0.0.0 • Public • Published


Node Package Hub also known as nph. It's based around a really simple but effective idea. The private packages that I want to have access to are already in Github and tagged with semver ranges. So we already got everything we need.

  1. A data storage layer for the private packages. It's Github.
  2. Semver ranges, we can apply this to git tags.
  3. Access to public packages, the public npm.
  4. Download stats, supported by the releases API.

If we combine this, we have everything we need to create a public/private npm proxy process in node and roll with that. This approach has a lot of benefits:

  1. Central management, if you have push access on GitHub you can publish if you have only read access, you can only deploy.
  2. Deleting releases is as easy as removing tags.
  3. Semver is optional you can tag everything you want.
  4. Overriding public packages. Create a fork of the package change code and you're done.
  5. npm will only be used for installation, everything else is done through git making you less dependent on npm.
  6. No longer dependent on npm, the transparent API supports multiple replica's of the registry.
  7. One simple requirement: node


To install the proxy simply run the following command on your CLI.

npm install --save nph



The nph.configure allows you to configure the whole proxy using one simple definition file.


The nph.register allows you to register a new npm account in your private npm server. If you supply it with an optional github account, it will use the privileges of the given GitHub account. The API accepts 3 arguments:

  1. The npm username that needs to get access.
  2. Object with the GitHub information and credentials. If it's missing it will default to the root token you passed in.
  3. Completion callback, we've validated the existence of both user names.
nph.register('V1', { github: '3rd-Eden', token: '' })
   .register('swaagie', { github: 'swaagie', token: '' });


Add a new private repository which will be used as source for the private npm package. The API accepts 2 arguments:

  1. A forward slash separated string where the first part is the GitHub username or Organisation and second part the name of the repository.
  2. Completion callback, we've validated all the things.


Now that you know how the whole API works, we can easily setup a proxy by running the following example:

'use strict';
var nph = require('nph').createServer({
  token: process.env.GITHUB_TOKEN
nph.listen(80, function listen(err) {



Package Sidebar


npm i nph

Weekly Downloads






Last publish


  • unshiftio