Context

Let's say you managed to set up a private verdaccio npm registry.

Previously you were publishing (scoped) packages on npmjs.com (that required authentication).

Of course you didn't republish all the old packages to your new verdaccio installation.

Verdaccio authenticated uplinks

Verdaccio has the concept of uplinks, that can also be authenticated via a Token.

To use your new verdaccio registry and fallback to npmjs.com registry, you can achieve that with the follow configuration in your ~/.config/verdaccio/config.yaml:

uplinks:
  npmjs:
    url: https://registry.npmjs.org/
    auth:
      type: bearer
      token: "YOUR_NPM_TOKEN"

This way, packages and package versions that do not exist on your new verdaccio instance, are being proxied over from npm!

Additionally, this means that you can now use verdaccio as the only registry in your .npmrc!


logo from https://verdaccio.org/docs/en/logo