Skip to main content

· One min read

Verdaccio is a free open source javascript package proxy registry. It is fully compatible with pnpm, yarn and npm package management clients. It follows the CommonJS compliant package specifications.

You can install and upgrade to the latest version by following commands:

using npm

npm install -g verdaccio@4.0.0

or using Yarn

yarn global add verdaccio@4.0.0

or using pnpm

pnpm install -g verdaccio@4.0.0

You can find detailed installation instructions here

· One min read

Docker has been a key part of success for Verdaccio. At the time of this writing, we have more than 4 million image pulls and this number is growing rapidly. The image provides an easy way to use Verdaccio in combination with tools like Kubernetes, Docker Compose or any other container orchestration system, simplifying deployment and integration with existing infrastructure.

This article will describe what has changed, all the improvements and benefits you will enjoy from migrating to the latest version.

What’s new?

Keep it small

The new image is three times smaller than the previous, shrinking down from 500MB to 150MB. We achieved this level of optimization by using multi-stage build which allows excluding dependencies and assets not required for the runtime.

· One min read

If you are already using Verdaccio 4 you are can immediately use the new token signature support with JWT or JSON Web Tokens.

npm install -g verdaccio@next

This article will explain what are the advantages of using JWT instead of the traditional or legacy token signature used by Verdaccio. But before that, we need to be int he same page about JWT.

I’d recommend reading the following article before continue the reading.

5 Easy Steps to Understanding JSON Web Tokens (JWT)