Verdaccio

App in the BluixApps catalog

What it is

Verdaccio is a lightweight private npm registry — proxy and cache for public npm + host your own private packages. Drop-in replacement for npm config to publish/install from your registry instead of npmjs.org. Single binary, no external DB needed.

For Node.js teams who want private package hosting without paying for npm Enterprise or self-hosting heavy alternatives like Verdaccio.

What it's for

  • Private npm packages — publish org-internal libraries
  • Public npm proxy — cache npmjs.org packages for offline / fast install
  • Multi-environment — separate registries per team / project
  • Version control — keep specific versions available even after upstream removal
  • CI/CD acceleration — local cache speeds up npm install in pipelines

Who it's for

  • Node.js engineering teams sharing internal libraries
  • DevOps engineers building offline-capable CI/CD pipelines
  • Privacy-bound orgs mirroring npm for air-gapped environments
  • Agencies sharing reusable code across client projects
  • Indie developers publishing personal packages privately

Why teams pick Verdaccio over alternatives

  • MIT license — fully open
  • Lightweight — single Node.js process, no DB required
  • Easy config — YAML configuration; sensible defaults
  • Plugin system — auth / storage / notification plugins
  • Proxy + cache — both private packages and public mirror
  • Active community — long-running OSS project

Integrations

  • Auth backends — htpasswd (default), LDAP, OAuth, GitLab, custom plugins
  • Storage backends — local filesystem (default), S3, Azure, custom
  • Notification channels — Slack, email on publish events
  • Web UI — search packages, view metadata, browse versions
  • CLI compatibilitynpm, yarn, pnpm all work natively
  • CI / CD integration.npmrc config for build pipelines
  • Audit logs — package publish + access logs

Notable users & community

  • 16k+ GitHub stars
  • Used by countless dev teams as internal npm registry
  • Active GitHub Discussions community
  • Long-running OSS project
  • Standard tool in JS / Node ecosystem

Tips & operations

  • Persist /verdaccio/storage — published packages live here; volume mount essential
  • Use HTTPS — npm publish over HTTP is risky; always TLS
  • Auth from day one — anonymous publish = supply chain risk
  • Backup published packages — they ARE your code; backup as you would source
  • Cache size management — public mirror cache grows; set max-storage limit
  • Per-team scope — use npm scopes for team isolation

What we ship in BluixApps

  • Docker compose: Verdaccio + persistent storage volume
  • Pinned verdaccio/verdaccio:6 (release-tagged)
  • HTTPS via Let's Encrypt
  • htpasswd auth enabled; admin user via env
  • Persistent volume at /verdaccio/storage
  • Public npmjs.org proxy enabled
  • Backup hook covers /verdaccio/storage
Read this app's deep dive on bluix.app ↗

Get this app — pick a BluixApps plan

Same catalog. Scaling tenant isolation, white-label and support tier.

TierTenantsCatalogSupportWhite-labelMonthly
Stacks119 curated stacksStandard$19/moDetailDeploy
Starter10Full catalogStandard+$15–25/mo$49/moDetailDeploy
Pro25Full catalogPriority bugfix+$15–25/mo$149/moDetailDeploy
Growth100Full catalogPriority bugfix+$15–25/mo$349/moDetailDeploy
Scale500Full catalog7-day window+$15–25/mo$799/moDetailDeploy
EnterpriseUnlimitedFull catalogPriority 7-dayBundled$1,499/moDetailDeploy

Powered by WHMCompleteSolution