dependencies resolve difference between yarn and npm

Today we found an interesting behavior difference between yarn and npm when resolving/placing dependency on node_module folder. It happens when i was help one of my teammates setting up a local debugging server which has a require on Library A. In our package.json, we do not have an explicit declaration on A. We have 2 depedencies B and C both have A as their dependency but on different version. B -> A1 and C-> A2.

For me(using yarn), when I do yarn install, the newer one A2 is placed on the top level node_module directory and C does not have A2 in its own node_module. And B has an A1 in its node_module.

So if we do a npm install on the project, the behavior is opposite. the older  A1 is placed on the top level and B does not have A1 in its node_module folder. And C has an A2 in its node_module directory to fulfill the dependency.

It breaks because the local server we setup is using some new APIs from A2 [let A = require(‘A’)], so my local will work but my colleague’s will not since she has the A1 in node_module. Minor thing but really reminds us to check the consistency between different build tool. The solution is straightforward: declare the dependency on the package.json directly to get the desired version.

Also tried the new tool called pnpm , though declared to be super fast with links rather than copy files around, and has non-flat layout. seems not working well with direct github dependency. So gave up.