Kozo writes: > This is my first submission. Please let me know how I can improve for > future packages. > > I followed the steps in the manual and submitted a Software Heritage > request to pull the source code. Hi Kozo, Yarn would indeed be something that would be nice to have a package for. While I guess that this might work, I think there are issues with the source here and the lack of dependencies that make this unsuitable for Guix. > +(define-public yarn > + (package > + (name "yarn") > + (version yarn-version) > + (source (origin > + (method url-fetch/tarbomb) > + (uri (string-append "https://github.com/yarnpkg/yarn/releases/download/v" > + version "/yarn-v" version ".tar.gz")) > + (sha256 > + (base32 > + "0n7vhwjz3lyjnavcaw08cqa8gfampqsy5mm3f555cbqb26m1clxw")))) The key thing here is source. For many reasons, the packages in Guix represent software being built from some source material. What's being downloaded here might look like source material, but I doubt the ~153,409 line lib/cli.js file is really the preferred form for editing the Yarn source code. > + (build-system trivial-build-system) > + (outputs '("out")) > + (inputs `(("node" ,node))) Another sign that something is up is the mismatch between the inputs here, and the dependencies in the upstream metadata [1]. Assuming the package works, I'm guessing that there's a lot more than the source of Yarn within the "source" of this package. 1: https://github.com/yarnpkg/yarn/blob/master/package.json I'm hopeful that package Yarn will become possible sometime soon, but in my mind the path forward is to get an importer working for npm, package the many dependencies, then attempt to package yarn. Unfortunately I don't think there's a bug that tracks this overall issue well, although I did find a similar bug about yarn [2] 2: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=33431 Does that make sense? Thanks, Chris