registry-sync
Advanced tools
Synchronizes selected NPM packages from a remote NPM registry (such as https://registry.npmjs.org) to a local folder. The local copy can then be used as a simple private NPM registry without publishing capabilities. Pre-built native binaries bundled with node-pre-gyp are also included.
npm install -g registry-sync
registry-sync [options]
-h, --help output usage information
-V, --version output the version number
--root <path> Path to save NPM package tarballs and metadata to
--manifest <file> Path to a package-lock.json file to use as catalog for mirrored NPM packages
--localUrl <url> URL to use as root in stored package metadata (i.e. where folder defined as --root will be exposed at)
--binaryAbi <list> Comma-separated list of node C++ ABI numbers to download pre-built binaries for. See NODE_MODULE_VERSION column in https://nodejs.org/en/download/releases/
--binaryArch <list> Comma-separated list of CPU architectures to download pre-built binaries for. Valid values: arm, ia32, and x64
--binaryPlatform <list> Comma-separated list of OS platforms to download pre-built binaries for. Valid values: linux, darwin, win32, sunos, freebsd, openbsd, and aix
--registryUrl [url] Optional URL to use as NPM registry when fetching packages. Default value is https://registry.npmjs.org
--dontEnforceHttps Disable the default behavior of downloading tarballs over HTTPS (will use whichever protocol is defined in the registry metadata)
--includeDev Include also packages found from devDependencies section of the --manifest. Not included by default.
Example:
registry-sync --root ./local-registry --manifest ./package-lock.json --localUrl http://localhost:8000 --binaryAbi 48,57 --binaryArch x64 --binaryPlatform darwin,linux
Re-executing registry-sync will only download and update files for new package versions.
Configure a web server to use index.json as index file name instead of index.html.
Also configure HTTP 404 responses to have an application/json body of {}.
In some cases npm might not include all optional packages that are needed for all platforms to package-lock.json, depending on which OS you used to create the lockfile.
In this case it might be useful to copy the package.json that you want to synchronize as a local repository to somewhere else and create a new cross platform package-lock.json by running:
npm install --force --package-lock-only
After this you can pass the new lockfile to registry-sync.
See releases.
Pull requests are welcome. Kindly check that your code passes ESLint checks by running npm run eslint first.
Integration tests can be run with npm test. Both are anyway run automatically by Travis CI.
FAQs
synchronize a remote npm registry for private use
The npm package registry-sync receives a total of 39 weekly downloads. As such, registry-sync popularity was classified as not popular.
We found that registry-sync demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.