Hack Upstate X – Build. Break. Collaborate.

  • October 7 - October 8 2017
  • 235 Harrison St, Syracuse, NY 13202
  • 28 Attending

Raspberry pi private npm server

A small, self-hosted npm registry

My goal was to create a private, self-hosted npm repository, so that I could distribute private beta versions of node packages to interested parties in order to receive feedback, before releasing them publicly.


npm actually provides a commercial, hosted service for private packages, but I wanted to implement a self-hosted solution, because npm's solution requires users to create an npm account that exposes a public email address. This makes sense for package authors, who should be available to provide support to users, but is a burden for package consumers. So I wanted to find a solution I could host myself, which did not require user accounts to be made public.


The most important requirement of the npm server software was support for "scopes", a feature introduced to npm in 2014. Scopes are the mechanism by which the npm client can be configured to download software from third-party repositories, so support for scopes was a strict requirement for the npm server.

I started by performing a survey of the landscape of private npm servers. There were four servers of interest, and I did a deep-dive into two of them. I started and ended with npm-registry-couchapp, the original server code that ran the central npm repository.


This code has been deprecated since 2015. It still receives some updates, but is missing features. In particular, there was a bug in its implementation of scopes. I therefore created a new issue on the npm-registry-couchapp github page, patched the bug, wrote new tests, and submitted a pull request, which can be found here.

I then installed the patched software on a raspberry pi, which is acting as a small, private npm server.

Website

Team Members