verdaccio
sinopia是一个用来做npm的registry的私有+缓存镜像的开源组件,但是这个项目现在已经不在维护了,需要移步到verdaccio这个fork,使用方法很简单:
git clone git@github.com:verdaccio/verdaccio.git && cd verdaccionpm i --production-
./bin/sinopia启动 npm set registry http://localhost:4873/ && npm set ca null
有3种场景是我们需要verdaccio来解决的:
- 团队自己的私有npm registry,这个非常重要,可以把工程有效拆分成多个项目,而又不至于提高开发时的复杂度,相比
npmjs.com的private repository,还是自己的好 - 缓存
npmjs.org。多台服务器每次更新都要从官方走一遍,太痛苦了,找一台服务器来干缓存,内网速度和效率妥妥第一位 - 替换公开的
npm package。这个在使用Koajs v2.0版本时很常见,比如对koa-views,直接把其修改成支持koa@next的,然后加个版本号,publish到自己的npm registry上,其他人直接安装最高版本的koa-views即可。
使用淘宝的npm镜像进一步加速
#
# This is the default config file. It allows all users to do anything,
# so don't use it on production systems.
#
# Look here for more config file examples:
# 更多的配置项,看这里:
# https://github.com/rlidwka/sinopia/tree/master/conf
#
# 建议在安全上多做考虑,因为这个registry在开发环境和生产环境我们都是需要的
listen: 0.0.0.0:4873
# path to a directory with all packages
storage: /srv/sinopia_storage
# a list of other known repositories we can talk to
# 使用淘宝的cnpmjs镜像,加速
uplinks:
npmjs:
url: https://registry.npm.taobao.org/
# 识别@dmc/xxxx这样的package为Private的,其他的@xx/yyy都会到upstream去获取
packages:
'@dmc/*':
# scoped packages
access: $all
publish: $authenticated
'*':
# allow all users (including non-authenticated users) to read and
# publish all packages
#
# you can specify usernames/groupnames (depending on your auth plugin)
# and three keywords: "$all", "$anonymous", "$authenticated"
access: $all
# allow all known users to publish packages
# (anyone can register by default, remember?)
publish: $authenticated
# if package is not available locally, proxy requests to 'npmjs' registry
proxy: npmjs
# log settings
logs:
- {type: stdout, format: pretty, level: http}
#- {type: file, path: sinopia.log, level: info}
网友评论