I don't think there is an easy way to do this.

我认为没有简单的方法可以做到这一点。

A look at the npm documentationtells us, that it is possible:

一看故宫文献告诉我们，这是可能的：

Can I run my own private registry?

Yes!

The easiest way is to replicate the couch database, and use the same (or similar) design doc to implement the APIs.

If you set up continuous replication from the official CouchDB, and then set your internal CouchDB as the registry config, then you'll be able to read any published packages, in addition to your private ones, and by default will only publish internally. If you then want to publish a package for the whole world to see, you can simply override the --registryconfig for that command.

我可以运行自己的私有注册表吗？

是的！

最简单的方法是复制沙发数据库，​​并使用相同（或相似）的设计文档来实现 API。

如果您从官方 CouchDB 设置连续复制，然后将您的内部 CouchDB 设置为注册表配置，那么除了您的私有包之外，您还可以读取任何已发布的包，并且默认情况下只会在内部发布。如果您想发布一个包供全世界查看，您可以简单地覆盖该--registry命令的配置。

There's also an excellent tutorial on how to create a private npm repositoryin the clock blog.

在时钟博客中还有一个关于如何创建私有 npm 存储库的优秀教程。

EDIT (2017-02-26):

编辑（2017-02-26）：

Not really new, but there are now paid plansto host private packages on NPM.

不是很新，但现在有付费计划在 NPM 上托管私人包。

Over the years, NPM has become a factor for many non-Node.js companies, too, through the huge frontend ecosystem that's built upon NPM. If your company is already running Sonatype Nexusfor hosting Java projects internally, you can also use it for hosting internal NPM packages.

多年来，通过建立在 NPM 上的庞大前端生态系统，NPM 也已成为许多非 Node.js 公司的一个因素。如果您的公司已经在运行Sonatype Nexus来在内部托管 Java 项目，那么您也可以使用它来托管内部 NPM 包。

Other options include JFrog Artifactoryand Inedo ProGet, but I haven't used those.

其他选项包括JFrog Artifactory和Inedo ProGet，但我没有使用过这些。

https://github.com/isaacs/npmjs.org/: In npm version v1.0.26 you can specify private git repositories urls as a dependency in your package.json files. I have not used it but would love feedback. Here is what you need to do:

https://github.com/isaacs/npmjs.org/：在 npm 版本 v1.0.26 中，您可以在 package.json 文件中指定私有 git 存储库 URL 作为依赖项。我还没有使用它，但希望得到反馈。以下是您需要做的：

{
    "name": "my-app",
    "dependencies": {
        "private-repo": "git+ssh://[email protected]:my-app.git#v0.0.1",
    }
}

The following post talks about this: Debuggable: Private npm modules

以下帖子讨论了这一点：Debuggable: Private npm modules

There is an easy to use npm package to do this. https://www.npmjs.org/package/sinopia

有一个易于使用的 npm 包来做到这一点。 https://www.npmjs.org/package/sinopia

In a nutshell, Sinopia is a private/caching npm repository server that you can setup with zero configuration.

简而言之，Sinopia 是一个私有/缓存 npm 存储库服务器，您可以使用零配置进行设置。

Sinopia can be used to :

Sinopia 可用于：

• publish own private packages without exposing it to the public
• cache only public packages that are used (there is no need to have to replicate the whole public registery)
• override public packages with a modified version that have been produced internally.

• 发布自己的私有包而不将其公开给公众
• 仅缓存使用的公共包（无需复制整个公共注册）
• 使用内部生成的修改版本覆盖公共包。

Verdacciois what I was looking for and it deserves it's own answer ;) It is an actively maintained fork of Sinopia (highly upvoted answer here). It is a npm registry as a npm package, and can be found

Verdaccio是我一直在寻找的，它应该得到它自己的答案；) 它是 Sinopia 的一个积极维护的分支（这里得到了高度赞扬的答案）。它是一个npm 注册表作为 npm 包，可以找到

here: https://github.com/verdaccio/verdaccio,
here: https://www.verdaccio.org,
here: pnpm i -g verdaccio, or
here: docker run -it --rm --detach --name verdaccio -p 4873:4873 verdaccio/verdaccio

此处：https: //github.com/verdaccio/verdaccio，
此处：https: //www.verdaccio.org，
此处：pnpm i -g verdaccio，或
此处：docker run -it --rm --detach --name verdaccio -p 4873:4873 verdaccio/verdaccio

On 14th of April (2015), npm private moduleswere introduced.

2015 年 4 月 14 日，引入了npm 私有模块。

When you pay for private modules, you can:

• Host as many private packages as you want
• Give read access or read-write access for those packages to any other paid user
• Install and use any packages that other paid users have given you read access to
• Collaborate on any packages that other paid users have given you write access to

当您为私人模块付费时，您可以：

• 根据需要托管尽可能多的私人包
• 向任何其他付费用户授予对这些软件包的读访问或读写访问权限
• 安装和使用其他付费用户授予您读取权限的任何软件包
• 协作处理其他付费用户授予您写入权限的任何程序包

Of course it's not free - currently 7$ a month, per user.

当然，它不是免费的——目前每个用户每月 7 美元。

And it's still a pretty new service. For example support for organization accounts is missing (as of June 2015):

它仍然是一项非常新的服务。例如，缺少对组织帐户的支持（截至 2015 年 6 月）：

Currently, private packages are only available for individual users, but support for organization accounts is coming soon. Feel free to create a user for your organization in the meantime, and we can upgrade it to an organization when support is here.

目前，私人包仅适用于个人用户，但即将支持组织帐户。在此期间，您可以随意为您的组织创建一个用户，我们可以在获得支持时将其升级为组织。

So while not perfect, it's the officialnpm solution to maintaining private packages, and that itself makes it worth mentioning.

因此，虽然不完美，但它是维护私有包的官方npm 解决方案，这本身就值得一提。

UPDATE

更新

Npm Private Packagesare now available, with plans for both individual users and organizations:

Npm 私人包现在可用，针对个人用户和组织的计划：

• Unlimited number of public & private packages
• $7/month/developer
• Includes one scope name, based on organization name
• Publish and control access to @org-name/foo

• 无限数量的公共和私人包
• $7/月/开发人员
• 包括一个范围名称，基于组织名称
• 发布和控制对@org-name/foo 的访问

(disclaimer: not even remotely affiliated in any way with npm, Inc.)

（免责声明：甚至与npm, Inc.没有任何关联。）

Repository managers with support for private npm registries:

支持私有 npm 注册表的存储库管理器：

• Sonatype Nexus 2.10
• Artifactory 3.2

• Sonatype Nexus 2.10
• 神器 3.2

I guess this thread needs an update. If you look at any of the npm registries which are available, they are extremely heavy and they need couchdb. Gemfurry and others need you to fork off from public repos. Some of the npm's like shadow-npm have no recent commits.

我想这个线程需要更新。如果您查看任何可用的 npm 注册表，就会发现它们非常繁重并且需要 couchdb。Gemfurry 和其他人需要你从公共回购中分叉。一些 npm 像 shadow-npm没有最近的提交。

Then, we found Reggie. Its got a good commit activity, extremely easy to install and use and has pretty good community support. Its extremely light-weight and you don't have to deal with couchdb, etc.

然后，我们找到了Reggie。它有一个很好的提交活动，非常容易安装和使用，并且有很好的社区支持。它非常轻巧，您不必处理 couchdb 等。

Forgive me if I don't understand your question well, but here's my answer:

如果我不能很好地理解你的问题，请原谅我，但这是我的答案：

You can create a private npm module and use npm's normal commands to install it. Most node.js users use git as their repository, but you can use whatever repository works for you.

你可以创建一个私有的 npm 模块并使用 npm 的普通命令来安装它。大多数 node.js 用户使用 git 作为他们的存储库，但您可以使用任何适合您的存储库。

1. In your project, you'll want the skeleton of an NPM package. Most node modules have git repositories where you can look at how they integrate with NPM (the package.json file, I believe is part of this and NPM's website shows you how to make a npm package)
2. Use something akin to Make to make and tarball your package to be available from the internet or your network to stage it for npm install downloads.

3. Once your package is made, then use

   npm install *tarball_url*

1. 在您的项目中，您需要 NPM 包的框架。大多数节点模块都有 git 存储库，您可以在其中查看它们如何与 NPM 集成（package.json 文件，我相信是其中的一部分，NPM 的网站向您展示了如何制作 npm 包）
2. 使用类似于 Make 的东西来制作和压缩你的包，以便从 Internet 或你的网络上可用，以便为 npm install 下载准备它。

3. 一旦你的包被制作出来，然后使用

   npm 安装 *tarball_url*

This is the easiest way I know - host it in the cloud with the Gemfuryprivate npm registry.

这是我所知道的最简单的方法 - 使用Gemfury私有 npm 注册表将其托管在云中。

It's free and you can log in with your Github account. It should save you a lot of time, compared to setting up your own database.

它是免费的，您可以使用您的 Github 帐户登录。与设置自己的数据库相比，它应该可以为您节省大量时间。

we are using the Sonatype Nexus, version is Nexus Repository ManagerOSS 3.6.1-02. And I am sure that it supports NPM private repository and cached the package.

我们使用的是 Sonatype Nexus，版本是 Nexus Repository ManagerOSS 3.6.1-02。而且我确信它支持 NPM 私有存储库并缓存了包。