What if npm is down?
This Monday it happened. The npm registry went down and the sky came falling down over all web developers. Well this time it only lasted for a couple of hours and was caused by a configuration tweak at Cloudflare. But it's clear how many of us are really reliant on the npm registry. Without it we can't setup a new project and if you're using CI/CD tools you can't even deploy a new version of your project.
But there are stuff you can do!
Open Registry
If npm is down and you need to use the registry, there are alternative ones. For example the "Open-Registry".
To use an alternative registry just run this command:
npm config set registry https://npm.open-registry.devNow all npm commands will fetch packages from Open-Registry instead.
To switch back to the official npm registry, do this:
npm config delete registryPrivate (cache) registry
With a bit of foresight you can plan ahead for these things. There are tools that lets you cache npm-packages, and there are private registries you can use.
One of the easiest is Verdaccio, which is an open source Node.js application. You can easily run it on your local machine, and they also offer a Docker image.
Here are some more "enterprise" tools to take a look at:
Yarn 2
Last but not least we have Yarn which is an alternative package manager. But it still uses the npm registry for loading packages.
It has a feature called offline cache which, from version 2 of Yarn, builds a local cache of all dependencies per project. They recommend that this cache should be in version control with the rest of the code.
So other people can just checkout the code and start working, without running "install". And all CI/CD tools will always work even if the npm registry (or any other registry you're using) is down.