@terlar Nice list. Here some comments on these:
I already mentioned the drawbacks with this one.
I think it has the same problems as node2nix, but for yarn.
It looks like it starts a local npm registry and installs the packages from there. I didn’t even know that it’s possible to access the local network in the nix sandbox. But since npm supports the cache directory, I think this is unneccessary.
This tries to solve the problem, that packages are not shared between apps, which is cool. But at the same time, it has the same problem as node2nix and yarn2nix: Before a package can be built,
nixfromnpm to generate nix or something.
Of the mentioned packages, this is the only one that has the same concept as npmlock2nix and node_modules.nix. And it looks pretty promising! It also does some clever things to solve problems already mentioned. For example, when running
npm ci, it uses the
--script-shell parameter to use a shell, where shebangs are patched before execution. It also has support for yarn, which is nice! One feature it seems to miss, though, is creating a nix-shell containing the node_modules only.
As I see it, nix-npm-buildpackage, npmlock2nix and node_modules.nix could be combined into one package, and all 3 packages would benefit from it. Given there is interest, of course.
One additional package that has my special interest is pnpm2nix. It uses the brilliant pnpm package manager, which deduplicates packages (like nixfrompnpm). But pnpm currently lacks package hashes, so it’s not there yet.