If you want to host a private NPM package but do not want to pay US$ 7 per user, per month to host it directly at https://www.npmjs.com/ this post is for you.
With npm private packages, you can use the npm registry to host code that is only visible to you and chosen collaborators, allowing you to manage and use private code alongside public code in your projects. Private packages always have a scope, and scoped packages are private by default.
If you need to install and publish private packages, you can upgrade to a paid user account plan. Our paid user account plan costs $7 per month. For more information, see the "npm account" column on our pricing page.
https://github.com/isaacs/npmjs.org/ : In npm version v1.0.26 you can specify private git repositories urls as a dependency in your package.json files. I have not used it but would love feedback. Here is what you need to do:
{
"name": "my-app",
"dependencies": {
"private-repo": "git+ssh://[email protected]:my-app.git#v0.0.1",
}
}
The following post talks about this: Debuggable: Private npm modules
I don't think there is an easy way to do this.
A look at the npm documentation tells us, that it is possible:
Can I run my own private registry?
Yes!
The easiest way is to replicate the couch database, and use the same (or similar) design doc to implement the APIs.
If you set up continuous replication from the official CouchDB, and then set your internal CouchDB as the registry config, then you'll be able to read any published packages, in addition to your private ones, and by default will only publish internally. If you then want to publish a package for the whole world to see, you can simply override the
--registry
config for that command.
There's also an excellent tutorial on how to create a private npm repository in the clock blog.
EDIT (2017-02-26):
Not really new, but there are now paid plans to host private packages on npm.
Over the years, npm has become a factor for many non-Node.js companies, too, through the huge frontend ecosystem that's built upon npm. If your company is already running Sonatype Nexus for hosting Java projects internally, you can also use it for hosting internal npm packages.
Other options include JFrog Artifactory and Inedo ProGet, but I haven't used those.
There is an easy to use npm package to do this. https://www.npmjs.org/package/sinopia
In a nutshell, Sinopia is a private/caching npm repository server that you can setup with zero configuration.
Sinopia can be used to :
Verdaccio is what I was looking for and it deserves it's own answer ;) It is an actively maintained fork of Sinopia (highly upvoted answer here). It is a npm registry as a npm package, and can be found
here: https://github.com/verdaccio/verdaccio,
here: https://www.verdaccio.org,
and on port number: 4873
npm i -g verdaccio pm2
pm2 start --name verdaccio `which verdaccio`
pm2 save
docker run -it --rm --detach --name verdaccio -p 4873:4873 verdaccio/verdaccio
helm repo add verdaccio https://charts.verdaccio.org
helm repo update
helm install verdaccio/verdaccio
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With