Using a private registry is easy
Get started with Bytesafe
Add the packages you depend on to our fully managed npm registries, using your regular tools. Set up your dependency firewall and get control over your software supply chain in three easy steps!
The workspace is where you store your data and manage your team. It contains all your registries, packages and configurations. It provides a unique URL to access Bytesafe, such as
A workspace can contain any number of registries. Each registry is unique. Create your own or use the predefined one.
- Claim your own custom and unique namespace
2. Access Bytesafe with the npm client of your choice
With Bytesafe you continue using the regular npm clients:
Create an access token for your registry URL. With
--registry requests are sent securely to Bytesafe in place of the default npmjs registry.
- Personal and secure access to private registries
3. Install or publish packages
Packages can be added using
npm or uploaded manually. Individually or installed according to an existing projects
Versions not available directly in Bytesafe are fetched from upstreams like
registry.npmjs.org and added to both Bytesafe and installed to your project.
- Add all your packages. Instantly available in Bytesafe.
Done! Your are now in control of your supply chain
A firewall for all your dependencies, private and public, across all your projects.
Know and control the packages you depend on, their dependents and from what sources. Quality and determinstic results for all team members, all the time!
- All your npm packages and information - in one place!
After packages are added to Bytesafe
Know and secure your supply chain
Adding your packages to Bytesafe allows you to know the true extent of the dependencies you are using. Continuously monitor your dependencies, don't rely on point-in-time scans. Identify and get notified of any issues - stay up to date with your registries!
Identify and remediate vulnerabilities
Automatically scan dependencies for potential threats. Users can opt-in to automatically quarantine undesirable packages - before they enter their environment.
Versions are scanned as they are added, no need to wait for point in time scans during the build chain. Get notified directly on any issues found.
Learn more on supply chain security
- Shift left - use Bytesafe for all your teams. Find and fix issues early
- Track and remediate security issues through their lifecycle
Identify open source licenses
All packages added to Bytesafe are scanned for OSS licenses. License information is displayed both aggregated and for individual packages.
The License scanner plugin notifies you on unlicensed or non-standard licenses in the packages you use.
Learn more on license compliance
- Instant overview of the open source licenses you use
- Scans all package files - not only
Information made available to everyone
With Bytesafe the responsibility for package dependencies are no longer locked to developers alone.
Identify key metrics & issues, track recent activity, risk exposure and trends. Turn secure management of dependencies into a team effort - for business stakeholders too!
- Reduce noise - access the metrics you need with Dashboards
Make the most out of Bytesafe
Adaptable registries - to your needs
Bytesafe is customizable and suitable for all types of users. Regardless if you need a single registry for your private packages or require a network of registries for your organization and 3rd party partners. Don't let yourself be restricted to single registries, create what you need for your current use case instead!
Create a registry setup that matches your organization
Upstreams are linked registries. Package versions can be pulled from an upstream down into a registry. Packages can also be pushed from registries to upstreams.
Create as many registries as you require and connect the package flow using upstreams!
- Connect registries to other external or internal sources
- Proxy public packages and cache them in Bytesafe
Make plugins and policies do the work for you
Each registry supports a unique set of policies and plugins that can automate package workflow and limit actions for the registry contents.
Avoid dependency confusion by creating firewall registries and blocking internal packages from being fetched from external sources. Automate publish to public registries and token management. Freeze registries completely. All according to your needs!
- Create rules to block, limit or allow actions with Policies
- Let Bytesafe perform actions for you with Plugins
One package source for all parts of the software development cycle
Managing packages in Bytesafe enables deterministic results for every part of the DevOps cycle.
Prepare curated registries and make sure the same package versions are available for all stages of development, test, build and deployment.
- Dependable package installs - don’t spend time troubleshooting dependencies
- Reduce risks of untested code being released into production environments
- Recreate a specific state or release - archive and freeze sets of dependencies