Skip to content

download packages directly from npm #1248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 53 commits into from
Apr 3, 2025
Merged

download packages directly from npm #1248

merged 53 commits into from
Apr 3, 2025

Conversation

Rich-Harris
Copy link
Member

@Rich-Harris Rich-Harris commented Apr 2, 2025
edited
Loading

Alternative to #1244. Rather than fetching files one at a time, we can just reuse the existing mechanism for downloading tarballs. This way, we download way fewer files, with fewer waterfalls and fewer opportunities for network flakiness.

In some cases it does mean downloading more bytes, because a) you might only be using one of several exposed entrypoints, and b) package authors can be lazy about what goes into their packages. But anecdotally the playground seems faster with this approach (though it'll be interesting to take a look at a preview deployment).

We do still need to use a package CDN, since the npm registry API doesn't seem to offer a way to resolve incomplete versions (e.g. you can't do @1 or @1.2, you have to do @1.2.3), and the 'packument' (yes they really call it that) that contains details of all the published versions can be a very large file. So we fetch a package.json from a package CDN as a relatively cheap way to determine the exact version. This PR uses jsDelivr rather than unpkg.

WIP:

  • need to populate imports for the sake of downloads
  • need to get version=local working (which I suspect will mean creating an endpoint that serves the local files as a tarball)
  • deduplicate code between bundler (in packages/repl) and compiler (in packages/editor)

@vercel Vercel
Copy link

vercel bot commented Apr 2, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
svelte-dev ✅ Ready (Inspect) Visit Preview Apr 3, 2025 9:55pm

@Rich-Harris
Copy link
Member Author

Three is an example of an unusually large package — an extreme example of 'fewer downloads but more bytes'. To me it's noticeably quicker with this PR:

@dummdidumm
Copy link
Member

This looks promising! My biggest fear is that for some reason Cloudflare in front of npm starts to think we're a bot and blocks us from downloading tarballs (sometimes when I go through many npm packages in quick succession I get a Cloudflare challenge).

Tried to find some random REPLs on the internet and the following failed:

@dominikg
Copy link
Member

dominikg commented Apr 2, 2025

checked the ones above:

has a peerDep on svelte3 and uses the old syntax of a .svelte file in package.json svelte field (and main field for good measure)
https://www.npmjs.com/package/svelte-dragdroplist?activeTab=code

tinro also uses a svelte field in package.json to expose its es.js file.
https://www.npmjs.com/package/tinro?activeTab=code

this one is made with svelte-package, has exports condition and type: module so its a bit more tricky. Maybe it has to do with a .svelte file in that package importing another .svelte file?

@Rich-Harris
Copy link
Member Author

@MartinKolarik thanks for the tip! made that change

@Rich-Harris
Copy link
Member Author

Okay I got very carried away here — the code was long overdue for a bit of an overhaul, and this makes some progress in that direction (merging packages/repl and packages/editor, replacing the $bundle store with modern state, etc). There's more I want to do but I'll stop here for now, I think it's ready for review

@Rich-Harris Rich-Harris mentioned this pull request Apr 3, 2025
Closed
@benmccann
Copy link
Member

Three is an example of an unusually large package — an extreme example of 'fewer downloads but more bytes'. To me it's noticeably quicker with this PR:

today
this PR

I tried to test this on mobile where I'd be most worried about extra bytes and could never get the unpkg one to finish loading. The version for this PR was also quite good - admittedly on 5g, which is probably quite a bit better than 3g. But this PR was a clear winner for me.

@PuruVJ you might want to give this a spin both as someone who has the least internet bandwidth among us and as someone who's worked on this in the past

@PuruVJ
Copy link
Collaborator

PuruVJ commented Apr 3, 2025

I can confirm that this is nearly as fast for me. On multiple hard reloads over VPN, I can't say the new version is faster, but since it does not feel slower either over VPN, I can say this is the right direction to go forward in

@Rich-Harris
Copy link
Member Author

Another very stark example is Lucide:

  • today — straight-up fails most of the time, if it does succeed then it's pretty slow and fetches like 1,700 files
  • this PR — honey badger don't care

@Rich-Harris
Copy link
Member Author

Rich-Harris commented Apr 3, 2025
edited
Loading

(currently trying to diagnose an absolutely insane bug — was randomly trying out stuff from my /apps list and this freezes for reasons i absolutely cannot fathom)

@Rich-Harris Rich-Harris merged commit 41b1bd7 into main Apr 3, 2025
4 checks passed
@Rich-Harris Rich-Harris deleted the npm branch April 3, 2025 22:06
@Rich-Harris Rich-Harris mentioned this pull request Apr 3, 2025
Closed
@sacrosanctic sacrosanctic mentioned this pull request Apr 7, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Rich-Harris @dummdidumm @dominikg @MartinKolarik @benmccann @PuruVJ