Miroslav, Thanks for the link to npm-proxy. I didn't realize that project existed.
Osher, There is Nodejitsu's new "Enterprise Private npm" initiative, though I'm not sure if it offers the same private/public fallback of npm-proxy, which to me is the key feature for smaller companies not wanting to (like you said) replicate the whole npm repo. I would opine that main npm repo can get very slow at times (though usually not), so there is the additional benefit of speed wrt hosting a replica even if it all seems rather wasteful. I personally find myself wanting to publish forks of public modules to a private repo to avoid the need for npm_shrinkwrap for nested dependencies needing fixes. Cheers, Adam On Thu, Aug 1, 2013 at 12:06 AM, Miroslav Bajtoš <[email protected]>wrote: > Hi Osher, > > There are multiple options for setting up a private repo, unfortunately > none of them is ideal. > > 1. Create a replica of npmjs.org > 2. Setup your own registry using CouchDB and npmjs code, but don't > replicate the public registry > 3. Use a different registry server, e.g. reggie [1] mentioned by Andy > > Let's check your requirements: > > we don't want to host an entire replica of the npm (which is *HUGE *these >> days, and growing) >> i.e - the private replica should hold only our packages, the rest can >> come from the public repo > > > This is true for options 2 and 3. > > publishing should direct to our repo > > > This can be achieved with all three options. Either add the following line > to your package.json > "publishConfig": { "registry": "http://private/registry/url"; } > or use the reggie CLI client for publishing the packages. > > install should take our packages from our repo, and public packages from >> the global repo > > > The npm client does not support multiple repositories at the moment, even > though there are plans to get this implemented in the next few > weeks/months. Unless you have a replica of npmjs.org (option 1), you must > use different way for installing and referencing packages from public and > private repository. > > With couchdb-based registry, you can use absolute URL to the tarball of > the desired version. (This means you can't specify a fuzzy version like > ~0.5.2.) > > Node reggie implements several kinds of package URLs to support fuzzy > version specification. See project README [1] for more details. > > It may be possible to overcome this limitation by sticking an npm proxy > [2] in front of your private registry. > > users in local repo should match users in global repo > > > You will get this for free with npmjs.or replica. > > If its possible to setup CouchDB replication in such way that only users > are replicated, then you can get this functionality with non-replicated > CouchDB-based registry too. > > Reggie does not implement authentication and authorization at the moment - > it will happily accept (and ignore) whatever credentials are sent by the > npm client. > > I hope you will find this helpful, don't hesitate to ask if there is > anything else not clear. > > Miroslav > > [1] https://github.com/mbrevoort/node-reggie > [2] https://npmjs.org/package/npm-proxy > > > On Wednesday, July 31, 2013 6:51:21 PM UTC+2, Osher E wrote: > >> oups, sorry for the resending, >> but I forgot to mention another problem we had - >> >> - users in local repo should match users in global repo >> >> it sounds so simple, but we had problems with that >> (all the part with npm adduser and stuff) >> >> >> On Wed, Jul 31, 2013 at 7:36 PM, Osher El-Netanany <[email protected]>wrote: >> >>> Hi all, >>> >>> 'ok, this is kind'a embarrassing a little, >>> we've tried few times in few ways but still did not get it right: >>> >>> - we're trying to set a local npm repo for our packages >>> - we don't want to host an entire replica of the npm (which is *HUGE >>> *these days, and growing) >>> i.e - the private replica should hold only our packages, the rest >>> can come from the public repo >>> - publishing should direct to our repo >>> - install should take our packages from our repo, and public >>> packages from the global repo >>> >>> What's the best way to do it? >>> What's the best contemporary tutorial/doc/explanation about it on the >>> web? >>> >>> Thanks... >>> Don >>> >> >> -- > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "nodejs" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- Better a little with righteousness than much gain with injustice. Proverbs 16:8 -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
