Yarn aims to address issues Facebook have experienced with NPM, particularly in areas such as performance, security, and consistency. This new package manager still has access to the NPM and Bower registries.
For example, when using NPM, depending on the order in which modules are installed, developers might end up with two different versions of a particular module in their local development environment. This can cause issues where everything works fine on one developer’s machine but not on another’s. To address this issue, Yarn uses lockfiles to tie modules to a specific version of a project, thus assuring that the same version is installed on all developers machines.
Yarn has additional features to further simplify the dependency management workflow.
Compatibility with both the npm and bower workflows and supports mixing registries.
Ability to restrict licenses of installed modules and a means for outputting license information.
Exposes a stable public JS API with logging abstracted for consumption via build tools.
Readable, minimal, pretty CLI output.