Support for tarball URLs?

[acdlite]

I have a URL to an npm tarball. I can install it with yarn:

yarn add https://react-canaries-3adg6ifso.now.sh/13886/react

And it also works if I add it to a local package.json file:

"react": "https://react-canaries-3adg6ifso.now.sh/13886/react"

But it doesn't work in CodeSandbox: https://codesandbox.io/s/pmy0470zj7

[acdlite]

It must have downloaded the tarball correctly, because react-dom@0.0.0-d926936f0 is the version field of the tarball's package.json file.

I have a feeling the packager is attempting to install react-dom@0.0.0-d926936f0 from the npm registry, and failing because it doesn't exist.

[acdlite]

Some additional context about what I'm trying to do: these URLs point to private modules that have not been published to npm. The tarballs are stored on our CI server. I want to be able to paste one of these URLs into CodeSandbox so I can test a React PR/commit without having to publish a release.

[CompuIves]

Intereeesting, it could be that we have to update our yarn to support it.

[acdlite]

I think this part might be relevant?

https://github.com/codesandbox/dependency-packager/blob/de39767ec61f222bb853c0ffbd35307b125cca73/functions/api/index.ts#L218-L221

This assumes the version is semver string, but in this case it results in effectively this:

const s3Object = await getFileFromS3('vhttps://react-canaries-3adg6ifso.now.sh/13886/react/react.json'); 

which I'm guessing could cause the S3 request to fail

[acdlite]

By the way, I imagine this isn't a super high priority issue. I can try to submit a PR this weekend, if I can figure out how to get a dev environment set up. Any guidance would be greatly appreciated!