Five Ways of Taking Advantage of Verdaccio, Your Private and Proxy Node.js Registry

This ad is not shown to multipass and full ticket holders
React Advanced
React Advanced 2026
October 23 - 26, 2026
London, UK & Online
Upcoming event
React Advanced 2026
React Advanced 2026
October 23 - 26, 2026. London, UK & Online
Bookmark
SlidesGithubProject website
Rate this content
Sentry
Promoted
Code breaks, fix it faster

Crashes, slowdowns, regressions in prod. Seer by Sentry unifies traces, replays, errors, profiles to find root causes fast.

Get started

Verdaccio is an open-source lightweight private proxy registry made in JavaScript with an entirely optional configuration that allows you to publish Node.js private packages and proxy from other remote registries. In this talk, you will learn five ways to take advantage of Verdaccio to improve your workflows and productivity.


You can check the slides for Juan's talk here.

This talk has been presented at Node Congress 2022, check out the latest edition of this JavaScript Conference.

FAQ

Verdash is a lightweight, proxy private Node.js registry that allows you to host and publish private Node.js packages. It acts as a middle-man between remote registries and a local cache, enhancing package management and access speed.

To install Verdash, you need to install the global package globally. After installation, you simply run the command 'Verdash' to start the registry, which includes a user interface for browsing both private and public package dependencies.

In personal development, Verdash can be used to publish packages locally. This is particularly useful in npm workspaces where you can publish several packages simultaneously using workspace-specific commands.

A 409 error occurs if you attempt to publish a private package with a version that already exists on an upstream registry. To bypass this, you can add a suffix to your version number, ensuring your version remains unique and avoids conflicts.

Yes, Verdash can be configured to proxy multiple registries simultaneously. This allows it to fetch packages from both private and public sources, providing greater flexibility in package management.

Verdash adds a layer of security by allowing private registries to be set up with scoped packages, reducing risks of namespace conflicts with public packages. Recent updates have introduced rate limiting to protect against denial-of-service attacks.

Contributors can engage with Verdash by fixing bugs, adding features, or improving documentation. The project welcomes contributions of all forms, whether coding in Node.js or React, writing documentation, or assisting with translations.

Verdash enhances project productivity by caching dependencies in a CI/CD pipeline, preventing repeated downloads from public outages and speeding up builds. It supports configuration adjustments to manage cache duration and failure thresholds.

Juan Picado
Juan Picado
32 min
18 Feb, 2022

Comments

Sign in or register to post your comment.
Video Summary and Transcription
The video discusses Verdash, a lightweight and proxy private Node.js registry that enhances package management by hosting and publishing private packages. It highlights the benefits of using Verdash in personal development, particularly with npm workspaces, where multiple packages can be published simultaneously. The video emphasizes the importance of configuring Verdash for an offline environment by disabling the proxy property, ensuring a smoother experience without remote registry dependencies. Verdash's capability to handle multiple registry proxies simultaneously is also explored, allowing developers to fetch packages from various sources, which is crucial in a continuous integration environment. The video addresses security in package management by suggesting the use of scoped packages to avoid conflicts and introducing rate limiting to prevent denial-of-service attacks. The talk also covers how Verdash can be used to fix broken packages in GitHub projects using GitHub Actions, demonstrating its utility in maintaining project integrity.

1. Introduction to Verdash

Short description:

Hi, I'm Juan Picado. I will show you five ways to use Verdash for a private and proxy Node.js Registry. Verdash is a lightweight and proxy private Node.js registry that allows you to host and publish private packages. Install Verdash globally, run the command, and you have a registry with a user interface to browse private and public packages and dependencies. Let's start with the first way.

Hi, thanks for joining my talk. My name is Juan Picado. I'm here to show you five ways of taking advantage of Verdash to private and proxy Node.js Registry. So, let's begin.

First of all, something about me. My name is Juan Picado. I'm senior frontend engineer at Mobility Dare, it's a brand of Ativinta. I'm based in Berlin. And also I spent part of my time and doing Open Source, mostly maintaining the Verdash project. So, which if you don't know it, you will know more in the next 20 minutes and hopefully you like it.

So, let's get started. So, we are Node.js developers and also JavaScript developers. So, I can imagine you have already published a package and you haven't done this yet. Then you will enjoy this talk because it's very, very straightforward to do it locally.

So, Verdash is a lightweight and proxy private Node.js registry, which entirely optional configuration, which does allow you just to host and publish private Node.js packages. And it's compatible with any package manager. So, this diagram here describes a simple road trip of a request where the private registry is always in the middle between the remote, which can be one or more. And then you have a local cache. And this local cache really benefits. I want to show you how to use it in your project.

So, first of all, you need to install Verdash. And for that, you need to install the global package globally. And that's it. So, just that simple, you don't need to do anything, just getting started. Then the next thing you have to do, is just run command Verdash. Yeah, that's all. So, you have a registry which is running with a user interface to browse, not only private packages, but also dependencies, even if they are public ones. Because Verdash, we don't load any package request via package manager or user interface. To help you to understand I have prepared five basic ways, and how Verdash can be really useful to any JavaScript developers nowadays.

So, let's start with the first one.

2. Publishing a Package with npm Workspaces

Short description:

Which is personal development. We are going to publish a package using npm workspaces. The project structure consists of 5 modules, with one module referencing others. Login to Verdash using the 'login' command and specify the registry URL if needed. Publish the package using 'slack workspaces'. The packages can be viewed on the user interface, along with their dependencies.

Which is personal development. So, we are going to publish a package. For this example, I have an npm workspaces, which is pretty simple and we will see now. And the idea is to publish some packages.

So, first of all let me show you the structure of the project, which is not much. Just 5 modules. And one of them, this is the configuration for npm workspaces, and one of them it has reference to others inside. We will see why I am doing this when we publish and I showed you on the itself.

So the first thing you have to do is run Verdash. And if you want to publish you need to login. For that you can use the command login. And if you want to point to another registry then use the flag registry and the ul of the registry. In this case localhost 4873, which is the default port of Verdash. You login and then if you don't have any user just use anything you want. The password and the email is not important because Verdash does not use it. And then you are login. You can see the server is reacting to any command you are typing. This is because the package manager is big with the registry API.

So now let's publish a package. And if you have used workspaces in npm you can publish several packages at the same time just using these slack workspaces. And this is what we are going to do and just happen. Yes we did it. So we have packages on the registry. So let's actually see how these packages look like on the registry. And this is the user interface. You can switch between dark mode. And here we have the five packages. Awesome. And these are the dependencies I showed you before. So you can just navigate through them and see who has the dependencies of whom.

QnA

Check out more articles and videos

We constantly think of articles and videos that might spark Git people interest / skill us up or help building a stellar career

It's a Jungle Out There: What's Really Going on Inside Your Node_Modules Folder
Node Congress 2022Node Congress 2022
26 min
It's a Jungle Out There: What's Really Going on Inside Your Node_Modules Folder
Top Content
The talk discusses the importance of supply chain security in the open source ecosystem, highlighting the risks of relying on open source code without proper code review. It explores the trend of supply chain attacks and the need for a new approach to detect and block malicious dependencies. The talk also introduces Socket, a tool that assesses the security of packages and provides automation and analysis to protect against malware and supply chain attacks. It emphasizes the need to prioritize security in software development and offers insights into potential solutions such as realms and Deno's command line flags.
ESM Loaders: Enhancing Module Loading in Node.js
JSNation 2023JSNation 2023
22 min
ESM Loaders: Enhancing Module Loading in Node.js
Top Content
ESM Loaders enhance module loading in Node.js by resolving URLs and reading files from the disk. Module loaders can override modules and change how they are found. Enhancing the loading phase involves loading directly from HTTP and loading TypeScript code without building it. The loader in the module URL handles URL resolution and uses fetch to fetch the source code. Loaders can be chained together to load from different sources, transform source code, and resolve URLs differently. The future of module loading enhancements is promising and simple to use.
The State of Node.js 2025
JSNation 2025JSNation 2025
30 min
The State of Node.js 2025
Top Content
The speaker covers a wide range of topics related to Node.js, including its resilience, popularity, and significance in the tech ecosystem. They discuss Node.js version support, organization activity, development updates, enhancements, and security updates. Node.js relies heavily on volunteers for governance and contribution. The speaker introduces an application server for Node.js enabling PHP integration. Insights are shared on Node.js downloads, infrastructure challenges, software maintenance, and the importance of update schedules for security.
Towards a Standard Library for JavaScript Runtimes
Node Congress 2022Node Congress 2022
34 min
Towards a Standard Library for JavaScript Runtimes
Top Content
There is a need for a standard library of APIs for JavaScript runtimes, as there are currently multiple ways to perform fundamental tasks like base64 encoding. JavaScript runtimes have historically lacked a standard library, causing friction and difficulty for developers. The idea of a small core has both benefits and drawbacks, with some runtimes abusing it to limit innovation. There is a misalignment between Node and web browsers in terms of functionality and API standards. The proposal is to involve browser developers in conversations about API standardization and to create a common standard library for JavaScript runtimes.
Out of the Box Node.js Diagnostics
Node Congress 2022Node Congress 2022
34 min
Out of the Box Node.js Diagnostics
This talk covers various techniques for getting diagnostics information out of Node.js, including debugging with environment variables, handling warnings and deprecations, tracing uncaught exceptions and process exit, using the v8 inspector and dev tools, and generating diagnostic reports. The speaker also mentions areas for improvement in Node.js diagnostics and provides resources for learning and contributing. Additionally, the responsibilities of the Technical Steering Committee in the TS community are discussed.
Node.js Compatibility in Deno
Node Congress 2022Node Congress 2022
34 min
Node.js Compatibility in Deno
Deno aims to provide Node.js compatibility to make migration smoother and easier. While Deno can run apps and libraries offered for Node.js, not all are supported yet. There are trade-offs to consider, such as incompatible APIs and a less ideal developer experience. Deno is working on improving compatibility and the transition process. Efforts include porting Node.js modules, exploring a superset approach, and transparent package installation from npm.

Workshops on related topic

Building a RAG System in Node.js: Vector Databases, Embeddings & Chunking
Node Congress 2025Node Congress 2025
98 min
Building a RAG System in Node.js: Vector Databases, Embeddings & Chunking
Featured Workshop
Alex Korzhikov
Pavlik Kiselev
2 authors
Large Language Models (LLMs) are powerful, but they often lack real-time knowledge. Retrieval-Augmented Generation (RAG) bridges this gap by fetching relevant information from external sources before generating responses. In this workshop, we’ll explore how to build an efficient RAG pipeline in Node.js using RSS feeds as a data source. We’ll compare different vector databases (FAISS, pgvector, Elasticsearch), embedding methods, and testing strategies. We’ll also cover the crucial role of chunking—splitting and structuring data effectively for better retrieval performance.Prerequisites- Good understanding of JavaScript or TypeScript- Experience with Node.js and API development- Basic knowledge of databases and LLMs is helpful but not required
Agenda📢 Introduction to RAG💻 Demo - Example Application (RAG with RSS Feeds)📕 Vector Databases (FAISS, pgvector, Elasticsearch) & Embeddings🛠️ Chunking Strategies for Better Retrieval🔬 Testing & Evaluating RAG Pipelines (Precision, Recall, Performance)🏊‍♀️ Performance & Optimization Considerations🥟 Summary & Q&A
Build a MCP (Model Context Protocol) in Node.js
JSNation US 2025JSNation US 2025
97 min
Build a MCP (Model Context Protocol) in Node.js
Featured Workshop
Julián Duque
Julián Duque
Model Context Protocol (MCP) introduces a structured approach to LLM context management that addresses limitations in traditional prompting methods. In this workshop, you'll learn about the Model Context Protocol, its architecture, and how to build and use and MCP with Node.jsTable of Contents:What Is the Model Context Protocol?Types of MCPs (Stdio, SSE, HTTP Streaming)Understanding Tools, Resources, and PromptsBuilding an MCP with the Official TypeScript SDK in Node.jsDeploying the MCP to the Cloud (Heroku)Integrating the MCP with Your Favorite AI Tool (Claude Desktop, Cursor, Windsurf, VS Code Copilot)Security Considerations and Best Practices
Node.js Masterclass
Node Congress 2023Node Congress 2023
109 min
Node.js Masterclass
Top Content
Workshop
Matteo Collina
Matteo Collina
Have you ever struggled with designing and structuring your Node.js applications? Building applications that are well organised, testable and extendable is not always easy. It can often turn out to be a lot more complicated than you expect it to be. In this live event Matteo will show you how he builds Node.js applications from scratch. You’ll learn how he approaches application design, and the philosophies that he applies to create modular, maintainable and effective applications.

Level: intermediate
Build and Deploy a Backend With Fastify & Platformatic
JSNation 2023JSNation 2023
104 min
Build and Deploy a Backend With Fastify & Platformatic
Top Content
WorkshopFree
Matteo Collina
Matteo Collina
Platformatic allows you to rapidly develop GraphQL and REST APIs with minimal effort. The best part is that it also allows you to unleash the full potential of Node.js and Fastify whenever you need to. You can fully customise a Platformatic application by writing your own additional features and plugins. In the workshop, we’ll cover both our Open Source modules and our Cloud offering:- Platformatic OSS (open-source software) — Tools and libraries for rapidly building robust applications with Node.js (https://oss.platformatic.dev/).- Platformatic Cloud (currently in beta) — Our hosting platform that includes features such as preview apps, built-in metrics and integration with your Git flow (https://platformatic.dev/). 
In this workshop you'll learn how to develop APIs with Fastify and deploy them to the Platformatic Cloud.
Building a Hyper Fast Web Server with Deno
JSNation Live 2021JSNation Live 2021
156 min
Building a Hyper Fast Web Server with Deno
Top Content
Workshop
Matt Landers
Will Johnston
2 authors
Deno 1.9 introduced a new web server API that takes advantage of Hyper, a fast and correct HTTP implementation for Rust. Using this API instead of the std/http implementation increases performance and provides support for HTTP2. In this workshop, learn how to create a web server utilizing Hyper under the hood and boost the performance for your web apps.
0 to Auth in an Hour Using NodeJS SDK
Node Congress 2023Node Congress 2023
63 min
0 to Auth in an Hour Using NodeJS SDK
WorkshopFree
Asaf Shen
Asaf Shen
Passwordless authentication may seem complex, but it is simple to add it to any app using the right tool.
We will enhance a full-stack JS application (Node.JS backend + React frontend) to authenticate users with OAuth (social login) and One Time Passwords (email), including:- User authentication - Managing user interactions, returning session / refresh JWTs- Session management and validation - Storing the session for subsequent client requests, validating / refreshing sessions
At the end of the workshop, we will also touch on another approach to code authentication using frontend Descope Flows (drag-and-drop workflows), while keeping only session validation in the backend. With this, we will also show how easy it is to enable biometrics and other passwordless authentication methods.
Table of contents- A quick intro to core authentication concepts- Coding- Why passwordless matters
Prerequisites- IDE for your choice- Node 18 or higher