What is Corepack and its functionality in Node.js

Daily short news for you

Since the Lunar New Year holiday has started, I won't be posting anymore. See you all after the holiday! 😁

» Read more
Continuing about jj. I'm wondering if there are any GUI software made for it yet to make it easier to use. There are already so many similar to git that I can't count them all.

Luckily, the author has compiled them all together in Community-built tools around Jujutsu 🥳

» Read more
Turso announces that they are rewriting SQLite in Rust. This adds another piece of evidence supporting the notion that Rust is "redefining" many things.

But the deeper reason is more interesting. Why are they doing this? Everyone knows that SQLite is open source, and anyone can create a fork to modify it as they wish. Does the Turso team dislike or distrust C—the language used to build SQLite?

Let me share a bit of a story. Turso is a provider of database server services based on SQLite; they have made some customizations to a fork of SQLite to serve their purposes, calling it libSQL. They are "generous" in allowing the community to contribute freely.

Returning to the point that SQLite is open source but not open contribution. There is only a small group of people behind the maintenance of this source code, and they do not accept pull requests from others. This means that any changes or features are created solely by this group. It seems that SQLite is very popular, but the community cannot do what they want, which is to contribute to its development.

We know that most open source applications usually come with a "tests" directory that contains very strict tests. This makes collaboration in development much easier. If you want to modify or add a new feature, you first need to ensure that the changes pass all the tests. Many reports suggest that SQLite does not publicly share this testing suite. This inadvertently makes it difficult for those who want to modify the source code, as they are uncertain whether their new implementation is compatible with the existing features.

tursodatabase/limbo is the project rewriting SQLite in Rust mentioned at the beginning of this article. They claim that it is fully compatible with SQLite and completely open source. Limbo is currently in the final stages of development. Let’s wait and see what the results will be in the future. For a detailed article, visit Introducing Limbo: A complete rewrite of SQLite in Rust.

» Read more

Problem

npm has been the default package manager bundled with Node.js for a long time. Most of us use npm to download packages from the npm registry, or whenever we need to reinstall all the dependencies used in a project. npm has high security mechanisms such as access to private packages, two-factor authentication and verification...

Convenient as it is, npm also has some limitations such as slow package installation speed, creating node_modules folders with the equivalent size of a black hole... along with a complex configuration. That's why many other package managers have emerged to overcome these weaknesses, such as Yarn or pnpm.

While Yarn is renowned for its package installation speed, pnpm has the mechanism of reducing the size of node_modules by sharing directories. Now we don't necessarily have to use npm by default, but can choose other package managers according to preferences or project needs.

Another good news is that starting from Node.js 14, we don't need to manually install Yarn or pnpm anymore as it has been integrated into Node.js with an experimental flag (Stability: 1) named Corepack. It may take a while for Corepack to be assigned a stable flag, but right now let's find out what Corepack is and how to use it.

What is Corepack?

Corepack is currently an experimental tool that helps manage package managers. It acts as a proxy. When called, it will determine which package manager is configured for the current project, install it if not already installed, and finally run it. All users see is the result as if interacting directly with the package manager.

The core of Corepack is:

No need to manually install package managers from external installation tools anymore.
Ensure that everyone in the team will use the correct version of the package manager through the configuration in "package.json".

How to use

As it is still in the experimental phase, Corepack needs to be activated with the corepack enable command, simply enter in the terminal:

$ corepack enable

Immediately, Corepack will be activated, and you can check the version of yarn or pnpm right now:

$ yarn --version
1.22.19

$ pnpm --version
8.5.1

Currently, Corepack only supports two package managers: yarn and pnpm. If you no longer want to use it, you just need to run the corepack disable command.

$ corepack disable

To determine the package manager used in the project, you can set it through the "packageManager" attribute in package.json. Open package.json and check if the packageManager attribute exists, if not, add it:

{
   ...  
   "packageManager": "yarn",  
   ...  
}

This action means that you configure yarn as the default package manager, if you intentionally use pnpm in the project to install or do anything else, an error message will be displayed on the screen requiring the use of yarn.

This is an exception with npm, meaning you can still use the npm command while "packageManager" is set as yarn or pnpm.

Summary

npm is the default package manager bundled with Node.js. Although it is a powerful tool, npm is not free from flaws. That's why Corepack was born with two package managers, yarn and pnpm. Now there's no need to manually install your favorite package manager anymore, you can use it right in Node.js.

References:

Corepack | Node.js v20.2.0 Documentation

Premium

5 profound lessons

Every product comes with stories. The success of others is an inspiration for many to follow. 5 lessons learned have changed me forever. How about you? Click now!

View all