Nowadays every modern programming language has one or more package managers, first, let's explain this. It's a command-line tool that allows us to add easily software packages to a project like Tensorflow a machine learning software.
What is NPM
Npm is the default package manager for nodejs, we can search and browse available packages in the official website npmjs.com. When we use npm in a project first we have to create an important file named package.json. This will contain the list of packages that we will use in JSON data format, the source code always will be stored in a folder called node_modules. Creating this file is easy just by typing the command.
When we push new code to the git repository of our project, a good practice is not saving the files from node_modules folder. So add this .gitignore file node_dules and we only update the main file package.json. In case we want to install the project to another computer we cloning the repository and then reinstalling packages by typing in cli the following.
Some popular packages of npm are the express a web framework for nodejs, another is the React Native from Facebook which is a tool for building native mobile applications.
For checking if some of the modules are old and there is a newer version we do it using the command, this check the versions from package.json file against the online registry of the package manager
After that, we can update all modules but it's best to do it only when we properly have setup software testing procedures. Also, we can make individual updates per package by using their name e.g. for express package
npm update express
What is Yarn
The first few years after npm was created there were many setbacks and bottlenecks like low security, not deterministic installation, and slow download and installation speed for packages. So Facebook created Yarn as an alternative package manager for nodejs to overcome all these problems.
When you make an installation using yarn for a new package the exact version and related dependencies and metadata are saved to lock file yarn.lock . After 2018 npm also improved and add support of auto-generation of a lock file, so now can support deterministic installation, the lock file is named package-lock.json.
The official site is yarnpkg.com and the logic is the same for installing and updating software and from package.json, to create one type
for installing packages
The period npm overcome the previous problem so npm and yarn are almost the same, so it's a matter of preference.
Installing Tensorflow for machine learning
yarn add @tensorflow/tfjs
yarn add @tensorflow/tfjs
Setting up Machine Learning is easy if we want using predefined deep learning models for web applications, using Keras. A detailed guide to import python keras models in Tensorflow.js there is the official website.
package manager self-update
As we previously mention using a package manager make easy to download, install and update packages, but the same package manager have to be upgraded so first we have to check the version
upgrade to the latest version
npm install -g npm@latest
Package managers automating the installing and upgrading of software, npm and yarn, both have the same level in security and performance at this time of period, so for nodejs developers, there are no such big differences on which to use anymore. Even building a mobile application or progressive web applications could be done easily using reactjs and firebase and firestore just by installing everything with these package managers.