Skip to content
This repository has been archived by the owner. It is now read-only.
Go to file


Build Status
NPM version

Based on [npm-delegate] ( by Jason Denizac, this module is a hapi plugin used to proxy npm to support private npm repos without replicating the entire public registry.

NOTE: The config.json described below is a Hapi Composer manifest that describes kappa as a plugin. See ./example/global/config.json or ./example/local/config.json for more information.


TL;DCO (too long; didn't check out)

Using docker-compose, just run docker-compose up in a directory containing our docker-compose.yml file. Soon after you'll have a working kappa instance set up to use a local couch instance (falling back to the public registry) on

Global Installation
$ npm install -g kappa
$ kappa -c config.json
Local Installation

If you choose to install locally, running kappa is as easy as

$ npm init
$ npm install --save kappa

# add start script to package.json:
#    "scripts": {
#        "start": "kappa -c config.json",
#    }

$ npm start

You can then put those artifacts (config.json and package.json) under source control for simple deployments later:

$ git clone
$ cd myregistry
$ npm install
$ npm start


kappa plugin currently supports the following parameters

  • vhost - the virtual host associated with the kappa server, e.g. ''
  • paths (optional) - any ordered array of npm repositories to use, e.g. Defaults to ['http://localhost:5984/registry/_design/app/_rewrite/', '']
  • rewriteTarballs (optional) - When true rewrites the tarball URL in packages to download each resource via kappa. When false, tarball URLs are left untouched, allowing the client to download package tarballs directly from the registry that fulfilled the package request. Defaults to true.

For read operations (GET, HEAD, etc) the proxy will first attempt to fetch the module from the first registry. If the requested module is not found it continues to the next registry, and so on.

For write operations the proxy will only attempt to write to the FIRST registry. All auth occurs with the first registry as well.


I'm seeing npm install fail after a couple of minutes with: npm ERR! shasum check failed for ...

This is likely a result of the download exceeding node's default socket idle timeout. The best way to address this is by disabling the socket timeout for your server in the manifest.

    "host": "localhost",
    "port": 8000,
    "options": {
        "timeout": {
            "socket": false


A hierarchical npm-registry proxy




No packages published
You can’t perform that action at this time.