A Rust-based Node.js package manager that reads and writes your existing lockfiles in place, whether you're coming from pnpm, npm, yarn, or bun. No migration required. It uses a global content-addressable store and claims faster installs than pnpm or Bun, especially on warm CI. The security model is opinionated: lifecycle scripts are blocked by default and require explicit approval, and new package releases wait a minimum age before being pulled. The lockfile compatibility is genuinely useful if you're in a monorepo or working across teams with different tooling. Use `aube ci` in CI pipelines, and the multicall shims (`aubr build`, `aubx cowsay`) are a nice touch for reducing keystrokes.
npx skills add https://github.com/aradotso/trending-skills --skill aube-package-manager