You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanks for such an awesome project! I'm a huge fan of JSR and want to move all my packages here. The npm compatibility layer makes it very smooth to consume JSR and NPM packages interchangeably in application code.
However, I've encountered a subtle limitation that I wanted to clarify.
Unless I'm missing something, it seems that packages published to npm cannot depend on JSR packages. This creates an implicit "copy-left" effect: once a package is published to JSR, any package that depends on it must also be published to JSR rather than NPM.
Is this a fundamental limitation, or is there a potential workaround? If it's an intentional/known restriction, it would be helpful to document this nuance more explicitly for package maintainers considering JSR.
Example:
mkdir foo
cd foo && npm init -y
npx jsr add @std/assert
echo'export * from "@std/assert";'> index.js
npm pack # create a tarball
mkdir bar
cd bar && npm init -y
npm add ../foo-1.0.0.tgz
# npm error code E404# npm error 404 Not Found - GET https://registry.npmjs.org/@jsr%2fstd__assert - Not found# npm error 404# npm error 404 '@jsr/std__assert@^1.0.11' is not in this registry.# npm error 404# npm error 404 Note that you can also install from a# npm error 404 tarball, folder, http url, or git url.# npm error A complete log of this run can be found in: /Users/manzt/.npm/_logs/2025-02-13T17_44_34_791Z-debug-0.log
Solution?:
It seems I can get the above to work by also adding an .npmrc to the bar package:
@jsr:registry=https://npm.jsr.io
However, I doubt a CDN like esm.sh would be able to resolve this JSR-ed package living in the npm registry.
The text was updated successfully, but these errors were encountered:
manzt
changed the title
Cannot publish npm package relying on npm compatability
Packages using JSR's npm compatibility cannot be published to npm (should they?)
Feb 13, 2025
Good to know. I’m less concerned with where the limitation comes from and more with the lack of documentation around it in the context of JSR’s 'npm compatibility.' Regardless of responsibility, this could lead to fragmentation. Personally, it makes me lean toward publishing high-level packages to JSR (for applications) while keeping core packages on npm (building blocks for other libraries).
Thanks for such an awesome project! I'm a huge fan of JSR and want to move all my packages here. The npm compatibility layer makes it very smooth to consume JSR and NPM packages interchangeably in application code.
However, I've encountered a subtle limitation that I wanted to clarify.
Unless I'm missing something, it seems that packages published to npm cannot depend on JSR packages. This creates an implicit "copy-left" effect: once a package is published to JSR, any package that depends on it must also be published to JSR rather than NPM.
Is this a fundamental limitation, or is there a potential workaround? If it's an intentional/known restriction, it would be helpful to document this nuance more explicitly for package maintainers considering JSR.
Example:
Solution?:
It seems I can get the above to work by also adding an
.npmrc
to thebar
package:However, I doubt a CDN like esm.sh would be able to resolve this JSR-ed package living in the npm registry.
The text was updated successfully, but these errors were encountered: