注册表

JavaScript 包注册表

选择 CLI 版本:

描述

Description

为了按名称和版本解析包,npm 与实现 CommonJS 包注册表规范的注册表网站进行对话,以读取包信息。

To resolve packages by name and version, npm talks to a registry website that implements the CommonJS Package Registry specification for reading package info.

默认情况下,npm 配置为使用 https://registry.npmjs.org 处的 npm 公共注册表。使用 npm 公共注册表须遵守 https://npm.nodejs.cn/policies/terms 提供的使用条款。

npm is configured to use the npm public registry at https://registry.npmjs.org by default. Use of the npm public registry is subject to terms of use available at https://npm.nodejs.cn/policies/terms.

你可以将 npm 配置为使用你喜欢的任何兼容注册表,甚至可以运行你自己的注册表。使用他人的注册表可能受其使用条款的约束。

You can configure npm to use any compatible registry you like, and even run your own registry. Use of someone else's registry may be governed by their terms of use.

npm 的包注册表实现也支持多个写入 API,以允许发布包和管理用户账户信息。

npm's package registry implementation supports several write APIs as well, to allow for publishing packages and managing user account information.

npm 公共注册表由 CouchDB 数据库提供支持,其中 https://skimdb.npmjs.com/registry 有一个公共镜像。

The npm public registry is powered by a CouchDB database, of which there is a public mirror at https://skimdb.npmjs.com/registry.

使用的注册表 URL 由包的范围决定(参见 scope。如果未指定范围,则使用由 registry 配置 参数提供的默认注册表。有关管理 npm 配置的更多信息,请参阅 npm confignpmrcconfig。身份验证配置(例如身份验证令牌和证书)专门针对单个注册表进行配置。见 认证相关的配置

The registry URL used is determined by the scope of the package (see scope. If no scope is specified, the default registry is used, which is supplied by the registry config parameter. See npm config, npmrc, and config for more on managing npm's configuration. Authentication configuration such as auth tokens and certificates are configured specifically scoped to an individual registry. See Auth Related Configuration

当默认注册表用于 package-lock 或 shrinkwrap 时,它具有 "当前配置的注册表" 的特殊含义。如果你在使用默认注册表时创建锁定文件,你可以切换到另一个注册表,并且 npm 将从新注册表安装包,但如果你在使用自定义注册表时创建锁定文件,即使你更改后也会从该注册表安装包到另一个注册表。

When the default registry is used in a package-lock or shrinkwrap it has the special meaning of "the currently configured registry". If you create a lock file while using the default registry you can switch to another registry and npm will install packages from the new registry, but if you create a lock file while using a custom registry packages will be installed from that registry even after you change to another registry.

npm 是否会将有关我的任何信息发送回注册表?

Does npm send any information about me back to the registry?

是的。

Yes.

当向注册表触发请求时,npm 会添加两个标头,其中包含有关你的环境的信息:

When making requests of the registry npm adds two headers with information about your environment:

  • Npm-Scope - 如果你的项目有范围,则此标头将包含其范围。未来 npm 希望构建使用此信息的注册表功能,以允许你为你的组织定制你的体验。

    Npm-Scope – If your project is scoped, this header will contain its scope. In the future npm hopes to build registry features that use this information to allow you to customize your experience for your organization.

  • Npm-In-CI - 如果 npm 认为此安装正在持续集成环境中运行,则设置为 "true",否则设置为 "false"。这是通过查找以下环境变量来检测的:CI, TDDIUM, JENKINS_URL, bamboo.buildKey.如果你想了解更多信息,你可能会发现 原始 PR 很有趣。这用于收集关于人类如何使用 npm 而不是构建农场的更好指标。

    Npm-In-CI – Set to "true" if npm believes this install is running in a continuous integration environment, "false" otherwise. This is detected by looking for the following environment variables: CI, TDDIUM, JENKINS_URL, bamboo.buildKey. If you'd like to learn more you may find the original PR interesting. This is used to gather better metrics on how npm is used by humans, versus build farms.

npm 注册表不会尝试将这些标头中的信息与可能在相同请求中使用的任何经过身份验证的账户相关联。

The npm registry does not try to correlate the information in these headers with any authenticated accounts that may be used in the same requests.

如何防止我的包被发布到官方注册表

How can I prevent my package from being published in the official registry?

在你的 package.json 中设置 "private": true 以防止它被发布,或 "publishConfig":{"registry":"http://my-internal-registry.local"} 以强制它仅发布到你的内部/私有注册表。

Set "private": true in your package.json to prevent it from being published at all, or "publishConfig":{"registry":"http://my-internal-registry.local"} to force it to be published only to your internal/private registry.

有关 package.json 文件中内容的更多信息,请参阅 package.json

See package.json for more info on what goes in the package.json file.

我在哪里可以找到我(和其他人)发布的包?

Where can I find my (and others') published packages?

https://www.npmjs.com/

也可以看看

See also

npm 中文网 - 粤ICP备13048890号