Yarn aims to address issues Facebook have experienced with NPM, particularly in areas such as performance, security, and consistency. This new package manager still has access to the NPM and Bower registries.
For example, when using NPM, depending on the order in which modules are installed, developers might end up with two different versions of a particular module in their local development environment. This can cause issues where everything works fine on one developer’s machine but not on another’s. To address this issue, Yarn uses lockfiles to tie modules to a specific version within a project, thus assuring that the same version is installed on all developers machines.
Article Credit: Alexandre Ouellette