Linked registries allowing for secure and extended flow of packages

Upstreams are linked registries that are used both as a source and destination for packages in your private registries.

Upstreams are used when a Bytesafe registry is unable to fulfill a request for a specific package version directly or to push package versions from the registry to other destination registries.

With upstreams your private registry to be able to store both private and public packages together and enable secure management of your package dependencies.

In Bytesafe upstreams can be any of the following:

  • Public npm registry (
  • Other Bytesafe registry
  • Git repository
  • URL to any npm compatible registry

A registry can also be configured without an upstream, removing the connection to other registries.

Example: Use case where Bytesafe registry is used as a proxy registry and the public npm registry is configured as an upstream.

flowchart TD
  A(fab:fa-npm <--> | pull / push | B{Bytesafe registry} <--> | install / publish | C[fa:fa-user Project workspace]
  • Users in the project workspace interact with Bytesafe registry (e.g. npm install / publish).
  • Bytesafe handles the interaction with
  • Requests for package versions that are not available in Bytesafe registry, will be requested from and the package version downloaded will be cached in Bytesafe.

How upstreams work

What happens when you pull a package with / without configured upstreams

Configuring upstreams

Adding and configuring upstreams for a registry

Git repository upstreams

Connecting private and public Git repositories to Bytesafe