2021-07-11 08:42:56 -05:00
---
id: what-is-verdaccio
2022-12-25 12:48:18 -05:00
title: 'What is Verdaccio?'
2021-07-11 08:42:56 -05:00
---
Verdaccio is a **lightweight private npm proxy registry** built in **Node.js**
2022-08-24 10:59:08 -05:00
Using a private npm registry like Verdaccio is one of the [Top 10 NPM Security Best Practices ](https://cheatsheetseries.owasp.org/cheatsheets/NPM_Security_Cheat_Sheet.html#6-use-a-local-npm-proxy )
recommended by the Open Web Application Security Project ([OWASP](https://owasp.org/)).
2022-08-22 13:31:59 -05:00
< iframe width = "560" height = "515" src = "https://www.youtube.com/embed/qRMucS3i3kQ" title = "YouTube video player" frameborder = "0" allow = "accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen > < / iframe >
2021-07-11 08:42:56 -05:00
2021-07-27 14:52:49 -05:00
## What's a registry? {#whats-a-registry}
2021-07-11 08:42:56 -05:00
2022-12-25 12:48:18 -05:00
- A registry is a repository for packages, that implements the **CommonJS Compliant Package Registry specification** for reading package's information.
- Provide a compatible API with npm clients ** (yarn/npm/pnpm)**.
- Semantic Versioning compatible ** (semver)**.
2021-07-11 08:42:56 -05:00
2021-07-27 14:52:49 -05:00
```bash
2021-07-11 08:42:56 -05:00
$> verdaccio
```
2021-07-27 14:52:49 -05:00
![registry ](/img/verdaccio_server.gif )
2021-07-11 08:42:56 -05:00
2021-07-27 14:52:49 -05:00
## Using Verdaccio {#using-verdaccio}
2021-07-11 08:42:56 -05:00
Using Verdaccio with any Node.js package manager client is quite straightforward.
2021-07-27 14:52:49 -05:00
![registry ](/img/npm_install.gif )
2021-07-11 08:42:56 -05:00
You can use a custom registry either by setting it globally for all your projects
2021-07-27 14:52:49 -05:00
```bash
2021-07-11 08:42:56 -05:00
npm set registry http://localhost:4873
```
or by using it in command line as an argument `--registry` in npm (slightly different in yarn)
2021-07-27 14:52:49 -05:00
```bash
2021-07-11 08:42:56 -05:00
npm install lodash --registry http://localhost:4873
```
2021-07-27 14:52:49 -05:00
```bash
2021-07-11 08:42:56 -05:00
yarn config set registry http://localhost:4873
```
2021-11-05 12:14:13 -05:00
To have a more detailed explanation, I invite you to watch the full explanation **Angular Library: How To Use a Library in a poly-repo Using Verdaccio** by [_Fanis Prodromou_ ](https://twitter.com/prodromouf ) on his [YouTube channel ](https://www.youtube.com/channel/UCgJAoZCYx1Dk3iGPHSIgV1A ).
< iframe width = "560" height = "515" src = "https://www.youtube.com/embed/tSIC3wna_d0?enablejsapi=1" frameborder = "0" allow = "accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen > < / iframe >
2021-07-27 14:52:49 -05:00
## Private {#private}
2021-07-11 08:42:56 -05:00
All packages that you publish are private and only accessible based in your configuration.
2021-07-27 14:52:49 -05:00
## Proxy {#proxy}
2021-07-11 08:42:56 -05:00
Verdaccio cache all dependencies on demand and speed up installations in local or private networks.
2021-07-27 14:52:49 -05:00
## In a Nutshell {#in-a-nutshell}
2021-07-11 08:42:56 -05:00
2022-12-25 12:48:18 -05:00
- It's a web app based on Node.js
- It's a private npm registry
- It's a local network proxy
- It's a Pluggable application
- It's fairly easy to install and to use
- We offer Docker and Kubernetes support
- It is 100% compatible with yarn, npm and pnpm
- Verdaccio means **A green color popular in late medieval Italy for fresco painting** .