My company is looking into hosting our own private registry using Verdaccio, Artifactory, Nexus, or similar. One of our great fears is that someone other than the release bot will accidentally publish the package to the public npm registry. We do have some open source packages that are published to the public registry so it is somewhat of a concern. Is this realistically a non-issue, or is it something we should take steps to guard ourselves against?
Submitted June 06, 2019 at 03:57PM by j_schmotzenberg
No comments:
Post a Comment