registry - The JavaScript Package Registry Description To resolve packages by name and version, npm talks to a registry web- site that implements the CommonJS Package Registry specification for reading package info. npm is configured to use the npm public registry at https://reg- istry.npmjs.org by default. Use of the npm public registry is subject to terms of use available at https://docs.npmjs.com/policies/terms. You can configure npm to use any compatible registry you like, and even run your own registry. Use of someone else's registry may be governed by their terms of use. npm's package registry implementation supports several write APIs as well, to allow for publishing packages and managing user account infor- mation. The npm public registry is powered by a CouchDB database, of which there is a public mirror at https://skimdb.npmjs.com/registry. The registry URL used is determined by the scope of the package (see npm help scope. If no scope is specified, the default registry is used, which is supplied by the registry config parameter. See npm help con- fig, npm help npmrc, and npm help config for more on managing npm's configuration. When the default registry is used in a package-lock or shrinkwrap is has the special meaning of "the currently configured registry". If you create a lock file while using the default registry you can switch to another registry and npm will install packages from the new registry, but if you create a lock file while using a custom registry packages will be installed from that registry even after you change to another registry. Does npm send any information about me back to the registry? Yes. When making requests of the registry npm adds two headers with informa- tion about your environment: o Npm-Scope - If your project is scoped, this header will contain its scope. In the future npm hopes to build registry features that use this information to allow you to customize your experience for your organization. o Npm-In-CI - Set to "true" if npm believes this install is running in a continuous integration environment, "false" otherwise. This is detected by looking for the following environment variables: CI, TDDIUM, JENKINS_URL, bamboo.buildKey. If you'd like to learn more you may find the original PR https://github.com/npm/npm-reg- istry-client/pull/129 interesting. This is used to gather better metrics on how npm is used by humans, versus build farms. The npm registry does not try to correlate the information in these headers with any authenticated accounts that may be used in the same requests. How can I prevent my package from being published in the official registry? Set "private": true in your package.json to prevent it from being pub- lished at all, or "publishConfig":{"registry":"http://my-internal-reg- istry.local"} to force it to be published only to your internal/private registry. See npm help package.json for more info on what goes in the pack- age.json file. Where can I find my own, & other's, published packages? https://www.npmjs.com/ See also o npm help config o npm help config o npm help npmrc o npm help developers
Please see following description for synopsis
REGISTRY(7) REGISTRY(7)
NAME
registry - The JavaScript Package Registry
Description
To resolve packages by name and version, npm talks to a registry web-
site that implements the CommonJS Package Registry specification for
reading package info.
npm is configured to use the npm public registry at https://reg-
istry.npmjs.org by default. Use of the npm public registry is subject
to terms of use available at https://docs.npmjs.com/policies/terms.
You can configure npm to use any compatible registry you like, and even
run your own registry. Use of someone else's registry may be governed
by their terms of use.
npm's package registry implementation supports several write APIs as
well, to allow for publishing packages and managing user account infor-
mation.
The npm public registry is powered by a CouchDB database, of which
there is a public mirror at https://skimdb.npmjs.com/registry.
The registry URL used is determined by the scope of the package (see
npm help scope. If no scope is specified, the default registry is used,
which is supplied by the registry config parameter. See npm help con-
fig, npm help npmrc, and npm help config for more on managing npm's
configuration.
When the default registry is used in a package-lock or shrinkwrap is
has the special meaning of "the currently configured registry". If you
create a lock file while using the default registry you can switch to
another registry and npm will install packages from the new registry,
but if you create a lock file while using a custom registry packages
will be installed from that registry even after you change to another
registry.
Does npm send any information about me back to the registry?
Yes.
When making requests of the registry npm adds two headers with informa-
tion about your environment:
o Npm-Scope - If your project is scoped, this header will contain its
scope. In the future npm hopes to build registry features that use
this information to allow you to customize your experience for your
organization.
o Npm-In-CI - Set to "true" if npm believes this install is running in
a continuous integration environment, "false" otherwise. This is
detected by looking for the following environment variables: CI,
TDDIUM, JENKINS_URL, bamboo.buildKey. If you'd like to learn more you
may find the original PR https://github.com/npm/npm-reg-
istry-client/pull/129 interesting. This is used to gather better
metrics on how npm is used by humans, versus build farms.
The npm registry does not try to correlate the information in these
headers with any authenticated accounts that may be used in the same
requests.
How can I prevent my package from being published in the official registry?
Set "private": true in your package.json to prevent it from being pub-
lished at all, or "publishConfig":{"registry":"http://my-internal-reg-
istry.local"} to force it to be published only to your internal/private
registry.
See npm help package.json for more info on what goes in the pack-
age.json file.
Where can I find my own, & other's, published packages?
https://www.npmjs.com/
See also
o npm help config
o npm help config
o npm help npmrc
o npm help developers
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
+---------------+--------------------------+
|ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+---------------+--------------------------+
|Availability | runtime/nodejs/nodejs-18 |
+---------------+--------------------------+
|Stability | Pass-thru volatile |
+---------------+--------------------------+
NOTES
Source code for open source software components in Oracle Solaris can
be found at https://www.oracle.com/downloads/opensource/solaris-source-
code-downloads.html.
This software was built from source available at
https://github.com/oracle/solaris-userland. The original community
source was downloaded from https://github.com/nodejs/node/ar-
chive/v18.1.0.zip.
Further information about this software can be found on the open source
community website at https://github.com/nodejs/node.
April 2022 REGISTRY(7)