I guess npm doesn’t find a version of a package that matches the current environment when doing
npm install whatever. It just installs the latest. If running a version of node that is older than the latest version of that package requires, it will still install the latest version and give warnings about the incompatibility. We then have to manually go through the github repo version history to find a compatible version and reinstall. This is, of course, also the case with any dependencies, which means we have to go through the dependency’s versions to find a compatible one, then go through the dependent’s repo to find a version that uses that dependency version.
Yarn works basically the same except it blocks installation altogether, at least saving the wasted transfer.
I’m more used to composer which handles this for us. Like magic, everything will be compatible if compatible versions exist. Maybe that’s one reason it’s slow, sifting through all that data.