1REGISTRY(7) REGISTRY(7)
2
6 registry - The JavaScript Package Registry
7 Description
9 To resolve packages by name and version, npm talks to a registry web‐
10 site that implements the CommonJS Package Registry specification for
11 reading package info.
12 npm is configured to use the npm public registry at ⟨https://reg‐
14 istry.npmjs.org⟩ by default. Use of the npm public registry is subject
15 to terms of use available at ⟨https://docs.npmjs.com/policies/terms⟩.
16 You can configure npm to use any compatible registry you like, and even
18 run your own registry. Use of someone else's registry may be governed
19 by their terms of use.
20 npm's package registry implementation supports several write APIs as
22 well, to allow for publishing packages and managing user account infor‐
23 mation.
24 The npm public registry is powered by a CouchDB database, of which
26 there is a public mirror at ⟨https://skimdb.npmjs.com/registry⟩.
27 The registry URL used is determined by the scope of the package (see
29 npm help scope. If no scope is specified, the default registry is used,
30 which is supplied by the registry config ⟨/using-npm/config#registry⟩
31 parameter. See npm help config, npm help npmrc, and npm help config for
32 more on managing npm's configuration. Authentication configuration such
33 as auth tokens and certificates are configured specifically scoped to
34 an individual registry. See Auth Related Configuration ⟨/configuring-
35 npm/npmrc#auth-related-configuration⟩
36 When the default registry is used in a package-lock or shrinkwrap it
38 has the special meaning of "the currently configured registry". If you
39 create a lock file while using the default registry you can switch to
40 another registry and npm will install packages from the new registry,
41 but if you create a lock file while using a custom registry packages
42 will be installed from that registry even after you change to another
43 registry.
44 Does npm send any information about me back to the registry?
46 Yes.
47 When making requests of the registry npm adds two headers with informa‐
49 tion about your environment:
50 • Npm-Scope – If your project is scoped, this header will contain its
52 scope. In the future npm hopes to build registry features that use
53 this information to allow you to customize your experience for your
54 organization.
55 • Npm-In-CI – Set to "true" if npm believes this install is running
57 in a continuous integration environment, "false" otherwise. This is
58 detected by looking for the following environment variables: CI,
59 TDDIUM, JENKINS_URL, bamboo.buildKey. If you'd like to learn more
60 you may find the original PR ⟨https://github.com/npm/npm-registry-
61 client/pull/129⟩ interesting. This is used to gather better metrics
62 on how npm is used by humans, versus build farms.
63 The npm registry does not try to correlate the information in these
66 headers with any authenticated accounts that may be used in the same
67 requests.
68 How can I prevent my package from being published in the official registry?
70 Set "private": true in your package.json to prevent it from being pub‐
71 lished at all, or "publishConfig":{"registry":"http://my-internal-reg‐
72 istry.local"} to force it to be published only to your internal/private
73 registry.
74 See package.json ⟨/configuring-npm/package-json⟩ for more info on what
76 goes in the package.json file.
77 Where can I find my (and others') published packages?
79 ⟨https://www.npmjs.com/⟩
80 See also
82 • npm help config
83 • npm help config
85 • npm help npmrc
87 • npm help developers
89 November 2023 REGISTRY(7)