he/him 
You know, it's interesting that npm supports installing tarballs from literally anywhere, but we all publish to the public npm registry
You can even specify the tarball checksum if you append #HASH_HERE to the end of the URL! Yarn and npm should also handle caching it in the same way as a regular registry tarball.
-
-
Agree. It's like the killer feature of package.json that goes completely ignored. Wonder why. There's even a shorthand if you host your packages on GitHub! You can do: { "dependencies": { "react-router": "ReactTraining/react-router#v4" } }
-
There's actually a ton of shorthands that you may not know about! You can use gitlab:, bitbucket:, gist: https://github.com/npm/hosted-git-info … All supported in Yarn too.
- 9 more replies
New conversation -
-
-
I wonder if
@arcanis has any thoughts about this. Seems like the only real objection to using tarball URLs -
I don't know for npm, but URL tarballs go to the cache as for npm packages. With the v2 their checksum will also be stored in the lockfile
- 3 more replies
New conversation -
-
-
Can that tarball depend on other tarballs?
-
Yep. It has a package.json inside that specifies its deps
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.