To share your code with a limited set of users or teams, you can publish private user-scoped or organization-scoped packages to the npm registry.
Note: Before you can publish private user-scoped npm packages, you must sign up for a paid npm user account.
If you are using npmrc to manage accounts on multiple registries, on the command line, switch to the appropriate profile:
On the command line, create a directory for your package:
Navigate to the root directory of your package:
If you are using git to manage your package code, in the package root directory, run the following commands, replacing
git-remote-url with the git remote URL for your package:
git init git remote add origin git://git-remote-url
In the package root directory, run the
npm init command and pass the scope to the
Create a README file that explains what your package code is and how to use it.
In your preferred text editor, write the code for your package.
Publishing sensitive information to the registry can harm your users, compromise your development infrastructure, be expensive to fix, and put you at risk of legal action. We strongly recommend removing sensitive information, such as private keys, passwords, [personally identifiable information][pii] (PII), and credit card data before publishing your package to the registry. Even if your package is private, sensitive information can be exposed if the package is made public or downloaded to a computer that can be accessed by more users than intended.
For less sensitive information, such as testing data, use a
.gitignore file to prevent publishing to the registry. For more information, see this article.
To reduce the chances of publishing bugs, we recommend testing your package before publishing it to the npm registry. To test your package, run
npm install with the full path to your package directory:
npm install my-package
By default, scoped packages are published with private visibility.
On the command line, navigate to the root directory of your package.
To publish your private package to the npm registry, run:
To see your private package page, visit https://npmjs.com/package/*package-name, replacing package-name* with the name of your package. Private packages will say
private below the package name on the npm website.
For more information on the
publish command, see the CLI documentation.
© npm, Inc. and Contributors
Licensed under the npm License.
npm is a trademark of npm, Inc.