A hierarchical npm-registry proxy to make private registries easier. (Based on npm-delegate by @jden)
Lead Maintainer: Jean-Charles Sisk
Based on [npm-delegate] (https://npmjs.org/package/npm-delegate) by Jason Denizac jason@denizac.org, this module is a hapi plugin used to proxy npm to support private npm repos without replicating the entire public registry.
NOTE: The
config.jsondescribed below is a Hapi Composer manifest that describes kappa as a plugin. See ./example/global/config.json or ./example/local/config.json for more information.
Using docker-compose, just run docker-compose up in a directory containing our docker-compose.yml file. Soon after you'll have a working kappa instance set up to use a local couch instance (falling back to the public registry) on 0.0.0.0:8000.
$ npm install -g kappa
$ kappa -c config.json
If you choose to install locally, running kappa is as easy as
$ npm init
$ npm install --save kappa
# add start script to package.json:
# "scripts": {
# "start": "kappa -c config.json",
# }
$ npm start
You can then put those artifacts (config.json and package.json) under source control for simple deployments later:
$ git clone git@github.com:me/myregistry.git
$ cd myregistry
$ npm install
$ npm start
kappa plugin currently supports the following parameters
vhost - the virtual host associated with the kappa server, e.g. 'npm.mydomain.com'paths (optional) - any ordered array of npm repositories to use, e.g. Defaults to ['http://localhost:5984/registry/_design/app/_rewrite/', 'https://registry.npmjs.org/']rewriteTarballs (optional) - When true rewrites the tarball URL in packages to download each resource via kappa. When false, tarball URLs
are left untouched, allowing the client to download package tarballs directly from the registry that fulfilled the package request. Defaults to true.For read operations (GET, HEAD, etc) the proxy will first attempt to fetch the module from the first registry. If the requested module is not found it continues to the next registry, and so on.
For write operations the proxy will only attempt to write to the FIRST registry. All auth occurs with the first registry as well.
npm install fail after a couple of minutes with: npm ERR! shasum check failed for ...This is likely a result of the download exceeding node's default socket idle timeout. The best way to address this is by disabling the socket timeout for your server in the manifest.
{
"host": "localhost",
"port": 8000,
"options": {
"timeout": {
"socket": false
}
}
}
FAQs
A hierarchical npm-registry proxy to make private registries easier. (Based on npm-delegate by @jden)
The npm package kappa receives a total of 22 weekly downloads. As such, kappa popularity was classified as not popular.
We found that kappa demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.