The speedy way to manage packages
Suddenly Not Panicking Manager
Familiar npm-style commands, pnpm-style shared store, workspace fan-out, and a security-first default. Reads pnpm, Bun, Yarn, and npm lockfiles on day one.
$ npm install -g snpm
Why developers choose snpm
Built from the ground up to be fast, reliable, and easy to use. Everything you loved about npm and pnpm, without the complexity.
Hot path in milliseconds
Lockfile-derived integrity markers short-circuit installs when nothing changed. Cold installs go in parallel up to the registry concurrency limit.
Deterministic by default
snpm-lock.yaml (YAML, schema v1) records the tarball and integrity hash for every package. --frozen-lockfile fails fast in CI.
Lockfile imports
Reads pnpm-lock.yaml, bun.lock, yarn.lock, npm-shrinkwrap.json, and package-lock.json on the first install. Then it's snpm-lock.yaml as the source of truth.
Workspace fan-out
Discover from snpm-workspace.yaml, pnpm-workspace.yaml, or package.json workspaces. Filter by name, glob, path, dep walk, or [git-ref].
Security-first defaults
Install scripts blocked unless allow-listed. SNPM_MIN_PACKAGE_AGE_DAYS dodges zero-day publishes. Tarball auth scoped to the announcing registry.
Batteries included
audit (SARIF), why, licenses, patch edit/commit, link, pack, publish, store status/prune, and a built-in nvm-style node version manager.
Performance that speaks for itself
Powered by Rust and built for speed. Global caching, parallel downloads, and intelligent reuse mean your team spends less time waiting and more time building.
Install Time Comparison (seconds)
Lower is better. Benchmarked on MacBook Pro M1, Node 20.x
Familiar commands you already know
Drop-in replacement means zero learning curve. All your favorite npm commands work exactly as expected.
Install dependencies
Fast, deterministic installs from snpm-lock.yaml
$ snpm installAdd a package
Add packages to dependencies with semver resolution
$ snpm add reactRun scripts
Run package.json scripts with node_modules/.bin in PATH
$ snpm run buildWorkspace fan-out
Graph-aware filters: name, glob, path, [git-ref], dep walks
$ snpm run test --filter api...Try a package once
Download, run, and discard. Aliases: spx, snpx, pnpx
$ snpm dlx create-vite my-appAudit and fix
Find vulnerable deps and upgrade them; SARIF output supported
$ snpm audit --fixHow snpm stacks up
See how we compare to the most popular package managers
| Feature | snpm | npm | yarn | pnpm |
|---|---|---|---|---|
| Global package cache | ||||
| Parallel downloads | ||||
| Deterministic installs | ||||
| Workspace support | ||||
| Readable lockfile (YAML) | ||||
| Built with Rust | ||||
| Simple codebase | ||||
| Install speed (cold cache) | 14.3s | 45.2s | 38.7s | 28.4s |
What makes snpm different
More than just speed. A philosophy of simplicity and reliability.
Implementation Simplicity
Clean, boring Rust code that's easy to understand and contribute to. No unsafe code, no clever tricks—just straightforward implementation.
Performance Without Magic
Fast because of smart engineering, not complex hacks. Global store, parallel downloads, and clean node_modules rebuild.
Lockfile Clarity
Human-readable YAML lockfiles that round-trip cleanly with a simple set of types. No mystery about what's installed.
Contributor Friendly
Built to be maintained. Strict quality bar means the codebase stays clean as it grows.
Ready to speed up your workflow?
Join developers who have already made the switch to faster, more reliable package management
npm install -g snpmOpen source and built with ❤️ by the community