I have mixed feelings on the Yarn/npm/Node.js ecosystem. We use it for Zulip, because you basically have to in order to have a modern JavaScript toolchain. And I like that Yarn lets us pin dependency versions out of the box for predictability in our production releases; we have to do significant work for the Python version of this feature.

But one also deals with broken third-party dependencies uploaded to npm way too often (even ignoring the malicious packages issues that have gotten a lot of press of late). And one mostly has to use nvm in order to pin a specific version of node itself in a maintainable way, and nvm is a mess.