The JFrog Artifactory integration with npm allows you to manage npm collections in Artifactory. npm is the world's largest software registry and the default package manager for the JavaScript runtime environment Node.js. Developers use npm to discover, share, and manage reusable code packages, known as packages or modules. You can use npm with Artifactory to simplify the development workflow by centrally handling the installation and management of project dependencies. For more information, see npm documentation.
Artifactory fully supports npm repositories, including the following capabilities:
Managing packages in Artifactory repositories using
npm,pnpm, or Yarn.Calculating metadata for packages stored in Artifactory local repositories.
Storing your internal and private npm packages securely in Local Repositories.
Accessing remote npm registries (such as https://registry.npmjs.org) through Remote Repositories, which provide proxy and caching functionality.
Aggregating multiple local and remote registries under a single URL using Virtual Repositories.
Validating remote npm repository data.
SHA512 support for npm packages.
Note
To learn more about how Artifactory secures npm packages, see What is npm
Read about the Shai-Hulud npm supply chain attack, how it compromised npm packages and how JFrog Artifactory protects your software from such vulnerabilities