Skip to content
Browse files

[docs] Updates from @indexzero

  • Loading branch information...
1 parent 2547c2f commit b8147a2fff48ee36e0ed1e35702ca20b5cc2b900 @julianduque julianduque committed
Showing with 33 additions and 13 deletions.
  1. +17 −2 content/npm/faq.md
  2. +15 −8 content/npm/index.md
  3. +1 −3 content/npm/web.md
View
19 content/npm/faq.md
@@ -1,4 +1,4 @@
-# Private npm FAQ
+# Hosted private npm FAQ
### Will my private registry stay up If the public registry goes down?
Yes, it will remain online and you will be able to use `npm` without problems.
@@ -7,7 +7,13 @@ Yes, it will remain online and you will be able to use `npm` without problems.
Only the team members defined in the Web Interface can access your registry.
### How can I make sure I don't accidentally publih to the public registry?
-You can use the `publishConfig` property in your `package.json`:
+We recommend that you set the default to private npm registry. This removes even the slightest chance that your private code could get published publicly accidentally.
+
+```
+npm config set https://{your-subdomain}.registry.nodejitsu.com
+```
+
+Alternatively, if you're feeling bold: you can use the `publishConfig` property in your `package.json`:
For example:
@@ -17,6 +23,15 @@ For example:
}
```
+The `publishConfig` in your package.json does the following (from the [npm documentation](https://github.com/isaacs/npm/blob/master/doc/files/package.json.md#publishconfig)):
+
+> This is a set of config values that will be used at publish-time. It's especially
+> handy if you want to set the tag or registry, so that you can ensure that a given
+> package is not tagged with "latest" or published to the global public registry by default.
+>
+> Any config values can be overridden, but of course only "tag" and "registry" probably
+> matter for the purposes of publishing.
+
### What happens if I need to change my password on the public npm registry?
Nothing! As long as your `.npmrc` is kept up to date the use of your private npm
will be as seamless as the public registry!
View
23 content/npm/index.md
@@ -19,10 +19,11 @@ Why do you need to do these things?
```
npm config set always-auth true
```
-* _Don't be strict about SSL:_ Isaac Schlueter runs his own CA for `registry.npmjs.org` which we are in the process of getting setup for `nodejitsu.com`. In the meantime however, we are using a wildcard certificate (e.g. `*.registry.nodejitsu.com`) which causes spurriour SSL warnings unless you set:
+* _Don't be strict about SSL:_ We do not use the same Certificate Authority (CA) as is used by https://registry.npmjs.org. This should be resolved in the next few weeks (before March 2013). In the meantime however, we are using a wildcard certificate (e.g. `*.registry.nodejitsu.com`) which causes spurriour SSL warnings unless you set:
```
npm config set strict-ssl false
```
+This certificate is issued by [Comodo](http://www.comodo.com/) and serves https://www.nodejitsu.com
### 2. Start making requests against your private npm
@@ -37,7 +38,13 @@ Requests can be made against your private npm in two ways:
npm info your-private-module --reg http://your-subdomain.registry.nodejitsu.com
```
-**We recommend that you use the `--reg` flag when necessary combined with the `publishConfig` in your package.json.**
+**We recommend that **you set the registry for all requests** to avoid any accidental publishes of private modules to the public registry. Since all new publishes go by default to your private npm registry when you need **to publish a new public npm package** you can explicitly set the `--reg` flag:
+
+```
+ cd /my/new/public/package
+ npm init
+ npm publish --reg https://registry.npmjs.org
+```
### 3. Login to the web interface
@@ -51,12 +58,12 @@ More information available at the [Web Interface Documentation](web)
The `publishConfig` in your package.json does the following (from the [npm documentation](https://github.com/isaacs/npm/blob/master/doc/files/package.json.md#publishconfig)):
-> This is a set of config values that will be used at publish-time. It's especially handy if you want to set the
-> tag or registry, so that you can ensure that a given package is not tagged with "latest" or published to the
-> global public registry by default.
+> This is a set of config values that will be used at publish-time. It's especially
+> handy if you want to set the tag or registry, so that you can ensure that a given
+> package is not tagged with "latest" or published to the global public registry by default.
>
-> Any config values can be overridden, but of course only "tag" and "registry" probably matter for the purposes
-> of publishing.
+> Any config values can be overridden, but of course only "tag" and "registry" probably
+> matter for the purposes of publishing.
For example:
@@ -69,4 +76,4 @@ For example:
The benefits of using `publishConfig` is that it avoids accidental publishes to the public registry due to user error. Take for example a developer on your team who has not properly configured their machine by running `npm config set registry` or using the `--reg` flag. _That command would send your code public._ By using the `publishConfig` property you avoid that because it is part of your application.
-[meta:title]: <> (Private npm)
+[meta:title]: <> (Hosted private npm)
View
4 content/npm/web.md
@@ -1,4 +1,4 @@
-# Web Interface
+# Hosted private npm Web Interface
You can login to your Web Interface in `http://your-subdomain.npm.nodejitsu.com` with your `npm` credentials.
@@ -24,7 +24,6 @@ All the packages maintained by your team members.
## Team Members
-
### Add member
Just write down the public npm username and click on `Add member`.
@@ -36,5 +35,4 @@ To remove a user from your team, click on the `(x)` button right their username.
![List members](screenshots/members.png)
-
[meta:title]: <> (Web Interface)

0 comments on commit b8147a2

Please sign in to comment.
Something went wrong with that request. Please try again.