chore: update versions (6-next) (#3462)

* docs: npm9 login support

* Update setup-yarn.md

* chore: pnpm docs

* chore: add more yarn docs

* chore: fix preview

.babelrc

@@ -1,26 +1,14 @@
 {
-  "presets": [ [
-    "@babel/env",
-    {
-      "useBuiltIns": "usage",
-      "corejs": {
-        "version": 3, "proposals": true
-      },
-      "targets": {
-        "node": 14
+  "presets": [
+    [
+      "@babel/env",
+      {
+        "targets": {
+          "node": 16
+        }
       }
-    }
-  ],
+    ],
     "@babel/typescript"
   ],
-  "plugins": [
-    "babel-plugin-dynamic-import-node",
-    "@babel/proposal-class-properties",
-    "@babel/proposal-object-rest-spread",
-    "@babel/plugin-proposal-optional-chaining",
-    "@babel/plugin-proposal-nullish-coalescing-operator"
-    ],
-  "ignore": [
-    "**/*.d.ts"
-  ]
+  "ignore": ["**/*.d.ts"]
 }

.changeset/angry-nails-appear.md

@@ -0,0 +1,52 @@
+---
+'@verdaccio/api': major
+'@verdaccio/auth': major
+'@verdaccio/cli': major
+'@verdaccio/config': major
+'@verdaccio/core': major
+'@verdaccio/file-locking': major
+'@verdaccio/readme': major
+'@verdaccio/tarball': major
+'@verdaccio/types': major
+'@verdaccio/url': major
+'@verdaccio/hooks': major
+'@verdaccio/loaders': major
+'@verdaccio/logger': major
+'@verdaccio/logger-prettify': major
+'@verdaccio/middleware': major
+'@verdaccio/node-api': major
+'verdaccio-audit': major
+'verdaccio-auth-memory': major
+'verdaccio-htpasswd': major
+'@verdaccio/local-storage': major
+'verdaccio-memory': major
+'@verdaccio/ui-theme': major
+'@verdaccio/proxy': major
+'@verdaccio/server': major
+'@verdaccio/store': major
+'@verdaccio/utils': major
+'verdaccio': major
+'@verdaccio/web': major
+---
+
+feat!: replace deprecated request dependency by got
+
+This is a big refactoring of the core, fetching dependencies, improve code, more tests and better stability. This is essential for the next release, will take some time but would allow modularize more the core.
+
+## Notes
+
+- Remove deprecated `request` by other `got`, retry improved, custom Agent ( got does not include it built-in)
+- Remove `async` dependency from storage (used by core) it was linked with proxy somehow safe to remove now
+- Refactor with promises instead callback wherever is possible
+- ~Document the API~
+- Improve testing, integration tests
+- Bugfix
+- Clean up old validations
+- Improve performance
+
+## 💥 Breaking changes
+
+- Plugin API methods were callbacks based are returning promises, this will break current storage plugins, check documentation for upgrade.
+- Write Tarball, Read Tarball methods parameters change, a new set of options like `AbortController` signals are being provided to the `addAbortSignal` can be internally used with Streams when a request is aborted. eg: `addAbortSignal(signal, fs.createReadStream(pathName));`
+- `@verdaccio/streams` stream abort support is legacy is being deprecated removed
+- Remove AWS and Google Cloud packages for future refactoring [#2574](https://github.com/verdaccio/verdaccio/pull/2574).

.changeset/bright-poems-obey.md

@@ -0,0 +1,37 @@
+---
+'@verdaccio/api': major
+'@verdaccio/server-fastify': major
+'@verdaccio/tarball': major
+'@verdaccio/local-storage': major
+'verdaccio-memory': major
+'@verdaccio/server': major
+'@verdaccio/store': major
+'@verdaccio/utils': major
+---
+
+refactor: download manifest endpoint and integrate fastify
+
+Much simpler API for fetching a package
+
+```
+ const manifest = await storage.getPackageNext({
+      name,
+      uplinksLook: true,
+      req,
+      version: queryVersion,
+      requestOptions,
+ });
+```
+
+> not perfect, the `req` still is being passed to the proxy (this has to be refactored at proxy package) and then removed from here, in proxy we pass the request instance to the `request` library.
+
+### Details
+
+- `async/await` sugar for getPackage()
+- Improve and reuse code between current implementation and new fastify endpoint (add scaffolding for request manifest)
+- Improve performance
+- Add new tests
+
+### Breaking changes
+
+All storage plugins will stop to work since the storage uses `getPackageNext` method which is Promise based, I won't replace this now because will force me to update all plugins, I'll follow up in another PR. Currently will throw http 500

.changeset/brown-cycles-laugh.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/cli': patch
+---
+
+chore: improve error logger message

.changeset/brown-pandas-wink.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+add banner support ukraine

.changeset/chilled-ways-fetch.md

@@ -0,0 +1,5 @@
+---
+'verdaccio-memory': patch
+---
+
+Fix storing tarballs with identical names from different packages in memory plugin

.changeset/chilly-glasses-occur.md

@@ -0,0 +1,8 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/core': patch
+'@verdaccio/server-fastify': patch
+'@verdaccio/store': patch
+---
+
+fix: abbreviated headers handle quality values

.changeset/clever-pugs-warn.md

@@ -0,0 +1,11 @@
+---
+'@verdaccio/cli': major
+'@verdaccio/core': major
+'@verdaccio/types': major
+'@verdaccio/logger': major
+'@verdaccio/logger-prettify': major
+'verdaccio-audit': major
+'@verdaccio/eslint-config': major
+---
+
+feat: migrate to pino.js 8

.changeset/config.json

@@ -2,9 +2,17 @@
   "$schema": "https://unpkg.com/@changesets/config@1.3.0/schema.json",
   "changelog": "@changesets/cli/changelog",
   "commit": false,
-  "linked": [],
+  "fixed": [
+    [
+      "verdaccio",
+      "@verdaccio/cli",
+      "@verdaccio/core",
+      "@verdaccio/config",
+      "@verdaccio/node-api",
+      "@verdaccio/ui-theme"
+    ]
+  ],
   "access": "public",
   "baseBranch": "master",
-  "updateInternalDependencies": "patch",
-  "ignore": []
+  "updateInternalDependencies": "patch"
 }

.changeset/dry-planes-tap.md

@@ -3,10 +3,9 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/core': major
 '@verdaccio/local-storage': major
-'@verdaccio/fastify-migration': major
+'@verdaccio/server-fastify': major
 '@verdaccio/streams': major
 '@verdaccio/types': major
 '@verdaccio/hooks': major
@@ -19,7 +18,6 @@
 '@verdaccio/server': major
 '@verdaccio/store': major
 '@verdaccio/eslint-config': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/dull-monkeys-search.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+show verdaccio logo in the footer even when custom brand is set

.changeset/early-jokes-nail.md

@@ -0,0 +1,76 @@
+---
+'@verdaccio/api': major
+'@verdaccio/auth': major
+'@verdaccio/config': major
+'@verdaccio/types': major
+'@verdaccio/loaders': major
+'@verdaccio/node-api': major
+'verdaccio-audit': major
+'verdaccio-auth-memory': major
+'verdaccio-htpasswd': major
+'@verdaccio/local-storage': major
+'verdaccio-memory': major
+'@verdaccio/server': major
+'@verdaccio/server-fastify': major
+'@verdaccio/store': major
+'@verdaccio/test-helper': major
+'customprefix-auth': major
+'verdaccio': major
+'@verdaccio/web': major
+---
+
+feat(plugins): improve plugin loader
+
+### Changes
+
+- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
+- Avoid config collisions https://github.com/verdaccio/verdaccio/issues/928
+- https://github.com/verdaccio/verdaccio/issues/1394
+- `config.plugins` plugin path validations
+- Updated algorithm for plugin loader.
+- improved documentation (included dev)
+
+## Features
+
+- Add scope plugin support to 6.x https://github.com/verdaccio/verdaccio/pull/3227
+- Custom prefix:
+
+```
+// config.yaml
+server:
+  pluginPrefix: mycompany
+middleware:
+  audit:
+      foo: 1
+```
+
+This configuration will look up for `mycompany-audit` instead `Verdaccio-audit`.
+
+## Breaking Changes
+
+### sinopia plugins
+
+- `sinopia` fallback support is removed, but can be restored using `pluginPrefix`
+
+### plugin filter
+
+- method rename `filter_metadata`->`filterMetadata`
+
+### Plugin constructor does not merge configs anymore https://github.com/verdaccio/verdaccio/issues/928
+
+The plugin receives as first argument `config`, which represents the config of the plugin. Example:
+
+```
+// config.yaml
+auth:
+  plugin:
+     foo: 1
+     bar: 2
+
+export class Plugin<T> {
+  public constructor(config: T, options: PluginOptions) {
+    console.log(config);
+    // {foo:1, bar: 2}
+ }
+}
+```

.changeset/eleven-brooms-hunt.md

@@ -0,0 +1,11 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/core': minor
+'@verdaccio/tarball': minor
+'@verdaccio/middleware': minor
+'verdaccio-audit': minor
+'@verdaccio/utils': minor
+'@verdaccio/web': minor
+---
+
+refactor: improve docker image build with strict dependencies and prod build

.changeset/eleven-spoons-matter.md

@@ -7,7 +7,7 @@
 '@verdaccio/file-locking': major
 'verdaccio-htpasswd': major
 '@verdaccio/readme': major
-'@verdaccio/fastify-migration': major
+'@verdaccio/server-fastify': major
 '@verdaccio/streams': major
 '@verdaccio/tarball': major
 '@verdaccio/types': major
@@ -16,7 +16,6 @@
 '@verdaccio/loaders': major
 '@verdaccio/logger': major
 '@verdaccio/middleware': major
-'@verdaccio/mock': major
 '@verdaccio/node-api': major
 '@verdaccio/active-directory': major
 'verdaccio-audit': major
@@ -28,7 +27,6 @@
 '@verdaccio/server': major
 '@verdaccio/cli-standalone': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/fair-lemons-beam.md

@@ -0,0 +1,6 @@
+---
+'@verdaccio/logger-prettify': minor
+'@verdaccio/logger': patch
+---
+
+hydrate template placeholders in log messages when format is set to 'json'

.changeset/famous-tigers-doubt.md

@@ -0,0 +1,42 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/auth': patch
+'@verdaccio/cli': patch
+'@verdaccio/core': patch
+'@verdaccio/file-locking': patch
+'@verdaccio/readme': patch
+'@verdaccio/tarball': patch
+'@verdaccio/types': patch
+'@verdaccio/url': patch
+'@verdaccio/hooks': patch
+'@verdaccio/loaders': patch
+'@verdaccio/logger': patch
+'@verdaccio/node-api': patch
+'verdaccio-audit': patch
+'verdaccio-auth-memory': patch
+'verdaccio-htpasswd': patch
+'@verdaccio/local-storage': patch
+'verdaccio-memory': patch
+'@verdaccio/ui-theme': patch
+'@verdaccio/proxy': patch
+'@verdaccio/server': patch
+'@verdaccio/server-fastify': patch
+'@verdaccio/cli-standalone': patch
+'@verdaccio/store': patch
+'docusaurus-plugin-contributors': patch
+'@verdaccio/test-helper': patch
+'verdaccio': patch
+'@verdaccio/web': patch
+'@verdaccio/test-cli-commons': patch
+'@verdaccio/e2e-cli-npm6': patch
+'@verdaccio/e2e-cli-npm7': patch
+'@verdaccio/e2e-cli-npm8': patch
+'@verdaccio/e2e-cli-pnpm6': patch
+'@verdaccio/e2e-cli-pnpm7': patch
+'@verdaccio/e2e-cli-yarn1': patch
+'@verdaccio/e2e-cli-yarn2': patch
+'@verdaccio/e2e-cli-yarn3': patch
+'@verdaccio/e2e-cli-yarn4': patch
+---
+
+fix(deps): @verdaccio/utils should be a prod dep of local-storage

.changeset/few-cooks-destroy.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/file-locking': major
 'verdaccio-htpasswd': major
 '@verdaccio/local-storage': major
@@ -15,7 +14,6 @@
 '@verdaccio/logger': major
 '@verdaccio/logger-prettify': major
 '@verdaccio/middleware': major
-'@verdaccio/mock': major
 '@verdaccio/node-api': major
 '@verdaccio/active-directory': major
 'verdaccio-audit': major
@@ -26,11 +24,9 @@
 '@verdaccio/proxy': major
 '@verdaccio/server': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major
-'@verdaccio/website': major
 ---
 
 feat!: experiments config renamed to flags

.changeset/four-ways-try.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': minor
+---
+
+feat: upgrade to react 18

.changeset/fuzzy-drinks-taste.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': minor
+---
+
+fix: remove engines from ui-theme

.changeset/fuzzy-onions-draw.md

@@ -1,6 +1,6 @@
 ---
 '@verdaccio/api': minor
-'@verdaccio/fastify-migration': minor
+'@verdaccio/server-fastify': minor
 '@verdaccio/hooks': minor
 '@verdaccio/logger-prettify': minor
 '@verdaccio/proxy': minor

.changeset/gentle-trains-switch.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': major
 '@verdaccio/cli': major
 '@verdaccio/config': major
-'@verdaccio/commons-api': major
 '@verdaccio/file-locking': major
 'verdaccio-htpasswd': major
 '@verdaccio/local-storage': major
@@ -15,12 +14,10 @@
 '@verdaccio/logger': major
 '@verdaccio/logger-prettify': major
 '@verdaccio/middleware': major
-'@verdaccio/mock': major
 '@verdaccio/node-api': major
 '@verdaccio/proxy': major
 '@verdaccio/server': major
 '@verdaccio/store': major
-'@verdaccio/dev-types': major
 '@verdaccio/utils': major
 'verdaccio': major
 '@verdaccio/web': major

.changeset/green-yaks-divide.md

@@ -0,0 +1,29 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/cli': minor
+'@verdaccio/core': minor
+'@verdaccio/node-api': minor
+'@verdaccio/server': minor
+'@verdaccio/server-fastify': minor
+'verdaccio': minor
+---
+
+chore: env variable for launch fastify
+
+- Update fastify to major release `v4.3.0`
+- Update CLI launcher
+
+via CLI
+
+```
+VERDACCIO_SERVER=fastify verdaccio
+```
+
+with docker
+
+```
+docker run -it --rm --name verdaccio \
+  -e "VERDACCIO_SERVER=8080" -p 8080:8080 \
+  -e "VERDACCIO_SERVER=fastify" \
+  verdaccio/verdaccio
+```

.changeset/healthy-pants-smash.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/ui-theme': patch
+'@verdaccio/test-helper': patch
+'@verdaccio/web': patch
+---
+
+fix: #3174 set correctly ui values to html render

.changeset/heavy-ravens-lay.md

@@ -1,6 +1,6 @@
 ---
 '@verdaccio/cli': minor
-'@verdaccio/fastify-migration': minor
+'@verdaccio/server-fastify': minor
 ---
 
 [Fastify] Add ping endpoint

.changeset/hip-hounds-destroy.md

@@ -6,7 +6,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/readme': patch
@@ -17,7 +16,6 @@
 '@verdaccio/logger': patch
 '@verdaccio/logger-prettify': patch
 '@verdaccio/middleware': patch
-'@verdaccio/mock': patch
 '@verdaccio/node-api': patch
 '@verdaccio/active-directory': patch
 'verdaccio-audit': patch
@@ -27,13 +25,9 @@
 'verdaccio-memory': patch
 '@verdaccio/proxy': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 '@verdaccio/web': patch
-'@verdaccio/e2e-cli': patch
-'@verdaccio/e2e-ui': patch
-'@verdaccio/website': patch
 ---
 
 chore: add release step to private regisry on merge changeset pr

.changeset/kind-bears-nail.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+feat: add types and package module icons on sidebar

.changeset/light-pumas-brake.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/ui-theme': minor
+'@verdaccio/server-fastify': minor
+'@verdaccio/web': minor
+---
+
+feat: parse and sanitize on ui

.changeset/light-walls-begin.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/ui-theme': minor
+'@verdaccio/server': minor
+'@verdaccio/web': minor
+---
+
+feat: align with v5 ui endpoints and ui small bugfix

.changeset/loud-shoes-jog.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+chore: force publish

.changeset/lovely-drinks-argue.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/loaders': patch
+---
+
+always create plugin instance with new

.changeset/many-vans-care.md

@@ -1,6 +1,5 @@
 ---
 '@verdaccio/tarball': patch
-'@verdaccio/mock': patch
 '@verdaccio/ui-theme': patch
 '@verdaccio/server': patch
 '@verdaccio/utils': patch

.changeset/modern-maps-lie.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+Hide search icon on medium or larger devices

.changeset/moody-clocks-roll.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/cli': patch
+---
+
+fix: version with breakline

.changeset/neat-toes-report.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': minor
 '@verdaccio/cli': minor
 '@verdaccio/config': minor
-'@verdaccio/commons-api': minor
 '@verdaccio/file-locking': minor
 'verdaccio-htpasswd': minor
 '@verdaccio/local-storage': minor
@@ -15,7 +14,6 @@
 '@verdaccio/logger': minor
 '@verdaccio/logger-prettify': minor
 '@verdaccio/middleware': minor
-'@verdaccio/mock': minor
 '@verdaccio/node-api': minor
 '@verdaccio/active-directory': minor
 'verdaccio-audit': minor
@@ -27,7 +25,6 @@
 '@verdaccio/proxy': minor
 '@verdaccio/server': minor
 '@verdaccio/store': minor
-'@verdaccio/dev-types': minor
 '@verdaccio/utils': minor
 'verdaccio': minor
 '@verdaccio/web': minor

.changeset/neat-toys-float.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+fix: replace ts icon by td and fix commonjs icon

.changeset/orange-flowers-cover.md

@@ -0,0 +1,43 @@
+---
+'@verdaccio/config': minor
+'@verdaccio/types': minor
+'@verdaccio/ui-theme': minor
+---
+
+feat: rework web header for mobile, add new settings and raw manifest button
+
+### New set of variables to hide features
+
+Add set of new variables that allow hide different parts of the UI, buttons, footer or download tarballs. _All are
+enabled by default_.
+
+```yaml
+# login: true <-- already exist but worth the reminder
+# showInfo: true
+# showSettings: true
+# In combination with darkMode you can force specific theme
+# showThemeSwitch: true
+# showFooter: true
+# showSearch: true
+# showDownloadTarball: true
+```
+
+> If you disable `showThemeSwitch` and force `darkMode: true` the local storage settings would be
+> ignored and force all themes to the one in the configuration file.
+
+Future could be extended to
+
+### Raw button to display manifest package
+
+A new experimental feature (enabled by default), button named RAW to be able navigate on the package manifest directly on the ui, kudos to [react-json-view](https://www.npmjs.com/package/react-json-view) that allows an easy integration, not configurable yet until get more feedback.
+
+```yaml
+showRaw: true
+```
+
+#### Rework header buttons
+
+- The header has been rework, the mobile was not looking broken.
+- Removed info button in the header and moved to a dialog
+- Info dialog now contains more information about the project, license and the aid content for Ukrania now is inside of the info modal.
+- Separate settings and info to avoid collapse too much info (for mobile still need some work)

.changeset/perfect-candles-clap.md

@@ -6,7 +6,7 @@
 '@verdaccio/core': minor
 'verdaccio-htpasswd': minor
 '@verdaccio/local-storage': minor
-'@verdaccio/fastify-migration': minor
+'@verdaccio/server-fastify': minor
 '@verdaccio/tarball': minor
 '@verdaccio/types': minor
 '@verdaccio/url': minor
@@ -14,7 +14,6 @@
 '@verdaccio/loaders': minor
 '@verdaccio/logger': minor
 '@verdaccio/middleware': minor
-'@verdaccio/mock': minor
 '@verdaccio/node-api': minor
 '@verdaccio/active-directory': minor
 'verdaccio-auth-memory': minor

.changeset/plenty-spiders-melt.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': minor
 '@verdaccio/cli': minor
 '@verdaccio/config': minor
-'@verdaccio/commons-api': minor
 '@verdaccio/file-locking': minor
 'verdaccio-htpasswd': minor
 '@verdaccio/local-storage': minor
@@ -15,16 +14,13 @@
 '@verdaccio/logger': minor
 '@verdaccio/logger-prettify': minor
 '@verdaccio/middleware': minor
-'@verdaccio/mock': minor
 '@verdaccio/node-api': minor
 '@verdaccio/proxy': minor
 '@verdaccio/server': minor
 '@verdaccio/store': minor
-'@verdaccio/dev-types': minor
 '@verdaccio/utils': minor
 'verdaccio': minor
 '@verdaccio/web': minor
-'@verdaccio/website': minor
 ---
 
 feat: add typescript project references settings

.changeset/pre.json

@@ -9,15 +9,12 @@
     "@verdaccio/file-locking": "11.0.0-alpha.0",
     "verdaccio-htpasswd": "11.0.0-alpha.0",
     "@verdaccio/local-storage": "11.0.0-alpha.0",
-    "@verdaccio/readme": "11.0.0-alpha.0",
-    "@verdaccio/streams": "11.0.0-alpha.0",
     "@verdaccio/types": "11.0.0-alpha.0",
     "@verdaccio/hooks": "6.0.0-alpha.0",
     "@verdaccio/loaders": "6.0.0-alpha.0",
     "@verdaccio/logger": "6.0.0-alpha.0",
     "@verdaccio/logger-prettify": "6.0.0-alpha.0",
     "@verdaccio/middleware": "6.0.0-alpha.0",
-    "@verdaccio/mock": "6.0.0-alpha.0",
     "@verdaccio/node-api": "6.0.0-alpha.0",
     "@verdaccio/proxy": "6.0.0-alpha.0",
     "@verdaccio/server": "6.0.0-alpha.0",
@@ -33,42 +30,81 @@
     "verdaccio-google-cloud": "11.0.0-alpha.0",
     "verdaccio-memory": "11.0.0-alpha.0",
     "@verdaccio/ui-theme": "6.0.0-alpha.1",
-    "@verdaccio/e2e-cli": "1.0.0",
-    "@verdaccio/e2e-ui": "1.0.0",
     "@verdaccio/cli-standalone": "6.0.0-alpha.3",
     "@verdaccio/tarball": "11.0.0-alpha.3",
     "@verdaccio/url": "11.0.0-alpha.3",
-    "@verdaccio/fastify-migration": "6.0.0-6-next.9",
+    "@verdaccio/server-fastify": "6.0.0-6-next.9",
     "@verdaccio/eslint-config": "1.0.0",
     "@verdaccio/benchmark": "1.0.0",
-    "@verdaccio/website": "5.1.3",
     "@verdaccio/core": "6.0.0-next.0",
-    "@verdaccio/helper": "1.0.0"
+    "@verdaccio/test-helper": "1.0.0",
+    "docusaurus-plugin-contributors": "1.0.0",
+    "@verdaccio/website": "5.4.0",
+    "@verdaccio/test-cli-commons": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-npm6": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-npm7": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-npm8": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-pnpm6": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-pnpm7": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-yarn1": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-yarn2": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-yarn3": "1.0.1-6-next.1",
+    "@verdaccio/e2e-cli-yarn4": "1.0.1-6-next.1",
+    "@verdaccio/local-publish": "0.0.1",
+    "@verdaccio/e2e-cli-npm9": "1.0.1-6-next.5",
+    "@verdaccio/e2e-ui": "2.0.0-6-next.3",
+    "customprefix-auth": "0.0.1",
+    "@verdaccio/crowdin-translations": "1.0.0"
   },
   "changesets": [
     "afraid-mice-obey",
+    "angry-nails-appear",
     "big-lobsters-sin",
+    "bright-poems-obey",
+    "brown-cycles-laugh",
+    "brown-pandas-wink",
     "calm-pants-impress",
+    "chilled-ways-fetch",
+    "chilly-glasses-occur",
+    "clever-pugs-warn",
     "dry-planes-tap",
+    "dull-monkeys-search",
+    "early-jokes-nail",
+    "eleven-brooms-hunt",
     "eleven-spoons-matter",
+    "fair-lemons-beam",
+    "famous-tigers-doubt",
     "few-cooks-destroy",
     "few-mangos-grow",
     "fifty-jars-rest",
+    "four-ways-try",
+    "fuzzy-drinks-taste",
     "fuzzy-onions-draw",
     "gentle-parrots-lay",
     "gentle-trains-switch",
     "gold-vans-tease",
+    "green-yaks-divide",
     "healthy-bikes-behave",
+    "healthy-pants-smash",
     "healthy-poets-compare",
     "heavy-ravens-lay",
     "hip-hounds-destroy",
+    "kind-bears-nail",
     "late-adults-love",
     "late-parents-act",
+    "light-pumas-brake",
+    "light-walls-begin",
     "little-stingrays-rule",
+    "loud-shoes-jog",
+    "lovely-drinks-argue",
     "many-vans-care",
+    "modern-maps-lie",
     "modern-spies-tell",
+    "moody-clocks-roll",
     "neat-toes-report",
+    "neat-toys-float",
     "olive-candles-speak",
+    "orange-flowers-cover",
     "perfect-candles-clap",
     "perfect-emus-clean",
     "perfect-kangaroos-agree",
@@ -77,17 +113,38 @@
     "plenty-tables-refuse",
     "pretty-hounds-tap",
     "proud-jeans-walk",
+    "proud-jobs-hope",
     "red-chefs-float",
+    "red-yaks-sell",
+    "rich-badgers-begin",
+    "rich-ghosts-rule",
     "shaggy-carrots-unite",
     "shaggy-parrots-smash",
     "shiny-chefs-heal",
+    "shy-ducks-cover",
+    "slow-carrots-relate",
+    "slow-snails-sniff",
     "smart-apricots-kneel",
+    "smart-beds-cross",
+    "smooth-owls-pump",
     "sour-buses-shout",
+    "sour-maps-live",
     "spicy-frogs-press",
+    "spicy-snakes-sip",
+    "strange-ladybugs-nail",
+    "swift-pumpkins-knock",
     "ten-parents-breathe",
     "tender-bags-call",
+    "thick-countries-move",
+    "thick-geese-wash",
+    "thick-readers-hang",
+    "three-moles-drop",
     "three-pots-sit",
+    "tiny-seals-join",
+    "tricky-taxis-watch",
     "two-dolls-check",
-    "wild-jokes-beam"
+    "unlucky-hairs-wonder",
+    "wild-jokes-beam",
+    "witty-ties-speak"
   ]
 }

.changeset/pretty-hounds-tap.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/local-storage': patch
@@ -15,12 +14,10 @@
 '@verdaccio/logger': patch
 '@verdaccio/logger-prettify': patch
 '@verdaccio/middleware': patch
-'@verdaccio/mock': patch
 '@verdaccio/node-api': patch
 '@verdaccio/proxy': patch
 '@verdaccio/server': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 '@verdaccio/web': patch

.changeset/proud-jeans-walk.md

@@ -1,9 +1,8 @@
 ---
 'verdaccio-htpasswd': patch
 '@verdaccio/local-storage': patch
-'@verdaccio/fastify-migration': patch
+'@verdaccio/server-fastify': patch
 '@verdaccio/hooks': patch
-'@verdaccio/mock': patch
 '@verdaccio/node-api': patch
 ---
 

.changeset/proud-jobs-hope.md

@@ -0,0 +1,42 @@
+---
+'@verdaccio/api': major
+'@verdaccio/cli': major
+'@verdaccio/config': major
+'@verdaccio/core': major
+'@verdaccio/types': major
+'@verdaccio/logger': major
+'@verdaccio/node-api': major
+'verdaccio-aws-s3-storage': major
+'verdaccio-google-cloud': major
+'verdaccio-htpasswd': major
+'@verdaccio/local-storage': major
+'verdaccio-memory': major
+'@verdaccio/ui-theme': major
+'@verdaccio/proxy': major
+'@verdaccio/server': major
+'verdaccio': major
+'@verdaccio/web': major
+---
+
+feat!: config.logs throw an error, logging config not longer accept array or logs property
+
+### 💥 Breaking change
+
+This is valid
+
+```yaml
+log: { type: stdout, format: pretty, level: http }
+```
+
+This is invalid
+
+```yaml
+logs: { type: stdout, format: pretty, level: http }
+```
+
+or
+
+```yaml
+logs:
+  - [{ type: stdout, format: pretty, level: http }]
+```

.changeset/red-yaks-sell.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/logger': patch
+---
+
+Fix re-opening log files using SIGUSR2

.changeset/rich-badgers-begin.md

@@ -0,0 +1,9 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/url': minor
+'@verdaccio/store': minor
+'@verdaccio/test-helper': minor
+'verdaccio': minor
+---
+
+refactor: npm star command support reimplemented

.changeset/rich-ghosts-rule.md

@@ -0,0 +1,8 @@
+---
+'@verdaccio/types': major
+'@verdaccio/ui-theme': major
+'@verdaccio/web': major
+'@verdaccio/e2e-ui': major
+---
+
+feat: upgrade to material ui 5

.changeset/shy-ducks-cover.md

@@ -0,0 +1,13 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/auth': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/types': minor
+'@verdaccio/server-fastify': minor
+'@verdaccio/store': minor
+'@verdaccio/utils': minor
+'@verdaccio/web': minor
+---
+
+feat: add passwordValidationRegex property

.changeset/slow-carrots-relate.md

@@ -0,0 +1,6 @@
+---
+'@verdaccio/config': minor
+'@verdaccio/web': minor
+---
+
+feat(web): add a config item to web，let the developer can select whet……her enable the html cache

.changeset/slow-snails-sniff.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/ui-theme': patch
+'@verdaccio/web': patch
+---
+
+fix: improve abort request search

.changeset/smart-beds-cross.md

@@ -0,0 +1,20 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/types': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/ui-theme': minor
+'@verdaccio/proxy': minor
+'@verdaccio/server': minor
+'@verdaccio/store': minor
+'@verdaccio/test-helper': minor
+'@verdaccio/web': minor
+---
+
+feat: ui search support for remote, local and private packages
+
+The command `npm search` search globally and return all matches, with this improvement the user interface
+is powered with the same capabilities.
+
+The UI also tag where is the origin the package with a tag, also provide the latest version and description of the package.

.changeset/smooth-owls-pump.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+ui: basic grammatical fixes in the Ukraine Message

.changeset/sour-buses-shout.md

@@ -1,9 +1,8 @@
 ---
-'@verdaccio/fastify-migration': minor
+'@verdaccio/server-fastify': minor
 '@verdaccio/store': minor
 '@verdaccio/utils': minor
 '@verdaccio/web': minor
-'@verdaccio/website': minor
 ---
 
 feat: migrate web sidebar endpoint to fastify

.changeset/sour-maps-live.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+Add links to "Current Tags" and sort them in descending order

.changeset/spicy-snakes-sip.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+fix: specific version package detail page not showing

.changeset/strange-ladybugs-nail.md

@@ -0,0 +1,9 @@
+---
+'@verdaccio/types': minor
+---
+
+feat: add dist.signatures to core/types
+
+According to [`npm`](https://docs.npmjs.com/about-registry-signatures): _"Signatures are provided in the package's `packument` in each published version within the `dist` object"_
+
+Here's an [example of a package version from the public npm registry with `dist.signatures`](https://registry.npmjs.org/light-cycle/1.4.3).

.changeset/swift-pumpkins-knock.md

@@ -0,0 +1,6 @@
+---
+'@verdaccio/auth': patch
+'verdaccio-htpasswd': patch
+---
+
+Refactor htpasswd plugin to use the bcryptjs 'compare' api call instead of 'comparSync'. Add a new configuration value named 'slow_verify_ms' to the htpasswd plugin that when exceeded during password verification will log a warning message.

.changeset/ten-parents-breathe.md

@@ -1,6 +1,6 @@
 ---
 '@verdaccio/auth': minor
-'@verdaccio/fastify-migration': minor
+'@verdaccio/server-fastify': minor
 '@verdaccio/web': minor
 ---
 

.changeset/thick-countries-move.md

@@ -0,0 +1,6 @@
+---
+'@verdaccio/logger': major
+'@verdaccio/logger-prettify': major
+---
+
+feat: upgrade to pino v7

.changeset/thick-geese-wash.md

@@ -0,0 +1,21 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/auth': minor
+'@verdaccio/config': minor
+'@verdaccio/core': minor
+'@verdaccio/url': minor
+'@verdaccio/middleware': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/web': minor
+---
+
+chore: move improvements from v5 to v6
+
+Migrate improvements form v5 to v6:
+
+- https://github.com/verdaccio/verdaccio/pull/3158
+- https://github.com/verdaccio/verdaccio/pull/3151
+- https://github.com/verdaccio/verdaccio/pull/2271
+- https://github.com/verdaccio/verdaccio/pull/2787
+- https://github.com/verdaccio/verdaccio/pull/2791
+- https://github.com/verdaccio/verdaccio/pull/2205

.changeset/thick-readers-hang.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+fix: fixes some style issues on mobile, particularly related to the Ukraine support message - [@s-h-a-d-o-w](https://github.com/s-h-a-d-o-w)

.changeset/three-moles-drop.md

@@ -0,0 +1,7 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/store': minor
+'@verdaccio/utils': minor
+---
+
+refactor: improve versions and dist-tag filters

.changeset/three-pots-sit.md

@@ -3,7 +3,6 @@
 '@verdaccio/auth': patch
 '@verdaccio/cli': patch
 '@verdaccio/config': patch
-'@verdaccio/commons-api': patch
 '@verdaccio/file-locking': patch
 'verdaccio-htpasswd': patch
 '@verdaccio/local-storage': patch
@@ -14,12 +13,10 @@
 '@verdaccio/logger': patch
 '@verdaccio/logger-prettify': patch
 '@verdaccio/middleware': patch
-'@verdaccio/mock': patch
 '@verdaccio/node-api': patch
 '@verdaccio/proxy': patch
 '@verdaccio/server': patch
 '@verdaccio/store': patch
-'@verdaccio/dev-types': patch
 '@verdaccio/utils': patch
 'verdaccio': patch
 ---

.changeset/tiny-seals-join.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': minor
+---
+
+feat: improve registry info dialog and language switch

.changeset/tricky-taxis-watch.md

@@ -0,0 +1,28 @@
+---
+'@verdaccio/api': minor
+'@verdaccio/types': minor
+'@verdaccio/local-storage': minor
+'@verdaccio/server-fastify': minor
+'@verdaccio/store': minor
+'@verdaccio/test-helper': minor
+'@verdaccio/web': minor
+---
+
+feat: implement abbreviated manifest
+
+Enable abbreviated manifest data by adding the header:
+
+```
+curl -H "Accept: application/vnd.npm.install-v1+json" https://registry.npmjs.org/verdaccio
+```
+
+It returns a filtered manifest, additionally includes the [time](https://github.com/pnpm/rfcs/pull/2) field by request.
+
+Current support for packages managers:
+
+- npm: yes
+- pnpm: yes
+- yarn classic: yes
+- yarn modern (+2.x): [no](https://github.com/yarnpkg/berry/pull/3981#issuecomment-1076566096)
+
+https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-metadata-format

.changeset/unlucky-hairs-wonder.md

@@ -0,0 +1,5 @@
+---
+'@verdaccio/ui-theme': patch
+---
+
+feat: Display publication time on sidebar

.changeset/witty-ties-speak.md

@@ -0,0 +1,11 @@
+---
+'@verdaccio/api': patch
+'@verdaccio/cli': patch
+'@verdaccio/core': patch
+'@verdaccio/types': patch
+'@verdaccio/store': patch
+'@verdaccio/test-helper': patch
+'@verdaccio/local-publish': patch
+---
+
+fix: handle upload scoped tarball

.eslintignore

@@ -11,3 +11,6 @@ wiki/
 dist/
 docs/
 test/functional/store/*
+docker-examples/**/lib/**/*.js
+test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
+yarn.js

.github/workflows/benchmark.yml

@@ -4,23 +4,26 @@ name: ci - benchmark
 on:
   workflow_dispatch:
   schedule:
-    # 3 times day
+    # 1 time peer week
     # collecting enough data to draw some graphics
-    - cron: '0 1 * * *'
+    - cron: '0 1 * * 1'
   # push:
   #   branches:
   #     - master
+permissions:
+  contents: read
+
 jobs:
   prepare: 
     name: Prepare build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 14.x
+          node-version: 16.x
       - name: install pnpm
-        run: sudo npm i pnpm@6.6.1 -g
+        run: sudo npm i pnpm@latest-6 -g
       - name: set store
         run: | 
           mkdir ~/.pnpm-store
@@ -30,7 +33,7 @@ jobs:
       - name: install dependencies
         run: pnpm install
       - name: Cache .pnpm-store
-        uses: actions/cache@v2
+        uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -41,7 +44,7 @@ jobs:
       - name: tar packages
         run: |      
           tar -czvf ${{ github.workspace }}/pkg.tar.gz -C ${{ github.workspace }}/packages .
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
         with:
           name: verdaccio-artifact
           path: pkg.tar.gz
@@ -57,24 +60,24 @@ jobs:
           # - local
           - 3.13.1
           - 4.12.2
-          - 5.1.3
-          - 6.0.0-6-next.24
+          - 5.10.2
+          - 6.0.0-6-next.40
     name: Benchmark autocannon
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 14.x
-      - uses: actions/download-artifact@v2
+          node-version: 16.x
+      - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # tag=v3
         with:
           name: verdaccio-artifact
       - name: untar packages
         run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
       - name: install pnpm
         # require fixed version
-        run: sudo npm i pnpm@6.6.1 -g
-      - uses: actions/cache@v2
+        run: sudo npm i pnpm@latest-6 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
@@ -87,7 +90,7 @@ jobs:
         shell: bash
         env:
           DEBUG: metrics*
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
         with:
           name: verdaccio-metrics-api
           path: ./api-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  
@@ -118,24 +121,24 @@ jobs:
           # old versions to compare same test along previous releases
           - 3.13.1
           - 4.12.2
-          - 5.1.3
-          - 6.0.0-6-next.24
+          - 5.10.2
+          - 6.0.0-6-next.40
     name: Benchmark hyperfine
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 14.x
-      - uses: actions/download-artifact@v2
+          node-version: 16.x
+      - uses: actions/download-artifact@9782bd6a9848b53b110e712e20e42d89988822b7 # tag=v3
         with:
           name: verdaccio-artifact
       - name: untar packages
         run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages          
       - name: install pnpm
         # require fixed version
-        run: sudo npm i pnpm@6.6.1 -g
-      - uses: actions/cache@v2
+        run: sudo npm i pnpm@latest-6 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
           key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}   
@@ -153,7 +156,7 @@ jobs:
         shell: bash
       - name: rename
         run: mv ./hyper-results.json ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # tag=v3
         with:
           name: verdaccio-metrics
           path: ./hyper-results-${{matrix.verdaccioVersion}}-${{matrix.benchmark}}.json  

.github/workflows/changesets.yml

@@ -20,12 +20,12 @@ jobs:
     if: github.ref == 'refs/heads/master' && github.repository == 'verdaccio/verdaccio'
     steps:
       - name: checkout code repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
         with:
           fetch-depth: 0
 
       - name: setup node.js
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version: 14
           registry-url: 'https://registry.npmjs.org'
@@ -33,7 +33,7 @@ jobs:
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
 
       - name: install pnpm
-        run: npm i pnpm@6.10.3 -g
+        run: npm i pnpm@6.32.15 -g
         env:
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
 
@@ -47,8 +47,7 @@ jobs:
         env:
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
       - name: crowdin download
-        env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
+        env:          
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
           CONTEXT: production
         run: pnpm crowdin:download       
@@ -56,14 +55,16 @@ jobs:
         run: pnpm build
 
       - name: create versions
-        uses: verdaccio/changeset-action@master
+        uses: changesets/action@master
         with:
           version: pnpm ci:version
           commit: 'chore: update versions'
           title: 'chore: update versions'
           publish: pnpm ci:publish
+          createGithubReleases: false
+          setupGitUser: false
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.CHANGESET_RELEASE_TOKEN }}
           NPM_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
           NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
           NPM_CONFIG_REGISTRY: https://registry.npmjs.org

.github/workflows/ci-windows.yml

@@ -0,0 +1,130 @@
+name: CI windows
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '5 0 * * SUN' 
+permissions:
+  contents: read
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    name: setup verdaccio
+    services:
+      verdaccio:
+        image: verdaccio/verdaccio:nightly-master
+        ports:
+          - 4873:4873
+        env:
+          NODE_ENV: production          
+    steps:
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+    - name: Node
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      with:
+        node-version-file: '.nvmrc'
+    - name: Install pnpm
+      run: npm i pnpm@6.32.15 -g
+    - name: set store
+      run: |
+        mkdir ~/.pnpm-store
+        pnpm config set store-dir ~/.pnpm-store
+    - name: Install
+      run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+    - name: Cache .pnpm-store
+      uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+      with:
+        path: ~/.pnpm-store
+        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+        restore-keys: |
+          pnpm-
+  lint:
+    runs-on: windows-latest
+    name: Lint
+    needs: prepare
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+      - name: Lint
+        run: pnpm lint
+  format:
+    runs-on: windows-latest
+    name: Format
+    needs: prepare
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
+      - name: Lint
+        run: pnpm format:check
+  build:
+    needs: [format, lint]
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [windows-latest]
+        node_version: [18]
+    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
+    runs-on: ${{ matrix.os }}
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node ${{ matrix.node_version }}
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version: ${{ matrix.node_version }}
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test
+        run: pnpm test
+  ci-e2e-ui:
+    needs: [format, lint]
+    runs-on: windows-latest
+    name: UI Test E2E
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test UI
+        run: pnpm test:e2e:ui
+        # env:
+        #  DEBUG: verdaccio:e2e*

.github/workflows/ci.yml

@@ -2,42 +2,48 @@ name: CI
 
 on:
   push:
-    branches:
-      - master
-      - 'changeset-release/master'
   pull_request:
     paths:
       - .changeset/**
       - .github/workflows/ci.yml
       - 'packages/**'
+      - 'test/**'
+      - 'docker-examples/**'
       - 'jest/**'
       - 'package.json'
       - 'pnpm-workspace.yaml'
+permissions:
+  contents: read
+
 jobs:
   prepare:
     runs-on: ubuntu-latest
     name: setup verdaccio
     services:
       verdaccio:
-        image: verdaccio/verdaccio:5
+        image: verdaccio/verdaccio:nightly-master
         ports:
           - 4873:4873
+        env:
+          NODE_ENV: production          
     steps:
-    - uses: actions/checkout@v2.3.5
-    - name: Use Node 14
-      uses: actions/setup-node@v1
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+    - name: Node
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
       with:
-        node-version: 14 
+        node-version-file: '.nvmrc'
     - name: Install pnpm
-      run: npm i pnpm@6.10.3 -g
+      run: |
+        corepack enable
+        corepack prepare --activate pnpm@6.32.15
     - name: set store
-      run: | 
+      run: |
         mkdir ~/.pnpm-store
         pnpm config set store-dir ~/.pnpm-store
     - name: Install
       run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
     - name: Cache .pnpm-store
-      uses: actions/cache@v2
+      uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
       with:
         path: ~/.pnpm-store
         key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
@@ -48,19 +54,21 @@ jobs:
     name: Lint
     needs: prepare
     steps:
-      - uses: actions/checkout@v2.3.5
-      - name: Use Node 16
-        uses: actions/setup-node@v1
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 16
+          node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}     
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
       - name: Install
-        run: pnpm recursive install --frozen-lockfile --ignore-scripts
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
       - name: Lint
         run: pnpm lint
   format:
@@ -68,195 +76,79 @@ jobs:
     name: Format
     needs: prepare
     steps:
-      - uses: actions/checkout@v2.3.5
-      - name: Use Node 16
-        uses: actions/setup-node@v1
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 16
+          node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}     
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
       - name: Install
-        run: pnpm recursive install --frozen-lockfile --ignore-scripts
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts
       - name: Lint
         run: pnpm format:check
-
-  build:
-    runs-on: ubuntu-latest
-    name: build
-    needs: [format, lint]
-    steps:
-      - uses: actions/checkout@v2.3.5
-      - name: Use Node 16
-        uses: actions/setup-node@v1
-        with:
-          node-version: 16
-      - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}     
-      - name: Install
-        run: pnpm recursive install --frozen-lockfile --ignore-scripts
-      - name: crowdin download
-        env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
-          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
-          CONTEXT: production
-        run: pnpm crowdin:download
-        ## this step is optional, translations are not mandatory for PR
-        ## secrets keys are not available on forks, the failure here is guaranteed
-        continue-on-error: true  
-      - name: build
-        run: pnpm build
-      - name: tar packages
-        run: |      
-          tar -czvf ${{ github.workspace }}/pkg.tar.gz -C ${{ github.workspace }}/packages .
-      - uses: actions/upload-artifact@v2
-        with:
-          name: verdaccio-artifact
-          path: pkg.tar.gz            
   test:
-    needs: build
+    needs: [format, lint]
     strategy:
       fail-fast: true
       matrix:
         os: [ubuntu-latest]
-        ## Node 16 breaks UI test, jest issue
-        node_version: [14]
+        node_version: [16, 18]
     name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v2.3.5
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
       - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
           node-version: ${{ matrix.node_version }}
-      - uses: actions/download-artifact@v2
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages    
       - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}                                          
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
       - name: Install
-        run: pnpm recursive install --frozen-lockfile --ignore-scripts 
-      - name: Test
-        run: pnpm test
-  ci-e2e-ui:
-    needs: build
-    runs-on: ubuntu-latest
-    name: UI Test E2E Node 14
-    steps:
-      - uses: actions/checkout@v2.3.5
-      - uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - uses: actions/download-artifact@v2
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages    
-      - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}                                          
-      - name: Install
-        ## we need scripts, pupetter downloads aditional content
-        run: pnpm recursive install --frozen-lockfile 
-      - name: Test UI
-        run: pnpm test:e2e:ui
-        # env:
-        #  DEBUG: verdaccio:e2e*       
-  ci-e2e-cli:
-    needs: build
-    runs-on: ubuntu-latest
-    name: CLI Test E2E Node 14
-    steps:
-      - uses: actions/checkout@v2.3.5
-      - uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - uses: actions/download-artifact@v2
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages    
-      - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}                                          
-      - name: Install
-        ## we need scripts, pupetter downloads aditional content
-        run: pnpm recursive install --frozen-lockfile
-      - name: Test CLI
-        run: pnpm test:e2e:cli
-        # env:
-        #   DEBUG: verdaccio* 
-  test-windows:
-    needs: [format, lint]
-    runs-on: windows-latest
-    name: windows test node 14
-    steps:
-      - uses: actions/checkout@v2.3.5
-      - name: Use Node 14
-        uses: actions/setup-node@v1
-        with:
-          node-version: 14
-      - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-       # pnpm cache is not working for windows (we need a solution)
-      - uses: actions/cache@v2
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}                                            
-      - name: Install
-        run: pnpm recursive install --frozen-lockfile --ignore-scripts 
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
       - name: build
         run: pnpm build
       - name: Test
         run: pnpm test
   sync-translations:
-    needs: [ci-e2e-cli, ci-e2e-ui, test-windows, test]
+    needs: [test]
     runs-on: ubuntu-latest
     name: synchronize translations
     if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
     steps:
-      - uses: actions/checkout@v2.3.5
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 14
-      - uses: actions/download-artifact@v2
-        with:
-          name: verdaccio-artifact
-      - name: untar packages
-        run: tar -xzvf pkg.tar.gz -C ${{ github.workspace }}/packages    
+          node-version-file: '.nvmrc'
       - name: Install pnpm
-        run: npm i pnpm@6.10.3 -g
-      - uses: actions/cache@v2
+        run: |
+          corepack enable
+          corepack prepare --activate pnpm@6.32.15
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}                                          
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
       - name: Install
         ## we need scripts, pupetter downloads aditional content
-        run: pnpm recursive install --frozen-lockfile
+        run: pnpm recursive install --frozen-lockfile --registry http://localhost:4873
+      - name: build
+        run: pnpm build
       - name: generate website translations
-        run: pnpm write-translations --filter ...@verdaccio/website       
+        run: pnpm write-translations --filter ...@verdaccio/website
       - name: sync
         env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
           CONTEXT: production
-        run: pnpm crowdin:sync              
+        run: pnpm crowdin:sync

.github/workflows/codeql-analysis.yml

@@ -8,13 +8,20 @@ on:
   schedule:
     - cron: '0 2 * * 4'
 
+permissions:
+  contents: read
+
 jobs:
   CodeQL-Build:
+    permissions:
+      actions: read  # for github/codeql-action/init to get workflow details
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/autobuild to send a status report
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2.3.5
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
         with:
           # We must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head.
@@ -27,7 +34,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2
 
       # Override language selection by uncommenting this and choosing your languages
       # with:
@@ -35,7 +42,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v1
+        uses: github/codeql-action/autobuild@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -49,4 +56,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 # tag=v2

.github/workflows/docker-publish.yml

@@ -15,12 +15,16 @@ on:
       - 'master'
     tags:
       - 'v*'
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
+
 jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: docker/setup-qemu-action@v1
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # tag=v1
       - uses: docker/setup-buildx-action@v1
         with:
           driver-opts: network=host

.github/workflows/e2e-ci.yml

@@ -0,0 +1,105 @@
+name: E2E CLI
+
+on: [pull_request]
+permissions:
+  contents: read
+jobs:
+  prepare:
+    runs-on: ubuntu-latest
+    name: setup e2e verdaccio
+    services:
+      verdaccio:
+        image: verdaccio/verdaccio:nightly-master
+        ports:
+          - 4873:4873
+        env:
+          NODE_ENV: production
+    steps:
+    - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+    - name: Use Node
+      uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+      with:
+        node-version-file: '.nvmrc'
+    - name: Install pnpm
+      run: npm i pnpm@6.32.15 -g
+    - name: set store
+      run: |
+        mkdir ~/.pnpm-store
+        pnpm config set store-dir ~/.pnpm-store
+    - name: Install
+      run: pnpm recursive install --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+    - name: Cache .pnpm-store
+      uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+      with:
+        path: ~/.pnpm-store
+        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+        restore-keys: |
+          pnpm-
+  build:
+    needs: [prepare]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node 16
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      - name: Install
+        run: pnpm recursive install --frozen-lockfile --reporter=silence --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Cache packages
+        uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        id: cache-packages
+        with:
+          path: ./packages/
+          key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+          restore-keys: |
+            packages-
+      # - name: Cache test
+      #   uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+      #   id: cache-test
+      #   with:
+      #     path: ./e2e/
+      #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      #     restore-keys: |
+      #       test-
+  e2e-cli:
+    needs: [prepare, build]
+    strategy:
+      fail-fast: false
+      matrix:
+        pkg: [npm6, npm7, npm8, npm9, pnpm6, pnpm7, yarn1, yarn2,  yarn3, yarn4]
+    name:  ${{ matrix.pkg }} / ${{ matrix.os }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: npm i pnpm@6.32.15 -g
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ~/.pnpm-store
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      - name: Install
+        run: pnpm recursive install --offline --frozen-lockfile --reporter=silence --ignore-scripts --registry http://localhost:4873
+      - uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
+        with:
+          path: ./packages/
+          key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      # - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
+      #   with:
+      #     path: ./e2e/
+      #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
+      - name: build e2e
+        run: pnpm run build --filter=./e2e      
+      - name: Test CLI
+        run: NODE_ENV=production pnpm test --filter ...@verdaccio/e2e-cli-${{matrix.pkg}}

.github/workflows/e2e-ui.yml

@@ -0,0 +1,36 @@
+name: E2E UI
+
+on: [pull_request]
+permissions:
+  contents: read
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    name: UI Test E2E
+    services:
+      verdaccio:
+        image: verdaccio/verdaccio:5
+        ports:
+          - 4873:4873
+        env:
+          NODE_ENV: production
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+      - name: Use Node
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version-file: '.nvmrc'
+      - name: Install pnpm
+        run: |
+         corepack enable
+         corepack prepare --activate pnpm@6.32.15
+      - name: Install
+        run: pnpm install --frozen-lockfile --reporter=silence --registry http://localhost:4873
+      - name: build
+        run: pnpm build
+      - name: Test UI
+        run: pnpm test:e2e:ui
+      - uses: actions/upload-artifact@83fd05a356d7e2593de66fc9913b3002723633cb # v3
+        with:
+          name: videos
+          path: /home/runner/work/verdaccio/verdaccio/e2e/ui/cypress/videos

.github/workflows/static-data.yml

@@ -0,0 +1,58 @@
+---
+name: static data
+
+on:
+  workflow_dispatch:
+  schedule:
+    # twice peer week
+    - cron: '0 0 * * 1,4'
+  # for now, scheduled, we can enable on push master but not make much sense now
+  # push:
+  #   branches:
+  #     - master
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
+
+jobs:
+  prepare:
+    name: Run script
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
+        with:
+          persist-credentials: false
+          fetch-depth: 0
+      - uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
+        with:
+          node-version: 18.x
+      - name: install pnpm
+        run: sudo npm i pnpm@latest-6 -g
+      - name: set store
+        run: | 
+          mkdir ~/.pnpm-store
+          pnpm config set store-dir ~/.pnpm-store
+      - name: setup pnpm config registry
+        run: pnpm config set registry https://registry.verdaccio.org
+      - name: install dependencies
+        run: pnpm install
+      - name: Build Translations percentage
+        run: pnpm build --filter "@verdaccio/crowdin-translations"
+      - name: update contributors
+        run: pnpm run contributors
+        env:
+          TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: update translations
+        run: pnpm run translations
+        env:
+          TOKEN: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}          
+      - name: format
+        run: pnpm format
+      - name: Commit & Push changes
+        uses: actions-js/push@a52398fac807b0c1e5f1492c969b477c8560a0ba # tag=v1.3
+        with:
+          github_token: ${{ secrets.TOKEN_VERDACCIOBOT_GITHUB }}
+          message: "chore: updated static data"
+          branch: master
+          author_email: verdaccio.npm@gmail.com
+          author_name: verdacciobot

.github/workflows/website.yml

@@ -3,36 +3,35 @@ name: Verdaccio Website CI
 on:
   workflow_dispatch:
   pull_request:
-    types:
-      - opened
-      - synchronize
     paths:
-      - 'website/**'
-      - 'package.json'
-      - './.github/workflows/website.yml'
-  push:
-    branches:
-      - 'master'
-    paths:
-      - 'website/**'
-      - 'package.json'
-      - './.github/workflows/website.yml'
+        - 'website/**'
+        - './.github/workflows/website.yml'
+  schedule:
+    - cron: '0 0 * * *' 
+
+permissions:
+  contents: read  #  to fetch code (actions/checkout)
 
 jobs:
   build:
+    permissions:
+      contents: read  #  to fetch code (actions/checkout)
+      deployments: write
+      pull-requests: write  #  to comment on pull-requests
+
     runs-on: ubuntu-latest
     env:
       NODE_OPTIONS: --max_old_space_size=4096
     steps:
-      - uses: actions/checkout@v2.3.5
+      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3
 
-      - name: Use Node 14
-        uses: actions/setup-node@v2
+      - name: Use Node 16
+        uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # tag=v3
         with:
-          node-version: 14
+          node-version: 16
 
       - name: Cache pnpm modules
-        uses: actions/cache@v2
+        uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         env:
           cache-name: cache-pnpm-modules
         with:
@@ -41,20 +40,18 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
 
-      - uses: pnpm/action-setup@v2.0.1
+      - uses: pnpm/action-setup@c3b53f6a16e57305370b4ae5a540c2077a1d50dd # tag=v2.2.4
         with:
-          version: 6.10.2
+          version: 6.32.15
           run_install: |
             - recursive: true
               args: [--frozen-lockfile]
-
-      - name: Lint And Pretty
-        run: |
-          pnpm eslint:check --filter ...@verdaccio/website
-          pnpm prettier:check --filter ...@verdaccio/website
-
+      - name: Build 
+        run: pnpm build
+      - name: Build Translations percentage
+        run: pnpm build --filter "@verdaccio/crowdin-translations"
       - name: Cache Docusaurus Build
-        uses: actions/cache@v2
+        uses: actions/cache@1c73980b09e7aea7201f325a7aa3ad00beddcdda # tag=v3
         with:
           path: website/node_modules/.cache/webpack
           key: cache/webpack-${{github.ref}}-${{ hashFiles('**/pnpm-lock.yaml') }}
@@ -66,14 +63,14 @@ jobs:
       - name: Build Production
         if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
         env:
-          CROWDIN_VERDACCIO_PROJECT_ID: ${{ secrets.CROWDIN_VERDACCIO_PROJECT_ID }}
           CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
+          SENTRY_KEY: ${{ secrets.SENTRY_KEY }}
           CONTEXT: production
         run: pnpm netlify:build:production --filter ...@verdaccio/website
 
       - name: 🔥 Deploy Production Netlify
         if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-        uses: semoal/action-netlify-deploy@master
+        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
@@ -82,14 +79,13 @@ jobs:
 
       # Will deploy to Preview URL, only when a pull request is open with changes on the website
       - name: Build Deployment Preview
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master' && github.event.label.name == 'trigger-preview'
         env:
           CONTEXT: deploy-preview
         run: pnpm netlify:build:deployPreview --filter ...@verdaccio/website
 
       - name: 🤖 Deploy Preview Netlify
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master' && github.event.label.name == 'trigger-preview'
-        uses: semoal/action-netlify-deploy@master
+        if: github.repository == 'verdaccio/verdaccio'
+        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
         id: netlify_preview
         with:
           draft: true
@@ -102,9 +98,9 @@ jobs:
           build-dir: './website/build'
 
       - name: Audit preview URL with Lighthouse
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master' && github.event.label.name == 'trigger-preview'
+        if: github.repository == 'verdaccio/verdaccio'
         id: lighthouse_audit
-        uses: treosh/lighthouse-ci-action@v3
+        uses: treosh/lighthouse-ci-action@e0fe113967eee84b631d526ed18ce001f35fe9e9 # tag=9.3.1
         with:
           urls: |
             ${{ steps.netlify_preview.outputs.preview-url }}
@@ -112,9 +108,8 @@ jobs:
           temporaryPublicStorage: true
 
       - name: Format lighthouse score
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master' && github.event.label.name == 'trigger-preview'
         id: format_lighthouse_score
-        uses: actions/github-script@v3
+        uses: actions/github-script@d556feaca394842dc55e4734bf3bb9f685482fa0 # tag=v6
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
@@ -137,12 +132,13 @@ jobs:
              core.setOutput("comment", comment);
 
       - name: Add comment to PR
-        if: github.event_name == 'pull_request' && github.ref != 'refs/heads/master' && github.event.label.name == 'trigger-preview'
+        if: github.repository == 'verdaccio/verdaccio'
         id: comment_to_pr
-        uses: marocchino/sticky-pull-request-comment@v1
+        uses: marocchino/sticky-pull-request-comment@adca94abcaf73c10466a71cc83ae561fd66d1a56 # tag=v2
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           number: ${{ github.event.issue.number }}
+          delete: true
           header: lighthouse
           message: |
             ${{ steps.format_lighthouse_score.outputs.comment }}

.gitignore

@@ -46,7 +46,14 @@ api-results.json
 hyper-results.json
 hyper-results*.json
 api-results*.json
+.clinic/
 
 #docs 
-./api
-packages/core/core/docs
+website/docs/api/**/*.md
+website/docs/api/**/*.yml
+!website/docs/api/index.md
+packages/**/docs
+
+# cypress
+e2e/ui/cypress/videos/**/*
+e2e/ui/cypress/screenshots/**/*

.npmrc

@@ -1,5 +1,4 @@
 always-auth = true
 recursive-install = true
-registry = https://registry.verdaccio.org
 loglevel=info
 fetch-retries="10"

.prettierignore

@@ -19,8 +19,8 @@ node_modules/
 packages/core/local-storage/_storage/**
 packages/partials/storage_default_storage/
 packages/standalone/dist/bundle.js
+packages/verdaccio/dist/bundle.js
 docker-examples/v5/reverse_proxy/nginx/relative_path/storage/*
-docker-examples/
 build/
 .vscode/
 .github/
@@ -31,3 +31,5 @@ api/**
 packages/core/local-storage/tests/__fixtures__/test-storage/
 packages/plugins/ui-theme/static/
 .verdaccio-db.json
+test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
+yarn.js

.vscode/launch.json

@@ -4,88 +4,12 @@
   // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
   "version": "0.2.0",
   "configurations": [
-
-  {
-    "name": "Attach",
-    "port": 9229,
-    "request": "attach",
-    "skipFiles": [
-      "<node_internals>/**"
-    ],
-    "type": "pwa-node"
-  },
     {
-      "name": "Verdaccio Debug",
+      "name": "Attach",
       "port": 9229,
       "request": "attach",
       "skipFiles": ["<node_internals>/**"],
       "type": "pwa-node"
-    },
-    {
-      "type": "node",
-      "request": "launch",
-      "name": "CLI Babel Registry",
-      "stopOnEntry": false,
-      "program": "${workspaceFolder}/debug/bootstrap.js",
-      "args": ["-l", "0.0.0.0:4873"],
-      "env": {
-        "BABEL_ENV": "registry"
-      },
-      "preLaunchTask": "npm: build:webui",
-      "console": "integratedTerminal"
-    },
-    {
-      "name": "Unit Tests",
-      "type": "node",
-      "request": "launch",
-      "program": "${workspaceRoot}/node_modules/bin/jest",
-      "stopOnEntry": false,
-      "args": ["--debug=true"],
-      "cwd": "${workspaceRoot}",
-      "runtimeExecutable": null,
-      "runtimeArgs": ["--nolazy"],
-      "env": {
-        "NODE_ENV": "test",
-        "TZ": "UTC"
-      },
-      "console": "integratedTerminal"
-    },
-    {
-      "name": "Functional Tests",
-      "type": "node",
-      "request": "launch",
-      "program": "${workspaceRoot}/node_modules/.bin/jest",
-      "stopOnEntry": false,
-      "args": [
-        "--config",
-        "./test/jest.config.functional.js",
-        "--testPathPattern",
-        "./test/functional/index*",
-        "--debug=false",
-        "--verbose",
-        "--useStderr",
-        "--detectOpenHandles"
-      ],
-      "cwd": "${workspaceRoot}",
-      "env": {
-        "BABEL_ENV": "testOldEnv",
-        "VERDACCIO_DEBUG": "true",
-        "VERDACCIO_DEBUG_INJECT": "true",
-        "NODE_DEBUG": "TO_DEBUG_REQUEST_REMOVE_THIS_request"
-      },
-      "preLaunchTask": "pre-test",
-      "console": "integratedTerminal",
-      "runtimeExecutable": null,
-      "runtimeArgs": ["--nolazy"]
-    },
-    {
-      "type": "node",
-      "request": "launch",
-      "name": "Verdaccio Compiled",
-      "preLaunchTask": "npm: code:build",
-      "program": "${workspaceRoot}/bin/verdaccio",
-      "args": ["-l", "0.0.0.0:4873"],
-      "console": "integratedTerminal"
     }
   ]
 }

.vscode/settings.json

@@ -8,5 +8,6 @@
     "storage_default_storage": true,
     ".yarn": true
   },
+  "editor.formatOnSave": true,
   "typescript.tsdk": "node_modules/typescript/lib"
 }

.vscode/tasks.json

@@ -1,21 +0,0 @@
-{
-  // See https://go.microsoft.com/fwlink/?LinkId=733558
-  // for the documentation about the tasks.json format
-  "version": "2.0.0",
-  "tasks": [
-    {
-      "type": "npm",
-      "script": "build:webui",
-      "problemMatcher": []
-    },
-    {
-      "type": "npm",
-      "script": "code:build",
-      "problemMatcher": []
-    },
-    {
-      "label": "pre-test",
-      "dependsOn": ["npm: code:build", "npm: test:clean"]
-    }
-  ]
-}

CONTRIBUTING.md

@@ -1,59 +1,33 @@
 # Contributing
 
-> Any change matters, whatever the size, just do it.
+> This guidelines refers to the main (`master`) that host the v6.x, if you want to contribute to `5.x` please read the following [link](https://github.com/verdaccio/verdaccio/blob/5.x/CONTRIBUTING.md).
 
-We're happy that you're considering contributing! To help, we've prepared these
-guidelines for you:
+We're happy that you're considering contributing!
 
-**Table of Contents**
-
-- [Contributing](#contributing)
-  - [How Do I Contribute?](#how-do-i-contribute)
-  - [Development Setup](#development-setup)
-    - [Building the project](#building-the-project)
-    - [Running test](#running-test)
-    - [Running and debugging](#running-and-debugging)
-    - [Debugging compiled code](#debugging-compiled-code)
-  - [Reporting Bugs](#reporting-bugs)
-    - [Read the documentation](#read-the-documentation)
-    - [What's is not considered a bug?](#whats-is-not-considered-a-bug)
-    - [Issue Search](#issue-search)
-    - [Chat](#chat)
-  - [Translations](#translations)
-  - [Request Features](#request-features)
-  - [Contributing Guidelines](#contributing-guidelines)
-    - [Submitting a Pull Request](#submitting-a-pull-request)
-    - [Make Changes and Commit](#make-changes-and-commit)
-      - [Caveats](#caveats)
-      - [Before Commit](#before-commit)
-      - [Commit Guidelines](#commit-guidelines)
-    - [Adding a changeset](#adding-a-changeset)
-    - [Update Tests](#update-tests)
-  - [Develop Plugins](#develop-plugins)
+To help you getting started we've prepared these guidelines for you, any change matter, just do it:
 
 ## How Do I Contribute?
 
 There are many ways to contribute:
 
-- Report a bug
-- Request a feature you think would be great for Verdaccio
-- Fix bugs
-- Test and triage bugs reported by others
-- Work on requested/approved features
-- Improve the codebase (linting, naming, comments, test descriptions, etc...)
+- [Report a bug](#reporting-bugs)
+- [Request a feature you think would be great for Verdaccio](#feature-request)
+- [Fixing bugs](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22issue%3A+bug%22)
+- [Test and triage bugs reported by others](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3Aissue_needs_triage)
+- [Working on requested/approved features](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22topic%3A+feature+request%22+)
+- [Improve the codebase (linting, naming, comments, test descriptions, etc...)](https://github.com/verdaccio/verdaccio/discussions/1461)
+- Improve code coverage for unit testing for every module, [end to end](https://github.com/verdaccio/verdaccio/tree/master/e2e/cli) or [UI test](https://github.com/verdaccio/verdaccio/tree/master/e2e/ui) (with cypress).
 
-The Verdaccio project is split into several areas:
+The Verdaccio project is split into several areas, the first three hosted in the main repository:
 
 - **Core**: The [core](https://github.com/verdaccio/verdaccio) is the main repository, built with **Node.js**.
 - **Website**: we use [**Docusaurus**](https://docusaurus.io/) for the **website** and if you are familiar with this technology, you might become the official webmaster.
 - **User Interface**: The [user Interface](https://github.com/verdaccio/ui) is based in **react** and **material-ui** and looking for front-end contributors.
 - **Kubernetes and Helm**: Ts the official repository for the [**Helm chart**](https://github.com/verdaccio/charts).
 
-> There are other areas to contribute, like documentation, translation which are
-> not hosted on this repo but check the last section of this notes for further
-> information.
+> There are other areas to contribute, like [documentation](https://github.com/verdaccio/verdaccio/tree/master/website/docs) or [translations](#translations}).
 
-## Development Setup
+## Prepare local setup {#local-setup}
 
 Verdaccio uses [pnpm](https://pnpm.io) as the package manager for development in this repository.
 
@@ -70,7 +44,7 @@ This setting would cause the `pnpm install` command to install incorrect version
 To begin your development setup, please install the latest version of pnpm globally:
 
 ```
-npm i -g pnpm
+npm i -g pnpm@latest-6
 ```
 
 With pnpm installed, the first step is installing all dependencies:
@@ -138,15 +112,13 @@ output to the code. Each package has it owns namespace.
 
 To run the application from the source code, ensure the project has been built with `pnpm build`, once this is done, there are few commands that helps to run server:
 
-- `pnpm start`: Run the server and the UI with `concurrently`, the
-  server runs in the port `8000` and the UI on the port `4873`. This command
-  is useful if you want to contribute mostly on the UI.
-- `pnpm debug`: Run the server in debug mode `--inspect`, the UI is included but does not have hot reload. For automatic break use `pnpm debug:break`.
+- `pnpm start`: Runs server on port `8000` and UI on port `4873`. This is particularly useful if you want to contribute to the UI, since it runs with hot reload.
+- `pnpm debug`: Run the server in debug mode `--inspect`. UI runs too but without hot reload. For automatic break use `pnpm debug:break`.
 - `pnpm debug:fastify`: To contribute on the [fastify migration](https://github.com/verdaccio/verdaccio/discussions/2155) this is a temporary command for such purpose.
 - `pnpm website`: Build the website, for more commands to run the _website_, run `cd website` and then `pnpm serve`, website will run on port `3000`.
 - `pnpm docker`: Build the docker image. Requires `docker` command available in your system.
 
-#### Debugging compiled code
+#### Debugging compiled code {#debugging-compiled-code}
 
 Currently you can only run pre-compiled packages in debug mode. To enable debug
 while running add the `verdaccio` namespace using the `DEBUG` environment
@@ -166,13 +138,50 @@ DEBUG=verdaccio:plugin:* node packages/verdaccio/debug/bootstrap.js
 The debug code is intended to analyze what is happening under the hood and none
 of the output is sent to the logger module.
 
-## Reporting Bugs
+> [See the full guide how to debug with Verdaccio](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio)
+
+#### Testing your changes in a local registry {#testing-local-registry}
+
+Once you have perform your changes in the code base, the build and tests passes you can publish a local version:
+
+- Ensure you have build all modules (or the one you have modified)
+- Run `pnpm local:publish:release` to launch a local registry and publish all packages into it. This command will be alive until server is killed (Control Key + C)
+
+```
+pnpm build
+pnpm local:publish:release
+```
+
+The last step consist on install globally the package from the local registry which runs on the default port (4873).
+
+```
+npm i -g verdaccio --registry=http://localhost:4873
+verdaccio
+```
+
+If you perform more changes in the source code, repeat this process, there is not _hot reloading_ support.
+
+## Feature Request {#feature-request}
+
+New feature requests are welcome. Analyse whether the idea fits within scope of the project. Adding in context and the use-case will really help!
+
+**Please provide:**
+
+- Create a [discussion](https://github.com/verdaccio/verdaccio/discussions/new).
+- A detailed description the advantages of your request.
+- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_
+  ](https://github.com/yarnpkg/yarn) or [_yarn modern_
+  ](https://github.com/yarnpkg/berry).
+- A potential implementation or design
+- Whatever else is on your mind! 🤓
+
+## Reporting Bugs {#reporting-bugs}
 
 **Bugs are considered features that are not working as described in
 documentation.**
 
 If you've found a bug in Verdaccio **that isn't a security risk**, please file
-a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues).
+a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues), if you think a potential vulnerability please read the [security policy](https://verdaccio.org/community/security) .
 
 > **NOTE: Verdaccio still does not support all npm commands. Some were not
 > considered important and others have not been requested yet.**
@@ -185,13 +194,13 @@ a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues).
 - _Features clearly flagged as not supported_
 - _Node.js issues installation in any platform_: If you cannot install the
   global package (this is considered external issue)
-- Any ticket which has beed flagged as an [external issue
+- Any ticket which has been flagged as an [external issue
   ](https://github.com/verdaccio/verdaccio/labels/external-issue)
 
 If you intend to report a **security** issue, please follow our [Security policy
 guidelines](https://github.com/verdaccio/verdaccio/security/policy).
 
-### Issue Search
+### Issues {#issues}
 
 Before reporting a bug please:
 
@@ -203,53 +212,21 @@ In case any of those match with your search, up-vote it (using GitHub reactions)
 or add additional helpful details to the existing issue to show that it's
 affecting multiple people.
 
-### Chat
+### Contributing support
 
 Questions can be asked via [Discord](https://discord.gg/7qWJxBf)
 
-**Please use the `#help` channel.**
+**Please use the `#contribute` channel.**
 
-## Translations
+## Development Guidelines {#development-guidelines}
 
-All translations are provided by the `crowdin` platform:
-[https://translate.verdaccio.org/](https://translate.verdaccio.org/)
+It's recommended use a UNIX system for local development, Windows should works fine for development, but is not daily tested could not be perfect. To ensure a fast code review and merge, please follow the next guidelines:
 
-If you want to contribute by adding translations, create an account (GitHub could be used as fast alternative), in the platform you can contribute to two areas, the website or improve User Interface translations.
+Any contribution gives you the right to be part of this organization as _collaborator_ and your avatar will be automatically added to the [contributors page](https://verdaccio.org/contributors).
 
-If a language is not listed, ask for it in the [Discord](https://discord.gg/7qWJxBf) channel #contribute channel.
+## Pull Request {#pull-request}
 
-For adding a new **language** on the UI follow these steps:
-
-1. Ensure the **language** has been enabled, must be visible in the `crowdin` platform.
-2. Find in the explorer the file `en.US.json` in the path `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` and complete the translations, **not need to find approval on this**.
-3. Into the project, add a new field into `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` file, in the section `lng`, the new language, eg: `{ lng: {korean:"Korean"}}`. (This file is English based, once the PR has been merged, this string will be available in crowdin for translate to the targeted language).
-4. Add the language, [flag icon](https://www.npmjs.com/package/country-flag-icons), and the menu key fort he new language eg: `menuKey: 'lng.korean'` to the file `packages/plugins/ui-theme/src/i18n/enabledLanguages.ts`.
-5. For local testing, read `packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md`.
-6. Add a `changeset` file, see more info below.
-
-## Request Features
-
-New feature requests are welcome. Analyse whether the idea fits within scope of
-the project. Adding in context and the use-case will really help!
-
-**Please provide:**
-
-- A detailed description the advantages of your request
-- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_
-  ](https://github.com/yarnpkg/yarn) or [_yarn berry_
-  ](https://github.com/yarnpkg/berry).
-- A potential implementation or design
-- Whatever else is on your mind! 🤓
-
-## Contributing Guidelines
-
-It's very exciting to become a Verdaccio contributor 🙌🏼. To ensure a fast code
-review and merge, please follow the next guidelines:
-
-> Any contribution gives you the right to be part of this organization as
-> _collaborator_.
-
-### Submitting a Pull Request
+### Submitting a Pull Request {#submit-pull-request}
 
 The following are the steps you should follow when creating a pull request.
 Subsequent pull requests only need to follow step 3 and beyond.
@@ -277,10 +254,10 @@ Feel free to commit as much times you want in your branch, but keep on mind on
 this repository we `git squash` on merge by default, as we like to maintain a
 clean git history.
 
-#### Before Commit
+#### Before Push {#before-push}
 
-Before committing, **you must ensure there are no linting errors and
-all tests pass.** To do this, run these commands before create the PR:
+Before committing or push, **you must ensure there are no linting errors and
+all tests passes**. To do verify, run these commands before creating the PR:
 
 ```bash
 pnpm lint
@@ -294,47 +271,18 @@ pnpm test
 
 All good? Perfect! You should create the pull request.
 
-#### Commit Guidelines
+#### Commit Guidelines {#commits}
 
-For example:
+On a pull request, commit messages are not important, please focus on document properly the pull request content. The commit message will be taken from the pull request title, it is recommended to use lowercase format.
 
-- `feat: A new feature`
-- `fix: A bug fix`
-
-A commit of the type feat introduces a new feature to the codebase (this
-correlates with MINOR in semantic versioning).
-
-e.g.:
-
-```
-feat: xxxxxxxxxx
-```
-
-A commit of the type fix patches a bug in your codebase (this correlates with
-PATCH in semantic versioning).
-
-e.g.:
-
-```
-fix: xxxxxxxxxxx
-```
-
-Commits types such as as `docs:`,`style:`,`refactor:`,`perf:`,`test:` and
-`chore:` are valid but have no effect on versioning: **please use them!**
-
-All commits message are going to be validated when they are created using
-_husky_ hooks.
-
-> Please try to provide one single commit to help a clean and easy merge process
-
-### Adding a changeset
+### Adding a changeset {#changeset}
 
 We use [changesets](https://github.com/atlassian/changesets) in order to
 generate a detailed Changelog as possible.
 
 Adding a changeset with your Pull Request is essential if you want your
-contribution to get merged (unless is a change that does not affect library
-functionality, eg: typo, docs, readme, add additional test or linting code). To
+contribution to get merged (unless it does not affect functionality or
+user-facing content, eg: docs, readme, adding test or typo/lint fixes). To
 create a changeset please run:
 
 ```
@@ -409,7 +357,25 @@ If you need help with how testing works, please [refer to the following guide
 **If you are introducing new features, you MUST include new tests. PRs for
 features without tests will not be merged.**
 
-## Develop Plugins
+## Translations {#translations}
+
+All translations are provided by the **[crowdin](http://crowdin.com)** platform,
+[https://translate.verdaccio.org/](https://translate.verdaccio.org/)
+
+If you want to contribute by adding translations, create an account (GitHub could be used as fast alternative), in the platform you can contribute to two areas, the website or improve User Interface translations.
+
+If a language is not listed, ask for it in the [Discord](https://discord.gg/7qWJxBf) channel #contribute channel.
+
+For adding a new **language** on the UI follow these steps:
+
+1. Ensure the **language** has been enabled, must be visible in the `crowdin` platform.
+2. Find in the explorer the file `en.US.json` in the path `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` and complete the translations, **not need to find approval on this**.
+3. Into the project, add a new field into `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` file, in the section `lng`, the new language, eg: `{ lng: {korean:"Korean"}}`. (This file is English based, once the PR has been merged, this string will be available in crowdin for translate to the targeted language).
+4. Add the language, [flag icon](https://www.npmjs.com/package/country-flag-icons), and the menu key fort he new language eg: `menuKey: 'lng.korean'` to the file `packages/plugins/ui-theme/src/i18n/enabledLanguages.ts`.
+5. For local testing, read `packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md`.
+6. Add a `changeset` file, see more info below.
+
+## Develop Plugins {#develop-plugins}
 
 Plugins are add-ons that extend the functionality of the application.
 

CONTRIBUTORS.md

@@ -1,39 +0,0 @@
-<!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section -->
-<!-- markdownlint-disable -->
-<table>
-  <tr>
-    <td align="center"><a href="https://www.linkedin.com/in/jotadeveloper/"><img src="https://avatars0.githubusercontent.com/u/558752?v=4" width="100px;" alt=""/><br /><sub><b>Juan Picado</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=juanpicado" title="Documentation">📖</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=juanpicado" title="Code">💻</a> <a href="#infra-juanpicado" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#eventOrganizing-juanpicado" title="Event Organizing">📋</a> <a href="#blog-juanpicado" title="Blogposts">📝</a> <a href="#maintenance-juanpicado" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://github.com/sergiohgz"><img src="https://avatars3.githubusercontent.com/u/14012309?v=4" width="100px;" alt=""/><br /><sub><b>Sergio Herrera</b></sub></a><br /><a href="#infra-sergiohgz" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-sergiohgz" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://daniel-ruf.de/"><img src="https://avatars1.githubusercontent.com/u/827205?v=4" width="100px;" alt=""/><br /><sub><b>Daniel Ruf</b></sub></a><br /><a href="#security-DanielRuf" title="Security">🛡️</a> <a href="#infra-DanielRuf" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-DanielRuf" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://priscilawebdev.github.io/priscilaoliveira/"><img src="https://avatars1.githubusercontent.com/u/29228205?v=4" width="100px;" alt=""/><br /><sub><b>Priscila Oliveira</b></sub></a><br /><a href="#design-priscilawebdev" title="Design">🎨</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=priscilawebdev" title="Code">💻</a> <a href="#maintenance-priscilawebdev" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="http://ayusharma.github.io/"><img src="https://avatars0.githubusercontent.com/u/6918450?v=4" width="100px;" alt=""/><br /><sub><b>Ayush Sharma</b></sub></a><br /><a href="#infra-ayusharma" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=ayusharma" title="Code">💻</a> <a href="#design-ayusharma" title="Design">🎨</a></td>
-    <td align="center"><a href="https://github.com/trentearl"><img src="https://avatars2.githubusercontent.com/u/802857?v=4" width="100px;" alt=""/><br /><sub><b>Trent Earl</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=trentearl" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/jmwilkinson"><img src="https://avatars0.githubusercontent.com/u/17836030?v=4" width="100px;" alt=""/><br /><sub><b>jmwilkinson</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jmwilkinson" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/bufferoverflow"><img src="https://avatars2.githubusercontent.com/u/378909?v=4" width="100px;" alt=""/><br /><sub><b>Roger Meier</b></sub></a><br /><a href="#plugin-bufferoverflow" title="Plugin/utility libraries">🔌</a></td>
-    <td align="center"><a href="https://ghuser.io/jamesgeorge007"><img src="https://avatars2.githubusercontent.com/u/25279263?v=4" width="100px;" alt=""/><br /><sub><b>James George</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jamesgeorge007" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/AvailCat"><img src="https://avatars3.githubusercontent.com/u/19658647?v=4" width="100px;" alt=""/><br /><sub><b>AvailCat</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=AvailCat" title="Code">💻</a> <a href="#infra-AvailCat" title="Infrastructure (Hosting, Build-Tools, etc)">🚇</a> <a href="#maintenance-AvailCat" title="Maintenance">🚧</a></td>
-    <td align="center"><a href="https://www.luciusgaitan.com/"><img src="https://avatars0.githubusercontent.com/u/5970350?v=4" width="100px;" alt=""/><br /><sub><b>Lucius Gaitán</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=lgaitan" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/ramonornela"><img src="https://avatars1.githubusercontent.com/u/187946?v=4" width="100px;" alt=""/><br /><sub><b>Ramon Henrique Ornelas</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ramonornela" title="Code">💻</a></td>
-    <td align="center"><a href="https://people.freebsd.org/~mi/resume/"><img src="https://avatars1.githubusercontent.com/u/1486340?v=4" width="100px;" alt=""/><br /><sub><b>UnitedMarsupials-zz</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=UnitedMarsupials-zz" title="Code">💻</a></td>
-    <td align="center"><a href="http://www.codingintrigue.co.uk/"><img src="https://avatars0.githubusercontent.com/u/9048902?v=4" width="100px;" alt=""/><br /><sub><b>Ryan Graham</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ryan-codingintrigue" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/coolsp"><img src="https://avatars1.githubusercontent.com/u/1246647?v=4" width="100px;" alt=""/><br /><sub><b>coolsp</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=coolsp" title="Code">💻</a></td>
-    <td align="center"><a href="http://ashishsurana.in/"><img src="https://avatars0.githubusercontent.com/u/5610944?v=4" width="100px;" alt=""/><br /><sub><b>Ashish Surana</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=ashishsurana" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/buffaybu"><img src="https://avatars3.githubusercontent.com/u/2025661?v=4" width="100px;" alt=""/><br /><sub><b>Wang Yifei</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=buffaybu" title="Code">💻</a></td>
-    <td align="center"><a href="https://twitter.com/liran_tal"><img src="https://avatars1.githubusercontent.com/u/316371?v=4" width="100px;" alt=""/><br /><sub><b>Liran Tal</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=lirantal" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/brenordr"><img src="https://avatars2.githubusercontent.com/u/19731692?v=4" width="100px;" alt=""/><br /><sub><b>Breno Rodrigues</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=brenordr" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/jachstet-sea"><img src="https://avatars0.githubusercontent.com/u/7993508?v=4" width="100px;" alt=""/><br /><sub><b>jachstet-sea</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=jachstet-sea" title="Code">💻</a></td>
-    <td align="center"><a href="https://patrik.votocek.cz/"><img src="https://avatars1.githubusercontent.com/u/112567?v=4" width="100px;" alt=""/><br /><sub><b>Patrik Votoček</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=Vrtak-CZ" title="Code">💻</a></td>
-  </tr>
-  <tr>
-    <td align="center"><a href="https://github.com/monkeywithacupcake"><img src="https://avatars3.githubusercontent.com/u/7316730?v=4" width="100px;" alt=""/><br /><sub><b>jess</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=monkeywithacupcake" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/toolsofraj"><img src="https://avatars0.githubusercontent.com/u/2507152?v=4" width="100px;" alt=""/><br /><sub><b>toolsofraj</b></sub></a><br /><a href="https://github.com/verdaccio/verdaccio/commits?author=toolsofraj" title="Code">💻</a></td>
-    <td align="center"><a href="https://github.com/ddhp"><img src="https://avatars1.githubusercontent.com/u/1715380?v=4" width="100px;" alt=""/><br /><sub><b>Jian-Chen Chen (jesse)</b></sub></a><br /><a href="#translation-ddhp" title="Translation">🌍</a> <a href="https://github.com/verdaccio/verdaccio/commits?author=ddhp" title="Code">💻</a></td>
-  </tr>
-</table>
-
-<!-- markdownlint-enable -->
-<!-- ALL-CONTRIBUTORS-LIST:END -->

Dockerfile

@@ -1,25 +1,26 @@
-FROM --platform=${BUILDPLATFORM:-linux/amd64} node:14.18.1-alpine as builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} node:16-alpine as builder
 
 ENV NODE_ENV=development \
     VERDACCIO_BUILD_REGISTRY=https://registry.verdaccio.org
 
 RUN apk --no-cache add openssl ca-certificates wget && \
-    apk --no-cache add g++ gcc libgcc libstdc++ linux-headers make python && \
+    apk --no-cache add g++ gcc libgcc libstdc++ linux-headers make python3 && \
     wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
     wget -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.25-r0/glibc-2.25-r0.apk && \
     apk add glibc-2.25-r0.apk
 
 WORKDIR /opt/verdaccio-build
 COPY . .
-
-RUN npm -g i pnpm@6.10.3 && \
+RUN npm -g i pnpm@6.32.15 && \
     pnpm config set registry $VERDACCIO_BUILD_REGISTRY && \
     pnpm recursive install --frozen-lockfile --ignore-scripts && \
-    pnpm run build
+    rm -Rf test && \
+    pnpm run build && \
+    pnpm install -P
 # FIXME: need to remove devDependencies from the build
 # RUN pnpm install --prod --ignore-scripts
 
-FROM node:14.18.1-alpine
+FROM node:16-alpine
 LABEL maintainer="https://github.com/verdaccio/verdaccio"
 
 ENV VERDACCIO_APPDIR=/opt/verdaccio \

README.md

@@ -1,10 +1,19 @@
+[![BannerUK](https://cdn.verdaccio.dev/readme/banner-uk.svg)](https://donate.redcrossredcrescent.org/ua/donate/~my-donation?_cv=1)
+
+> Verdaccio stands for **peace**, stop the war, we will be yellow / blue 🇺🇦 until that happens.
+
 ![verdaccio logo](https://cdn.verdaccio.dev/readme/verdaccio@2x.png)
 
 ![verdaccio gif](https://cdn.verdaccio.dev/readme/readme-website.png)
 
 # Version 6 (Development branch)
 
-> Looking for Verdaccio 5? Check branch `5.x`.
+> Looking for Verdaccio 5 version? Check the branch `5.x`
+> The plugins for the `v5.x` that are hosted within this organization are located
+> at the [`verdaccio/monorepo`](https://github.com/verdaccio/monorepo) repository, while for the v6.x
+> are hosted on this project `./packages/plugins`, keep on mind `v6.x` plugins will eventually would be
+> incompatible with `v5.x` versions.
+> Note that contributing guidelines might be different based on the branch.
 
 [Verdaccio](https://verdaccio.org/) is a simple, **zero-config-required local private npm registry**.
 No need for an entire database just to get started! Verdaccio comes out of the box with
@@ -26,15 +35,28 @@ Google Cloud Storage** or create your own plugin.
 
 [![Twitter followers](https://img.shields.io/twitter/follow/verdaccio_npm.svg?style=social&label=Follow)](https://twitter.com/verdaccio_npm)
 [![Github](https://img.shields.io/github/stars/verdaccio/verdaccio.svg?style=social&label=Stars)](https://github.com/verdaccio/verdaccio/stargazers)
+[![StandWithUkraine](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/badges/StandWithUkraine.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)
 
 ## Install
 
-> Latest Node.js v14
+> Latest Node.js v16 required
 
 Install with npm:
 
 ```bash
-npm install --global verdaccio@6-next
+npm install --location=global verdaccio@6-next
+```
+
+With `yarn`
+
+```bash
+yarn global add verdaccio@6-next
+```
+
+With `pnpm`
+
+```bash
+pnpm i -g verdaccio@6-next
 ```
 
 or
@@ -43,9 +65,30 @@ or
 docker pull verdaccio/verdaccio:nightly-master
 ```
 
+or with _helm_ [official chart](https://github.com/verdaccio/charts).
+
+```bash
+helm repo add verdaccio https://charts.verdaccio.org
+helm repo update
+helm install verdaccio/verdaccio
+```
+
+Furthermore, you can read the [**Debugging Guidelines**](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio) and the [**Docker Examples**](https://github.com/verdaccio/verdaccio/tree/master/docker-examples) for more advanced development.
+
+## Plugins
+
+You can develop your own [plugins](https://verdaccio.org/docs/plugins) with the [verdaccio generator](https://github.com/verdaccio/generator-verdaccio-plugin). Installing [Yeoman](https://yeoman.io/) is required.
+
+```
+npm install --location=global yo
+npm install --location=global generator-verdaccio-plugin
+```
+
+Learn more [here](https://verdaccio.org/docs/dev-plugins) how to develop plugins. Share your plugins with the community.
+
 ## Donations
 
-Verdaccio is run by **volunteers**; nobody is working full-time on it. If you find this project to be useful and would like to support its development, consider making a donation - **your logo might end up in this readme.** 😉
+Verdaccio is run by **volunteers**; nobody is working full-time on it. If you find this project to be useful and would like to support its development, consider do a long support donation - **and your logo will be on this section of the readme.**
 
 **[Donate](https://github.com/sponsors/verdaccio)** 💵👍🏻 starting from _$1/month_ or just one single contribution.
 
@@ -71,19 +114,31 @@ If you want to use a modified version of some 3rd-party package (for example, yo
 ### E2E Testing
 
 Verdaccio has proved to be a lightweight registry that can be
-booted in a couple of seconds, fast enough for any CI. Many open source projects use verdaccio for end to end testing, to mention some examples, **create-react-app**, **mozilla neutrino**, **pnpm**, **storybook**, **alfresco** or **eclipse theia**. You can read more in dedicated article to E2E in our blog.
+booted in a couple of seconds, fast enough for any CI. Many open source projects use verdaccio for end to end testing, to mention some examples, **create-react-app**, **mozilla neutrino**, **pnpm**, **storybook**, **babel.js**, **angular-cli** or **docusaurus**. You can read more in [here](https://verdaccio.org/docs/e2e).
 
-## Talks
+Furthermore, here few examples how to start:
 
-### **Testing the integrity of your React components by publishing in a private registry - React Finland 2021**.
+- [e2e-ci-example-gh-actions](https://github.com/juanpicado/e2e-ci-example-gh-actions)
+- [verdaccio-end-to-end-tests](https://github.com/juanpicado/verdaccio-end-to-end-tests)
+- [verdaccio-fork](https://github.com/juanpicado/verdaccio-fork)
 
-[![beerjscrb](https://cdn.verdaccio.dev/readme/react-finland-2021-jpicado.jpeg)](https://www.youtube.com/watch?v=bRKZbrlQqLY&t=16s&ab_channel=ReactFinland)
+## Watch our Videos
+
+**Node Congress 2022, February 2022, Online Free**
+
+<div>
+   <a href="https://portal.gitnation.org/contents/five-ways-of-taking-advantage-of-verdaccio-your-private-and-proxy-nodejs-registry">
+     <img src="https://cdn.verdaccio.dev/readme/nodejscongress2022.jpg" alt="nodejs" width="200"/>
+  </a>
+</div>
 
 You might want to check out as well our previous talks:
 
+- [Using Docker and Verdaccio to make Integration Testing Easy - **Docker All Hands #4 December - 2021**](https://www.youtube.com/watch?v=zRI0skF1f8I)
+- [**Juan Picado** – Testing the integrity of React components by publishing in a private registry - React Finland - 2021](https://www.youtube.com/watch?v=bRKZbrlQqLY&t=16s&ab_channel=ReactFinland)
 - [BeerJS Cba Meetup No. 53 May 2021 - **Juan Picado**](https://www.youtube.com/watch?v=6SyjqBmS49Y&ab_channel=BeerJSCba)
-- [Node.js Dependency Confusion Attacks - April 2021 - **Juan Picado\***](https://www.youtube.com/watch?v=qTRADSp3Hpo)
-- [**OpenJS World 2020** about \*Cover your Projects with a Multi purpose Lightweight Node.js Registry - **Juan Picado\***](https://www.youtube.com/watch?v=oVCjDWeehAQ)
+- [Node.js Dependency Confusion Attacks - April 2021 - **Juan Picado**](https://www.youtube.com/watch?v=qTRADSp3Hpo)
+- [**OpenJS World 2020** about \*Cover your Projects with a Multi purpose Lightweight Node.js Registry - **Juan Picado**](https://www.youtube.com/watch?v=oVCjDWeehAQ)
 - [ViennaJS Meetup - Introduction to Verdaccio by **Priscila Olivera** and **Juan Picado**](https://www.youtube.com/watch?v=hDIFKzmoCa)
 - [Open Source? trivago - Verdaccio (**Ayush** and **Juan Picado**) January 2020](https://www.youtube.com/watch?v=A5CWxJC9xzc)
 - [GitNation Open Source Stage - How we have built a Node.js Registry with React - **Juan Picado** December 2019](https://www.youtube.com/watch?v=gpjC8Qp9B9A)
@@ -100,7 +155,7 @@ verdaccio
 You would need set some npm configuration, this is optional.
 
 ```bash
-$ npm set registry http://localhost:4873/
+npm set registry http://localhost:4873/
 ```
 
 For one-off commands or to avoid setting the registry globally:
@@ -124,7 +179,7 @@ npm adduser --registry http://localhost:4873
 > if you use HTTPS, add an appropriate CA information ("null" means get CA list from OS)
 
 ```bash
-$ npm set ca null
+npm set ca null
 ```
 
 #### 2. publish your package
@@ -154,7 +209,7 @@ To run the docker container:
 docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio
 ```
 
-Docker examples are available [in this repository](https://github.com/verdaccio/docker-examples).
+Docker examples are available [in this repository](https://github.com/verdaccio/verdaccio/tree/master/docker-examples).
 
 ## Compatibility
 
@@ -222,6 +277,7 @@ You can find and chat with then over Discord, click [here](http://chat.verdaccio
 - [create-react-app](https://github.com/facebook/create-react-app/blob/master/CONTRIBUTING.md#customizing-e2e-registry-configuration) _(+86.2k ⭐️)_
 - [Gatsby](https://github.com/gatsbyjs/gatsby) _(+49.2k ⭐️)_
 - [Babel.js](https://github.com/babel/babel) _(+38.5k ⭐️)_
+- [Docusaurus](https://github.com/facebook/docusaurus) _(+34k ⭐️)_
 - [Vue CLI](https://github.com/vuejs/vue-cli) _(+27.4k ⭐️)_
 - [Angular CLI](https://github.com/angular/angular-cli) _(+24.3k ⭐️)_
 - [Uppy](https://github.com/transloadit/uppy) _(+23.8k ⭐️)_
@@ -236,7 +292,7 @@ You can find and chat with then over Discord, click [here](http://chat.verdaccio
 - [Amazon SDK v3](https://github.com/aws/aws-sdk-js-v3)
 - [Amazon Encryption SDK for Javascript](https://github.com/aws/aws-encryption-sdk-javascript)
 
-🤓 Don't be shy, you also can be in [the list](https://github.com/verdaccio/website/blob/master/docs/who-is-using.md).
+🤓 Don't be shy, add yourself to this readme.
 
 ## Open Collective Sponsors
 

crowdin.yaml

@@ -1,20 +1,19 @@
-project_id_env: CROWDIN_VERDACCIO_PROJECT_ID
+project_id: 295539
 api_token_env: CROWDIN_VERDACCIO_API_KEY
+# token local testing
+# api_token: token_secret
 
 preserve_hierarchy: true
 
 files:
-  [
-    {
-      source: 'packages/plugins/ui-theme/src/i18n/crowdin/**/*',
-      translation: '/packages/plugins/ui-theme/src/i18n/download_translations/%locale%/**/%original_file_name%',
-    },
-    {
-      source: '/website/i18n/en/**/*',
-      translation: '/website/i18n/%locale%/**/%original_file_name%',
-    },
-    {
-      source: '/website/docs/**/*',
-      translation: '/website/i18n/%locale%/docusaurus-plugin-content-docs/current/**/%original_file_name%',
-    }
-  ]
+  - source: /packages/plugins/ui-theme/src/i18n/crowdin/*.json
+    translation: '/packages/plugins/ui-theme/src/i18n/download_translations/%locale%/%original_file_name%'
+  - source: /website/i18n/en/**/*
+    translation: '/website/i18n/%locale%/**/%original_file_name%'
+  - source: /website/docs/**/*
+    translation: '/website/i18n/%locale%/docusaurus-plugin-content-docs/current/**/%original_file_name%'
+    ignore: [/website/docs/api/**/*]
+  - source: /website/versioned_docs/**/*
+    translation: /website/i18n/%locale%/docusaurus-plugin-content-docs/**/%original_file_name%
+    ignore: [/website/versioned_docs/version-5.x/api/**/*]
+   

docker-examples/README.md

@@ -8,12 +8,14 @@ The following examples aim to be demonstrative and can be either improved or upd
 
 - [v4 examples](v4/README.md)
 - [v5 examples](v5/README.md)
+- [v6 examples](v6/README.md)
 
 ## Aditional data
 
 This folder aims to create a collection of Docker and Kubernetes examples.
 
 For more information about the **Helm** Chart, please check it [owns repo](https://github.com/verdaccio/charts).
+
 ### Kubernetes
 
 - Kubernetes (minikube) + Verdaccio (Basic Configuration)

docker-examples/v4/amazon-s3-docker-example/README.md

@@ -4,6 +4,9 @@ Verdaccio running with [Localstack](https://github.com/localstack/localstack) pr
 
 ## Usage
 
+> You might need to create bucket manually here
+> aws --endpoint-url=http://localhost:4572 s3 mb s3://localstack.s3.plugin.test
+
 ```
 docker-compose up --force-recreate --build --always-recreate-deps
 ```

docker-examples/v4/amazon-s3-docker-example/conf/config.yaml

@@ -13,7 +13,6 @@ uplinks:
 
 packages:
   '@*/*':
-    # scoped packages
     access: $all
     publish: $all
     proxy: npmjs

docker-examples/v4/amazon-s3-docker-example/docker-compose.yaml

@@ -14,7 +14,7 @@ services:
     links:
       - localstack-s3
   localstack-s3:
-    image: localstack/localstack:latest
+    image: localstack/localstack:0.10.9
     container_name: localstack-s3-1
     environment:
       - DEBUG=0

docker-examples/v4/amazon-s3-docker-example/localStack-resources/Dockerfile

@@ -1,4 +1,4 @@
-FROM python:2.7
+FROM python:3.7-alpine
 
 ENV AWS_ACCESS_KEY_ID='[something]'
 ENV AWS_SECRET_ACCESS_KEY='[something]'
@@ -7,4 +7,4 @@ ENV AWS_S3_ENDPOINT='http://localstack-s3:4572'
 RUN pip install awscli
 COPY entry.sh /entry.sh
 RUN chmod +x /entry.sh
-ENTRYPOINT ["/entry.sh"]
+ENTRYPOINT ["/entry.sh"]

docker-examples/v4/amazon-s3-docker-example/localStack-resources/entry.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
 
-aws --endpoint-url http://localstack-s3:4572 s3 mb s3://localstack.s3.plugin.test --region eu-west-2
+aws --endpoint-url http://localstack-s3:4572 s3 mb s3://localstack.s3.plugin.test --region eu-west-2

docker-examples/v4/docker-local-storage-volume/conf/config.yaml

@@ -7,7 +7,7 @@
 # see https://github.com/verdaccio/verdaccio/blob/master/wiki/docker.md#docker-and-custom-port-configuration
 #
 # Look here for more config file examples:
-# https://github.com/verdaccio/verdaccio/tree/master/conf
+# https://github.com/verdaccio/verdaccio/tree/master/packages/config/src/conf
 #
 
 # path to a directory with all packages

docker-examples/v4/docker-plugin-external/plugins/verdaccio-memory/lib/index.js

@@ -10,7 +10,7 @@ let _localMemory = require('./local-memory');
 let _localMemory2 = _interopRequireDefault(_localMemory);
 
 function _interopRequireDefault(obj) {
-  return obj && obj.__esModule ? obj : {default: obj};
+  return obj && obj.__esModule ? obj : { default: obj };
 }
 
 exports.LocalMemory = _localMemory2.default;

docker-examples/v4/docker-plugin-external/plugins/verdaccio-memory/lib/local-memory.js

@@ -9,7 +9,7 @@ let _memoryHandler = require('./memory-handler');
 let _memoryHandler2 = _interopRequireDefault(_memoryHandler);
 
 function _interopRequireDefault(obj) {
-  return obj && obj.__esModule ? obj : {default: obj};
+  return obj && obj.__esModule ? obj : { default: obj };
 }
 
 const DEFAULT_LIMIT = 1000;
@@ -43,8 +43,8 @@ class LocalMemory {
       cb(null);
     } else {
       this.logger.info(
-          {limit: this.limit},
-          'Storage memory has reached limit of @{limit} packages',
+        { limit: this.limit },
+        'Storage memory has reached limit of @{limit} packages'
       );
       cb(new Error('Storage memory has reached limit of limit packages'));
     }

docker-examples/v4/docker-plugin-external/plugins/verdaccio-memory/lib/memory-handler.js

@@ -16,7 +16,7 @@ let _memoryFs2 = _interopRequireDefault(_memoryFs);
 let _streams = require('@verdaccio/streams');
 
 function _interopRequireDefault(obj) {
-  return obj && obj.__esModule ? obj : {default: obj};
+  return obj && obj.__esModule ? obj : { default: obj };
 }
 
 // $FlowFixMe
@@ -111,8 +111,8 @@ class MemoryHandler {
     const uploadStream = new _streams.UploadTarball();
     const temporalName = `/${name}`;
 
-    process.nextTick(function() {
-      fs.exists(temporalName, function(exists) {
+    process.nextTick(function () {
+      fs.exists(temporalName, function (exists) {
         if (exists) {
           return uploadStream.emit('error', fSError(fileExist));
         }
@@ -122,7 +122,7 @@ class MemoryHandler {
 
           uploadStream.pipe(file);
 
-          uploadStream.done = function() {
+          uploadStream.done = function () {
             const onEnd = function onEnd() {
               uploadStream.emit('success');
             };
@@ -130,7 +130,7 @@ class MemoryHandler {
             uploadStream.on('end', onEnd);
           };
 
-          uploadStream.abort = function() {
+          uploadStream.abort = function () {
             uploadStream.emit('error', fSError('transmision aborted', 400));
             file.end();
           };
@@ -150,8 +150,8 @@ class MemoryHandler {
 
     const readTarballStream = new _streams.ReadTarball();
 
-    process.nextTick(function() {
-      fs.exists(pathName, function(exists) {
+    process.nextTick(function () {
+      fs.exists(pathName, function (exists) {
         if (!exists) {
           readTarballStream.emit('error', noPackageFoundError());
         } else {
@@ -164,7 +164,7 @@ class MemoryHandler {
             readTarballStream.emit('error', error);
           });
 
-          readTarballStream.abort = function() {
+          readTarballStream.abort = function () {
             readStream.destroy(fSError('read has been aborted', 400));
           };
         }

docker-examples/v4/ldap-verdaccio/conf/config.yaml

@@ -7,7 +7,7 @@
 # see https://github.com/verdaccio/verdaccio/blob/master/wiki/docker.md#docker-and-custom-port-configuration
 #
 # Look here for more config file examples:
-# https://github.com/verdaccio/verdaccio/tree/master/conf
+# https://github.com/verdaccio/verdaccio/tree/master/packages/config/src/conf
 #
 
 # path to a directory with all packages

docker-examples/v4/multi-registry-uplink/server1/conf/config.yaml

@@ -7,7 +7,7 @@
 # see https://github.com/verdaccio/verdaccio/blob/master/wiki/docker.md#docker-and-custom-port-configuration
 #
 # Look here for more config file examples:
-# https://github.com/verdaccio/verdaccio/tree/master/conf
+# https://github.com/verdaccio/verdaccio/tree/master/packages/config/src/conf
 #
 
 # path to a directory with all packages