Ways to have your private npm registry — and a final DIY solution

Gustavo Gondim
Dec 15, 2017 · 2 min read

So you need to create private npm packages. This is a common situation when your company is becoming big and needs to standardize and/or reutilize some pieces of code, like an UI framework. This happened to us.

After you searched by "npm private registry" in the web, you have found some options and felt different emotions about them:

Paid alternatives

MyGet (https://www.myget.org) —which costs US$ 9/month for starter plan and you only would have 2 contributors and 1GB storage.

NPM Org (https://www.npmjs.com) — which costs US$ 7 per user per month.

Free alternatives

DIY NPM (https://docs.npmjs.com/misc/registry)— Build your own registry at your own risk, you would need a CouchDB instance and a Node.js server.

Git! You sure could point your packages to private Git repositories, using URLs in package.json (http://fiznool.com/blog/2015/05/20/an-alternative-to-npm-private-modules/). It is very nice when the repository is public, but, when you have a private Git repository, you will need HTTPS or SSH credentials, and you often cannot have a per-team credential.

Sinopia (https://www.npmjs.com/package/sinopia) — Which is a handsome DIY registry, but it has some community problems, such it seems it will be abandoned (https://github.com/rlidwka/sinopia/issues/376). It also requires a Node.js server.

Cnpmjs.org (https://github.com/cnpm/cnpmjs.org) — Which requires a Node.js server, a MySQL instance and a Simple File Store Service, like qiniu, aliyun-oss, tfs, upyun.

Npm-register (https://github.com/jdxcode/npm-register) — which seems to be a better option than Sinopia, with CDN and caching things, but it will require an Amazon AWS S3 bucket and a Redis instance for doing that. It also has an option to easily deploy to Heroku.

And finally, Verdaccio

Verdaccio is a fork from Sinopia and is a very nice solution if you have an evolution from its parent repository and good things such as plug-ins and an easy way to deploy it with Docker.

Like Sinopia, it allows you to have a local npm private registry with zero configuration, and if a package doesn’t exist there, it asks any other registry (npmjs.org) for it keeping only those packages you use.

With Verdaccio, you can:

  • Use private packages
  • Cache npmjs.org registry
  • Override public packages

If you want to deploy it in Microsoft Azure using its Docker image, follow my next tutorial:

And here is a Medium post from Verdaccio's author you should also read: https://medium.com/@jotadeveloper/five-use-cases-where-a-npm-private-proxy-fits-in-your-workflow-632a81779c14

Good luck!

Engenharia NOALVO

Neste blog contamos sobre os desafios do nosso dia a dia…

Gustavo Gondim

Written by

Co-founder & CTO at NOALVO | bit.ly/ggondim

Engenharia NOALVO

Neste blog contamos sobre os desafios do nosso dia a dia nas áreas de engenharia e arquitetura de software, infraestrutura, DevOps, Agile e gestão de produto. Conheça nossas vagas de tecnologia em https://vagas.midianoalvo.com.br

Gustavo Gondim

Written by

Co-founder & CTO at NOALVO | bit.ly/ggondim

Engenharia NOALVO

Neste blog contamos sobre os desafios do nosso dia a dia nas áreas de engenharia e arquitetura de software, infraestrutura, DevOps, Agile e gestão de produto. Conheça nossas vagas de tecnologia em https://vagas.midianoalvo.com.br

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store