To resolve packages by name and version, npm talks to a registry website that
implements the CommonJS Package Registry specification for reading package
Additionally, npm´s package registry implementation supports several
write APIs as well, to allow for publishing packages and managing user account
The official public npm registry is at http://registry.npmjs.org/
. It is
powered by a CouchDB database at http://isaacs.iriscouch.com/registry
The code for the couchapp is available at
. npm user accounts are CouchDB users,
stored in the http://isaacs.iriscouch.com/_users
npm help npm help The registry URL is supplied by the registry
parameter. See npm-config
, npmrcnpm help
, and npm-config
for more on managing npm´s configuration.
The easiest way is to replicate the couch database, and use the same (or
similar) design doc to implement the APIs.
If you set up continuous replication from the official CouchDB, and then set
your internal CouchDB as the registry config, then you´ll be able to
read any published packages, in addition to your private ones, and by default
will only publish internally. If you then want to publish a package for the
whole world to see, you can simply override the --registry
Set "private": true
in your package.json to prevent it from
being published at all, or
to force it to be published only to your internal registry.
npm help See package.json
for more info on what goes in the package.json
No. If you want things to be public, then publish them into the public registry
using npm. What little security there is would be for nought otherwise.
No, but it´s way easier. Basically, yes, you do, or you have to
effectively implement the entire CouchDB API anyway.
Yes, head over to https://npmjs.org/
- npm help config
- npm help config
- npm help npmrc
- npm help developers
- npm help disputes