Verdaccio is a simple, zero-config-required local private npm registry. No need for an entire database just to get started! Verdaccio comes out of the box with its own tiny database, and the ability to proxy other registries (eg. npmjs.org), caching the downloaded modules along the way. For those looking to extend their storage capabilities, Verdaccio supports various community-made plugins to hook into services such as Amazon's s3, Google Cloud Storage or create your own plugin.
Install with npm:
npm install --global verdaccio
Verdaccio is run by volunteers; nobody is working full-time on it. If you find this project to be useful and would like to support its development, consider making a donation - your logo might end up in this readme. π
Donate π΅ππ» starting from $1/month.
If you want to use all benefits of npm package system in your company without sending all code to the public, and use your private packages just as easy as public ones.
If you have more than one server you want to install packages on, you might want to use this to decrease latency (presumably "slow" npmjs.org will be connected to only once per package/version) and provide limited failover (if npmjs.org is down, we might still find something useful in the cache) or avoid issues like How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript, Many packages suddenly disappeared or Registry returns 404 for a package I have installed before.
If you use multiples registries in your organization and need to fetch packages from multiple sources in one single project you might take advance of the uplinks feature with Verdaccio, chaining multiple registries and fetching from one single endpoint.
If you want to use a modified version of some 3rd-party package (for example, you found a bug, but maintainer didn't accept pull request yet), you can publish your version locally under the same name. See in detail each of these use cases.
Verdaccio has proved to be a lightweight registry that can be booted in a couple of seconds, fast enough for any CI. Many open source projects use verdaccio for end to end testing, to mention some examples, create-react-app, mozilla neutrino, pnpm, storybook, alfresco or eclipse theia. You can read more in dedicated article to E2E in our blog.
Run in your terminal
verdaccio
You would need set some npm configuration, this is optional.
$ npm set registry http://localhost:4873/
For one-off commands or to avoid setting the registry globally:
NPM_CONFIG_REGISTRY=http://localhost:4873 npm i
Now you can navigate to http://localhost:4873/ where your local packages will be listed and can be searched.
Warning: Verdaccio does not currently support PM2's cluster mode, running it with cluster mode may cause unknown behavior.
npm adduser --registry http://localhost:4873
if you use HTTPS, add an appropriate CA information ("null" means get CA list from OS)
$ npm set ca null
npm publish --registry http://localhost:4873
This will prompt you for user credentials which will be saved on the verdaccio
server.
Below are the most commonly needed informations, every aspect of Docker and verdaccio is documented separately
docker pull verdaccio/verdaccio
Available as tags.
docker pull verdaccio/verdaccio:4
To run the docker container:
docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio
Docker examples are available in this repository.
Verdaccio aims to support all features of a standard npm client that make sense to support in private repository. Unfortunately, it isn't always possible.
- Installing packages (npm install, npm upgrade, etc.) - supported
- Publishing packages (npm publish) - supported
- Unpublishing packages (npm unpublish) - supported
- Tagging (npm tag) - supported
- Deprecation (npm deprecate) - not supported - PR-welcome
- Registering new users (npm adduser {newuser}) - supported
- Change password (npm profile set password) - supported
- Transferring ownership (npm owner add {user} {pkg}) - not supported, PR-welcome
- Token (npm token) - (more info #1427) - supported
- Searching (npm search) - supported (cli / browser)
- Ping (npm ping) - supported
- Starring (npm star, npm unstar, npm stars) - supported
- npm/yarn audit - supported
If you want to report a security vulnerability, please follow the steps which we have defined for you in our security policy.
The core team is responsible for driving this project ahead, team is ordered by antiquity and areas of responsibility.
Juan Picado | Ayush Sharma | Sergio Hg | Priscila Oliveria |
---|---|---|---|
@jotadeveloper | @ayusharma_ | @sergiohgz | @priscilawebdev |
All areas | All areas | Docker,Builds,Stack | UI, Stack |
You can find and chat with then over Discord, click here or follow them at Twitter.
- create-react-app (+67k βοΈ)
- Storybook (+37k βοΈ)
- Gatsby (+34k βοΈ)
- Angular CLI (+21k βοΈ)
- Uppy (+19k βοΈ)
- Aurelia Framework (+11k βοΈ)
- bit (+6k βοΈ)
- pnpm (+5k βοΈ)
- Mozilla Neutrino (+3k βοΈ)
- Hyperledger Composer (+1.6k βοΈ)
- webiny-js (+1k βοΈ)
π€ Don't be shy, you also can be in the list.
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
Thank you to all our backers! π [Become a backer]
Thanks to the following companies to help us to achieve our goals providing free open source licenses.
This project exists thanks to all the people who contribute. [Contribute].
If you have any issue you can try the following options, do no desist to ask or check our issues database, perhaps someone has asked already what you are looking for.
Verdaccio is MIT licensed
The Verdaccio documentation and logos (excluding /thanks, e.g., .md, .png, .sketch) files within the /assets folder) is Creative Commons licensed.