Upstreams

Linked registries allowing for secure and extended flow of packages

Upstreams are linked registries that are used both as a source and destination for packages in your private registries. As such upstreams are used when the Bytesafe registry is unable to fulfill a request for a specific package version or to push package versions from the registry to other destination registries.

Upstreams empower your private registry to be able to store both private and public packages together and enable secure management of your package dependencies.

In Bytesafe upstreams can be any of the following:

  • Public npm registry (registry.npmjs.org)
  • Other Bytesafe registry
  • Git repository
  • URL to any npm compatible registry

Additionally a registry can be configured without an upstream, thus removing the connection to other registries.


Example: Use case where Bytesafe registry is used as a proxy registry and the public npm registry is configured as an upstream.

graph TD
  A(fab:fa-npm registry.npmjs.org) --- | pull / push | B{Bytesafe registry} --- | install / publish | C[fa:fa-user Project workspace]
  • Users in the project workspace interact with Bytesafe registry (e.g. npm install / publish).
  • Bytesafe handles the interaction with registry.npmjs.org.
  • Requests for package versions that are not available in Bytesafe registry, will be requested from registry.npmjs.org and the package version downloaded will be cached in Bytesafe.

How upstreams work

What happens when you pull a package with / without configured upstreams

Configuring upstreams

Adding and configuring upstreams for a registry

Git repository upstreams

Connecting private and public Git repositories to Bytesafe