What is Corepack and its functionality in Node.js

Problem

npm has been the default package manager bundled with Node.js for a long time. Most of us use npm to download packages from the npm registry, or whenever we need to reinstall all the dependencies used in a project. npm has high security mechanisms such as access to private packages, two-factor authentication and verification...

Convenient as it is, npm also has some limitations such as slow package installation speed, creating node_modules folders with the equivalent size of a black hole... along with a complex configuration. That's why many other package managers have emerged to overcome these weaknesses, such as Yarn or pnpm.

While Yarn is renowned for its package installation speed, pnpm has the mechanism of reducing the size of node_modules by sharing directories. Now we don't necessarily have to use npm by default, but can choose other package managers according to preferences or project needs.

Another good news is that starting from Node.js 14, we don't need to manually install Yarn or pnpm anymore as it has been integrated into Node.js with an experimental flag (Stability: 1) named Corepack. It may take a while for Corepack to be assigned a stable flag, but right now let's find out what Corepack is and how to use it.

What is Corepack?

Corepack is currently an experimental tool that helps manage package managers. It acts as a proxy. When called, it will determine which package manager is configured for the current project, install it if not already installed, and finally run it. All users see is the result as if interacting directly with the package manager.

The core of Corepack is:

• No need to manually install package managers from external installation tools anymore.
• Ensure that everyone in the team will use the correct version of the package manager through the configuration in "package.json".

How to use

As it is still in the experimental phase, Corepack needs to be activated with the corepack enable command, simply enter in the terminal:

$ corepack enable

Immediately, Corepack will be activated, and you can check the version of yarn or pnpm right now:

$ yarn --version
1.22.19

$ pnpm --version
8.5.1

Currently, Corepack only supports two package managers: yarn and pnpm. If you no longer want to use it, you just need to run the corepack disable command.

$ corepack disable

To determine the package manager used in the project, you can set it through the "packageManager" attribute in package.json. Open package.json and check if the packageManager attribute exists, if not, add it:

{
   ...  
   "packageManager": "yarn",  
   ...  
}

This action means that you configure yarn as the default package manager, if you intentionally use pnpm in the project to install or do anything else, an error message will be displayed on the screen requiring the use of yarn.

This is an exception with npm, meaning you can still use the npm command while "packageManager" is set as yarn or pnpm.

Summary

npm is the default package manager bundled with Node.js. Although it is a powerful tool, npm is not free from flaws. That's why Corepack was born with two package managers, yarn and pnpm. Now there's no need to manually install your favorite package manager anymore, you can use it right in Node.js.

References:

• Corepack | Node.js v20.2.0 Documentation