I'm after a few hours of research, and these are my conclusions. The following was true today, 17/07/2020, with yarn v1.22.4/yarn 2 v2.1.1 (wtf is wrong with you, yarn devs? why don't I get yarn2 when installing yarn?)
- The info in this section is a summary of https://classic.yarnpkg.com/blog/2016/11/24/offline-mirror/
On the online side, yarn v1 is useful for downloading npm packages with their dependencies included as tgz
archives.
This can be done by setting the following setting: nevermind, wrote a script that does everything for you.
You need to set up an NPM server (AKA registry). I tried getting around it, but there's no practical solution for that. I recommend Verdaccio, since it's easy to set up. (very docker-friendly!) (An important tip about Verdaccio)
Then, after properly configuring your new server to be your NPM repo, you can upload the tgz
's from the online side by running:
npm publish --ignore-scripts package.tgz
Bonus:
yarn 2 has a very cool feature that allows your project to not need the node_modules
folder, and rely on a local cache of the (zip
ped, not tgz
ed) packages.
This way, it's a bit more sane to upload the packages to your source control, which can be very useful if your NPM server is flakey and you don't want to rely on it. You can read more about it here.
For that you'll need to set up a yarn 2 project (yarn init -2
) at the online side so it'll download yarn2 into the project folder.
You might be able to use yarn v1's offline cache as a serverless npm repository. I didn't give this option a proper check yet.
At the time of writing this, Verdaccio is not properly designed for a real offline environment, so it's still a bit flakey. More specifically, if any uplinks are configured, they must be available at all times, otherwise Verdaccio will bitch every time you try to install or publish a package, when you publish something that already exists in one of the uplinks, or if you don't have upload permission on the uplink (not 100% sure about that last one).
For a true, easy "offline NPM repository" experience, I recommend not messing with uplinks. if you have dependencies that are available from another NPM server, just use the script to download the desired packages from it and then publish them to your Verdaccio server.