can you host a private repository for your organization to use with npm?


Question

Npm sounds like a great platform to use within an organization, curious if a private repo is possible, like with Nexus/Maven. Nothing comes up on Google :(

1
202
9/27/2011 9:01:57 PM

Accepted Answer

I don't think there is an easy way to do this.

A look at the npm documentation tells us, that it is possible:

Can I run my own private registry?

Yes!

The easiest way is to replicate the couch database, and use the same (or similar) design doc to implement the APIs.

If you set up continuous replication from the official CouchDB, and then set your internal CouchDB as the registry config, then you'll be able to read any published packages, in addition to your private ones, and by default will only publish internally. If you then want to publish a package for the whole world to see, you can simply override the --registry config for that command.

There's also an excellent tutorial on how to create a private npm repository in the clock blog.

EDIT (2017-02-26):

Not really new, but there are now paid plans to host private packages on NPM.

Over the years, NPM has become a factor for many non-Node.js companies, too, through the huge frontend ecosystem that's built upon NPM. If your company is already running Sonatype Nexus for hosting Java projects internally, you can also use it for hosting internal NPM packages.

Other options include JFrog Artifactory and Inedo ProGet, but I haven't used those.

96
1/30/2018 12:19:54 AM

https://github.com/isaacs/npmjs.org/ : In npm version v1.0.26 you can specify private git repositories urls as a dependency in your package.json files. I have not used it but would love feedback. Here is what you need to do:

{
    "name": "my-app",
    "dependencies": {
        "private-repo": "git+ssh://git@yourgitserver.com:my-app.git#v0.0.1",
    }
}

The following post talks about this: Debuggable: Private npm modules


Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Icon