 s2 c1
s1
a1 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1
a1 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 s2 s1 c1 a2 b1 App s2 s2
c1 s1 s2
a2 b1 App s2 s2 c1 s1 a2 b1 s2
s1 c1 s2
a2 b1 App s2 s2 c1 s1
a2 b1 App s2 s2 c1 s1
a2 b1 App s2 s2 c1 s1 a2
a2 b1 App s2 s2 c1 s1 a2
a2 s2 a2 b1 App s2 s2 c1 s1
a2 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1 s1
a2 b1 s2 c1 s1 a2 b1 s2 s1 c1
s2
Anything I can do? When in doubt, clear node_modules out
Save Lockfile npm shrinkwrap
Save Lockfile By default turned off
Upgrade of Package A a2 b1 App s2 s2 c1
s1
a2 b1 App s2 s2 c1 s1
a2 b1 App s2 s2 c1 s1 a2
a2 b1 App s2 s2 c1 s1 a2
a2 s2 a2 b1 App s2 s2 c1 s1
a2 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 s2 a2 b1 App s2 s2 c1 s1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1
a2 b1 App s2 s2 c1 s1 a2 b1 s2
c1 s1
a2 b1 s2 c1 s1
a2 b1 s2 c1 s1
Project Code package.json + + Lockfile
Performance
Issue opened by Sam Saccone November 2015 https://github.com/npm/npm/issues/10380
GET a1 GET b1 GET s1 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s Multi-Stage Installation
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s1 GET s2 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 Timeline start 1.0s 1.5s
2.0s 2.5s Built-In Parallelism GET s1
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
GET a1 GET b1 GET s2 GET s1 Timeline start
1.0s 1.5s 2.0s 2.5s a1 s1 b1 s2
None
Last Chapter
Ember CLI 2.13 onwards is “yarn aware”
Ember CLI 2.13 onwards is “yarn aware” Angular CLI 1.0.0-beta31
onwards is “yarn aware”
Ember CLI 2.13 onwards is “yarn aware” Angular CLI 1.0.0-beta31
onwards is “yarn aware” create-react-app has built-in yarn support since 1.0.2
Community project with governance model taken from Ember and Rust
Contribute https://github.com/yarnpkg/yarn
None
npm 5.0.0 Beta https://github.com/npm/npm/pull/16244
๏ New, standardised Lockfile feature https://github.com/npm/npm/pull/16244
๏ New, standardised Lockfile feature ๏ Cache rewrite https://github.com/npm/npm/pull/16244
๏ New, standardised Lockfile feature ๏ Cache rewrite ๏ Better
summary report https://github.com/npm/npm/pull/16244
http://blog.npmjs.org/
And they lived happily ever after…
Thank You! @serifritsch
[email protected]