Publish Private NPM Packages with Proxy Registry Verdaccio

How to privately publish packages while maintaining access to the public npm registry

The solution to private npm publishing: private proxy registries

The public npm registry is a critical resource for any app developer, but the paid subscription tiers for private publishing may be too much of an expense for start-ups and large teams: You want to utilise the capabilities of npm internally for private code, but do not wish to pay the monthly costs associated with private publishing.

Private registry solutions have come and gone over the years, but to truly solve the problem of a private registry one must also simultaneously have access to the public npm registry. Having such a capability allows us to “uplink” registries to fetch dependencies our private packages rely on, and then cache them on our private network. Doing this essentially gives us access to the entire npm ecosystem while maintaining the privacy of our own in-house ecosystem.

A capable and actively maintained package to do this today is Verdaccio; a private registry that also acts as a proxy to the public npm registry (or any number of registries you can configure in your uplink settings).