packagephobia icon indicating copy to clipboard operation
packagephobia copied to clipboard

Published 20 hours ago verified publisher icon styfle

Question: is yarn size fair comparison with npm?

Open lovell opened this issue 2 years ago • 5 comments

Hi Steven, thanks as always for this useful tool.

I noticed an increase in the reported installation size of the sharp package from 20.2MB to 24.3MB between v0.30.4 and v0.30.5 - see https://packagephobia.com/result?p=sharp

This didn't seem quite right to me, so I had a quick look at the commits and noticed you switched from npm to yarn via https://github.com/styfle/packagephobia/pull/959 around the same time.

It looks like the increase in reported disk usage is due to now including yarn's extra cache data in the calculations. Perhaps this should be removed to ensure a fair comparison with the previous use of npm?

Here's a worked example:

$ docker run -it --rm node:18-alpine /bin/sh
apk add git
yarn set version 2.4.3
cd /tmp
yarn init
yarn add sharp

du -sh .yarn
24.0M	.yarn

yarn cache clean

du -sh .yarn
21.8M	.yarn

lovell avatar Jul 23 '22 12:07 lovell

Hey, thanks!

The .yarn directory isn’t measured, just node_modules

styfle avatar Jul 26 '22 17:07 styfle

Ah yes, thank you, I hadn't spotted the use of YARN_NODE_LINKER to create this.

https://github.com/styfle/packagephobia/blob/1452f8cf2800a6c539e26304af06ce8cacaaa627/src/util/backend/npm-wrapper.ts#L16

What I believe is happening is that yarn now always copies the latest version of node-gyp into the local tree (rather than treat it as a global dependency like npm) when it sees any package with a binding.gyp file, regardless of prebuilt binary provision.

This means all native dependencies will appear to be ~4MB larger with yarn compared with npm. I'm unsure what, if anything, should be done about this.

lovell avatar Jul 26 '22 18:07 lovell

Also note Yarn 3 is used now, not Yarn 2

  • https://github.com/styfle/packagephobia/pull/976

But maybe I should switch to Yarn 1 which seems to follow npm behavior a little more closely. Trying it out here:

  • https://github.com/styfle/packagephobia/pull/988

styfle avatar Jul 26 '22 18:07 styfle

Hmm, something does seem wrong because uploading package.json shows the dependencies should be about 2MB https://packagephobia.com/[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected]

I'l try switching to Yarn 1 or to pnpm and see if that is more accurate. I would like to continue using npm but they no longer support programatic access so I was stuck on npm 6.

styfle avatar Aug 03 '22 19:08 styfle

Yarn 1 (left) installs fewer dependencies than Yarn 3 (right) 🤔

{
  "private": true,
  "dependencies": {
    "sharp": "^0.30.7"
  }
}
image

I tried switching to Yarn 1 in https://github.com/styfle/packagephobia/pull/988 but it fails to install next, likely because yarn 1 doesn't respect the libc field and the Serverless Function runs out of space.

styfle avatar Aug 07 '22 20:08 styfle

I finally had to upgrade yarn and decided to switch back to npm.

  • https://github.com/styfle/packagephobia/pull/1021

Take a look again and let me know if there are any problems with the measurement for sharp now, thanks!

styfle avatar Nov 12 '23 03:11 styfle

https://packagephobia.com/result?p=sharp looks good, thank you Steven.

lovell avatar Nov 12 '23 08:11 lovell