DEV Community

Cover image for pnpm - The Best Package Manager
Nitsan Cohen
Nitsan Cohen

Posted on • Updated on

pnpm - The Best Package Manager

What package manager do you use in your projects?

npm? yarn?

If none of the above is true, you must be using pnpm, and let me say - that's a great choice.

Haven't you heard about pnpm? Let's have a short review.

pnpm is fast. How fast? In most cases, it’s quicker than npm and yarn. It can even get to three times faster than npm on a fresh install!

But not only that. pnpm will save you LOTS of gigabytes on your computer.

The magic behind pnpm is with how it handles your packages.

Let's say you have installed the famous node.js framework express using pnpm.

npm i -g pnpm  // If you’re using Node.js version 16.13 or higher, you get pnpm out-of-the-box. All you have to do is enable it using “corepack enable” command.
Enter fullscreen mode Exit fullscreen mode
pnpm init && pnpm i express 
Enter fullscreen mode Exit fullscreen mode

Express has a bunch of dependencies itself, as you can examine in its package.json (array-flatten, body-parser, and many more).

Where do we store the dependencies of Express (sub-dependencies)?

npm will have to create another node_modules folder in the express folder, but this is not the case with pnpm.

Actually, this is not the case with npm either. Historically (from npm version 2 and below), npm was using nested node_modules, but due to a limitation on windows (windows allows only up to 256 chars for directories paths) and some more reasons, they changed to the way it works.

They now use an algorithm to hoist all sub-dependencies to the root directory of the node_modules.

But this method has a disadvantage:

There could be a situation where I use one of the sub dependencies in my project, but I didn’t install them.

For example:

const parser = require('body-parser');
Enter fullscreen mode Exit fullscreen mode

I didn't install this package (it's not in my package.json dependencies, only in Express package.json), but I can use it since npm hoisted it to my root node_modules.

There's no problem as long as the maintainers of Express decide that body-parser stays part of its dependencies.

However, if they decide to remove it on a later version, this will break my project (I'm trying to import from a package that does not exist).

pnpm approach is more intelligent. It stores all the packages in a folder called .pnpm in your node_modules folder. It will then use a symbolic link (symlink) to point to that folder.

This way, we avoid deeply nested folders while preventing the possibility of importing packages that we didn't install in our project.

Lastly and most importantly, as we mentioned, pnpm will save you tons of storage in your computer.

How? pretty simple. Let's continue with the Express example. When installing Express in our project, pnpm will first save all of its files in a global store (using hashes). This way, the next time we install Express (in another project), pnpm will hard link to the files that exist in the global store.

That's also the reason that in Bit we use pnpm as the default package manager to manage your components dependencies.

  • For more posts like this follow me on LinkedIn

  • I work as frontend & content developer for Bit - a toolchain for component-driven development (Forget monolithic apps and distribute to component-driven software).

Top comments (0)