Offline Bundlers — What & Why

The Problem

The internet isn't always there

Modern package managers assume you have a reliable outbound connection. In the real world, that assumption breaks all the time.

🏢

Air-gapped servers

Secure production servers block outbound traffic entirely. You literally cannot download packages at runtime — even if you wanted to.

🔒

Corporate firewalls

Many enterprises block PyPI, npm, pkg.go.dev, and apt mirrors by policy. pip install requests just hangs forever.

📡

Metered / slow links

Bundle once on a fast connection, then copy the zip to a hundred machines without downloading anything twice.

🔄

Reproducible deploys

Lock an exact snapshot of a library and all its transitive deps. Re-deploy the same versions six months later, guaranteed.

✈️

Offline development

Working on a plane, a ship, or a remote site? Bundle what you need before you leave and code without connectivity.

🚀

Faster CI/CD

Eliminate network round-trips in build pipelines. Serve pre-bundled packages from an internal mirror for near-instant installs.

How it works

Three steps, zero hassle

Every bundler on this site works the same way — paste, click, download.

Enter a package name

Type what you need — e.g. requests, express, cobra, nginx

→

We fetch everything

The bundler pulls the package plus every transitive dependency, for your chosen version and platform

→

Download & install offline

Get a .zip containing all files and an install script. Copy it anywhere and run it — no internet needed

Python wheels + venv

npm node_modules

Go module cache

.deb packages + install.sh

.rpm packages + install.sh

Docker image tarballs

Linux ISO images

Quality Assurance

End-to-end test suites

Every bundler ships with an 18-test validation suite you can run live in the browser — from input rejection through isolated installation and import verification.

T01 T02

Input Validation

Confirms the server rejects bad input before touching the network — invalid package names return HTTP 400, as do unknown distros, Python versions, or architectures.

T03 T04 T05 T06 T07 T08

Live Bundle Stream

Exercises the SSE streaming endpoint end-to-end: confirms the response is text/event-stream, watches for the package manager's download output and dist file names, verifies ClamAV reports no threats, and validates the download token format.

T09 T10 T11

Bundle Metadata

Hits the /bundle-meta/<token> endpoint without consuming the download token, verifying the filename ends in .zip and the bundle is larger than 10 KB.

T12 T13 T14 T15

Archive Verification

Extracts the zip server-side and inspects its contents: the install script must be present and executable, every dist file must pass format validation (dpkg -qp, rpm -qp, or zip integrity for wheels), and the target package's own file must be identifiable.

T16 T17 T18

Isolated Installation

The real proof: installs the bundle into a fresh isolated environment — a dpkg root, an rpm2cpio tree, or a Python venv — with no network access. Reads back the installed version, then verifies the package is functional (importable, binary present, or files on disk).

Coverage

Python Bundler

35 packages tested — every entry in the Top Packages list plus yml2json. Covers pure-Python wheels, sdists, and native compiled extensions.

35 packages requests numpy flask cryptography +31 more

APT Bundler

Tested against openssh-server on Ubuntu 24.04 LTS (Noble) amd64. T16 unpacks every .deb into an isolated dpkg root using dpkg-deb --extract.

openssh-server ubuntu-24.04 amd64

RPM Bundler

Tested against httpd on Rocky Linux 9 x86_64. T16 extracts every .rpm into an isolated root via rpm2cpio | cpio.

httpd rocky-9 x86_64

Node.js Bundler

Tested against nodemon. T16–T18 extract the bundle, run npm install --offline, and verify the binary is present in node_modules/.bin/.