A while back, Facebook released Yarn – an open-source alternative for Node’s npm package manager. It’s a new client for working with npm packages, with a focus on performance and reliability. There are quite some blog posts out there benchmarking the npm and Yarn clients, but generally an install is somewhere between 9% and 50% faster with Yarn. Let’s see how we can use Yarn with a feed on MyGet!
Assuming we have already created a feed on MyGet that contains a few packages, let’s first setup Yarn to use that feed as its registry. This can be done using the
yarn config command:
yarn config set strict-ssl false
yarn config set registry "https://www.myget.org/F/acme-corp/npm/"
We can also keep the default registry and only configure Yarn for our own scope, so that only our own packages are downloaded from MyGet. No problem, let's set the @acme scope's registry to our MyGet feed:
yarn config set @acme:registry "https://www.myget.org/F/acme-corp/npm/"
The settings are stored in our user profile folder in the .yarnrc file. Just like with npm, the .yarnrc file (and even .npmrc) can be copied into our current project's folder so that settings only apply for that project and not for all comands we execute with Yarn.
Once we have configured our MyGet feed as the registry, we can install packages using Yarn quite easily using the
yarn add <packagename> command (which will add the package to our package.json as well). If a package.json already lists dependencies, we can run yarn install as well to fetch all dependencies.
yarn add firstname.lastname@example.org
Do note that for private feeds, the pre-authenticated feed URL has to be used. Yarn does not support private packages out of the box, and a pre-authenticated feed URL is a secure workaround.<h2>Publishing packages</h2>
Unfortunately, publishing is not a smooth ride yet. The yarn publish command is able to prompt for credentials succesfully (username, e-mail and password), but after that it seems to hang. Feel free to try it out and post your findings on this GitHub issue.
No problem though: we can still use our good friend npm to handle package publishing.