Immutable versions policy

Disallows existing versions of a package to be overwritten by publish/push/pull

Bytesafe by default allows versions to be overwritten, unlike the public npm registry. This enables patching of public packages or fixing errors found in QA before release.

Immutable versions is for situations where you want to restrict this functionality. With this policy enabled, attempts to republish (or otherwise overwrite a version) a package will fail with a warning.

Use cases

Registries used for releases

Registries where each update should be forced to also step version number should have immutable versions policy enabled.

Registries used as integration points between teams

Remove the possibility of different teams publishing the same package versions (accidently overwriting it).