trxcllnt commented on pull request #9918: URL: https://github.com/apache/arrow/pull/9918#issuecomment-815053239
While I personally love yarn and prefer it over npm, I think we've stuck to using `npm` for two reasons: 1. It ships with node 2. `npm audit` and related tooling integration Do tools like GH security alerts work with `yarn.lock` files now too? If so, 2 may be less of a concern. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
