|
|
|
|
|
|
by chrisweekly
10 days ago
|
|
|
Yes, this. Regarding npm CLIENTS, PNPM is fundamentally different from (and superior to) npm or yarn. Strongest possible recommendation to use pnpm. It's also a good idea to use a private registry (eg via jfrog), acting as a proxy / pull-through cache, and point trad SAST and maybe AI scanners at it. But dropping the npm client in favor of pnpm is a no-brainer. Speed, disk space, security, determinism, flexibility, fine-grained control over your dependency graph... |
|
|