verdaccio

A lightweight private npm proxy registry

Npm Package Weekly Downloads Trend

3 Years

🌟 Show real-time usage chart on verdaccio's README.md, just copy the code below.

## Usage Trend
[![Usage Trend of verdaccio](https://npm-compare.com/img/npm-trend/THREE_YEARS/verdaccio.png)](https://npm-compare.com/verdaccio#timeRange=THREE_YEARS)

Cumulative GitHub Star Trend

🌟 Show GitHub stars trend chart on verdaccio's README.md, just copy the code below.

## GitHub Stars Trend
[![GitHub Stars Trend of verdaccio](https://npm-compare.com/img/github-trend/verdaccio.png)](https://npm-compare.com/verdaccio)

Stat Detail

Package	Downloads	Stars	Size	Issues	Publish	License
Package	Downloads	Stars	Size	Issues	Publish	License
verdaccio	529,646	17,514	747 kB	42	2 days ago	MIT

Popular Comparisons

verdaccio

README for verdaccio

verdaccio logo

verdaccio gif

Version 6

Verdaccio is a simple, zero-configuration-required local private npm registry. Verdaccio doesn't require a full-fledged database to get started. It comes out of the box with its own tiny database and the ability to proxy other registries (e.g., npmjs.org), caching downloaded modules along the way. For those looking to extend storage capabilities, Verdaccio supports various community-made plugins that integrate with services such as Amazon S3, Google Cloud Storage, or custom solutions.

Install

Install with npm:

npm install --global verdaccio

Node.js v18 or higher is required.

Node.js 20 (or the latest LTS version) is recommended.

or pull Docker official image

docker pull verdaccio/verdaccio

and run

docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio

or with helm official chart.

helm repo add verdaccio https://charts.verdaccio.org
helm repo update
helm install verdaccio/verdaccio

Programmatic API

Verdaccio can be used as a module to launch a server programmatically. You can find more information on the website.

 import {runServer} from 'verdaccio';
 
 const app = await runServer(); // default configuration
 const app = await runServer('./config/config.yaml');
 const app = await runServer({ configuration });
 app.listen(4873, (event) => {
   // do something
 });

Plugins

You can develop your own plugins using the verdaccio generator. Yeoman installation is required.

Learn more about how to develop plugins and share them with the community.

Donations

Verdaccio is run by volunteers, with no one working on it full-time. If you find this project useful and would like to support its development and maintenance, consider donating.

You can donate at Open Collective 💵👍🏻 starting from $1/month or with a single contribution.

Note: There is currently no funding available for contributions or security research.

What does Verdaccio do for me?

Use private packages

If you want to leverage all the benefits of the npm package system within your company without exposing all your code to the public, Verdaccio allows you to use your private packages as easily as public ones.

Cache npmjs.org registry

If you have multiple servers requiring package installations, caching the npmjs.org registry can significantly decrease latency (as npmjs.org is connected only once per package/version). It also provides limited failover capabilities (if npmjs.org is down, useful packages might still be found in the cache) and helps avoid issues such as How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript, Many packages suddenly disappeared or Registry returns 404 for a package I have installed before.

Link multiple registries

If your organization uses multiple registries and you need to fetch packages from various sources within a single project, you can leverage Verdaccio's uplinks feature to chain multiple registries and fetch packages from a single endpoint.

Override public packages

If you need to use a modified version of a third-party package (e.g., you found a bug, but the maintainer hasn't yet accepted a pull request), you can publish your version locally under the same name. Learn more here.

E2E Testing

Verdaccio has proven to be a lightweight registry that can be booted in a couple of seconds, making it fast enough for any CI environment. Many open-source projects utilize Verdaccio for end-to-end testing, including create-react-app, mozilla neutrino, pnpm, storybook, babel.js, angular-cli, and docusaurus. You can read more here.

Here are a few examples to get started:

Talks

View more on the YouTube channel.

Get Started

To get started, run Verdaccio in your terminal:

verdaccio

Optionally, you can set some npm configuration:

$ npm set registry http://localhost:4873/

For one-off commands or to avoid setting the registry globally, use:

NPM_CONFIG_REGISTRY=http://localhost:4873 npm i

You can now navigate to http://localhost:4873/ where your local packages will be listed and searchable.

Warning: Verdaccio does not currently support PM2's cluster mode. Running it with cluster mode may lead to unknown behavior.

Publishing

1. Create a User and Log In

npm adduser --registry http://localhost:4873

If you use HTTPS, add appropriate CA information. ("null" indicates getting the CA list from the OS.)

$ npm set ca null

2. Publish Your Package

npm publish --registry http://localhost:4873

This command will prompt you for user credentials, which will then be saved on the verdaccio server.

Docker

The most commonly needed information is provided below. Every aspect of Docker and Verdaccio is documented separately.

docker pull verdaccio/verdaccio

Available as tags.

docker pull verdaccio/verdaccio:6.x-next

Running Verdaccio using Docker

To run the Docker container:

docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio

Docker examples are available in this repository.

Compatibility

Verdaccio aims to support all relevant features of a standard npm client for private repositories. However, full compatibility isn't always possible.

Basic features

Installing packages (npm install, npm upgrade, etc.) - supported
Publishing packages (npm publish) - supported

Advanced package control

Unpublishing packages (npm unpublish) - supported
Tagging (npm tag) - supported
Deprecation (npm deprecate) - supported

User management

Registering new users (npm adduser {newuser}) - supported
Change password (npm profile set password) - supported
Transferring ownership (npm owner add {user} {pkg}) - not supported, PRs welcome
Token (npm token) - supported (under flag)

Miscellany

Search (npm search) - supported (cli (/-/all and v1) / browser)
Ping (npm ping) - supported
Starring (npm star, npm unstar, npm stars) - supported

Security

npm/yarn audit - supported

Report a vulnerability

To report a security vulnerability, please follow the steps outlined in our security policy.

Open Collective Backers

Thank you to all our backers! 🙏 [Become a backer]

Special Thanks

Special thanks to the following companies for helping us achieve our goals by providing free open-source licenses. Each company contributes significant resources to move this project forward.

Company	Logo	License
JetBrains		JetBrains provides licenses for products for active maintainers, renewable yearly
Crowdin		Crowdin provides platform for translations
BrowserStack		BrowserStack provides plan to run End to End testing for the UI
Docker		Docker offers unlimited pulls and unlimited egress to any and all users

FAQ / Contact / Troubleshoot

If you encounter any issues, consider the following options. Don't hesitate to ask or check our issues database; perhaps someone has already addressed what you're looking for.

License

Verdaccio is MIT licensed.

The Verdaccio documentation and logos (excluding /assets/thanks files such as .md, .png, and .sketch) are Creative Commons licensed.