Verdaccio
App in the BluixApps catalog
What it is
Verdaccio is a lightweight private npm registry — proxy and cache for public npm + host your own private packages. Drop-in replacement for npm config to publish/install from your registry instead of npmjs.org. Single binary, no external DB needed.
For Node.js teams who want private package hosting without paying for npm Enterprise or self-hosting heavy alternatives like Verdaccio.
What it's for
- Private npm packages — publish org-internal libraries
- Public npm proxy — cache npmjs.org packages for offline / fast install
- Multi-environment — separate registries per team / project
- Version control — keep specific versions available even after upstream removal
- CI/CD acceleration — local cache speeds up
npm installin pipelines
Who it's for
- Node.js engineering teams sharing internal libraries
- DevOps engineers building offline-capable CI/CD pipelines
- Privacy-bound orgs mirroring npm for air-gapped environments
- Agencies sharing reusable code across client projects
- Indie developers publishing personal packages privately
Why teams pick Verdaccio over alternatives
- MIT license — fully open
- Lightweight — single Node.js process, no DB required
- Easy config — YAML configuration; sensible defaults
- Plugin system — auth / storage / notification plugins
- Proxy + cache — both private packages and public mirror
- Active community — long-running OSS project
Integrations
- Auth backends — htpasswd (default), LDAP, OAuth, GitLab, custom plugins
- Storage backends — local filesystem (default), S3, Azure, custom
- Notification channels — Slack, email on publish events
- Web UI — search packages, view metadata, browse versions
- CLI compatibility —
npm,yarn,pnpmall work natively - CI / CD integration —
.npmrcconfig for build pipelines - Audit logs — package publish + access logs
Notable users & community
- 16k+ GitHub stars
- Used by countless dev teams as internal npm registry
- Active GitHub Discussions community
- Long-running OSS project
- Standard tool in JS / Node ecosystem
Tips & operations
- Persist
/verdaccio/storage— published packages live here; volume mount essential - Use HTTPS — npm publish over HTTP is risky; always TLS
- Auth from day one — anonymous publish = supply chain risk
- Backup published packages — they ARE your code; backup as you would source
- Cache size management — public mirror cache grows; set max-storage limit
- Per-team scope — use npm scopes for team isolation
What we ship in BluixApps
- Docker compose: Verdaccio + persistent storage volume
- Pinned
verdaccio/verdaccio:6(release-tagged) - HTTPS via Let's Encrypt
- htpasswd auth enabled; admin user via env
- Persistent volume at
/verdaccio/storage - Public npmjs.org proxy enabled
- Backup hook covers
/verdaccio/storage
Get this app — pick a BluixApps plan
Same catalog. Scaling tenant isolation, white-label and support tier.
| Tier | Tenants | Catalog | Support | White-label | Monthly | |
|---|---|---|---|---|---|---|
| Stacks | 1 | 19 curated stacks | Standard | — | $19/mo | DetailDeploy |
| Starter | 10 | Full catalog | Standard | +$15–25/mo | $49/mo | DetailDeploy |
| Pro | 25 | Full catalog | Priority bugfix | +$15–25/mo | $149/mo | DetailDeploy |
| Growth | 100 | Full catalog | Priority bugfix | +$15–25/mo | $349/mo | DetailDeploy |
| Scale | 500 | Full catalog | 7-day window | +$15–25/mo | $799/mo | DetailDeploy |
| Enterprise | Unlimited | Full catalog | Priority 7-day | Bundled | $1,499/mo | DetailDeploy |