Freeze policy

Prevents any changes to the registry contents. The registry will be read-only.

The Freeze policy prevents any changes to the contents of a registry. All attempts to pull/push/publish/delete packages, tags and versions will be denied with a message that the registry is read-only.

This is a powerful way to makes sure that new packages and versions are ONLY introduced in a controlled manner.

Use cases

  • Control / Lock dependencies - Freeze registry to disallow automatic addition of package dependencies. Un-freeze to add approved packages when required.
  • Consistency - Make sure that QA / testing and releases are made using the exact versions intended, even across different projects and teams
  • Archive specific states - Enable freeze before archiving a registry to store the exact state of dependencies, enabling easy testing in the future.