# verdaccio/verdaccio

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/verdaccio-verdaccio).**

17,699 stars · 1,470 forks · TypeScript · MIT

## Links

- GitHub: https://github.com/verdaccio/verdaccio
- Homepage: https://www.verdaccio.org/
- awesome-repositories: https://awesome-repositories.com/repository/verdaccio-verdaccio.md

## Topics

`docker` `helm` `helm-charts` `javascript` `kubernetes` `nodejs` `npm` `pnpm` `private-npm` `registry` `registry-proxy` `sponsor` `verdaccio` `yarn`

## Description

Verdaccio is a registry server that implements the npm protocol to store, serve, and manage software dependencies. It functions as a private registry proxy for Node.js packages, allowing organizations to host internal packages while caching public modules.

The system features a pluggable middleware architecture that enables the extension of registry behavior through custom plugins for authentication and storage backends. It supports scalable remote data management by offloading package files to S3-compatible object stores.

The platform covers package lifecycle management, including publishing, tagging, and deprecation, as well as the ability to override public packages with local versions. It provides integrated user identity management, dependency auditing for security vulnerabilities, and package discovery tools.

## Tags

### Development Tools & Productivity

- [npm Protocol Implementations](https://awesome-repositories.com/f/development-tools-productivity/npm-protocol-implementations.md) — Implements the npm protocol to serve as a registry server for storing and managing software dependencies.
- [Private Package Registries](https://awesome-repositories.com/f/development-tools-productivity/private-package-registries.md) — Hosts and serves proprietary software packages internally to ensure they remain isolated from public registries. ([source](https://github.com/verdaccio/verdaccio/blob/master/README.md))
- [Package Registry Integrations](https://awesome-repositories.com/f/development-tools-productivity/dependency-managers/package-registry-integrations.md) — Implements the capability to aggregate and retrieve software packages from multiple upstream organizational registries through a single interface. ([source](https://github.com/verdaccio/verdaccio#readme))
- [Upstream Proxy Caching](https://awesome-repositories.com/f/development-tools-productivity/npm-protocol-implementations/upstream-proxy-caching.md) — Storing copies of external packages locally to speed up installations and ensure builds work when upstream servers are offline.
- [Proxy Caches](https://awesome-repositories.com/f/development-tools-productivity/package-caches/proxy-caches.md) — Caches copies of remote packages locally to reduce installation latency and ensure availability during upstream outages.
- [Upstream Proxying](https://awesome-repositories.com/f/development-tools-productivity/private-package-registries/upstream-proxying.md) — Combines multiple upstream package sources into a single internal endpoint to simplify dependency management.
- [Registry Aggregators](https://awesome-repositories.com/f/development-tools-productivity/registry-aggregators.md) — Combines multiple upstream package sources into a single unified endpoint for streamlined client retrieval.
- [Upstream Overrides](https://awesome-repositories.com/f/development-tools-productivity/private-package-registries/upstream-overrides.md) — Allows publishing modified versions of public packages to a private registry to apply urgent fixes immediately.
- [Version Overrides](https://awesome-repositories.com/f/development-tools-productivity/versioned-package-managers/version-overrides.md) — Allows publishing local versions of third-party packages to apply immediate fixes without waiting for upstream updates. ([source](https://github.com/verdaccio/verdaccio#readme))

### DevOps & Infrastructure

- [Package Managers](https://awesome-repositories.com/f/devops-infrastructure/package-managers.md) — Manages the full package lifecycle including publishing, tagging, and deprecating package versions. ([source](https://github.com/verdaccio/verdaccio#readme))
- [S3-Compatible Storage Adapters](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure/cloud-computing-serverless/cloud-storage/s3-compatible-storage-adapters.md) — Supports offloading package files to S3-compatible object stores for scalable remote data management.

### Security & Cryptography

- [Registry Access Controls](https://awesome-repositories.com/f/security-cryptography/access-restrictions/registry-access-controls.md) — Provides granular authentication and authorization policies to regulate who can publish or install packages.
- [Token-Based Authentication](https://awesome-repositories.com/f/security-cryptography/token-based-authentication.md) — Regulates user access and permissions using cryptographic identity tokens and integrated third-party providers.
- [User Access Management](https://awesome-repositories.com/f/security-cryptography/user-access-management.md) — Manages user registration, password updates, and authentication tokens to regulate registry access. ([source](https://github.com/verdaccio/verdaccio#readme))
- [User Identity Management](https://awesome-repositories.com/f/security-cryptography/user-identity-management.md) — Handles the lifecycle of user identities, including registration and ownership transfers for package maintainers. ([source](https://github.com/verdaccio/verdaccio/blob/master/README.md))
- [External Identity Provider Integration](https://awesome-repositories.com/f/security-cryptography/external-identity-provider-integration.md) — Integrates with third-party identity providers to manage user login and access permissions. ([source](https://github.com/verdaccio/verdaccio/tree/master/docker-examples))
- [Dependency Vulnerability Scanning](https://awesome-repositories.com/f/security-cryptography/security-auditing/dependency-vulnerability-scanning.md) — Checks installed packages for known security vulnerabilities by processing audit requests. ([source](https://github.com/verdaccio/verdaccio#readme))

### Data & Databases

- [Cloud Object Storage](https://awesome-repositories.com/f/data-databases/file-storage-systems/cloud-object-storage.md) — Offloads package binary files to S3-compatible object stores for scalable remote data management. ([source](https://github.com/verdaccio/verdaccio/tree/master/docker-examples))
- [Pluggable Storage Drivers](https://awesome-repositories.com/f/data-databases/pluggable-storage-drivers.md) — Provides an extensible architecture allowing the registration of custom storage backends, including local filesystems and S3-compatible stores.

### Networking & Communication

- [Middleware-Based Request Pipelines](https://awesome-repositories.com/f/networking-communication/communication-protocols-architectures/request-processing-architectures/request-processing/middleware-based-request-pipelines.md) — Uses a modular chain of pluggable middleware components to process incoming registry requests for authentication and routing.

### Software Engineering & Architecture

- [Extensible Plugin Architectures](https://awesome-repositories.com/f/software-engineering-architecture/extensible-plugin-architectures.md) — Features a modular system that supports the injection of custom logic for authentication and storage via external plugins.
- [Plugin Architectures](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/extensibility/plugin-architectures.md) — Implements a modular architecture that allows core registry behaviors to be extended via dynamically loaded components. ([source](https://github.com/verdaccio/verdaccio/tree/master/docker-examples))
- [Registry Extensions](https://awesome-repositories.com/f/software-engineering-architecture/integration-extensibility/extensibility/plugin-architectures/registration-discovery-systems/extension-registries/registry-extensions.md) — Supports the creation of custom plugins to add specialized logic and new capabilities to the registry server. ([source](https://github.com/verdaccio/verdaccio#readme))
- [Registry Middleware](https://awesome-repositories.com/f/software-engineering-architecture/plugin-registries/registry-middleware.md) — Features a pluggable middleware architecture to extend registry behavior via custom plugins for authentication and storage.

### Part of an Awesome List

- [Package Management](https://awesome-repositories.com/f/awesome-lists/devtools/package-management.md) — Private lightweight NPM registry.
- [Registry Management](https://awesome-repositories.com/f/awesome-lists/devtools/registry-management.md) — Lightweight proxy registry for private package hosting.