better

What it is

better is a Node.js package manager built around a Rust core, with a thin JavaScript CLI on top. It reads standard npm lockfiles and produces npm compatible node_modules, so it drops into existing projects.

The problem it solves

Installs cost ten to thirty seconds, a single node_modules can pass five hundred megabytes, and that cost repeats across every project and workspace. On top of speed and disk, developers rarely know why a dependency is present, whether it duplicates another, or whether it carries a known vulnerability.

How it works

The install flow has four stages: parse the lockfile, fetch tarballs in parallel against a content addressed cache (SHA-512 keyed), materialize to disk using filesystem copy on write (clonefile on APFS), hardlinks to a shared store, or a byte copy fallback, then analyze for licenses, deprecations, duplicates, and a software bill of materials. Analysis commands (why, dedupe, outdated, audit) work offline against an existing tree.

Where it fits

better is the dependency layer for fast local and CI builds, with policy gates (block by CVE or reputation) and structured JSON output that automation and agents can read. The dedup store gives large savings across several projects on one machine.

Status

v0.1. Install, analyze, run, audit, and workspace commands are working and tested; add and remove delegate to a detected package manager. Some advertised commands (deploy, dashboard, context generation) are still stubs, and there is no published release yet.