PNPM quick look

PNPM, short for Performant NPM, is a Node.js package management software. It is an alternative software to leaders NPM and YARN. NPM allows developers to pick and mix packages for their application and reuse code that other OSS developers have published. Package management software increases developer productivity because we spend less time installing libraries from different sources and setting them up.

NPM retrieves all the packages that are in the package.json file dependency list. The packages retrieved are structured maximally flat. If there are dependency conflicts where packages require different versions of the same package, then NPM resolves this conflict by creating another sub node_module directory for the conflicting package and installing the respective version-specific package.

The sample below is illustrating the above statement.

app_root/
├── app.js
├── package.json
├── package.lock
└── node_modules/
    ├── aws-sdk/
    ├── events@v3.0.0/
    └── webpack/
        └── node_modules/
            └── events@v2.0.0/

Webpack and AWS-SDK packages would share the same dependency events. In this sample, they depend on a different version of the events package. NPM creates a subdirectory for Webpack so it can fetch its events version-specific package dependency.

YARN also a package management software like NPM is maintained by Facebook. YARN can use package.json to generate a version lock file called yarn.lock. YARN deploys multiple methods to increase package installing performance, such as caching the installed packages and parallel downloads.

PNPM in installation stores the packages into a package store directory. It links back the files from the package store using symbolic links. Running the installation command in a different directory but in the same hard drive, PNPM will reuse the previously installed package and create symbolic links to those files in the local node_modules directory.

Tests & Results

Using vagrant allows us to set up a controlled environment that is isolated from external influence. For the tests, we are installing packages for two different apps.

Time taken to install packages

Ran the speed test 5 time to get an average time taken to install packages. PNPM was much faster at installing the packages. Many packages are sharing common packages between them. These include Jest, TypeScript, Eslint, and React. This fact allowed PNPM to prevail in this installation speed test.

Disk usage of the packages being used chart

Disk usage is around 50% lower when using PNPM. Out of 930 packages for APP 2, PNPM reused 700 packages. The common packages between these apps allowed PNPM to use the same physical file and create symbolic links for all the apps.

Conclusion

PNPM potential is maximum when using PNPM in a machine where it has to live with other apps. The advantages of installation time and disk storage saving in the right circumstances allow developers to maximise machine capabilities. PNPM uses symbolic links to simulate packages location in the app, this can cause some apps to misbehave.

It is especially troublesome if the app relies on packages that are misconfiguring the installation process. In those cases, PNPM provides methods to install the packages physical file in the node_modules same as NPM would do. In using this workaround, PNPM losses the advantages.

In the right conditions and for the use cases it is designed to serve, there is no other like package management software as PNPM.