Setting up a private registry can be achieved in a few ways, let's review all of them. The following commands might be different based on the package manager you are using.
npm (5.x, 6.x)
To set the registry in the
.npmrc file use the following:
npm set registry http://localhost:4873/
If you want one single use
--registry after the required command.
npm install --registry http://localhost:4873
Write it yourself by defining in your
resolvefield in defined in the lock files, while
email@example.com the opposite.
publishConfig in your
By using the
publishConfigthe previous two options would be ignored, only use this option if you want to ensure the package is not being published anywhere else.
If you are using either
firstname.lastname@example.org, there are known issues with tokens, please upgrade to either
6.x or downgrade to
SSL and certificates
When using Verdaccio under SSL without a valid certificate, defining
strict-ssl in your config file is required otherwise you will get
SSL Error: SELF_SIGNED_CERT_IN_CHAIN errors.
npm does not support invalid certificates anymore since 2014.
npm config set ca ""
npm config set strict-ssl false
v7.0.0 is more strict with the new
v2 lockfile. If you have mixed
resolved fields in your lockfile, for instance, having this in your lockfile:
..... // removed for simplicity
npm i --registry https://registry.npmjs.org or using
.npmrc will fail your installation.
Be aware npm configurations are valid on the classic version
The classic version is able to regonize the
.npmrc file, but also provides their own configuration file named
To set up a registry, create a file and define a registry.
By using this version you should enable
always-auth in your configuration running:
npm config set always-auth true
email@example.com does not send the authorization header on
yarn install if your packages requires authentication, by enabling
always-auth will force yarn do it on each request.
Yarn Berry (>=2.x)
Yarn berry does not recognize
For defining a registry you must use the
.yarnrc.yml located in the root of your project or global configuration.
When you publish a package the `
must be used, keep on mind thepublishConfig.registry
in thepackage.json` will override this configuration.
unsafeHttpWhitelistis only need it if you don't use
httpswith a valid certificate.
Using scopes is also possible and more segmented, you can define a token peer scope if is required.
for logging via CLi use:
yarn npm login --scope my-company
This includes 4.x and 5.x series.
pnpm recognize by default the configuration at
.npmrc and also the
--registry value, there is no difference in the implementation.