Yarn is a package manager for your code. It allows you to use and share code with other developers from around the world. Yarn does this quickly, securely, and reliably so you don’t ever have to worry.
A lot of other things like added security and determinism aren't something people think about every day but because Yarn uses a lockfile and installs are reproducible, you'll never run into "works on my machine" problems again. Every install of a project will produce the same dependencies.
The fact that Yarn is built by brilliant heads from giant companies is enough to make us look into it, but how does yarn tackle security issues while loading dependencies. "npm allows scripts to run while installing dependencies".How does Yarn Solve that ?