跳到主要内容

什么是 Verdaccio?

Verdaccio 是一个 Node.js创建的轻量的私有npm proxy registry

Using a private npm registry like Verdaccio is one of the Top 10 NPM Security Best Practices recommended by the Open Web Application Security Project (OWASP).

Registry是什么?

  • 包的资源库,它执行CommonJS Compliant Package Registry specification 来阅读包信息
  • 提供与 npm clients (yarn/npm/pnpm) 兼容的API
  • Verdaccio 表示意大利中世纪晚期fresco 绘画中流行的一种绿色的意思。
$> verdaccio

registry

使用Verdaccio

Using Verdaccio with any Node.js package manager client is quite straightforward.

registry

You can use a custom registry either by setting it globally for all your projects

npm set registry http://localhost:4873

or by using it in command line as an argument --registry in npm (slightly different in yarn)

npm install lodash --registry http://localhost:4873
yarn config set registry http://localhost:4873

To have a more detailed explanation, I invite you to watch the full explanation Angular Library: How To Use a Library in a poly-repo Using Verdaccio by Fanis Prodromou on his YouTube channel.

私有性

All packages that you publish are private and only accessible based in your configuration.

Proxy

Verdaccio cache all dependencies on demand and speed up installations in local or private networks.

简而言之

  • 它是基于Node.js的网页应用程序
  • 它是私有npm registry
  • 它是本地网络proxy
  • 它是可插入式应用程序
  • 它相当容易安装和使用
  • 我们提供Docker和Kubernetes支持
  • 它与yarn, npm 和pnpm 100% 兼容
  • forkedsinopia@1.4.0并且100% 向后兼容