Verdaccio keeps growing, the latest release tagged as
v4.6.0 was just shipped with a new set of features and bug fixes.
The new Dark Mode and possibility to translate the UI both developed by Priscila Oliveira (kudos to her).
The Docker base Node.js image was updated to
To enable dark mode (by default is disabled), just add the following property in your config file, or switch in the UI with the new icon which is persisted in the local storage.
We added a few basic translations in German, Spanish, Portuguese and English by default.
I’ve been asked for this couple of times and I want to share how you can achieve a seamless integration GitHub with Verdaccio. Node.js package managers only allow using one registry when you are running an eg:
npm install unless you modify the
.npmrc and add some specific configuration, but frankly, we can do better using a proxy.
Please keep reading here:
(I’ll move the entire article here when I have some time) :-)
Docker has been a key part of success for Verdaccio. At the time of this writing, we have more than 4 million image pulls and this number is growing rapidly. The image provides an easy way to use Verdaccio in combination with tools like Kubernetes, Docker Compose or any other container orchestration system, simplifying deployment and integration with existing infrastructure.
This article will describe what has changed, all the improvements and benefits you will enjoy from migrating to the latest version.
Read more in our blog.
npm install -g verdaccio@next
This article will explain what are the advantages of using JWT instead of the traditional or legacy token signature used by Verdaccio. But before that, we need to be int he same page about JWT.
I’d recommend reading the following article before continue the reading.
This token signature consists of the…
It’s not the first time that I’ve heard the following expression “Thanks for creating Verdaccio”, which actually flatters me, but is really hard to explain in a couple of words that I haven’t created Verdaccio. Perhaps I might be responsible for what is Verdaccio today, but that is a different story. Today I’d like to share the whole story behind this project and how I ended up working on it.
A few years ago in 2013, the main registry (npmjs) was running for a while and at the same time, Alex Kocharin decided to create Sinopia.
This one of the multiple articles I will write about running Verdaccio on multiple platforms.
This time for simplicity I’ve chosen DigitalOcean that provides affordable base prices and if you want to run your own registry, it’s a good option.
Create a droplet is fairly easy, it just matters to choose an image and click on create, I personally selected a Node.js 8.10.0 version to simplify the setup.
Since a couple of months ago, firstname.lastname@example.org is under development, we want to give you a first update of the current list of features ready to be tested and incoming ones.
Improve security is one of our main goals, we have wanted to improve in one of the most important areas for the users, tokens. Currently the token verification is based on unpack the token for each request and ask the plugin whether the author is authorized. This might be a bit overwhelming if the authentication’s provider is not good handling a big amount of request or is totally unnecessary.
Lockfiles on node package manager (npm) clients are not a new topic, yarn broke the node package managers world with a term called determinism providing a new file generated after install called
yarn.lock to pin and freeze dependencies with the objective to avoid inconstancies across multiple installations.
If you are using a private registry as Verdaccio, it might be a concern committing the lock file in the repo using the private or local domain as registry URL and then someone else due his environment is not able to fetch the tarballs defined in the lock file.
It has been a long, exciting journey since Verdaccio’s community development began, starting initially as a fork of Sinopia. Since the fork, the project has evolved in many ways, making the project’s code base modern, easier to debug, and more straightforward to contribute to by the community!
npm i -g verdaccio
Verdaccio has evolved in many ways. It was a required path to follow, modernize the project using a new stack, code structure, bug fixing, new features and easy maintenance to promote community collaboration.
This article describes the new features in the 3.0 …
This article is about why setting up a npm private proxy is a good idea, going through most common questions that I’ve been asked since contributing to sinopia’s fork verdaccio, and how a developer addresses many use cases that made me appreciate how useful it can be set up a local private proxy
Read more here.