2.2.7

release: update changelong
2017-07-18 21:35:33 +02:00 · 2017-07-18 21:35:17 +02:00
2268 changed files with 39735 additions and 398572 deletions
--- a/.babelrc
+++ b/.babelrc
@@ -1,18 +0,0 @@
-{
-  "presets": [
-    [
-      "@babel/env",
-      {
-        "targets": {
-          "node": 16
-        }
-      }
-    ],
-    "@babel/typescript"
-  ],
-  "ignore": ["**/*.d.ts"],
-  "plugins": [
-    "@babel/plugin-proposal-optional-chaining",
-    "@babel/plugin-proposal-nullish-coalescing-operator"
-  ]
-}
--- a/.changeset/README.md
+++ b/.changeset/README.md
@@ -1,8 +0,0 @@
-# Changesets
-
-Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
-with multi-package repos, or single-package repos to help you version and publish your code. You can
-find the full documentation for it [in our repository](https://github.com/changesets/changesets)
-
-We have a quick list of common questions to get you started engaging with this project in
-[our documentation](https://github.com/changesets/changesets/blob/master/docs/common-questions.md)
--- a/.changeset/breezy-mayflies-pull.md
+++ b/.changeset/breezy-mayflies-pull.md
@@ -1,44 +0,0 @@
---
-'@verdaccio/api': major
-'@verdaccio/auth': major
-'@verdaccio/cli': major
-'@verdaccio/config': major
-'@verdaccio/core': major
-'@verdaccio/file-locking': major
-'@verdaccio/tarball': major
-'@verdaccio/types': major
-'@verdaccio/url': major
-'@verdaccio/hooks': major
-'@verdaccio/loaders': major
-'@verdaccio/logger': major
-'@verdaccio/logger-7': major
-'@verdaccio/logger-commons': major
-'@verdaccio/logger-prettify': major
-'@verdaccio/middleware': major
-'@verdaccio/node-api': major
-'verdaccio-audit': major
-'verdaccio-auth-memory': major
-'verdaccio-htpasswd': major
-'@verdaccio/local-storage': major
-'verdaccio-memory': major
-'@verdaccio/ui-theme': major
-'@verdaccio/proxy': major
-'@verdaccio/search': major
-'@verdaccio/server': major
-'@verdaccio/server-fastify': major
-'@verdaccio/signature': major
-'@verdaccio/cli-standalone': major
-'@verdaccio/store': major
-'docusaurus-plugin-contributors': major
-'@verdaccio/eslint-config': major
-'@verdaccio/test-helper': major
-'customprefix-auth': major
-'@verdaccio/ui-components': major
-'@verdaccio/utils': major
-'verdaccio': major
-'@verdaccio/web': major
-'@verdaccio/website': major
-'@verdaccio/local-publish': patch
---
-
-feat!: bump to v7
--- a/.changeset/chilled-carrots-guess.md
+++ b/.changeset/chilled-carrots-guess.md
@@ -1,6 +0,0 @@
---
-'@verdaccio/ui-theme': patch
---
-
- added `onClick` prop to `Link` component in @verdaccio/ui-components. (@moglerdev in #3989)
- resolved issue in the `Package` component where the download button was incorrectly opening a new tab to the homepage. (@moglerdev in #3989)
--- a/.changeset/config.json
+++ b/.changeset/config.json
@@ -1,18 +0,0 @@
-{
-  "$schema": "https://unpkg.com/@changesets/config@1.3.0/schema.json",
-  "changelog": "@changesets/cli/changelog",
-  "commit": false,
-  "fixed": [
-    [
-      "verdaccio",
-      "@verdaccio/cli",
-      "@verdaccio/core",
-      "@verdaccio/config",
-      "@verdaccio/node-api",
-      "@verdaccio/ui-theme"
-    ]
-  ],
-  "access": "public",
-  "baseBranch": "master",
-  "updateInternalDependencies": "patch"
-}
--- a/.changeset/pre.json
+++ b/.changeset/pre.json
@@ -1,61 +0,0 @@
-{
-  "mode": "pre",
-  "tag": "next",
-  "initialVersions": {
-    "@verdaccio/test-cli-commons": "1.1.0",
-    "@verdaccio/e2e-cli-npm6": "1.0.1",
-    "@verdaccio/e2e-cli-npm7": "1.0.1",
-    "@verdaccio/e2e-cli-npm8": "1.0.1",
-    "@verdaccio/e2e-cli-npm9": "1.0.1",
-    "@verdaccio/e2e-cli-pnpm6": "1.0.1",
-    "@verdaccio/e2e-cli-pnpm7": "1.0.1",
-    "@verdaccio/e2e-cli-pnpm8": "1.0.1",
-    "@verdaccio/e2e-cli-yarn1": "1.0.1",
-    "@verdaccio/e2e-cli-yarn2": "1.0.1",
-    "@verdaccio/e2e-cli-yarn3": "1.0.1",
-    "@verdaccio/e2e-cli-yarn4": "1.0.1",
-    "@verdaccio/e2e-ui": "2.0.0",
-    "@verdaccio/api": "6.0.0",
-    "@verdaccio/auth": "6.0.0",
-    "@verdaccio/cli": "6.0.0",
-    "@verdaccio/config": "6.0.0",
-    "@verdaccio/core": "6.0.0",
-    "@verdaccio/file-locking": "11.0.0",
-    "@verdaccio/tarball": "11.0.0",
-    "@verdaccio/types": "11.0.0",
-    "@verdaccio/url": "11.0.0",
-    "@verdaccio/hooks": "6.0.0",
-    "@verdaccio/loaders": "6.0.0",
-    "@verdaccio/logger": "6.0.0",
-    "@verdaccio/logger-7": "6.0.0",
-    "@verdaccio/logger-commons": "6.0.0",
-    "@verdaccio/logger-prettify": "6.0.0",
-    "@verdaccio/middleware": "6.0.0",
-    "@verdaccio/node-api": "6.0.0",
-    "verdaccio-audit": "11.0.0",
-    "verdaccio-auth-memory": "11.0.0",
-    "verdaccio-htpasswd": "11.0.0",
-    "@verdaccio/local-storage": "11.0.0",
-    "verdaccio-memory": "11.0.0",
-    "@verdaccio/ui-theme": "6.0.0",
-    "@verdaccio/proxy": "6.0.0",
-    "@verdaccio/search": "6.0.0",
-    "@verdaccio/server": "6.0.0",
-    "@verdaccio/server-fastify": "6.0.0",
-    "@verdaccio/signature": "6.0.0",
-    "@verdaccio/cli-standalone": "6.0.0",
-    "@verdaccio/store": "6.0.0",
-    "docusaurus-plugin-contributors": "1.0.1",
-    "@verdaccio/eslint-config": "2.0.0",
-    "@verdaccio/test-helper": "2.0.0",
-    "@verdaccio/crowdin-translations": "1.0.0",
-    "customprefix-auth": "1.0.0",
-    "@verdaccio/ui-components": "2.0.0",
-    "@verdaccio/utils": "6.0.0",
-    "verdaccio": "6.0.0",
-    "@verdaccio/web": "6.0.0",
-    "@verdaccio/website": "5.20.2",
-    "@verdaccio/local-publish": "0.0.1"
-  },
-  "changesets": ["breezy-mayflies-pull", "chilled-carrots-guess"]
-}
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,6 +1,6 @@
-# we try to avoid adding files to the docker images that change often
+# we try to aoid adding files to the docker images that change often
 # or that are not needed for running the docker image
-# this greatly reduces the amount of times we need to rerun `npm install` when building image locally
+# tis greatly reduces the amount of times we need to rerun `npm install` when building image locally
 # https://codefresh.io/blog/not-ignore-dockerignore/
 # https://docs.docker.com/engine/reference/builder/#dockerignore-file

@@ -8,32 +8,22 @@
 .*
 # you can add exceptions like in .gitignore to maintain a whitelist:
 # e.g.
-!.babelrc
-!.eslintrc
-!.prettierrc.json
-!.prettierignore
-!.eslintignore
-!.stylelintrc
+#!.babelrc

-# do not copy over node_modules we will run `pnpm install` anyway
+# not going to run tests inside the docker container
+test/
+
+# do not copy over node_modules we will run `npm install` anyway
 node_modules
-website
-jest
-docs
-contrib
-docker-examples
-website
-systemd

 # output from test runs and similar things
 *.log
 coverage/
-.vscode/

 # IDE config files
 jsconfig.json
 *.iml

-# let's not get too recursive ;)
+# let's not get to recursive ;)
 Dockerfile*
 docker-compose*.yaml
--- a/.editorconfig
+++ b/.editorconfig
@@ -7,7 +7,6 @@ end_of_line = lf
 insert_final_newline = true

 # 2 space indentation
-[{.,}*.{ts,tsx,js,jsx,yml,yaml}]
+[{.,}*.{js,yml,yaml}]
 indent_style = space
 indent_size = 2
-quote_type = single
--- a/.eslintignore
+++ b/.eslintignore
@@ -1,20 +1,5 @@
-**/fixtures/**
-**/mock/store/**
-**/partials/**
-**/types/custom.d.ts
-build/
+node_modules
+lib/static
 coverage/
-node_modules/
-static/
-website/
+lib/GUI/
 wiki/
-dist/
-docs/
-test/functional/store/*
-docker-examples/**/lib/**/*.js
-test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
-yarn.js
-# storybook
-packages/ui-components/storybook-static
-dist.js
-bundle.js
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -1,3 +0,0 @@
-module.exports = {
-  extends: ['@verdaccio/eslint-config'],
-};
--- a/.eslintrc.yml
+++ b/.eslintrc.yml
@@ -0,0 +1,85 @@
+# vim: syntax=yaml
+
+#
+# List of very light restrictions designed to prevent obvious errors,
+# not impose our own code style upon other contributors.
+#
+# This is supposed to be used with `eslint --reset`
+#
+# Created to work with eslint@0.18.0
+#
+
+extends: ["eslint:recommended", "google"]
+
+env:
+  node: true
+  browser: true
+  es6: true
+
+rules:
+  # useful to have in node.js,
+  # if you're sure you don't need to handle error, rename it to "_err"
+  handle-callback-err: 2
+
+  # just to make sure we don't forget to remove them when releasing
+  no-debugger: 2
+
+  # add "falls through" for those
+  no-fallthrough: 2
+
+  # enforce use curly always
+  # curly: 1
+
+  # just warnings about whitespace weirdness here
+  eol-last: 1
+  no-irregular-whitespace: 1
+  no-mixed-spaces-and-tabs: [1, smart-tabs]
+  no-trailing-spaces: 1
+
+  # probably always an error, tell me if it's not
+  no-new-require: 2
+
+  # single most important rule here, without it linting won't even
+  # make any sense
+  no-undef: 2
+
+  # in practice, those are always errors
+  no-unreachable: 2
+
+  # useful for code clean-up
+  no-unused-vars: [2, {"vars": "all", "args": "none"}]
+
+  max-len: [1, 160]
+
+  # camelcase is standard, but this should be 1 and then 2 soon
+  camelcase: 0
+
+  # jsdoc is mandatory
+  require-jsdoc: 2
+  valid-jsdoc: 2
+
+  # this feature is cool but not supported by Node 4, disable via comments
+  prefer-spread: 1
+  prefer-rest-params: 1
+
+  # encorage use es6
+  no-var: 2
+
+  # configuration that should be upgraded progresivelly
+  no-constant-condition: 2
+  no-empty: 2
+
+  # loop over objects http://eslint.org/docs/rules/guard-for-in
+  guard-for-in: 2
+
+  # this must be used within classes
+  no-invalid-this: 2
+
+  # All object must be uppercase
+  new-cap: 2
+
+  # readbility is important, no multiple inline declarations
+  one-var: 2
+
+  # console not allowed unless for testing
+  no-console: [2, {"allow": ["log", "warn"]}]
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,199 +0,0 @@
-## GITATTRIBUTES FOR WEB PROJECTS
-#
-# These settings are for any web project.
-#
-# Details per file setting:
-#   text    These files should be normalized (i.e. convert CRLF to LF).
-#   binary  These files are binary and should be left untouched.
-#
-# Note that binary is a macro for -text -diff.
-######################################################################
-
-# Auto detect
-##   Handle line endings automatically for files detected as
-##   text and leave all files detected as binary untouched.
-##   This will handle all files NOT defined below.
-*                 text=lf
-
-# Source code
-*.bash            text eol=lf
-*.bat             text eol=crlf
-*.cmd             text eol=crlf
-*.coffee          text eol=lf
-*.css             text eol=lf
-*.htm             text diff=html
-*.html            text diff=html
-*.inc             text eol=lf
-*.ini             text eol=lf
-*.js              text eol=lf
-*.json            text eol=lf
-*.jsx             text eol=lf
-*.less            text eol=lf
-*.ls              text eol=lf
-*.map             text -diff
-*.od              text eol=lf
-*.onlydata        text eol=lf
-*.php             text diff=php
-*.pl              text eol=lf
-*.ps1             text eol=crlf
-*.py              text diff=python
-*.rb              text diff=ruby
-*.sass            text eol=lf
-*.scm             text eol=lf
-*.scss            text diff=css
-*.sh              text eol=lf
-*.sql             text eol=lf
-*.styl            text eol=lf
-*.tag             text eol=lf
-*.ts              text eol=lf
-*.tsx             text eol=lf
-*.xml             text eol=lf
-*.xhtml           text diff=html
-
-# Docker
-Dockerfile        text eol=lf
-
-# Documentation
-*.ipynb           text eol=lf
-*.markdown        text eol=lf
-*.md              text eol=lf
-*.mdwn            text eol=lf
-*.mdown           text eol=lf
-*.mkd             text eol=lf
-*.mkdn            text eol=lf
-*.mdtxt           text eol=lf
-*.mdtext          text eol=lf
-*.txt             text eol=lf
-AUTHORS           text eol=lf
-CHANGELOG         text eol=lf
-CHANGES           text eol=lf
-CONTRIBUTING      text eol=lf
-COPYING           text eol=lf
-copyright         text eol=lf
-*COPYRIGHT*       text eol=lf
-INSTALL           text eol=lf
-license           text eol=lf
-LICENSE           text eol=lf
-NEWS              text eol=lf
-readme            text eol=lf
-*README*          text eol=lf
-TODO              text eol=lf
-
-# Templates
-*.dot             text eol=lf
-*.ejs             text eol=lf
-*.haml            text eol=lf
-*.handlebars      text eol=lf
-*.hbs             text eol=lf
-*.hbt             text eol=lf
-*.jade            text eol=lf
-*.latte           text eol=lf
-*.mustache        text eol=lf
-*.njk             text eol=lf
-*.phtml           text eol=lf
-*.tmpl            text eol=lf
-*.tpl             text eol=lf
-*.twig            text eol=lf
-*.vue             text eol=lf
-
-# Configs
-*.cnf             text eol=lf
-*.conf            text eol=lf
-*.config          text eol=lf
-.editorconfig     text eol=lf
-.env              text eol=lf
-.gitattributes    text eol=lf
-.gitconfig        text eol=lf
-.htaccess         text eol=lf
-*.lock            text -diff
-package-lock.json text -diff
-*.toml            text eol=lf
-*.yaml            text eol=lf
-*.yml             text eol=lf
-browserslist      text eol=lf
-Makefile          text eol=lf
-makefile          text eol=lf
-
-# Heroku
-Procfile          text eol=lf
-
-# Graphics
-*.ai              binary
-*.bmp             binary
-*.eps             binary
-*.gif             binary
-*.gifv            binary
-*.ico             binary
-*.jng             binary
-*.jp2             binary
-*.jpg             binary
-*.jpeg            binary
-*.jpx             binary
-*.jxr             binary
-*.pdf             binary
-*.png             binary
-*.psb             binary
-*.psd             binary
-# SVG treated as an asset (binary) by default.
-*.svg             text eol=lf
-# If you want to treat it as binary,
-# use the following line instead.
-# *.svg           binary
-*.svgz            binary
-*.tif             binary
-*.tiff            binary
-*.wbmp            binary
-*.webp            binary
-
-# Audio
-*.kar             binary
-*.m4a             binary
-*.mid             binary
-*.midi            binary
-*.mp3             binary
-*.ogg             binary
-*.ra              binary
-
-# Video
-*.3gpp            binary
-*.3gp             binary
-*.as              binary
-*.asf             binary
-*.asx             binary
-*.fla             binary
-*.flv             binary
-*.m4v             binary
-*.mng             binary
-*.mov             binary
-*.mp4             binary
-*.mpeg            binary
-*.mpg             binary
-*.ogv             binary
-*.swc             binary
-*.swf             binary
-*.webm            binary
-
-# Archives
-*.7z              binary
-*.gz              binary
-*.jar             binary
-*.rar             binary
-*.tar             binary
-*.zip             binary
-
-# Fonts
-*.ttf             binary
-*.eot             binary
-*.otf             binary
-*.woff            binary
-*.woff2           binary
-
-# Executables
-*.exe             binary
-*.pyc             binary
-
-# RC files (like .babelrc or .eslintrc)
-*.*rc             text eol=lf
-
-# Ignore files (like .npmignore or .gitignore)
-*.*ignore         text eol=lf
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,2 +0,0 @@
-open_collective: verdaccio
-github: verdaccio
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -1,71 +0,0 @@
---
-name: Bug report 🐛
-about: A feature is not working as is expected, I want to report a bug
-labels: 'issue: needs triage'
-title: ''
-assignees: ''
---
-
-<!-- PLEASE READ THIS:  
- - If you are not sure is a bug, OPEN a DISCUSSION, if is a legitimate bug, is easy to create a bug from a discussion.
- - Empty reports won't be considered and eventually be closed by a bot.
- - Include debugging notes will help to fix it faster, HOW TO: https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio 
- - If you remove this template, ticket will be closed immediately.
- - No English perfect is required, use public translators if is need it, we will do our best to help you.
- - Extra bonus: The most complete this report is delivered, the faster you will get a response.
- - Extra bonus: include screenshots, logs (remove sensitive data).
- - If you are willing to fix it, there is a checkbox at the bottom.
-->
-
-**Your Environment**
-  <!-- bug below the version 5.x will be closed, see SECURITY.md for more details -->
- * **verdaccio version**: 5.x.x
- * **node version** [12.x.x, 14.x.x]:
- * **package manager**: [npm@7, pnpm@6, yarn@2]
- * **os**: [mac, windows@10, linux]
- * **platform**: [npm, docker, helm, other]
-
-**Describe the bug**
-
-<!-- A clear and concise description of what the bug is. -->
-
-**To Reproduce**
-
-<!-- IMPORTANT:
- - How to reproduce the issue
- - Steps to reproduce the issue
-
-Be aware, the lack of reproducible steps the issue might cause your ticket to be closed.
-->
-
-**Expected behavior**
-
-<!-- A clear and concise description of what you expected to happen. -->
-
-**Screenshots, server logs, package manager log**
-
-<!-- If applicable, add screenshots to help explain your problem.  -->
-
-**Configuration File (cat ~/.config/verdaccio/config.yaml)**
-
-<!-- Please be careful do not leak any sensitive information, remove tokens -->
-
-**Environment information**
-
-<!-- Please paste the results of running `verdaccio --info` -->
-
-**Debugging output**
-
- `$ NODE_DEBUG=request verdaccio` display request calls (verdaccio <--> uplinks)
- `$ DEBUG=verdaccio* verdaccio` enable extreme verdaccio debug mode (verdaccio api)
- `$ npm -ddd` prints:
- `$ npm config get registry` prints:
-
-**Contribute to Verdaccio**
-
- [ ] I'm willing to fix this bug 🥇 
-
-<!--
-
-IMPORTANT: please do not attach external files, all content should be visible from any device.
-->
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,11 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: Question 🤷🏻‍♂️
-    url: https://github.com/verdaccio/verdaccio/discussions/new?category=q-a
-    about: 🆕 Open a new Q&A discussion 🙏
-  - name: Security Report 🛡
-    url: https://github.com/verdaccio/verdaccio/security/policy
-    about: I want to report a security vulnerability
-  - name: Chat 🏘
-    url: https://discord.gg/7qWJxBf
-    about: Quick question? Try out Discord chat, you can get faster feedback
--- a/.github/ISSUE_TEMPLATE/feature.md
+++ b/.github/ISSUE_TEMPLATE/feature.md
@@ -1,36 +0,0 @@
---
-name: 'Feature Request 🔮'
-about: You want a feature request.
-title: ''
-labels: 'topic: feature request'
-assignees: ''
---
-
-<!--
-IMPORTANT: If you don't have an action plan, please consider create a DISCUSSION (idea) instead for an open a feature request issue.
-
-https://github.com/verdaccio/verdaccio/discussions/new
-
-Verdaccio is a project addressed for voluntaries, if you appreciate this project consider to donate.
-1$/5$ or custom amount single contribution
-
-or monthly
-1$/month - minimal contribution
-5$/month - nice contribution
-
-https://github.com/sponsors/verdaccio
-
-As reminder, the Open Source must be sustainable.
-->
-
-**Is your feature request related to a problem?**
-Please describe a clear and concise description of what the problem is. E.g. I'm always frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,25 +0,0 @@
-# To get started with Dependabot version updates, you'll need to specify which
-# package ecosystems to update and where the package manifests are located.
-# Please see the documentation for all configuration options:
-# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
-version: 2
-updates:
-  # Maintain dependencies for GitHub Actions
-  - package-ecosystem: 'github-actions'
-    directory: '/'
-    schedule:
-      interval: 'weekly'
-
-  # Maintain dependencies for npm
-  - package-ecosystem: 'npm'
-    directory: '/'
-    schedule:
-      interval: 'daily'
-    allow:
-      - dependency-name: '@verdaccio/*'
-      - dependency-name: 'verdaccio-*'
-    assignees:
-      - 'verdacciobot'
-    labels:
-      - 'bot: dependencies'
--- a/.github/disabled/docker-plugins-e2e.yml
+++ b/.github/disabled/docker-plugins-e2e.yml
@@ -1,39 +0,0 @@
-name: E2E Docker Proxy Plugins Test
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - 'master'
-  schedule:
-    # run every sunday
-    - cron: '0 0 * * 0'
-jobs:
-  docker:
-    timeout-minutes: 10
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout
-      uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
-      
-    - name: Start containers
-      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" up -d --build
-
-    - name: Install node
-      uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
-      with:
-        node-version: 18
-
-    - name: verdaccio cli
-      run: npm install -g verdaccio --registry=http://localhost:4873
-    - name: gastby cli 
-      run:  npm install -g gatsby-cli --registry http://localhost:4873
-    - name: netlify cli 
-      run:  npm install -g netlify-cli --registry http://localhost:4873
-    - name: angular cli 
-      run:  npm install -g @angular/cli --registry http://localhost:4873
-
-    - name: Stop containers
-      if: always()
-      run: docker-compose -f "./e2e/docker/docker-build-install-plugin/docker-compose.yaml" down
--- a/.github/disabled/e2e-angular-cli-workflow.yml
+++ b/.github/disabled/e2e-angular-cli-workflow.yml
@@ -1,131 +0,0 @@
-on:
-  schedule:
-    - cron: '0 3 * * 5'
-  pull_request:
-    branches:
-      - '**'
-
-name: 'E2E Angular CLI with verdaccio'
-jobs:
-  # todo: fix yarn global issue, cannot find ng
-  #  yarn:
-  #    strategy:
-  #      fail-fast: false
-  #      matrix:
-  #        os: [ubuntu-latest, windows-latest]
-  #
-  #    name: '${{ matrix.os }} / yarn:angular example'
-  #    runs-on: ${{ matrix.os }}
-  #
-  #    steps:
-  #      - uses: actions/checkout@v2.3.1
-  #
-  #      - name: 'Use Node.js 10.x'
-  #        uses: actions/setup-node@v2.1.1
-  #        with:
-  #          node-version: 10.x
-  #      - name: Install Dependencies
-  #        run: yarn install --pure-lockfile
-  #      - name: 'Run verdaccio in the background'
-  #        run: |
-  #          nohup node ./scripts/run-verdaccio.js &
-  #      - name: 'Ping to verdaccio'
-  #        run: |
-  #          npm ping --registry http://localhost:4873
-  #      - name: 'Running the integration test'
-  #        run: |
-  #          source scripts/e2e-setup-ci.sh
-  #          yarn init --yes
-  #
-  #          yarn global add @angular/cli
-  #          which nodemon
-  #          ng new verdaccio-angular --interactive=false
-  #
-  #          cd verdaccio-angular
-  #          echo "registry=http://localhost:4873" > ~/.npmrc
-  #          yarn add @angular-devkit/core@next @babel/preset-env @babel/core -D
-  #
-  #          ng build --aot
-  npm:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-
-    name: '${{ matrix.os }} / npm:angular example'
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v2.3.1
-
-      - name: 'Use Node.js 10.x'
-        uses: actions/setup-node@v2.1.1
-        with:
-          node-version: 10.x
-      - name: 'install latest npm'
-        run: npm i -g npm
-      - name: Install Dependencies
-        run: yarn install --pure-lockfile
-      - name: 'Run verdaccio in the background'
-        run: |
-          nohup node ./scripts/run-verdaccio.js &
-      - name: 'Ping to verdaccio'
-        run: |
-          npm ping --registry http://localhost:4873
-      - name: 'Running the integration test'
-        run: |
-          source scripts/e2e-setup-ci.sh
-          echo "registry=http://localhost:4873" > ~/.npmrc
-          npm config set loglevel="http"
-          npm config set fetch-retries="5"
-          npm config set fetch-retry-factor="50"
-          npm config set fetch-retry-mintimeout="20000"
-          npm config set fetch-retry-maxtimeout="80000"
-          npm install -g @angular/cli
-          ng new verdaccio-angular --interactive=false
-
-          cd verdaccio-angular
-          npm install @angular-devkit/core@next @babel/preset-env @babel/core -D
-
-          npm run ng build --aot
-
-#  pnpm throws errors worth to check why
-#  pnpm:
-#    strategy:
-#      fail-fast: false
-#      matrix:
-#        os: [ubuntu-latest, windows-latest]
-#
-#    name: '${{ matrix.os }} / pnpm:angular example'
-#    runs-on: ${{ matrix.os }}
-#
-#    steps:
-#      - uses: actions/checkout@v2.3.1
-#
-#      - name: 'Use Node.js 10.x'
-#        uses: actions/setup-node@v2.1.1
-#        with:
-#          node-version: 10.x
-#      - name: 'install latest pnpm'
-#        run: npm i -g pnpm
-#      - name: Install Dependencies
-#        run: yarn install --pure-lockfile
-#      - name: 'Run verdaccio in the background'
-#        run: |
-#          nohup node ./scripts/run-verdaccio.js &
-#      - name: 'Ping to verdaccio'
-#        run: |
-#          pnpm ping --registry http://localhost:4873
-#      - name: 'Running the integration test'
-#        run: |
-#          source scripts/e2e-setup-ci.sh
-#          pnpm init --force
-#
-#          pnpm install -g @angular/cli
-#          ng new verdaccio-angular --interactive=false
-#
-#          cd verdaccio-angular
-#          echo "registry=http://localhost:4873" > ~/.npmrc
-#          pnpm install @angular-devkit/core@next @babel/preset-env @babel/core -D
-#
-#          pnpm run ng build --aot
--- a/.github/disabled/e2e-gatsbyjs-cli-workflow.yml
+++ b/.github/disabled/e2e-gatsbyjs-cli-workflow.yml
@@ -1,49 +0,0 @@
-on:
-  schedule:
-    - cron: '0 3 * * 5'
-  pull_request:
-    branches:
-      - '**'
-
-name: 'E2E Gatsby.js CLI with verdaccio'
-jobs:
-  npm:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-
-    name: '${{ matrix.os }} / npm:gatsby example'
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v2.3.3
-
-      - name: 'Use Node.js 14.x'
-        uses: actions/setup-node@v2.1.5
-        with:
-          node-version: 14.x
-      - name: 'install latest npm'
-        run: npm i -g npm@latest-6
-      - name: Install Dependencies
-        run: yarn install
-      - name: 'Run verdaccio in the background'
-        run: |
-          nohup node ./scripts/run-verdaccio.js --config ./scripts/e2e-config.yaml &
-      - name: 'Ping to verdaccio'
-        run: |
-          npm ping --registry http://localhost:4873
-      - name: 'Running the integration test'
-        run: |
-          source scripts/e2e-setup-ci.sh
-          echo "registry=http://localhost:4873
-          loglevel="silent"
-          fetch-retries=10
-          fetch-retry-factor=2
-          fetch-retry-mintimeout=10000
-          fetch-retry-maxtimeout=80000" > ~/.npmrc
-          npm config list
-          npm i -g gatsby
-          gatsby new my-gatsby
-          cd my-gatsby
-          npm run build
--- a/.github/disabled/e2e-jest-workflow.yml
+++ b/.github/disabled/e2e-jest-workflow.yml
@@ -1,121 +0,0 @@
-on:
-  schedule:
-    - cron: '0 3 * * 5'
-  pull_request:
-    branches:
-      - '**'
-
-name: 'E2E Jest with verdaccio'
-jobs:
-  yarn:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-
-    name: '${{ matrix.os }} / yarn:jest example'
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v2.3.1
-
-      - name: 'Use Node.js 10.x'
-        uses: actions/setup-node@v2.1.1
-        with:
-          node-version: 10.x
-      - name: Install Dependencies
-        run: yarn install --pure-lockfile
-      - name: 'Run verdaccio in the background'
-        run: |
-          nohup node ./scripts/run-verdaccio.js &
-      - name: 'Ping to verdaccio'
-        run: |
-          npm ping --registry http://localhost:4873
-      - name: 'Running the integration test'
-        run: |
-          source scripts/e2e-setup-ci.sh
-          yarn init --yes
-          yarn add jest --registry http://localhost:4873
-
-          echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
-          yarn jest pass.test.js
-
-          yarn add left-pad --registry http://localhost:4873 --verbose
-          echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
-          yarn jest module.test.js
-  npm:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-
-    name: '${{ matrix.os }} / npm:jest example'
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v2.3.1
-
-      - name: 'Use Node.js 10.x'
-        uses: actions/setup-node@v2.1.1
-        with:
-          node-version: 10.x
-      - name: 'install latest npm'
-        run: npm i -g npm
-      - name: Install Dependencies
-        run: yarn install --pure-lockfile
-      - name: 'Run verdaccio in the background'
-        run: |
-          nohup node ./scripts/run-verdaccio.js &
-      - name: 'Ping to verdaccio'
-        run: |
-          npm ping --registry http://localhost:4873
-      - name: 'Running the integration test'
-        run: |
-          source scripts/e2e-setup-ci.sh
-          npm init --force
-          npm install jest --registry http://localhost:4873
-
-          echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
-          yarn jest pass.test.js
-
-          yarn add left-pad --registry http://localhost:4873 --verbose
-          echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
-          yarn jest module.test.js
-  pnpm:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, windows-latest]
-
-    name: '${{ matrix.os }} / pnpm:jest example'
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v2.3.1
-
-      - name: 'Use Node.js 10.x'
-        uses: actions/setup-node@v2.1.1
-        with:
-          node-version: 10.x
-      - name: 'install latest pnpm'
-        run: npm i -g pnpm
-      - name: Install Dependencies
-        run: yarn install --pure-lockfile
-      - name: 'Run verdaccio in the background'
-        run: |
-          nohup node ./scripts/run-verdaccio.js &
-      - name: 'Ping to verdaccio'
-        run: |
-          pnpm ping --registry http://localhost:4873
-      - name: 'Running the integration test'
-        run: |
-          source scripts/e2e-setup-ci.sh
-          pnpm init --force
-          pnpm install jest --registry http://localhost:4873
-
-          echo "it('should pass', () => { expect(true).toBeTruthy(); });" | tee pass.test.js
-          yarn jest pass.test.js
-
-          yarn add left-pad --registry http://localhost:4873 --verbose
-          echo "const leftPad = require('left-pad'); it('should resolve a module', () => { expect(typeof leftPad).toBe('function');});" | tee module.test.js
-          yarn jest module.test.js
--- a/.github/disabled/registry.yml
+++ b/.github/disabled/registry.yml
@@ -1,13 +0,0 @@
-name: Test local registry for js vulnerabilities
-
-on:
-  schedule:
-    - cron: '0 4 * * 4'
-jobs:
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Test for public javascript library vulnerabilities
-        uses: lirantal/is-website-vulnerable@1.15.10
-        with:
-          scan-url: 'https://registry.verdaccio.org'
--- a/.github/disabled/release-canary.yml
+++ b/.github/disabled/release-canary.yml
@@ -1,35 +0,0 @@
-name: Canary Release to Verdaccio
-
-on:
-  pull_request:
-    paths:
-      - .github/workflows/release-canary.yml
-      - 'packages/**'
-      - 'package.json'
-      - 'lerna.json'
-
-jobs:
-  release:
-    name: Release
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v1
-      - name: Use Node (latest)
-        uses: actions/setup-node@v1
-        with:
-          node_version: 13
-      - name: Install
-        run: yarn --frozen-lockfile
-      - name: Clean
-        run: yarn clean
-      - name: Lint
-        run: yarn lint
-      - name: Build
-        run: yarn build
-      - name: Test
-        run: yarn test
-      - name: Publish
-        run: |
-          echo "//registry.verdaccio.org/:_authToken=${{ secrets.VERDACCIO_TOKEN }}" > .npmrc
-          git update-index --assume-unchanged .npmrc
-          yarn publish:canary
--- a/.github/disabled/release.yml
+++ b/.github/disabled/release.yml
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -0,0 +1,41 @@
+#### My reason:
+
+<!-- 
+	a brief explanation of the issue, suggestion, feature
+-->
+
+#### Steps to reproduce:
+
+<!-- 
+	(if it applies)
+	how can I do in order to reproduce it? environment? 
+-->
+####  App Version:	
+<!-- 
+      Define which version the issue happens and whether previous version the behaviour is correct
+-->
+
+####  Config file:	
+<!-- 
+      Provide your config file might be really helpful. Please be aware to hide sensisive data before post.
+-->
+
+#### Additional information:
+
+<!--
+	provide the following information would be helpful
+-->
+	
+ - `$ set DEBUG=express:* verdaccio` enable extreme verdaccio debug mode
+ - `$ npm --verbose` prints:
+ - `$ npm config get registry` prints:
+ - Verdaccio terminal output
+ - Windows, OS X/macOS, or Linux?:
+ - Verdaccio configuration file, eg: `cat ~/.config/verdaccio/config.yaml`
+ <!-- Remove those does not apply for you -->
+ - Container:
+   - I use local environment
+   - I develop / deploy using Docker.
+   - I deploy to a PaaS.
+
+#### Additional verbose log:
--- a/.github/lock.yml
+++ b/.github/lock.yml
@@ -1,35 +0,0 @@
-# Configuration for lock-threads - https://github.com/dessant/lock-threads
-
-# Number of days of inactivity before a closed issue or pull request is locked
-daysUntilLock: 90
-
-# Issues and pull requests with these labels will not be locked. Set to `[]` to disable
-exemptLabels: []
-
-# Label to add before locking, such as `outdated`. Set to `false` to disable
-lockLabel: false
-
-# Comment to post before locking. Set to `false` to disable
-lockComment: >
-  🤖This thread has been automatically locked 🔒 since there has not been
-  any recent activity after it was closed. 
-
-  We lock tickets after 90 days with the idea to encourage you to open a ticket with new fresh data 
-  and to provide you better feedback 🤝and better visibility 👀. 
-
-  If you consider, you can attach this ticket 📨 to the new one as a reference for better context.
-
-  Thanks for being a part of the Verdaccio community! 💘
-
-# Limit to only `issues` or `pulls`
-# only: issues
-
-# Optionally, specify configuration settings just for `issues` or `pulls`
-issues:
-  exemptLabels:
-    - help-wanted
-  lockLabel: outdated
-
-pulls:
-  daysUntilLock: 90
-  lockLabel: outdated
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,16 @@
+**Type:** bug / feature
+
+The following has been addressed in the PR:
+
+<!-- Remove the sections that your PR does not apply -->
+*  There is a related issue
+*  Unit or Functional tests are included in the PR
+
+<!--
+Our bots should ensure:
+* The PR passes CI testing
+-->
+
+**Description:**
+
+Resolves #???
--- a/.github/stale.yml
+++ b/.github/stale.yml
@@ -1,26 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 365
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 500
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - dev: high priority
-  - topic: feature request
-  - issue: need verification
-  - issue: bug
-  - dev: discuss
-# Label to use when marking an issue as stale
-staleLabel: 'issue: wontfix'
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  Hi pal 👋🏼!
-
-  This issue has gone quiet 😶.
-
-   We get a lot of issues, so we currently close issues after 180 days of inactivity. It’s been at least 90c days since the last update here.
-   If we missed this issue or if you want to keep it open, please reply here. You can also add/suggest the label "discuss" to keep this issue open!
-   As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. Check out [https://github.com/verdaccio/contributing](https://github.com/verdaccio/contributing) for more information about opening PRs, triaging issues, and contributing!
-
-   Thanks for being a part of the Verdaccio community! 💘
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: false
--- a/.github/workflows/changesets.yml
+++ b/.github/workflows/changesets.yml
@@ -1,69 +0,0 @@
-name: Changesets
-
-on:
-  schedule:
-    - cron: '0 0 * * *'
-
-  push:
-    branches:
-      - master
-
-env:
-  CI: true
-  PNPM_CACHE_FOLDER: .pnpm-store
-
-jobs:
-  # Update package versions from changesets.
-  version:
-    timeout-minutes: 14
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/master' && github.repository == 'verdaccio/verdaccio'
-    steps:
-      - name: checkout code repository
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-        with:
-          fetch-depth: 0
-
-      - name: setup node.js
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-
-      - name: install pnpm
-        run: npm i pnpm@latest-8 -g
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-
-      - name: setup pnpm config
-        run: pnpm config set store-dir $PNPM_CACHE_FOLDER
-      - name: setup pnpm config registry
-        run: pnpm config set registry https://registry.npmjs.org
-
-      - name: install dependencies
-        run: pnpm install
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-      - name: crowdin download
-        env:          
-          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
-          CONTEXT: production
-        run: pnpm crowdin:download       
-      - name: build
-        run: pnpm build
-
-      - name: create versions
-        uses: changesets/action@master
-        with:
-          version: pnpm ci:version
-          commit: 'chore: update versions'
-          title: 'chore: update versions'
-          publish: pnpm ci:publish
-          createGithubReleases: false
-          setupGitUser: false
-        env:
-          GITHUB_TOKEN: ${{ secrets.CHANGESET_RELEASE_TOKEN }}
-          NPM_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-          NODE_AUTH_TOKEN: ${{ secrets.REGISTRY_AUTH_TOKEN }}
-          NPM_CONFIG_REGISTRY: https://registry.npmjs.org
--- a/.github/workflows/ci-windows.yml
+++ b/.github/workflows/ci-windows.yml
@@ -1,150 +0,0 @@
-name: CI windows
-
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '5 0 * * SUN' 
-permissions:
-  contents: read
-jobs:
-  prepare:
-    runs-on: ubuntu-latest
-    name: setup verdaccio
-    services:
-      verdaccio:
-        image: verdaccio/verdaccio:nightly-master
-        ports:
-          - 4873:4873
-        env:
-          NODE_ENV: production          
-    steps:
-    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-    - name: Node
-      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-      with:
-        node-version-file: '.nvmrc'
-    - name: Install pnpm
-      run: npm i pnpm@latest-8 -g
-    - name: set store
-      run: |
-        mkdir ~/.pnpm-store
-        pnpm config set store-dir ~/.pnpm-store
-    - name: set store
-      run: |
-        mkdir ~/.pnpm-store
-        pnpm config set store-dir ~/.pnpm-store            
-    - name: Install
-      run: pnpm install --registry http://localhost:4873
-    - name: Cache .pnpm-store
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-      with:
-        path: ~/.pnpm-store
-        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-        restore-keys: |
-          pnpm-
-  lint:
-    runs-on: windows-latest
-    name: Lint
-    needs: prepare
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --offline --reporter=silence --ignore-scripts
-      - name: Lint
-        run: pnpm lint
-  format:
-    runs-on: windows-latest
-    name: Format
-    needs: prepare
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store          
-      - name: Install
-        run: pnpm install --offline --reporter=silence --ignore-scripts
-      - name: Lint
-        run: pnpm format:check
-  build:
-    needs: [format, lint]
-    strategy:
-      fail-fast: true
-      matrix:
-        os: [windows-latest]
-        node_version: [18]
-    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
-    runs-on: ${{ matrix.os }}
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version: ${{ matrix.node_version }}
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store          
-      - name: Install
-        run: pnpm install --offline --reporter=silence --ignore-scripts --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Test
-        run: pnpm test
-  ci-e2e-ui:
-    needs: [format, lint]
-    runs-on: windows-latest
-    name: UI Test E2E
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          mkdir ~/.pnpm-store
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --offline --reporter=silence --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Test UI
-        run: pnpm test:e2e:ui
-        # env:
-        #  DEBUG: verdaccio:e2e*
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,166 +0,0 @@
-name: CI
-
-on:
-  push:
-  pull_request:
-    paths:
-      - .changeset/**
-      - .github/workflows/ci.yml
-      - 'packages/**'
-      - 'test/**'
-      - 'docker-examples/**'
-      - 'jest/**'
-      - 'package.json'
-      - 'pnpm-workspace.yaml'
-permissions:
-  contents: read
-
-jobs:
-  prepare:
-    runs-on: ubuntu-latest
-    name: setup verdaccio
-    services:
-      verdaccio:
-        image: verdaccio/verdaccio:5
-        ports:
-          - 4873:4873
-        env:
-          NODE_ENV: production          
-    steps:
-    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-    - name: Node
-      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-      with:
-        node-version-file: '.nvmrc'
-    - name: Install pnpm
-      run: |
-        corepack enable
-        corepack prepare --activate pnpm@latest-8
-    - name: set store
-      run: |
-        mkdir ~/.pnpm-store
-        pnpm config set store-dir ~/.pnpm-store
-    - name: Install
-      run: pnpm install  --registry http://localhost:4873
-    - name: Cache .pnpm-store
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-      with:
-        path: ~/.pnpm-store
-        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-        restore-keys: |
-          pnpm-
-  lint:
-    runs-on: ubuntu-latest
-    name: Lint
-    needs: prepare
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: |
-          corepack enable
-          corepack prepare --activate pnpm@latest-8
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --ignore-scripts
-      - name: Lint
-        run: pnpm lint
-  format:
-    runs-on: ubuntu-latest
-    name: Format
-    needs: prepare
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: |
-          corepack enable
-          corepack prepare --activate pnpm@latest-8
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --ignore-scripts
-      - name: Lint
-        run: pnpm format:check
-  test:
-    needs: [format, lint]
-    strategy:
-      fail-fast: true
-      matrix:
-        os: [ubuntu-latest]
-        node_version: [16, 18]
-    name: ${{ matrix.os }} / Node ${{ matrix.node_version }}
-    runs-on: ${{ matrix.os }}
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node ${{ matrix.node_version }}
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version: ${{ matrix.node_version }}
-      - name: Install pnpm
-        run: |
-          corepack enable
-          corepack prepare --activate pnpm@latest-8
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --ignore-scripts --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Test
-        run: pnpm test
-  sync-translations:
-    needs: [test]
-    runs-on: ubuntu-latest
-    name: synchronize translations
-    if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: |
-          corepack enable
-          corepack prepare --activate pnpm@latest-8
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        ## we need scripts, pupetter downloads aditional content
-        run: pnpm install --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: generate website translations
-        run: pnpm --filter ...@verdaccio/website write-translations
-      - name: sync
-        env:
-          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
-          CONTEXT: production
-        run: pnpm crowdin:sync
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,59 +0,0 @@
-name: 'Code scanning - action'
-
-on:
-  pull_request:
-    paths:
-      - .github/workflows/codeql-analysis.yml
-      - 'packages/**'
-  schedule:
-    - cron: '0 2 * * 4'
-
-permissions:
-  contents: read
-
-jobs:
-  CodeQL-Build:
-    permissions:
-      actions: read  # for github/codeql-action/init to get workflow details
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/autobuild to send a status report
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-        with:
-          # We must fetch at least the immediate parents so that if this is
-          # a pull request then we can checkout the head.
-          fetch-depth: 2
-
-      # If this run was triggered by a pull request event, then checkout
-      # the head of the pull request instead of the merge commit.
-      - run: git checkout HEAD^2
-        if: ${{ github.event_name == 'pull_request' }}
-
-      # Initializes the CodeQL tools for scanning.
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@a09933a12a80f87b87005513f0abb1494c27a716 # v2
-
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@a09933a12a80f87b87005513f0abb1494c27a716 # v2
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 https://git.io/JvXDl
-
-      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-      #    and modify them (or add more) to build your code if your project
-      #    uses a compiled language
-
-      #- run: |
-      #   make bootstrap
-      #   make release
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@a09933a12a80f87b87005513f0abb1494c27a716 # v2
--- a/.github/workflows/docker-proxy-apache-e2e.yml
+++ b/.github/workflows/docker-proxy-apache-e2e.yml
@@ -1,38 +0,0 @@
-name: E2E Docker Proxy Apache Test
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - 'master'
-  schedule:
-    # run every sunday
-    - cron: '0 0 * * 0'
-jobs:
-  docker:
-    timeout-minutes: 10
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      
-    - name: Start containers
-      run: docker-compose -f "./e2e/docker/apache-verdaccio/docker-compose.yaml" up -d --build
-
-    - name: Install node
-      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3
-      with:
-        node-version: 18
-    - name: verdaccio cli
-      run: npm install -g verdaccio --registry http://localhost
-    - name: gastby cli 
-      run:  npm install -g gatsby-cli --registry http://localhost
-    - name: netlify cli 
-      run:  npm install -g netlify-cli --registry http://localhost
-    - name: angular cli 
-      run:  npm install -g @angular/cli --registry http://localhost
-
-    - name: Stop containers
-      if: always()
-      run: docker-compose -f "./e2e/docker/apache-verdaccio/docker-compose.yaml" down
--- a/.github/workflows/docker-proxy-nginx-e2e.yml
+++ b/.github/workflows/docker-proxy-nginx-e2e.yml
@@ -1,41 +0,0 @@
-name: E2E Docker Proxy Nginx Test
-
-on:
-  workflow_dispatch:
-  push:
-    branches:
-      - 'master'
-jobs:
-  docker:
-    timeout-minutes: 10
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      
-    - name: Start containers
-      run: docker-compose -f "./e2e/docker/proxy-nginx/docker-compose.yaml" up -d --build
-
-    - name: Install node
-      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3
-      with:
-        node-version: 18
-    - name: npm setup
-      run: |
-        npm config set fetch-retries="5"
-        npm config set fetch-retry-factor="50"
-        npm config set fetch-retry-mintimeout="20000"
-        npm config set fetch-retry-maxtimeout="80000"      
-    - name: verdaccio cli
-      run: npm install -g verdaccio --registry http://localhost
-    - name: gastby cli 
-      run:  npm install -g gatsby-cli --registry http://localhost
-    - name: netlify cli 
-      run:  npm install -g netlify-cli --registry http://localhost
-    - name: angular cli 
-      run:  npm install -g @angular/cli --registry http://localhost
-
-    - name: Stop containers
-      if: always()
-      run: docker-compose -f "./e2e/docker/proxy-nginx/docker-compose.yaml" down
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -1,55 +0,0 @@
-name: Docker publish to docker.io
-
-on:
-  push:
-    paths:
-      - .github/workflows/docker-publish.yml
-      - .github/workflows/docker-publish.yml
-      - 'packages/**'
-      - 'docker-bin/**'
-      - 'package.json'
-      - 'pnpm-*.yaml'
-      - 'Dockerfile'
-      - '.dockerignore'
-    branches:
-      - 'master'
-    tags:
-      - 'v*'
-
-permissions:
-  contents: read  #  to fetch code (actions/checkout)
-
-jobs:
-  docker:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # tag=v1
-      - uses: docker/setup-buildx-action@v1
-        with:
-          driver-opts: network=host
-      - uses: docker/login-action@v1
-        name: Login Docker Hub
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Prepare docker image tags
-        id: docker_meta
-        uses: crazy-max/ghaction-docker-meta@v1
-        with:
-          images: ${{ github.repository }}
-          tag-custom: nightly-master
-          tag-custom-only: ${{ github.ref == 'refs/heads/master' }}
-          tag-semver: |
-            {{version}}
-            {{major}}
-            {{major}}.{{minor}}
-      - name: Build & Push
-        uses: docker/build-push-action@v4
-        with:
-          context: .
-          file: ./Dockerfile
-          platforms: linux/amd64,linux/arm64
-          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.docker_meta.outputs.tags }}
-          labels: ${{ steps.docker_meta.outputs.labels }}
--- a/.github/workflows/e2e-ci.yml
+++ b/.github/workflows/e2e-ci.yml
@@ -1,112 +0,0 @@
-name: E2E CLI
-
-on: [pull_request]
-permissions:
-  contents: read
-jobs:
-  prepare:
-    runs-on: ubuntu-latest
-    name: setup e2e verdaccio
-    services:
-      verdaccio:
-        image: verdaccio/verdaccio:nightly-master
-        ports:
-          - 4873:4873
-        env:
-          NODE_ENV: production
-    steps:
-    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-    - name: Use Node
-      uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-      with:
-        node-version-file: '.nvmrc'
-    - name: Install pnpm
-      run: npm i pnpm@latest-8 -g
-    - name: set store
-      run: |
-        mkdir ~/.pnpm-store
-        pnpm config set store-dir ~/.pnpm-store
-    - name: Install
-      run: pnpm install --reporter=silence --ignore-scripts --registry http://localhost:4873
-    - name: Cache .pnpm-store
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-      with:
-        path: ~/.pnpm-store
-        key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-        restore-keys: |
-          pnpm-
-  build:
-    needs: [prepare]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node 16
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm recursive install --reporter=silence --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Cache packages
-        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        id: cache-packages
-        with:
-          path: ./packages/
-          key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-          restore-keys: |
-            packages-
-      # - name: Cache test
-      #   uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
-      #   id: cache-test
-      #   with:
-      #     path: ./e2e/
-      #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      #     restore-keys: |
-      #       test-
-  e2e-cli:
-    needs: [prepare, build]
-    strategy:
-      fail-fast: false
-      matrix:
-        pkg: [npm6, npm7, npm8, npm9, pnpm6, pnpm7, pnpm8, yarn1, yarn2, yarn3, yarn4]
-        node: [16, 18, 19]
-    name: ${{ matrix.pkg }}/ ubuntu-latest / ${{ matrix.node }}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version: ${{ matrix.node }}
-      - name: Install pnpm
-        run: npm i pnpm@latest-8 -g
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ~/.pnpm-store
-          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      - name: set store
-        run: |
-          pnpm config set store-dir ~/.pnpm-store              
-      - name: Install
-        run: pnpm install --offline --reporter=silence --ignore-scripts --registry http://localhost:4873
-      - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: ./packages/
-          key: pkg-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      # - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # tag=v3
-      #   with:
-      #     path: ./e2e/
-      #     key: test-${{ hashFiles('pnpm-lock.yaml') }}-${{ github.run_id }}-${{ github.sha }}
-      - name: build e2e
-        run:  pnpm --filter @verdaccio/test-cli-commons build
-      - name: Test CLI
-        run: NODE_ENV=production pnpm test --filter ...@verdaccio/e2e-cli-${{matrix.pkg}}
--- a/.github/workflows/e2e-ui.yml
+++ b/.github/workflows/e2e-ui.yml
@@ -1,36 +0,0 @@
-name: E2E UI
-
-on: [pull_request]
-permissions:
-  contents: read
-jobs:
-  test:
-    runs-on: ubuntu-latest
-    name: UI Test E2E
-    services:
-      verdaccio:
-        image: verdaccio/verdaccio:5
-        ports:
-          - 4873:4873
-        env:
-          NODE_ENV: production
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-      - name: Use Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-      - name: Install pnpm
-        run: |
-         corepack enable
-         corepack prepare --activate pnpm@latest-8
-      - name: Install
-        run: pnpm install --reporter=silence --registry http://localhost:4873
-      - name: build
-        run: pnpm build
-      - name: Test UI
-        run: pnpm test:e2e:ui
-      - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
-        with:
-          name: videos
-          path: /home/runner/work/verdaccio/verdaccio/e2e/ui/cypress/videos
--- a/.github/workflows/static-data.yml
+++ b/.github/workflows/static-data.yml
@@ -1,54 +0,0 @@
---
-name: static data
-
-on:
-  workflow_dispatch:
-  schedule:
-    # twice peer week
-    - cron: '0 0 * * 1,4'
-  # for now, scheduled, we can enable on push master but not make much sense now
-  # push:
-  #   branches:
-  #     - master
-
-permissions:
-  contents: read  #  to fetch code (actions/checkout)
-
-jobs:
-  prepare:
-    name: Run script
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-      - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version: 18.x
-      - name: install pnpm
-        run: sudo npm i pnpm@latest-8 -g
-      - name: install dependencies
-        run: pnpm install
-      - name: Build Translations percentage
-        run: pnpm --filter @verdaccio/crowdin-translations build
-      - name: update contributors
-        run: pnpm run contributors
-        env:
-          TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: update addson data
-        run: pnpm script:addson
-      - name: update translations
-        run: pnpm run translations
-        env:
-          TOKEN: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}          
-      - name: format
-        run: pnpm format
-      - name: Commit & Push changes
-        uses: actions-js/push@156f2b10c3aa000c44dbe75ea7018f32ae999772 # tag=v1.4
-        with:
-          github_token: ${{ secrets.TOKEN_VERDACCIOBOT_GITHUB }}
-          message: "chore: updated static data"
-          branch: master
-          author_email: verdaccio.npm@gmail.com
-          author_name: verdacciobot
--- a/.github/workflows/ui-components.yml
+++ b/.github/workflows/ui-components.yml
@@ -1,78 +0,0 @@
-name: UI Components
-
-on: 
-  workflow_dispatch:
-  pull_request:
-    paths:
-    - .github/workflows/ui-components.yml
-    - 'packages/ui-components/**'
-    - 'package.json'
-    - 'pnpm-workspace.yaml'
-    - 'pnpm-lock.yaml'
-
-permissions:
-  contents: read  #  to fetch code (actions/checkout)
-
-env:
-  DEBUG: verdaccio*
-
-jobs:
-  deploy:
-    permissions:
-      contents: read  #  to fetch code (actions/checkout)
-      deployments: write
-      pull-requests: write  #  to comment on pull-requests
-
-    runs-on: ubuntu-latest
-    env:
-      NODE_OPTIONS: --max_old_space_size=4096
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-
-      - name: Use Node
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version-file: '.nvmrc'
-
-      - name: Cache pnpm modules
-        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        env:
-          cache-name: cache-pnpm-modules
-        with:
-          path: ~/.pnpm-store
-          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-${{ hashFiles('**/pnpm-lock.yaml') }}
-          restore-keys: |
-            ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
-
-      - name: Install pnpm
-        run: |
-          corepack enable
-            corepack prepare --activate pnpm@latest-8
-      - name: Install
-        run: pnpm install  
-      - name: Build storybook
-        run: pnpm ui:storybook:build
-      - name: Copy public content
-        # the msw.js worker is need it at the storybook-static folder in production
-        run: cp -R packages/ui-components/public/* packages/ui-components/storybook-static
-      - name: 🔥 Deploy Production UI Netlify
-        if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-        uses: verdaccio/action-netlify-deploy@1c086d59169edeec9254672c7de17d2ceac3928f # v2.0.0
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
-          netlify-site-id: ${{ secrets.NETLIFY_UI_SITE_ID }}
-          build-dir: './packages/ui-components/storybook-static'          
-      - name: 🤖 Deploy Preview UI Components Netlify
-        if: github.repository == 'verdaccio/verdaccio'
-        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
-        id: netlify_preview_ui
-        with:
-          draft: true
-          comment-on-pull-request: true
-          github-deployment-is-production: false
-          github-deployment-is-transient: true
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
-          netlify-site-id: ${{ secrets.NETLIFY_UI_SITE_ID }}
-          build-dir: './packages/ui-components/storybook-static'
--- a/.github/workflows/website.yml
+++ b/.github/workflows/website.yml
@@ -1,144 +0,0 @@
-name: Verdaccio Website CI
-
-on:
-  workflow_dispatch:
-  pull_request:
-    paths:
-        - 'website/**'
-        - './.github/workflows/website.yml'
-  schedule:
-    - cron: '0 0 * * *' 
-
-permissions:
-  contents: read  #  to fetch code (actions/checkout)
-
-jobs:
-  build:
-    permissions:
-      contents: read  #  to fetch code (actions/checkout)
-      deployments: write
-      pull-requests: write  #  to comment on pull-requests
-
-    runs-on: ubuntu-latest
-    env:
-      NODE_OPTIONS: --max_old_space_size=4096
-    steps:
-      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
-
-      - name: Use Node 16
-        uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # tag=v3
-        with:
-          node-version: 16
-
-      - name: Cache pnpm modules
-        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        env:
-          cache-name: cache-pnpm-modules
-        with:
-          path: ~/.pnpm-store
-          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-${{ hashFiles('**/pnpm-lock.yaml') }}
-          restore-keys: |
-            ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
-
-      - uses: pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598 # tag=v2.4.0
-        with:
-          version: latest-8
-          run_install: |
-            - recursive: true
-              args: [--frozen-lockfile]
-      - name: Build 
-        run: pnpm build
-      - name: Build Translations percentage
-        run: pnpm --filter @verdaccio/crowdin-translations build
-      - name: Cache Docusaurus Build
-        uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3
-        with:
-          path: website/node_modules/.cache/webpack
-          key: cache/webpack-${{github.ref}}-${{ hashFiles('**/pnpm-lock.yaml') }}
-          restore-keys: cache/webpack-${{github.ref}}
-
-      # Will deploy to production on:
-        # 1st: When a push occurs on master branch
-        # 2nd: When we force the worflow dispatch through the UI
-      - name: Build Production
-        if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-        env:
-          CROWDIN_VERDACCIO_API_KEY: ${{ secrets.CROWDIN_VERDACCIO_API_KEY }}
-          SENTRY_KEY: ${{ secrets.SENTRY_KEY }}
-          CONTEXT: production
-        run: pnpm --filter @verdaccio/website netlify:build:production
-
-      - name: 🔥 Deploy Production Netlify
-        if: (github.event_name == 'push' && github.ref == 'refs/heads/master') || github.event_name == 'workflow_dispatch'
-        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
-          netlify-site-id: ${{ secrets.NETLIFY_SITE_ID }}
-          build-dir: './website/build'
-
-      # Will deploy to Preview URL, only when a pull request is open with changes on the website
-      - name: Build Deployment Preview
-        env:
-          CONTEXT: deploy-preview
-        run: pnpm --filter ...@verdaccio/website netlify:build:deployPreview
-
-      - name: 🤖 Deploy Preview Netlify
-        if: github.repository == 'verdaccio/verdaccio'
-        uses: semoal/action-netlify-deploy@1a53f098745bf78555d11b436f5ee3af87e6b566
-        id: netlify_preview
-        with:
-          draft: true
-          comment-on-pull-request: true
-          github-deployment-is-production: false
-          github-deployment-is-transient: true
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          netlify-auth-token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
-          netlify-site-id: ${{ secrets.NETLIFY_SITE_ID }}
-          build-dir: './website/build'
-
-      - name: Audit preview URL with Lighthouse
-        if: github.repository == 'verdaccio/verdaccio'
-        id: lighthouse_audit
-        uses: treosh/lighthouse-ci-action@03becbfc543944dd6e7534f7ff768abb8a296826 # tag=10.1.0
-        with:
-          urls: |
-            ${{ steps.netlify_preview.outputs.preview-url }}
-          uploadArtifacts: true
-          temporaryPublicStorage: true
-
-      - name: Format lighthouse score
-        id: format_lighthouse_score
-        uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # tag=v6
-        with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
-          script: |
-            const result = ${{ steps.lighthouse_audit.outputs.manifest }}[0].summary
-            const links = ${{ steps.lighthouse_audit.outputs.links }}
-            const formatResult = (res) => Math.round((res * 100))
-            Object.keys(result).forEach(key => result[key] = formatResult(result[key]))
-            const score = res => res >= 90 ? '🟢' : res >= 50 ? '🟠' : '🔴'
-            const comment = [
-                `⚡️ [Lighthouse report](${Object.values(links)[0]}) for the changes in this PR:`,
-                '| Category | Score |',
-                '| --- | --- |',
-                `| ${score(result.performance)} Performance | ${result.performance} |`,
-                `| ${score(result.accessibility)} Accessibility | ${result.accessibility} |`,
-                `| ${score(result['best-practices'])} Best practices | ${result['best-practices']} |`,
-                `| ${score(result.seo)} SEO | ${result.seo} |`,
-                ' ',
-                `*Lighthouse ran on [${Object.keys(links)[0]}](${Object.keys(links)[0]})*`
-            ].join('\n')
-             core.setOutput("comment", comment);
-
-      - name: Add comment to PR
-        if: github.repository == 'verdaccio/verdaccio'
-        id: comment_to_pr
-        uses: marocchino/sticky-pull-request-comment@efaaab3fd41a9c3de579aba759d2552635e590fd # v2
-        with:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          number: ${{ github.event.issue.number }}
-          delete: true
-          header: lighthouse
-          message: |
-            ${{ steps.format_lighthouse_score.outputs.comment }}
--- a/.gitignore
+++ b/.gitignore
@@ -1,55 +1,22 @@
-*.log*
+npm-debug.log
 verdaccio-*.tgz
 .DS_Store
-build/
-dist/
-.eslintcache
-node_modules

-### database
-.verdaccio-db.json
-.sinopia-db.json
-
-### test
+###
+!bin/verdaccio
 test-storage*
 .verdaccio_test_env
+node_modules

-# docker examples
-docker-examples/v5/reverse_proxy/nginx/relative_path/storage/*
-docker-examples/v5/**/storage/*

-# jest
-reports/
+# Istanbul
 coverage/
+.nyc*
+
+# Visual Studio Code
+.vscode/*
+.jscsrc
+.jshintrc
+jsconfig.json

-## IDE
 .idea/
-
-# Compiled script
-packages/partials
-tsconfig.tsbuildinfo
-
-## bundle files
-packages/standalone/dist/
-
-## ui
-packages/plugins/ui-theme/static
-/packages/plugins/ui-theme/src/i18n/download_translations/
-!/packages/plugins/ui-theme/src/i18n/crowdin/ui.json
-
-
-# CI Pnpm cache
-.pnpm-store/
-
-#docs 
-website/docs/api/**/*.md
-website/docs/api/**/*.yml
-!website/docs/api/index.md
-packages/**/docs
-
-# cypress
-e2e/ui/cypress/videos/**/*
-e2e/ui/cypress/screenshots/**/*
-
-# storybook
-packages/ui-components/storybook-static
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@@ -1,5 +0,0 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-#./node_modules/.bin/lint-staged
-npm run husky:pre-commit
--- a/.netlify/netlify-plugin-pnpm/index.js
+++ b/.netlify/netlify-plugin-pnpm/index.js
@@ -1,10 +0,0 @@
-module.exports = {
-  onPreBuild: async ({ utils: { build, run } }) => {
-    try {
-      await run.command("npm install -g pnpm")
-      await run.command("pnpm install --ignore-scripts --frozen-lockfile")
-    } catch (error) {
-      return build.failBuild(error)
-    }
-  }
-}
--- a/.netlify/netlify-plugin-pnpm/manifest.yml
+++ b/.netlify/netlify-plugin-pnpm/manifest.yml
@@ -1,2 +0,0 @@
-name: netlify-plugin-pnpm
-inputs: []
--- a/.npmignore
+++ b/.npmignore
@@ -1,40 +1,7 @@
-## npm
-npm-debug.log
-yarn-error.log
 node_modules
-verdaccio-*.tgz
-docker-compose.yaml
-Dockerfile
-crowdin.yaml
-scripts/
-src/
-/.*
-.vscode/
-.circleci/
-debug/
-docker-examples/
-reports/
-## assets and website
-assets/
-
-## docs
-docs/
-wiki/
-
-## flow
-types/
-
-# jest
+npm-debug.log
 coverage/
+verdaccio-*.tgz
 test-storage*
-test/
-__mocks__/
-jestEnvironment.js
-test/jest.e2e.config.js
-test/jest.config.functional.js
-jest.config.js
-
-# misc
-contrib/
-storage_default_storage/
-docker-bin/
+/.*
+wiki/
--- a/.npmrc
+++ b/.npmrc
@@ -1,3 +0,0 @@
-always-auth = true
-loglevel=info
-fetch-retries="10"
--- a/.nvmrc
+++ b/.nvmrc
@@ -1 +0,0 @@
-16
--- a/.prettierignore
+++ b/.prettierignore
@@ -1,39 +0,0 @@
-.cache/
-**/corrupted-package/package.json
-**/corrupted.json
-**/invalid.js
-**/invalid.json
-**/pnpm-lock.yaml
-**/verdaccio-corrupted.db.json
-**/wrong.package.json
-crowdin.yaml
-/docs/website
-/website/translated_docs/
-CHANGELOG.md
-CONTRIBUTORS.md
-node_modules/
-**/coverage/**
-**/static/*.js
-**/dist/*.js
-website/.docusaurus/**/*
-website/i18n/**/*
-**/build/*.js
-packages/core/local-storage/_storage/**
-packages/partials/storage_default_storage/
-packages/standalone/dist/bundle.js
-packages/verdaccio/dist/bundle.js
-docker-examples/v5/reverse_proxy/nginx/relative_path/storage/*
-build/
-.vscode/
-.github/
-.netlify/
-packages/**/docs/**
-packages/mock/mock-store/**
-api/**
-packages/core/local-storage/tests/__fixtures__/test-storage/
-packages/plugins/ui-theme/static/
-.verdaccio-db.json
-test/cli/e2e-yarn4/bin/yarn-4.0.0-rc.14.cjs
-yarn.js
-website/docs/api/*
-packages/ui-components/storybook-static/*
--- a/.project
+++ b/.project
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<projectDescription>
-	<name>verdaccio-dev</name>
-	<comment></comment>
-	<projects>
-	</projects>
-	<buildSpec>
-	</buildSpec>
-	<natures>
-	</natures>
-	<filteredResources>
-		<filter>
-			<id>1630305579538</id>
-			<name></name>
-			<type>26</type>
-			<matcher>
-				<id>org.eclipse.ui.ide.multiFilter</id>
-				<arguments>1.0-name-matches-true-false-node_modules</arguments>
-			</matcher>
-		</filter>
-	</filteredResources>
-</projectDescription>
--- a/.secrets-baseline
+++ b/.secrets-baseline
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,9 @@
+language: node_js
+node_js:
+  - '4'
+  - '6'
+  - '7'
+  - '8'
+sudo: false
+script: npm install . && npm run test-travis
+after_success: npm run coverage:codecov
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -1,15 +0,0 @@
-{
-  // Use IntelliSense to learn about possible Node.js debug attributes.
-  // Hover to view descriptions of existing attributes.
-  // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
-  "version": "0.2.0",
-  "configurations": [
-    {
-      "name": "Attach",
-      "port": 9229,
-      "request": "attach",
-      "skipFiles": ["<node_internals>/**"],
-      "type": "pwa-node"
-    }
-  ]
-}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,13 +0,0 @@
-// Place your settings in this file to overwrite default and user settings.
-{
-  "files.exclude": {
-    "**/.nyc_output": true,
-    "**/build": false,
-    "**/coverage": true,
-    ".idea": true,
-    "storage_default_storage": true,
-    ".yarn": true
-  },
-  "editor.formatOnSave": true,
-  "typescript.tsdk": "node_modules/typescript/lib"
-}
--- a/74
+++ b/74
@@ -0,0 +1,74 @@
+030 <chocolatey030@gmail.com>
+Alex Kocharin <alex@kocharin.ru>
+Alex Kocharin <rlidwka@kocharin.ru>
+Alex Vernacchia <avernacchia@exacttarget.com>
+Alexander Makarenko <estliberitas@gmail.com>
+Alexandre-io <Alexandre-io@users.noreply.github.com>
+Aram Drevekenin <grimsniffer@gmail.com>
+Bart Dubois <dubcio@o2.pl>
+Barthélemy Vessemont <bvessemont@gmail.com>
+Brandon Nicholls <brandon.nicholls@gmail.com>
+Bren Norris <bnorris@enterrasolutions.com>
+Brett Trotter <brett.trotter@webfilings.com>
+Brian Peacock <bpeacock@fastfig.com>
+Cedric Darne <cdarne@hibernum.com>
+Chad Killingsworth <chad.killingsworth@banno.com>
+Chris Breneman <crispy@cluenet.org>
+Cody Droz <cody-geest@uiowa.edu>
+Daniel Rodríguez Rivero <rdanielo@gmail.com>
+Denis Babineau <denis.babineau@gmail.com>
+Emmanuel Narh <narhe@advisory.com>
+Fabio Poloni <fabio@APP-roved.com>
+Facundo Chambó <fchambo@despegar.com>
+Guilherme Bernal <dev@lbguilherme.com>
+Jakub Jirutka <jakub@jirutka.cz>
+James Newell <j.newell@nib.com.au>
+Jan Vansteenkiste <jan@vstone.eu>
+Jannis Achstetter <jannis.achstetter@schneider-electric.com>
+Jeremy Moritz <jeremy@jeremymoritz.com>
+John Gozde <johng@pandell.com>
+Jon de la Motte <jondlm@gmail.com>
+Joseph Gentle <me@josephg.com>
+José De Paz <josedepaz@users.noreply.github.com>
+Juan Carlos Picado <juan@encuestame.org>
+Juan Carlos Picado <juanpicado19@gmail.com>
+Juan Picado <juanpicado19@gmail.com>
+Juan Picado @jotadeveloper <juanpicado19@gmail.com>
+Kalman Speier <kalman.speier@gmail.com>
+Keyvan Fatehi <keyvanfatehi@gmail.com>
+Kody J. Peterson <kodypeterson@users.noreply.github.com>
+Madison Grubb <madison.grubb@itential.com>
+Manuel de Brito Fontes <aledbf@gmail.com>
+Mark Doeswijk <mark.doeswijk@marviq.com>
+Meeeeow <i@aka.mn>
+Meeeeow <me@async.sh>
+Michael Arnel <michael.arnel@gmail.com>
+Michael Crowe <michael@developrise.com>
+Miguel Mejias <miguelangelmejias@dorna.com>
+Miroslav Bajtoš <miroslav@strongloop.com>
+Nate Ziarek <natez@OSX12-L-NATEZ.local>
+Nick <nick.edelenbos@trimm.nl>
+Piotr Synowiec <psynowiec@gmail.com>
+Rafael Cesar <rafa.cesar@gmail.com>
+Robert Ewald <r3wald@gmail.com>
+Robert Groh <robert.groh@medesso.de>
+Robin Persson <rprssn@gmail.com>
+Romain Lai-King <romain.laiking@opentrust.com>
+Ryan Graham <r.m.graham@gmail.com>
+Ryan Graham <ryan@codingintrigue.co.uk>
+Sam Day <sday@atlassian.com>
+Tarun Garg <tarun1793@users.noreply.github.com>
+Thomas Cort <thomasc@ssimicro.com>
+Tom Vincent <git@tlvince.com>
+Trent Earl <trent@trentearl.com>
+Yannick Croissant <yannick.croissant@gmail.com>
+Yannick Galatol <ygalatol@teads.tv>
+cklein <trancesilken@gmail.com>
+danielo515 <rdanielo@gmail.com>
+jmwilkinson <j.wilkinson@f5.com>
+jotadeveloper <juanpicado19@gmail.com>
+jotadeveloper <juanpicado@users.noreply.github.com>
+maxlaverse <max@laverse.net>
+saheba <saheba@users.noreply.github.com>
+steve-p-com <github@steve-p.com>
+trent.earl <trent.earl@malauzai.com>
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,415 @@
+## 2.2.7 (July 18, 2017)
+
+- bug: fix running behind of loadbalancer with TLS termination - [#254](https://github.com/verdaccio/verdaccio/pull/254)
+
+
+## 2.2.6 (July 13, 2017)
+
+- build: update node version due security update announcement - [#251](https://github.com/verdaccio/verdaccio/pull/251)
+
+## 2.2.5 (July 4, 2017)
+
+- Fixed adding the verdaccio user into the group - [#241](https://github.com/verdaccio/verdaccio/pull/241)
+
+## 2.2.3 (July 4, 2017)
+
+- Updated Dockerfile & added proper signal handling - [#239](https://github.com/verdaccio/verdaccio/pull/239)
+
+## 2.2.2 (July 2, 2017)
+
+- Improve Docker Build - [#181](https://github.com/verdaccio/verdaccio/pull/181)
+- Bugfix #73 `npm-latest` support - [#228](https://github.com/verdaccio/verdaccio/pull/228)
+- Add [documentation](https://github.com/verdaccio/verdaccio/tree/master/wiki) - [#229](https://github.com/verdaccio/verdaccio/pull/229)   
+
+## 2.2.1 (June 17, 2017)
+
+- config section moved up, some keywords added - [#211](https://github.com/verdaccio/verdaccio/pull/211)
+- docs: update docs with behind reverse proxy - [#214](https://github.com/verdaccio/verdaccio/pull/214)
+- Add remote ip to request log - [#216](https://github.com/verdaccio/verdaccio/pull/216)
+
+## 2.2.0 (June 8, 2017)
+- Allow url_prefix to be only the path - ([@BartDubois ]((https://github.com/BartDubois))) in [#197](https://github.com/verdaccio/verdaccio/pull/197)
+- Apache reverse proxy configuration - ([@mysiar ]((https://github.com/mysiar))) in [#198](https://github.com/verdaccio/verdaccio/pull/198)
+- don't blindly clobber local dist-tags - ([@rmg ]((https://github.com/rmg))) in [#206](https://github.com/verdaccio/verdaccio/pull/206)
+- Adds cache option to uplinks - ([@silkentrance ]((https://github.com/silkentrance))) in [#132](https://github.com/verdaccio/verdaccio/pull/132)
+
+## 2.1.7 (May 14, 2017)
+- Fixed publish fail in YARN - ([@W1U02]((https://github.com/W1U02)) in [#183](https://github.com/verdaccio/verdaccio/pull/183)
+
+## 2.1.6 (May 12, 2017)
+- Fix https certificates safety check - ([@juanpicado]((https://github.com/juanpicado))) in [#189](https://github.com/verdaccio/verdaccio/pull/189)
+- Fix upstream search not work with gzip - ([@Meeeeow](https://github.com/Meeeeow) in [#170](https://github.com/verdaccio/verdaccio/pull/170))
+- Add additional requirement to output message - ([@marnel ](https://github.com/marnel) in [#184](https://github.com/verdaccio/verdaccio/pull/184))
+- Implement npm ping endpoint - ([@juanpicado]((https://github.com/juanpicado))) in [#179](https://github.com/verdaccio/verdaccio/pull/179)
+- Add support for multiple notification endpoints to existing webhook - ([@ryan-codingintrigue]((https://github.com/ryan-codingintrigue))) 
+in [#108](https://github.com/verdaccio/verdaccio/pull/108)
+
+
+
+## 2.1.5 (April 22, 2017)
+- fix upstream search - ([@Meeeeow](https://github.com/Meeeeow) in [#166](https://github.com/verdaccio/verdaccio/pull/166))
+- Fix search feature - ([@Meeeeow](https://github.com/Meeeeow) in [#163](https://github.com/verdaccio/verdaccio/pull/163))
+- add docs about run behind proxy - ([@Meeeeow](https://github.com/Meeeeow) in [#160](https://github.com/verdaccio/verdaccio/pull/160))
+
+## 2.1.4 (April 13, 2017)
+- Added Nexus Repository OSS as similar existing software - ([@nedelenbos030](https://github.com/nedelenbos) in [#147](https://github.com/verdaccio/verdaccio/pull/147))
+- Increase verbose on notify request - ([@juanpicado](https://github.com/juanpicado) in [#153](https://github.com/verdaccio/verdaccio/pull/153))
+- Add fallback support to previous config files - ([@juanpicado](https://github.com/juanpicado) in [#155](https://github.com/verdaccio/verdaccio/pull/155))
+- Allows retrieval of all local package contents via http://server/-/search/* - ([@Verikon](https://github.com/Verikon) in [#152](https://github.com/verdaccio/verdaccio/pull/155))
+
+## 2.1.3 (March 29, 2017)
+- [GH-83] create systemd service - ([@030](https://github.com/030) in [#89](https://github.com/verdaccio/verdaccio/pull/89))
+- optional scope in the readme package name. - ([@psychocode](https://github.com/psychocode) in [#136](https://github.com/verdaccio/verdaccio/pull/136))
+- Added docker image for rpi - ([@danielo515](https://github.com/danielo515) in [#137](https://github.com/verdaccio/verdaccio/pull/137))
+- Allow configuring a tagline that is displayed on the webpage between. ([@jachstet-sea](https://github.com/jachstet-sea) in [#143](https://github.com/verdaccio/verdaccio/pull/143))
+
+## 2.1.2 (March 9, 2017)
+- Contribute guidelines - ([@juanpicado](https://github.com/juanpicado) in [#133](https://github.com/verdaccio/verdaccio/pull/133))
+- fix(plugin-loader): plugins verdaccio-* overwrite by sinopia- ([@Alexandre-io](https://github.com/Alexandre-io) in [#129](https://github.com/verdaccio/verdaccio/pull/129))
+
+## 2.1.1 (February 7, 2017)
+
+- [GH-86] updated readme to point to new chef cookbook ([@kgrubb](https://github.com/kgrubb) in [#117](https://github.com/verdaccio/verdaccio/pull/117))
+- [GH-88] rename to Verdaccio instead of Sinopia ([@kgrubb](https://github.com/kgrubb) in [#93](https://github.com/verdaccio/verdaccio/pull/93))
+- Unit testing coverage ([@juanpicado](https://github.com/juanpicado) in [#116](https://github.com/verdaccio/verdaccio/issues/116))
+- Allow htpasswd-created users to log in [@imsnif](https://github.com/imsnif) in [#112](https://github.com/verdaccio/verdaccio/issues/112))
+- remove travis io.js support ([@juanpicado](https://github.com/juanpicado) in [#115](https://github.com/verdaccio/verdaccio/issues/115))
+- rename clean up ([@juanpicado](https://github.com/juanpicado) in [#114](https://github.com/verdaccio/verdaccio/issues/114))
+- _npmUser / author not showing up ([@juanpicado](https://github.com/juanpicado) in [#65](https://github.com/verdaccio/verdaccio/issues/65))
+- Docs: correct config attribute `proxy_access` ([@robertgroh](https://github.com/robertgroh) in [#96](https://github.com/verdaccio/verdaccio/pull/96))
+- Problem with docker.yaml ([@josedepaz](https://github.com/josedepaz) in [#72](https://github.com/verdaccio/verdaccio/pull/72)) 
+- Prevent logging of user and password ([@tlvince](https://github.com/tlvince) in [#94](https://github.com/verdaccio/verdaccio/pull/94))
+- Updated README.md to reflect the availability of the docker image ([@jmwilkinson](https://github.com/jmwilkinson)) in [#71](https://github.com/verdaccio/verdaccio/pull/71)) 
+
+## 2.1.0 (October 11, 2016)
+
+- Use __dirname to resolve local plugins ([@aledbf](https://github.com/aledbf) in [#25](https://github.com/verdaccio/verdaccio/pull/25))
+- Fix npm cli logout ([@plitex](https://github.com/plitex) in [#47](https://github.com/verdaccio/verdaccio/pull/47))
+- Add log format: pretty-timestamped ([@jachstet-sea](https://github.com/jachstet-sea) in [#68](https://github.com/verdaccio/verdaccio/pull/68))
+- Allow adding/overriding HTTP headers of uplinks via config ([@jachstet-sea](https://github.com/jachstet-sea) in [#67](https://github.com/verdaccio/verdaccio/pull/67))
+- Update Dockerfile to fix failed start ([@denisbabineau](https://github.com/denisbabineau) in [#62](https://github.com/verdaccio/verdaccio/pull/62))
+- Update the configs to fully support proxying scoped packages ([@ChadKillingsworth](https://github.com/ChadKillingsworth) in [#60](https://github.com/verdaccio/verdaccio/pull/60))
+- Prevent the server from crashing if a repo is accessed that the user does not have access to ([@crowebird](https://github.com/crowebird) in [#58](https://github.com/verdaccio/verdaccio/pull/58))
+- Hook system, for integration into things like slack
+- Register entry partial even if custom template is provided ([@plitex](https://github.com/plitex) in [#46](https://github.com/verdaccio/verdaccio/pull/46))
+- Rename process to verdaccio ([@juanpicado](https://github.com/juanpicado) in [#57](https://github.com/verdaccio/verdaccio/pull/57))
+
+
+## 7 Jun 2015, version 1.4.0
+
+- avoid sending X-Forwarded-For through proxies (issues [#19](https://github.com/rlidwka/sinopia/issues/19), [#254](https://github.com/rlidwka/sinopia/issues/254))
+- fix multiple issues in search (issues [#239](https://github.com/rlidwka/sinopia/issues/239), [#253](https://github.com/rlidwka/sinopia/pull/253))
+- fix "maximum stack trace exceeded" errors in auth (issue [#258](https://github.com/rlidwka/sinopia/issues/258))
+
+## 10 May 2015, version 1.3.0
+
+- add dist-tags endpoints (issue [#211](https://github.com/rlidwka/sinopia/issues/211))
+
+## 22 Apr 2015, version 1.2.2
+
+- fix access control regression in `1.2.1` (issue [#238](https://github.com/rlidwka/sinopia/issues/238))
+- add a possibility to bind on unix sockets (issue [#237](https://github.com/rlidwka/sinopia/issues/237))
+
+## 11 Apr 2015, version 1.2.1
+
+- added more precise authorization control to auth plugins (issue [#207](https://github.com/rlidwka/sinopia/pull/207))
+
+## 29 Mar 2015, version 1.1.0
+
+- add a possibility to listen on multiple ports (issue [#172](https://github.com/rlidwka/sinopia/issues/172))
+- added https support (issues [#71](https://github.com/rlidwka/sinopia/issues/71), [#166](https://github.com/rlidwka/sinopia/issues/166))
+- added an option to use a custom template for web UI (issue [#208](https://github.com/rlidwka/sinopia/pull/208))
+- remove "from" and "resolved" fields from shrinkwrap (issue [#204](https://github.com/rlidwka/sinopia/issues/204))
+- fix hanging when rendering readme (issue [#206](https://github.com/rlidwka/sinopia/issues/206))
+- fix logger-related crash when using sinopia as a library
+- all requests to uplinks should now have proper headers
+
+## 12 Feb 2015, version 1.0.1
+
+- fixed issue with `max_users` option (issue [#184](https://github.com/rlidwka/sinopia/issues/184))
+- fixed issue with not being able to disable the web interface (issue [#195](https://github.com/rlidwka/sinopia/pull/195))
+- fixed 500 error while logging in with npm (issue [#200](https://github.com/rlidwka/sinopia/pull/200))
+
+## 26 Jan 2015, version 1.0.0
+
+- switch markdown parser from `remarkable` to `markdown-it`
+- update `npm-shrinkwrap.json`
+- now downloading tarballs from upstream using the same protocol as for metadata (issue [#166](https://github.com/rlidwka/sinopia/issues/166))
+
+## 22 Dec 2014, version 1.0.0-beta.2
+
+- fix windows behavior when `$HOME` isn't set (issue [#177](https://github.com/rlidwka/sinopia/issues/177))
+- fix sanitization for highlighted code blocks in readme (issue [render-readme/#1](https://github.com/rlidwka/render-readme/issues/1))
+
+## 15 Dec 2014, version 1.0.0-beta
+
+- Markdown rendering is now a lot safer (switched to remarkable+sanitizer).
+- Header in web interface is now static instead of fixed.
+- `GET /-/all?local` now returns list of all local packages (issue [#179](https://github.com/rlidwka/sinopia/pull/179))
+
+## 5 Dec 2014, version 1.0.0-alpha.3
+
+- Fixed an issue with scoped packages in tarballs
+
+## 25 Nov 2014, version 1.0.0-alpha
+
+- Config file is now created in `$XDG_CONFIG_HOME` instead of current directory. 
+
+  It is printed to stdout each time sinopia starts, so you hopefully won't have any trouble locating it.
+
+  The change is made so sinopia will pick up the same config no matter which directory it is started from.
+
+- Default config file is now a lot shorter, and it is very permissive by default. You could use sinopia without modifying it on your own computer, but definitely should change it on production.
+
+- Added auth tokens. For now, auth token is just a username+password encrypted for security reasons, so it isn't much different from basic auth, but allows to avoid "always-auth" npm setting.
+
+- Added scoped packages.
+
+  Please note that default `*` mask won't apply to them. You have to use masks like `@scope/*` to match scoped packages, or `**` to match everything.
+
+- Enabled web interface by default. Wow, it looks almost ready now!
+
+- All dependencies are bundled now, so uncompatible changes in 3rd party stuff in the future won't ruin the day.
+
+## 1 Nov 2014, version 0.13.2
+
+- fix `EPERM`-related crashes on windows (issue [#67](https://github.com/rlidwka/sinopia/issues/67))
+
+## 22 Oct 2014, version 0.13.0
+
+- web interface:
+  - web page layout improved (issue [#141](https://github.com/rlidwka/sinopia/pull/141))
+  - latest version is now displayed correctly (issues [#120](https://github.com/rlidwka/sinopia/issues/120), [#123](https://github.com/rlidwka/sinopia/issues/123), [#143](https://github.com/rlidwka/sinopia/pull/143))
+  - fixed web interface working behind reverse proxy (issues [#145](https://github.com/rlidwka/sinopia/issues/145), [#147](https://github.com/rlidwka/sinopia/issues/147))
+
+## 2 Oct 2014, version 0.12.1
+
+- web interface:
+  - update markdown CSS (issue [#137](https://github.com/rlidwka/sinopia/pull/137))
+  - jquery is now served locally (issue [#133](https://github.com/rlidwka/sinopia/pull/133))
+
+- bugfixes:
+  - fix "offset out of bounds" issues (issue [sinopia-htpasswd/#2](https://github.com/rlidwka/sinopia-htpasswd/issues/2))
+  - "max_users" in htpasswd plugin now work correctly (issue [sinopia-htpasswd/#3](https://github.com/rlidwka/sinopia-htpasswd/issues/3))
+  - fix `ENOTDIR, open '.sinopia-db.json'` error in npm search (issue [#122](https://github.com/rlidwka/sinopia/issues/122))
+
+## 25 Sep 2014, version 0.12.0
+
+- set process title to `sinopia`
+
+- web interface bugfixes:
+  - save README data for each package (issue [#100](https://github.com/rlidwka/sinopia/issues/100))
+  - fix crashes related to READMEs (issue [#128](https://github.com/rlidwka/sinopia/issues/128))
+
+## 18 Sep 2014, version 0.11.3
+
+- fix 500 error in adduser function in sinopia-htpasswd (issue [#121](https://github.com/rlidwka/sinopia/issues/121))
+- fix fd leak in authenticate function in sinopia-htpasswd (issue [#116](https://github.com/rlidwka/sinopia/issues/116))
+
+## 15 Sep 2014, version 0.11.1
+
+- mark crypt3 as optional (issue [#119](https://github.com/rlidwka/sinopia/issues/119))
+
+## 15 Sep 2014, version 0.11.0
+
+- Added auth plugins (issue [#99](https://github.com/rlidwka/sinopia/pull/99))
+
+  Now you can create your own auth plugin based on [sinopia-htpasswd](https://github.com/rlidwka/sinopia-htpasswd) package.
+
+- WIP: web interface (issue [#73](https://github.com/rlidwka/sinopia/pull/73))
+
+  It is disabled by default, and not ready for production yet. Use at your own risk. We will enable it in the next major release.
+
+- Some modules are now bundled by default, so users won't have to install stuff from git. We'll see what issues it causes, maybe all modules will be bundled in the future like in npm.
+
+## 14 Sep 2014, version 0.10.x
+
+*A bunch of development releases that are broken in various ways. Please use 0.11.x instead.*
+
+## 7 Sep 2014, version 0.9.3
+
+- fix several bugs that could cause "can't set headers" exception
+
+## 3 Sep 2014, version 0.9.2
+
+- allow "pretty" format for logging into files (issue [#88](https://github.com/rlidwka/sinopia/pull/88))
+- remove outdated user existence check (issue [#115](https://github.com/rlidwka/sinopia/pull/115))
+
+## 11 Aug 2014, version 0.9.1
+
+- filter falsey _npmUser values (issue [#95](https://github.com/rlidwka/sinopia/pull/95))
+- option not to cache third-party files (issue [#85](https://github.com/rlidwka/sinopia/issues/85))
+
+## 26 Jul 2014, version 0.9.0
+
+- new features:
+  - add search functionality (issue [#65](https://github.com/rlidwka/sinopia/pull/65))
+  - allow users to authenticate using .htpasswd (issue [#44](https://github.com/rlidwka/sinopia/issues/44))
+  - allow user registration with "npm adduser" (issue [#44](https://github.com/rlidwka/sinopia/issues/44))
+
+- bugfixes:
+  - avoid crashing when res.socket is null (issue [#89](https://github.com/rlidwka/sinopia/issues/89))
+
+## 20 Jun 2014, version 0.8.2
+
+- allow '@' in package/tarball names (issue [#75](https://github.com/rlidwka/sinopia/issues/75))
+- other minor fixes (issues [#77](https://github.com/rlidwka/sinopia/issues/77), [#80](https://github.com/rlidwka/sinopia/issues/80))
+
+## 14 Apr 2014, version 0.8.1
+
+- "latest" tag is now always present in any package (issue [#63](https://github.com/rlidwka/sinopia/issues/63))
+- tags created with new npm versions (>= 1.3.19) can now be published correctly
+
+## 1 Apr 2014, version 0.8.0
+
+- use gzip compression whenever possible (issue [#54](https://github.com/rlidwka/sinopia/issues/54))
+- set `ignore_latest_tag` to false, it should now be more compatible with npm registry
+- make `fs-ext` optional (issue [#61](https://github.com/rlidwka/sinopia/issues/61))
+
+## 29 Mar 2014, version 0.7.1
+
+- added `ignore_latest_tag` config param (issues [#55](https://github.com/rlidwka/sinopia/issues/55), [#59](https://github.com/rlidwka/sinopia/issues/59))
+- reverted PR [#56](https://github.com/rlidwka/sinopia/issues/56) (see discussion in [#57](https://github.com/rlidwka/sinopia/issues/57))
+
+## 13 Mar 2014, version 0.7.0
+
+- config changes:
+  - breaking change: all time intervals are now specified in *seconds* instead of *milliseconds* for the sake of consistency. Change `timeout` if you have one!
+  - all time intervals now can be specified in [nginx notation](http://wiki.nginx.org/ConfigNotation), for example `1m 30s` will specify a 90 seconds timeout
+  - added `maxage` option to avoid asking public registry for the same data too often (issue [#47](https://github.com/rlidwka/sinopia/issues/47))
+  - added `max_fails` and `fail_timeout` options to reduce amount of requests to public registry when it's down (issue [#7](https://github.com/rlidwka/sinopia/issues/7))
+
+- bug fixes:
+  - fix crash when headers are sent twice (issue [#52](https://github.com/rlidwka/sinopia/issues/52))
+  - all tarballs are returned with `Content-Length`, which allows [yapm](https://github.com/rlidwka/yapm) to estimate download time
+  - when connection to public registry is interrupted when downloading a tarball, we no longer save incomplete tarball to the disk
+
+- other changes:
+  - 404 errors are returned in couchdb-like manner (issue [#56](https://github.com/rlidwka/sinopia/issues/56))
+
+## 5 Mar 2014, version 0.6.7
+
+- pin down express@3 version, since sinopia doesn't yet work with express@4
+
+## 28 Feb 2014, version 0.6.5
+
+- old SSL keys for npm are removed, solves `SELF_SIGNED_CERT_IN_CHAIN` error
+
+## 3 Feb 2014, version 0.6.3
+
+- validate tags and versions (issue [#40](https://github.com/rlidwka/sinopia/issues/40))
+- don't crash when process.getuid doesn't exist (issue [#41](https://github.com/rlidwka/sinopia/issues/41))
+
+## 18 Jan 2014, version 0.6.2
+
+- adding config param to specify upload limits (issue [#39](https://github.com/rlidwka/sinopia/issues/39))
+- making loose semver versions work (issue [#38](https://github.com/rlidwka/sinopia/issues/38))
+
+## 13 Jan 2014, version 0.6.1
+
+- support setting different storage paths for different packages (issue [#35](https://github.com/rlidwka/sinopia/issues/35))
+
+## 30 Dec 2013, version 0.6.0
+
+- tag support (issue [#8](https://github.com/rlidwka/sinopia/issues/8))
+- adding support for npm 1.3.19+ behaviour (issue [#31](https://github.com/rlidwka/sinopia/issues/31))
+- removing all support for proxying publish requests to uplink (too complex)
+
+## 26 Dec 2013, version 0.5.9
+
+- fixing bug with bad Accept header (issue [#32](https://github.com/rlidwka/sinopia/issues/32))
+
+## 20 Dec 2013, version 0.5.8
+
+- fixed a warning from js-yaml
+- don't color multiline strings in logs output
+- better error messages in various cases
+- test format changed
+
+## 15 Dec 2013, version 0.5.7
+
+- try to fetch package from uplinks if user requested a tarball we don't know about (issue [#29](https://github.com/rlidwka/sinopia/issues/29))
+- security fix: set express.js to production mode so we won't return stack traces to the user in case of errors
+
+## 11 Dec 2013, version 0.5.6
+
+- fixing a few crashes related to tags
+
+## 8 Dec 2013, version 0.5.4
+
+- latest tag always shows highest version available (issue [#8](https://github.com/rlidwka/sinopia/issues/8))
+- added a configurable timeout for requests to uplinks (issue [#18](https://github.com/rlidwka/sinopia/issues/18))
+- users with bad authentication header are considered not logged in (issue [#17](https://github.com/rlidwka/sinopia/issues/17))
+
+## 24 Nov 2013, version 0.5.3
+
+- added proxy support for requests to uplinks (issue [#13](https://github.com/rlidwka/sinopia/issues/13))
+- changed license from default BSD to WTFPL
+
+## 26 Oct 2013, version 0.5.2
+
+- server now supports unpublishing local packages
+- added fs-ext dependency (flock)
+- fixed a few face conditions
+
+## 20 Oct 2013, version 0.5.1
+
+- fixed a few errors related to logging
+
+## 12 Oct 2013, version 0.5.0
+
+- using bunyan as a log engine
+- pretty-formatting colored logs to stdout by default
+- ask user before creating any config files
+
+## 5 Oct 2013, version 0.4.3
+
+- basic tags support for npm (read-only)
+- npm star/unstar calls now return proper error
+
+## 29 Sep 2013, version 0.4.2
+
+## 28 Sep 2013, version 0.4.1
+
+- using mocha for tests now
+- making use of streams2 api, doesn't work on 0.8 anymore
+- basic support for uploading packages to other registries
+
+## 27 Sep 2013, version 0.4.0
+
+- basic test suite
+- storage path in config is now relative to config file location, not cwd
+- proper cleanup for temporary files
+
+## 12 Jul 2013, version 0.3.2
+
+## 4 Jul 2013, version 0.3.1
+
+- using ETag header for all json output, based on md5
+
+## 20 Jun 2013, version 0.3.0
+
+- compression for http responses
+- requests for files to uplinks are now streams (no buffering)
+- tarballs are now cached locally
+
+## 19 Jun 2013, version 0.2.0
+
+- config file changed, packages is now specified with minimatch
+- ability to retrieve all packages from another registry (i.e. npmjs)
+
+## 14 Jun 2013, version 0.1.1
+
+- config is now autogenerated
+- tarballs are now read/written from fs using streams (no buffering)
+
+## 9 Jun 2013, version 0.1.0
+
+- first npm version
+- ability to publish packages and retrieve them locally
+- basic authentication/access control
+
+## 22 May 2013, version 0.0.0
+
+- first commits
+
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -8,19 +8,19 @@ In the interest of fostering an open and welcoming environment, we as contributo

 Examples of behavior that contributes to creating a positive environment include:

- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members

 Examples of unacceptable behavior by participants include:

- The use of sexualized language or imagery and unwelcome sexual attention or advances
- Trolling, insulting/derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Other conduct which could reasonably be considered inappropriate in a professional setting
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting

 ## Our Responsibilities

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,390 +1,208 @@
-# Contributing
+# Contributing to Verdaccio

-> This guidelines refers to the main (`master`) that host the v6.x, if you want to contribute to `5.x` please read the following [link](https://github.com/verdaccio/verdaccio/blob/5.x/CONTRIBUTING.md).
+We are happy you wish to contribute this project, for that reason we want to board you with this guide.

-We're happy that you're considering contributing!
+## How I contribute?

-To help you getting started we've prepared these guidelines for you, any change matter, just do it:

-## How Do I Contribute?
+### Ways to contribute

-There are many ways to contribute:
+There are many ways to contribute to the Verdaccio Project. Here’s a list of technical contributions with increasing levels of involvement and required knowledge of Verdaccio's code and operations.

- [Report a bug](#reporting-bugs)
- [Request a feature you think would be great for Verdaccio](#feature-request)
- [Fixing bugs](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22issue%3A+bug%22)
- [Test and triage bugs reported by others](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3Aissue_needs_triage)
- [Working on requested/approved features](https://github.com/verdaccio/verdaccio/issues?q=is%3Aopen+is%3Aissue+label%3A%22topic%3A+feature+request%22+)
- [Improve the codebase (linting, naming, comments, test descriptions, etc...)](https://github.com/verdaccio/verdaccio/discussions/1461)
- Improve code coverage for unit testing for every module, [end to end](https://github.com/verdaccio/verdaccio/tree/master/e2e/cli) or [UI test](https://github.com/verdaccio/verdaccio/tree/master/e2e/ui) (with cypress).
+* [Reporting a Bug](CONTRIBUTING.md#reporting-a-bug)
+* [Request Features](CONTRIBUTING.md#request-features)
+* [Plugins](CONTRIBUTING.md#plugins)

-The Verdaccio project is split into several areas, the first three hosted in the main repository:
+Please read carefully this document. It will guide you to provide maintainers and readers valuable information to boots the process solve the issue or evaluate your proposal.

- **Core**: The [core](https://github.com/verdaccio/verdaccio) is the main repository, built with **Node.js**.
- **Website**: we use [**Docusaurus**](https://docusaurus.io/) for the **website** and if you are familiar with this technology, you might become the official webmaster.
- **User Interface**: The [user Interface](https://github.com/verdaccio/ui) is based in **react** and **material-ui** and looking for front-end contributors.
- **Kubernetes and Helm**: Ts the official repository for the [**Helm chart**](https://github.com/verdaccio/charts).
+## Reporting a Bug

-> There are other areas to contribute, like [documentation](https://github.com/verdaccio/verdaccio/tree/master/website/docs) or [translations](#translations}).
+We welcome clear bug reports. If you've found a bug in Verdaccio that isn't a security risk, please file a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues). Before you file your issue, search to see if it has already been reported. If so, up-vote (using GitHub reactions) or add additional helpful details to the existing issue to show that it's affecting multiple people.
+ 
+### Check if there's a simple solution in the wiki.

-## Prepare local setup {#local-setup}
+Some of the most popular topics can be found in our [wiki](https://github.com/verdaccio/verdaccio/wiki), that would be the first place to look at the topic you are interested.

-Verdaccio uses [pnpm](https://pnpm.io) as the package manager for development in this repository.
+### Questions & Chat

-If you are using pnpm for the first time the [pnpm configuration documentation](https://pnpm.io/configuring) may be useful to avoid any potential problems with the following steps.
+We have tagged questions for easy follow up under the tag [questions](https://github.com/verdaccio/verdaccio/labels/question). Additionaly, I'd recommend to deliver questions in the new chat as **#questions/#development** channels at  [gitter](https://gitter.im/verdaccio/). 

-**Note**: pnpm uses npm's configuration formats so check that your global `.npmrc` file does not inadvertently disable package locks. In other words, your `.npmrc` file **should not** contain
+### Look at the past

-```
-package-lock=false
-```
+* Verdaccio is a fork of `sinopia@1.4.0`, thereforce, there is a huge [database of tickets](https://github.com/rlidwka/sinopia/issues) in the original projet. It's a good place to find answers. 
+* Questions under the tag of [sinopia](http://stackoverflow.com/questions/tagged/sinopia) or [verdaccio](http://stackoverflow.com/search?q=verdaccio) at Stackoverflow  might be helpful.

-This setting would cause the `pnpm install` command to install incorrect versions of package dependencies and the subsequent `pnpm build` step would likely fail.
+### Using the issue tracker

-To begin your development setup, please install the latest version of pnpm globally:
+The issue tracker is a channel were mostly users/developers post.

-```
-npm i -g pnpm@latest-8
-```
+#### I want to report a bug

-With pnpm installed, the first step is installing all dependencies:
+We considere a bug a feature that is not working as is described in the documentation. Before reporte a bug follow the next steps:

-```
-pnpm install
-```
+1. Use the GitHub issue search — check if the issue has already been reported.

-### Building the project
+2. Check if the issue has been fixed — try to reproduce it using the latest master or development branch in the repository.

-To build the project run
+Verdaccio still does not support all npm commands due either in the initial design were not considered important or nobody has request it yet.

-```
-pnpm build
-```
+## Request Features

-### Running test
+A new feature is always welcome, thus, analyse whether you ir idea fits in the scope of the project and elaborate your request providing enough context, for instance:

-```
-pnpm test
-```
+* A wide description the advantages of your request.
+* It's compatible with `npm` and `yarn`?
+* You might implement your feature and provide a forked repository as example.
+* Whatever you have on mind 🤓.

-Verdaccio is a mono repository. To run the tests for for a specific package:
-
-```
-cd packages/store
-pnpm test
-```
-
-or an specific test in that package:
-
-```
-pnpm test test/merge.dist.tags.spec.ts
-```
-
-or a single test unit:
-
-```
-pnpm test test/merge.dist.tags.spec.ts -- -t 'simple'
-```
-
-Coverage reporting is enabled by default, but you can turn it off to speed up
-test runs:
-
-```
-pnpm test test/merge.dist.tags.spec.ts -- -t 'simple' --coverage=false
-```
-
-You can enable increased [`debug`](https://www.npmjs.com/package/debug) output:
-
-```
-DEBUG=verdaccio:* pnpm test
-```
-
-More details in the debug section
-
-### Running and debugging
-
-> Check the debugging guidelines [here](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio)
-
-We use [`debug`](https://www.npmjs.com/package/debug) to add helpful debugging
-output to the code. Each package has it owns namespace.
-
-#### Useful Scripts
-
-To run the application from the source code, ensure the project has been built with `pnpm build`, once this is done, there are few commands that helps to run server:
-
- `pnpm start`: Runs server on port `8000` and UI on port `4873`. This is particularly useful if you want to contribute to the UI, since it runs with hot reload.
- `pnpm debug`: Run the server in debug mode `--inspect`. UI runs too but without hot reload. For automatic break use `pnpm debug:break`.
- `pnpm debug:fastify`: To contribute on the [fastify migration](https://github.com/verdaccio/verdaccio/discussions/2155) this is a temporary command for such purpose.
- `pnpm website`: Build the website, for more commands to run the _website_, run `cd website` and then `pnpm serve`, website will run on port `3000`.
- `pnpm docker`: Build the docker image. Requires `docker` command available in your system.
-
-#### Debugging compiled code {#debugging-compiled-code}
-
-Currently you can only run pre-compiled packages in debug mode. To enable debug
-while running add the `verdaccio` namespace using the `DEBUG` environment
-variable, like this:
-
-```
-DEBUG=verdaccio:* node packages/verdaccio/debug/bootstrap.js
-```
-
-You can filter this output to just the packages you're interested in using
-namespaces:
-
-```
-DEBUG=verdaccio:plugin:* node packages/verdaccio/debug/bootstrap.js
-```
-
-The debug code is intended to analyze what is happening under the hood and none
-of the output is sent to the logger module.
-
-> [See the full guide how to debug with Verdaccio](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio)
-
-#### Testing your changes in a local registry {#testing-local-registry}
-
-Once you have perform your changes in the code base, the build and tests passes you can publish a local version:
-
- Ensure you have build all modules (or the one you have modified)
- Run `pnpm local:publish:release` to launch a local registry and publish all packages into it. This command will be alive until server is killed (Control Key + C)
-
-```
-pnpm build
-pnpm local:publish:release
-```
-
-The last step consist on install globally the package from the local registry which runs on the default port (4873).
-
-```
-npm i -g verdaccio --registry=http://localhost:4873
-verdaccio
-```
-
-If you perform more changes in the source code, repeat this process, there is not _hot reloading_ support.
-
-## Feature Request {#feature-request}
-
-New feature requests are welcome. Analyse whether the idea fits within scope of the project. Adding in context and the use-case will really help!
-
-**Please provide:**
-
- Create a [discussion](https://github.com/verdaccio/verdaccio/discussions/new).
- A detailed description the advantages of your request.
- Whether or not it's compatible with `npm`, `pnpm` and [_yarn classic_
-  ](https://github.com/yarnpkg/yarn) or [_yarn modern_
-  ](https://github.com/yarnpkg/berry).
- A potential implementation or design
- Whatever else is on your mind! 🤓
-
-## Reporting Bugs {#reporting-bugs}
-
-**Bugs are considered features that are not working as described in
-documentation.**
-
-If you've found a bug in Verdaccio **that isn't a security risk**, please file
-a report in our [issue tracker](https://github.com/verdaccio/verdaccio/issues), if you think a potential vulnerability please read the [security policy](https://verdaccio.org/community/security) .
-
-> **NOTE: Verdaccio still does not support all npm commands. Some were not
-> considered important and others have not been requested yet.**
-
-### What's is not considered a bug?
-
- _Third party integrations_: proxies integrations, external plugins
- _Package managers_: If a package manager does not support a specific command
-  or cannot be reproduced with another package manager
- _Features clearly flagged as not supported_
- _Node.js issues installation in any platform_: If you cannot install the
-  global package (this is considered external issue)
- Any ticket which has been flagged as an [external issue
-  ](https://github.com/verdaccio/verdaccio/labels/external-issue)
-
-If you intend to report a **security** issue, please follow our [Security policy
-guidelines](https://github.com/verdaccio/verdaccio/security/policy).
-
-### Issues {#issues}
-
-Before reporting a bug please:
-
- Search for existing issues to see if it has already been reported
- Look for the **question** label: we have labelled questions for easy follow-up
-  as [questions](https://github.com/verdaccio/verdaccio/labels/question)
-
-In case any of those match with your search, up-vote it (using GitHub reactions)
-or add additional helpful details to the existing issue to show that it's
-affecting multiple people.
-
-### Contributing support
-
-Questions can be asked via [Discord](https://discord.gg/7qWJxBf)
-
-**Please use the `#contribute` channel.**
-
-## Development Guidelines {#development-guidelines}
-
-It's recommended use a UNIX system for local development, Windows should works fine for development, but is not daily tested could not be perfect. To ensure a fast code review and merge, please follow the next guidelines:
-
-Any contribution gives you the right to be part of this organization as _collaborator_ and your avatar will be automatically added to the [contributors page](https://verdaccio.org/contributors).
-
-## Pull Request {#pull-request}
-
-### Submitting a Pull Request {#submit-pull-request}
-
-The following are the steps you should follow when creating a pull request.
-Subsequent pull requests only need to follow step 3 and beyond.
+### Submitting a Pull Request
+The following are the general steps you should follow in creating a pull request.  Subsequent pull requests only need
+to follow step 3 and beyond:

 1. Fork the repository on GitHub
 2. Clone the forked repository to your machine
-3. Make your changes and commit them to your local repository
-4. Rebase and push your commits to your GitHub remote fork/repository
-5. Issue a Pull Request to the official repository
-6. Your Pull Request is reviewed by a committer and merged into the repository
+3. Create a "feature" branch in your local repository
+4. Make your changes and commit them to your local repository
+5. Rebase and push your commits to your GitHub remote fork/repository
+6. Issue a Pull Request to the official repository
+7. Your Pull Request is reviewed by a committer and merged into the repository

-**NOTE**: While there are other ways to accomplish the steps using other tools,
-the examples here will assume most actions will be performed via `git` on
-command line.
+*Note*: While there are other ways to accomplish the steps using other tools, the examples here will assume the most
+actions will be performed via the `git` command line.

-For more information on maintaining a fork, please see the GitHub Help article
-titled [Fork a Repo](https://help.github.com/articles/fork-a-repo/), and
-information on [rebasing](https://git-scm.com/book/en/v2/Git-Branching-Rebasing).
+### 1. Fork the Repository

-### Make Changes and Commit
+When logged in to your GitHub account, and you are viewing one of the main repositories, you will see the *Fork* button.
+Clicking this button will show you which repositories you can fork to.  Choose your own account.  Once the process
+finishes, you will have your own repository that is "forked" from the official one.

-#### Caveats
+Forking is a GitHub term and not a git term.  Git is a wholly distributed source control system and simply worries
+about local and remote repositories and allows you to manage your code against them.  GitHub then adds this additional
+layer of structure of how repositories can relate to each other.

-Feel free to commit as much times you want in your branch, but keep on mind on
-this repository we `git squash` on merge by default, as we like to maintain a
-clean git history.
+### 2. Clone the Forked Repository

-#### Before Push {#before-push}
-
-Before committing or push, **you must ensure there are no linting errors and
-all tests passes**. To do verify, run these commands before creating the PR:
+Once you have successfully forked your repository, you will need to clone it locally to your machine:

 ```bash
-pnpm lint
-pnpm format
-pnpm build
-pnpm test
+$ git clone --recursive git@github.com:username/verdaccio.git verdaccio
 ```

-> note: eslint and formatting are run separately, keep code formatting
-> before push.
+This will clone your fork to your current path in a directory named `verdaccio`.

-All good? Perfect! You should create the pull request.
+You should also set up the `upstream` repository.  This will allow you to take changes from the "master" repository
+and merge them into your local clone and then push them to your GitHub fork:

-#### Commit Guidelines {#commits}
-
-On a pull request, commit messages are not important, please focus on document properly the pull request content. The commit message will be taken from the pull request title, it is recommended to use lowercase format.
-
-### Adding a changeset {#changeset}
-
-We use [changesets](https://github.com/atlassian/changesets) in order to
-generate a detailed Changelog as possible.
-
-Adding a changeset with your Pull Request is essential if you want your
-contribution to get merged (unless it does not affect functionality or
-user-facing content, eg: docs, readme, adding test or typo/lint fixes). To
-create a changeset please run:
-
-```
-pnpm changeset
+```bash
+$ cd verdaccio
+$ git remote add upstream git@github.com:verdaccio/verdaccio.git
+$ git fetch upstream
 ```

-Then select the packages you want to include in your changeset navigating
-through them and press the spacebar to check it, on finish press enter to move
-to the next step.
+Then you can retrieve upstream changes and rebase on them into your code like this:

-```
-🦋  Which packages would you like to include? …
-✔ changed packages
- changed packages
-  ✔ @verdaccio/api
-  ✔ @verdaccio/auth
-  ✔ @verdaccio/cli
-  ✔ @verdaccio/config
-  ✔ @verdaccio/commons-api
+```bash
+$ git pull --rebase upstream master
 ```

-The next question would be if you want a _major bump_. This is not the usual
-scenario, most likely you want a patch, and in that case press enter 2 times
-(to skip minor)
+For more information on maintaining a fork, please see the GitHub Help article [Fork a Repo](https://help.github.com/articles/fork-a-repo/) and information on
+[rebasing](https://git-scm.com/book/en/v2/Git-Branching-Rebasing) from git.

-```
-🦋  Which packages should have a major bump? …
-✔ all packages
-  ✔ @verdaccio/config@5.0.0-alpha.0
+### 3. Create a Branch
+
+The easiest workflow is to keep your master branch in sync with the upstream branch and do not locate any of your own
+commits in that branch.  When you want to work on a new feature, you then ensure you are on the master branch and create
+a new branch from there.  While the name of the branch can be anything, it can often be easy to use the issue number
+you might be working on (if an issue was opened prior to opening a pull request).  For example:
+
+```bash
+$ git checkout -b issue-12345 master
+Switched to a new branch 'issue-12345'
 ```

-Once you have the desired bump you need, the CLI will ask for a summary. Here
-you have full freedom on what to include:
+You will then be on the feature branch.  You can verify what branch you are on like this:

-```
-🦋  Which packages would you like to include? · @verdaccio/config
-🦋  Which packages should have a major bump? · No items were selected
-🦋  Which packages should have a minor bump? · No items were selected
-🦋  The following packages will be patch bumped:
-🦋  @verdaccio/config@5.0.0-alpha.0
-🦋  Please enter a summary for this change (this will be in the changelogs). Submit empty line to open external editor
-🦋  Summary ›
+```bash
+$ git status
+# On branch issue-12345
+nothing to commit, working directory clean
 ```

-The last step is to confirm your changeset or abort the operation:
+### 4. Make Changes and Commit

+#### Before commit
+
+At this point you have ready your changes, your new feature it's ready to be shipped, but, to avoid delays to merge, please be aware the build must past.
+
+Before commit, run the test command:
+
+```bash
+npm test
 ```
-🦋  Is this your desired changeset? (Y/n) · true
-🦋  Changeset added! - you can now commit it
-🦋
-🦋  If you want to modify or expand on the changeset summary, you can find it here
-🦋  info /Users/user/verdaccio.clone/.changeset/light-scissors-smell.md
+It won't have **eslint** errors and **all test must past**. Then, and only then, you should push and ship your **PR**.
+
+*At the moment of this writing, there are plenty of warning to clean, but please  warnings are not fails, but try to don't commit code with warnings*
+
+#### After testing your changes
+
+Now you just need to make your changes.  Once you have finished your changes (and tested them) you need to commit them
+to your local repository (assuming you have staged your changes for committing):
+
+```bash
+$ git status
+# On branch issue-12345
+# Changes to be committed:
+#   (use "git reset HEAD <file>..." to unstage)
+#
+#        modified:   somefile.js
+#
+$ git commit -m "Corrects some defect, fixes #12345, refs #12346"
+[t12345 0000000] Corrects some defect, fixes #12345, refs #12346
+ 1 file changed, 2 insertions(+), 2 deletions(-)
 ```

-Once the changeset is added (all will have an unique name) you can freely edit
-using markdown, adding additional information, code snippets or whatever else
-you consider to be relevant.
+### 5. Rebase and Push Changes

-All that information will be part of the **changelog**. Be concise but
-informative! It's recommended to add your nickname and GitHub link to your
-profile.
+If you have been working on your contribution for a while, the upstream repository may have changed.  You may want to
+ensure your work is on top of the latest changes so your pull request can be applied cleanly:

-**PRs that do not follow the commit message guidelines will not be merged.**
+```bash
+$ git pull --rebase upstream master
+```

-### Update Tests
+When you are ready to push your commit to your GitHub repository for the first time on this branch you would do the
+following:

-**Any change in source code must include test updates**.
+```bash
+$ git push -u origin issue-12345
+```

-If you need help with how testing works, please [refer to the following guide
-](https://github.com/verdaccio/verdaccio/wiki/Running-and-Debugging-tests).
+After the first time, you simply need to do:

-**If you are introducing new features, you MUST include new tests. PRs for
-features without tests will not be merged.**
+```bash
+$ git push
+```

-## Translations {#translations}
+### 6. Issue a Pull Request

-All translations are provided by the **[crowdin](http://crowdin.com)** platform,
-[https://translate.verdaccio.org/](https://translate.verdaccio.org/)
+In order to have your commits merged into the main repository, you need to create a pull request.  The instructions for
+this can be found in the GitHub Help Article [Creating a Pull Request](https://help.github.com/articles/creating-a-pull-request/).  Essentially you do the following:

-If you want to contribute by adding translations, create an account (GitHub could be used as fast alternative), in the platform you can contribute to two areas, the website or improve User Interface translations.
+1. Go to the site for your repository.
+2. Click the Pull Request button.
+3. Select the feature branch from your repository.
+4. Enter a title and description of your pull request in the description.
+5. Review the commit and files changed tabs.
+6. Click `Send Pull Request`

-If a language is not listed, ask for it in the [Discord](https://discord.gg/7qWJxBf) channel #contribute channel.
+You will get notified about the status of your pull request based on your GitHub settings.

-For adding a new **language** on the UI follow these steps:

-1. Ensure the **language** has been enabled, must be visible in the `crowdin` platform.
-2. Find in the explorer the file `en.US.json` in the path `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` and complete the translations, **not need to find approval on this**.
-3. Into the project, add a new field into `packages/plugins/ui-theme/src/i18n/crowdin/ui.json` file, in the section `lng`, the new language, eg: `{ lng: {korean:"Korean"}}`. (This file is English based, once the PR has been merged, this string will be available in crowdin for translate to the targeted language).
-4. Add the language, [flag icon](https://www.npmjs.com/package/country-flag-icons), and the menu key fort he new language eg: `menuKey: 'lng.korean'` to the file `packages/plugins/ui-theme/src/i18n/enabledLanguages.ts`.
-5. For local testing, read `packages/plugins/ui-theme/src/i18n/ABOUT_TRANSLATIONS.md`.
-6. Add a `changeset` file, see more info below.
+## Plugins

-## Develop Plugins {#develop-plugins}
+Plugins are Add-ons that extend the functionality of the application. Whether you want develop your own plugin I'd suggest do the following:

-Plugins are add-ons that extend the functionality of the application.
-
-If you want to develop your own plugin:
-
-1. Check whether there is a legacy Sinopia plugin for the feature that you need
-   via [npmjs](https://www.npmjs.com/search?q=sinopia)
-2. Keep in mind the [life-cycle to load a plugin
-   ](https://verdaccio.org/docs/en/dev-plugins)
-3. You are free to host your plugin in your repository
-4. Provide a detailed description of your plugin to help users understand how to
-   use it
+1. Check whether there is a legacy sinopia plugin for the feature that you need at [npmjs](https://www.npmjs.com/search?q=sinopia).
+2. There is a [life-cycle to load a plugin](https://github.com/verdaccio/verdaccio/blob/master/lib/plugin-loader.js#L22) you should keep on mind.
+3. You are free to host your plugin in your repository, whether you want to host within in our organization, feel free to ask, we'll happy to host it.
+4. Try a describe widely your plugin to provide a deeply understanding to your users.
--- a/67
+++ b/67
@@ -1,58 +1,35 @@
-FROM --platform=${BUILDPLATFORM:-linux/amd64} node:18-alpine as builder
-
-ENV NODE_ENV=development \
-    VERDACCIO_BUILD_REGISTRY=https://registry.npmjs.org
-
-RUN apk --no-cache add openssl ca-certificates wget && \
-    apk --no-cache add g++ gcc libgcc libstdc++ linux-headers make python3 && \
-    wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \
-    wget -q https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.35-r0/glibc-2.35-r0.apk && \
-    apk add --force-overwrite glibc-2.35-r0.apk
-
-WORKDIR /opt/verdaccio-build
-COPY . .
-RUN npm -g i pnpm@latest-8 && \
-    pnpm config set registry $VERDACCIO_BUILD_REGISTRY && \
-    pnpm install --frozen-lockfile --ignore-scripts && \
-    rm -Rf test && \
-    pnpm run build
-# FIXME: need to remove devDependencies from the build    
-# NODE_ENV=production pnpm install --frozen-lockfile --ignore-scripts
-# RUN pnpm install --prod --ignore-scripts
-
-FROM node:18-alpine
+FROM node:8.1.4-alpine
 LABEL maintainer="https://github.com/verdaccio/verdaccio"

-ENV VERDACCIO_APPDIR=/opt/verdaccio \
-    VERDACCIO_USER_NAME=verdaccio \
-    VERDACCIO_USER_UID=10001 \
-    VERDACCIO_PORT=4873 \
-    VERDACCIO_PROTOCOL=http
-ENV PATH=$VERDACCIO_APPDIR/docker-bin:$PATH \
-    HOME=$VERDACCIO_APPDIR
+RUN apk --no-cache add openssl && \
+    wget -O /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 && \
+    chmod +x /usr/local/bin/dumb-init && \
+    apk del openssl

-WORKDIR $VERDACCIO_APPDIR
+ENV APPDIR /usr/local/app

-RUN apk --no-cache add openssl dumb-init
+WORKDIR $APPDIR

-RUN mkdir -p /verdaccio/storage /verdaccio/plugins /verdaccio/conf
+ADD . $APPDIR

-COPY --from=builder /opt/verdaccio-build .
+RUN npm install

-RUN ls packages/config/src/conf
-ADD packages/config/src/conf/docker.yaml /verdaccio/conf/config.yaml
+RUN mkdir -p /verdaccio/storage /verdaccio/conf
+ADD conf/docker.yaml /verdaccio/conf/config.yaml

-RUN adduser -u $VERDACCIO_USER_UID -S -D -h $VERDACCIO_APPDIR -g "$VERDACCIO_USER_NAME user" -s /sbin/nologin $VERDACCIO_USER_NAME && \
-    chmod -R +x $VERDACCIO_APPDIR/packages/verdaccio/bin $VERDACCIO_APPDIR/docker-bin && \
-    chown -R $VERDACCIO_USER_UID:root /verdaccio/storage && \
-    chmod -R g=u /verdaccio/storage /etc/passwd
+RUN addgroup -S verdaccio && adduser -S -G verdaccio verdaccio && \
+    chown -R verdaccio:verdaccio "$APPDIR" && \
+    chown -R verdaccio:verdaccio /verdaccio

-USER $VERDACCIO_USER_UID
+USER verdaccio

-EXPOSE $VERDACCIO_PORT
+ENV PORT 4873
+ENV PROTOCOL http

-VOLUME /verdaccio/storage
+EXPOSE $PORT

-ENTRYPOINT ["uid_entrypoint"]
+VOLUME ["/verdaccio"]

-CMD $VERDACCIO_APPDIR/packages/verdaccio/bin/verdaccio --config /verdaccio/conf/config.yaml --listen $VERDACCIO_PROTOCOL://0.0.0.0:$VERDACCIO_PORT
+ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
+
+CMD $APPDIR/bin/verdaccio --config /verdaccio/conf/config.yaml --listen $PROTOCOL://0.0.0.0:${PORT}
--- a/Dockerfile.rpi
+++ b/Dockerfile.rpi
@@ -0,0 +1,13 @@
+FROM hypriot/rpi-node:6-onbuild
+
+RUN mkdir -p /verdaccio/storage /verdaccio/conf
+
+WORKDIR /verdaccio
+
+ADD conf/docker.yaml /verdaccio/conf/config.yaml
+
+EXPOSE 4873
+
+VOLUME ["/verdaccio/conf", "/verdaccio/storage"]
+
+CMD ["/usr/src/app/bin/verdaccio", "--config", "/verdaccio/conf/config.yaml", "--listen", "0.0.0.0:4873"]
--- a/Gruntfile.js
+++ b/Gruntfile.js
@@ -0,0 +1,39 @@
+module.exports = function(grunt) {
+  grunt.initConfig({
+    pkg: grunt.file.readJSON('package.json'),
+    browserify: {
+      dist: {
+        files: {
+          'lib/static/main.js': ['lib/GUI/js/main.js'],
+        },
+        options: {
+          debug: true,
+          transform: ['browserify-handlebars'],
+        },
+      },
+    },
+    less: {
+      dist: {
+        files: {
+          'lib/static/main.css': ['lib/GUI/css/main.less'],
+        },
+        options: {
+          sourceMap: false,
+        },
+      },
+    },
+    watch: {
+      files: ['lib/GUI/**/*'],
+      tasks: ['default'],
+    },
+  });
+
+  grunt.loadNpmTasks('grunt-browserify');
+  grunt.loadNpmTasks('grunt-contrib-watch');
+  grunt.loadNpmTasks('grunt-contrib-less');
+
+  grunt.registerTask('default', [
+    'browserify',
+    'less',
+  ]);
+};
--- a/21
+++ b/21
@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2021 Verdaccio contributors
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
--- a/README.md
+++ b/README.md
@@ -1,343 +1,192 @@
-[![BannerUK](https://cdn.verdaccio.dev/readme/banner-uk.svg)](https://donate.redcrossredcrescent.org/ua/donate/~my-donation?_cv=1)
+`verdaccio` is a fork of `sinopia`. It aims to keep backwards compatibility with `sinopia`, while keeping up with npm changes.

-> Verdaccio stands for **peace**, stop the war, we will be yellow / blue 🇺🇦 until that happens.
+`verdaccio` - a private/caching npm repository server

-![verdaccio logo](https://cdn.verdaccio.dev/readme/verdaccio@2x.png)
+[![CircleCI](https://circleci.com/gh/verdaccio/verdaccio/tree/master.svg?style=svg)](https://circleci.com/gh/verdaccio/verdaccio/tree/master)
+[![npm version badge](https://img.shields.io/npm/v/verdaccio.svg)](https://www.npmjs.org/package/verdaccio)
+[![downloads badge](http://img.shields.io/npm/dm/verdaccio.svg)](https://www.npmjs.org/package/verdaccio)
+[![codecov](https://codecov.io/gh/verdaccio/verdaccio/branch/master/graph/badge.svg)](https://codecov.io/gh/verdaccio/verdaccio)
+[![Gitter chat](https://badges.gitter.im/verdaccio/questions.png)](https://gitter.im/verdaccio/)

-![verdaccio gif](https://cdn.verdaccio.dev/readme/readme-website.png)
+[![dockeri.co](http://dockeri.co/image/verdaccio/verdaccio)](https://hub.docker.com/r/verdaccio/verdaccio/)

-# Version Next (Development branch)
+It allows you to have a local npm registry with zero configuration. You don't have to install and replicate an entire CouchDB database. Verdaccio keeps its own small database and, if a package doesn't exist there, it asks npmjs.org for it keeping only those packages you use.

-> Looking for Verdaccio 5 version? Check the branch `5.x`
-> The plugins for the `v5.x` that are hosted within this organization are located
-> at the [`verdaccio/monorepo`](https://github.com/verdaccio/monorepo) repository, while for the `next` version
-> are hosted on this project `./packages/plugins`, keep on mind `next` plugins will eventually would be
-> incompatible with `v5.x` versions.
-> Note that contributing guidelines might be different based on the branch.
+<p align="center"><img src="https://firebasestorage.googleapis.com/v0/b/jotadeveloper-8d2f3.appspot.com/o/verdaccio2-compressor.png?alt=media&token=c9b01824-26f2-4cba-bd6f-f352e08cb8ff"></p>

-[Verdaccio](https://verdaccio.org/) is a simple, **zero-config-required local private npm registry**.
-No need for an entire database just to get started! Verdaccio comes out of the box with
-**its own tiny database**, and the ability to proxy other registries (eg. npmjs.org),
-caching the downloaded modules along the way.
-For those looking to extend their storage capabilities, Verdaccio
-**supports various community-made plugins to hook into services such as Amazon's s3,
-Google Cloud Storage** or create your own plugin.
+## Use cases

-[![verdaccio (latest)](https://img.shields.io/npm/v/verdaccio/latest.svg)](https://www.npmjs.com/package/verdaccio)
-[![verdaccio (downloads)](https://img.shields.io/npm/dy/verdaccio.svg)](https://www.npmjs.com/package/verdaccio)
-[![docker pulls](https://img.shields.io/docker/pulls/verdaccio/verdaccio.svg?maxAge=43200)](https://verdaccio.org/docs/en/docker.html)
-[![backers](https://opencollective.com/verdaccio/tiers/backer/badge.svg?label=Backer&color=brightgreen)](https://opencollective.com/verdaccio)
-[![stackshare](https://img.shields.io/badge/Follow%20on-StackShare-blue.svg?logo=stackshare&style=flat)](https://stackshare.io/verdaccio)
+1. Use private packages.

-[![discord](https://img.shields.io/discord/388674437219745793.svg)](http://chat.verdaccio.org/)
-[![MIT](https://img.shields.io/github/license/mashape/apistatus.svg)](https://github.com/verdaccio/verdaccio/blob/master/LICENSE)
-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/verdaccio/localized.svg)](https://crowdin.com/project/verdaccio)
+   If you want to use all benefits of npm package system in your company without sending all code to the public, and use your private packages just as easy as public ones.

-[![Twitter followers](https://img.shields.io/twitter/follow/verdaccio_npm.svg?style=social&label=Follow)](https://twitter.com/verdaccio_npm)
-[![Github](https://img.shields.io/github/stars/verdaccio/verdaccio.svg?style=social&label=Stars)](https://github.com/verdaccio/verdaccio/stargazers)
-[![StandWithUkraine](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/badges/StandWithUkraine.svg)](https://github.com/vshymanskyy/StandWithUkraine/blob/main/docs/README.md)
+   See [using private packages](#using-private-packages) section for details.

-## Install
+2. Cache npmjs.org registry.

-> Latest Node.js v16 required
+   If you have more than one server you want to install packages on, you might want to use this to decrease latency
+   (presumably "slow" npmjs.org will be connected to only once per package/version) and provide limited failover (if npmjs.org is down, we might still find something useful in the cache).

-Install with npm:
+   See [using public packages](#using-public-packages-from-npmjsorg) section for details.
+
+3. Override public packages.
+
+   If you want to use a modified version of some 3rd-party package (for example, you found a bug, but maintainer didn't accept pull request yet), you can publish your version locally under the same name.
+
+   See [override public packages](#override-public-packages) section for details.
+
+## Installation

 ```bash
-npm install --location=global verdaccio@next
-```
+# installation and starting (application will create default
+# config in config.yaml you can edit later)
+$ npm install -g verdaccio
+# or 
+$ yarn global add verdaccio
+# run in your terminal
+$ verdaccio

-With `yarn`
+# After npm 5.2 you can use npx which install and launch verdaccio with the same command
+$ npx verdaccio

-```bash
-yarn global add verdaccio@next
-```
+# npm configuration
+$ npm set registry http://localhost:4873/

-With `pnpm`
-
-```bash
-pnpm i -g verdaccio@next
-```
-
-or
-
-```bash
-docker pull verdaccio/verdaccio:nightly-master
-```
-
-or with _helm_ [official chart](https://github.com/verdaccio/charts).
-
-```bash
-helm repo add verdaccio https://charts.verdaccio.org
-helm repo update
-helm install verdaccio/verdaccio
-```
-
-Furthermore, you can read the [**Debugging Guidelines**](https://github.com/verdaccio/verdaccio/wiki/Debugging-Verdaccio) and the [**Docker Examples**](https://github.com/verdaccio/verdaccio/tree/master/docker-examples) for more advanced development.
-
-## Plugins
-
-You can develop your own [plugins](https://verdaccio.org/docs/plugins) with the [verdaccio generator](https://github.com/verdaccio/generator-verdaccio-plugin). Installing [Yeoman](https://yeoman.io/) is required.
-
-```
-npm install --location=global yo
-npm install --location=global generator-verdaccio-plugin
-```
-
-Learn more [here](https://verdaccio.org/docs/dev-plugins) how to develop plugins. Share your plugins with the community.
-
-## Donations
-
-Verdaccio is run by **volunteers**; nobody is working full-time on it. If you find this project to be useful and would like to support its development, consider do a long support donation - **and your logo will be on this section of the readme.**
-
-**[Donate](https://github.com/sponsors/verdaccio)** 💵👍🏻 starting from _$1/month_ or just one single contribution.
-
-## What does Verdaccio do for me?
-
-### Use private packages
-
-If you want to use all benefits of npm package system in your company without sending all code to the public, and use your private packages just as easy as public ones.
-
-### Cache npmjs.org registry
-
-If you have more than one server you want to install packages on, you might want to use this to decrease latency
-(presumably "slow" npmjs.org will be connected to only once per package/version) and provide limited failover (if npmjs.org is down, we might still find something useful in the cache) or avoid issues like _[How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript](https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/)_, _[Many packages suddenly disappeared](https://github.com/npm/registry-issue-archive/issues/255)_ or _[Registry returns 404 for a package I have installed before](https://github.com/npm/registry-issue-archive/issues/329)_.
-
-### Link multiple registries
-
-If you use multiples registries in your organization and need to fetch packages from multiple sources in one single project you might take advance of the uplinks feature with Verdaccio, chaining multiple registries and fetching from one single endpoint.
-
-### Override public packages
-
-If you want to use a modified version of some 3rd-party package (for example, you found a bug, but maintainer didn't accept pull request yet), you can publish your version locally under the same name. See in detail [here](https://verdaccio.org/docs/en/best#override-public-packages).
-
-### E2E Testing
-
-Verdaccio has proved to be a lightweight registry that can be
-booted in a couple of seconds, fast enough for any CI. Many open source projects use verdaccio for end to end testing, to mention some examples, **create-react-app**, **mozilla neutrino**, **pnpm**, **storybook**, **babel.js**, **angular-cli** or **docusaurus**. You can read more in [here](https://verdaccio.org/docs/e2e).
-
-Furthermore, here few examples how to start:
-
- [e2e-ci-example-gh-actions](https://github.com/juanpicado/e2e-ci-example-gh-actions)
- [verdaccio-end-to-end-tests](https://github.com/juanpicado/verdaccio-end-to-end-tests)
- [verdaccio-fork](https://github.com/juanpicado/verdaccio-fork)
-
-## Watch our Videos
-
-**Node Congress 2022, February 2022, Online Free**
-
-<div>
-   <a href="https://portal.gitnation.org/contents/five-ways-of-taking-advantage-of-verdaccio-your-private-and-proxy-nodejs-registry">
-     <img src="https://cdn.verdaccio.dev/readme/nodejscongress2022.jpg" alt="nodejs" width="200"/>
-  </a>
-</div>
-
-You might want to check out as well our previous talks:
-
- [Using Docker and Verdaccio to make Integration Testing Easy - **Docker All Hands #4 December - 2021**](https://www.youtube.com/watch?v=zRI0skF1f8I)
- [**Juan Picado** – Testing the integrity of React components by publishing in a private registry - React Finland - 2021](https://www.youtube.com/watch?v=bRKZbrlQqLY&t=16s&ab_channel=ReactFinland)
- [BeerJS Cba Meetup No. 53 May 2021 - **Juan Picado**](https://www.youtube.com/watch?v=6SyjqBmS49Y&ab_channel=BeerJSCba)
- [Node.js Dependency Confusion Attacks - April 2021 - **Juan Picado**](https://www.youtube.com/watch?v=qTRADSp3Hpo)
- [**OpenJS World 2020** about \*Cover your Projects with a Multi purpose Lightweight Node.js Registry - **Juan Picado**](https://www.youtube.com/watch?v=oVCjDWeehAQ)
- [ViennaJS Meetup - Introduction to Verdaccio by **Priscila Olivera** and **Juan Picado**](https://www.youtube.com/watch?v=hDIFKzmoCa)
- [Open Source? trivago - Verdaccio (**Ayush** and **Juan Picado**) January 2020](https://www.youtube.com/watch?v=A5CWxJC9xzc)
- [GitNation Open Source Stage - How we have built a Node.js Registry with React - **Juan Picado** December 2019](https://www.youtube.com/watch?v=gpjC8Qp9B9A)
- [Verdaccio - A lightweight Private Proxy Registry built in Node.js | **Juan Picado** at The Destro Dev Show](https://www.youtube.com/watch?reload=9&v=P_hxy7W-IL4&ab_channel=TheDestroDevShow)
-
-## Get Started
-
-Run in your terminal
-
-```bash
-verdaccio
-```
-
-You would need set some npm configuration, this is optional.
-
-```bash
-npm set registry http://localhost:4873/
-```
-
-For one-off commands or to avoid setting the registry globally:
-
-```bash
-NPM_CONFIG_REGISTRY=http://localhost:4873 npm i
+# if you use HTTPS, add an appropriate CA information
+# ("null" means get CA list from OS)
+$ npm set ca null
 ```

 Now you can navigate to [http://localhost:4873/](http://localhost:4873/) where your local packages will be listed and can be searched.

-> Warning: Verdaccio [does not currently support PM2's cluster mode](https://github.com/verdaccio/verdaccio/issues/1301#issuecomment-489302298), running it with cluster mode may cause unknown behavior.
+## Beta

-## Publishing
-
-#### 1. create a user and log in
+If you are an adventurous developer you can use and install the latest beta version

 ```bash
-npm adduser --registry http://localhost:4873
+$ npm install -g verdaccio@beta
 ```
+ 
+## Configuration
+ 
+When you start a server, it auto-creates a config file.
+ 
+**For instructions on how to run Verdaccio as a service, with a nice URL or behind a proxy have a look at the [server-side configure document](wiki/server.md).**

-> if you use HTTPS, add an appropriate CA information ("null" means get CA list from OS)
+### Docker

-```bash
-npm set ca null
-```
+Below are the most commony needed informations,
+every aspect of Docker and verdaccio is [documented separately](wiki/docker.md)

-#### 2. publish your package
+#### Prebuilt images

-```bash
-npm publish --registry http://localhost:4873
-```
+To pull the latest pre-built [docker image](https://hub.docker.com/r/verdaccio/verdaccio/):

-This will prompt you for user credentials which will be saved on the `verdaccio` server.
+`docker pull verdaccio/verdaccio`

-## Docker
+Since version 2 images for every versions are availabel as [tags](https://hub.docker.com/r/verdaccio/verdaccio/tags/).

-Below are the most commonly needed information,
-every aspect of Docker and verdaccio is [documented separately](https://www.verdaccio.org/docs/en/docker.html)
-
-```
-docker pull verdaccio/verdaccio:nightly-master
-```
-
-Available as [tags](https://hub.docker.com/r/verdaccio/verdaccio/tags/).
-
-### Running verdaccio using Docker
+#### Running verdaccio using Docker

 To run the docker container:
-
 ```bash
 docker run -it --rm --name verdaccio -p 4873:4873 verdaccio/verdaccio
 ```

-Docker examples are available [in this repository](https://github.com/verdaccio/verdaccio/tree/master/docker-examples).
+#### Using docker-compose
+
+1. Get the latest version of [docker-compose](https://github.com/docker/compose).
+2. Build and run the container: 
+
+```bash
+$ docker-compose up --build
+```
+
+### Ansible
+
+A Verdaccio playbook [is available at galaxy](https://galaxy.ansible.com/030/verdaccio) source: https://github.com/030/ansible-verdaccio
+
+### Chef
+
+The Verdaccio Chef cookbook [is available via the chef supermarket](https://supermarket.chef.io/cookbooks/verdaccio). source: https://github.com/kgrubb/verdaccio-cookbook
+
+## Adding a new user
+
+```bash
+npm adduser --registry http://localhost:4873/
+```
+
+This will prompt you for user credentials which will be saved on the `verdaccio` server.
+
+## Using private packages
+
+You can add users and manage which users can access which packages.
+
+It is recommended that you define a prefix for your private packages, for example "local", so all your private things will look like this: `local-foo`. This way you can clearly separate public packages from private ones.
+
+## Using public packages from npmjs.org
+
+If some package doesn't exist in the storage, server will try to fetch it from npmjs.org. If npmjs.org is down, it serves packages from cache pretending that no other packages exist. Verdaccio will download only what's needed (= requested by clients), and this information will be cached, so if client will ask the same thing second time, it can be served without asking npmjs.org for it.
+
+Example: if you successfully request express@3.0.1 from this server once, you'll able to do that again (with all it's dependencies) anytime even if npmjs.org is down. But say express@3.0.0 will not be downloaded until it's actually needed by somebody. And if npmjs.org is offline, this server would say that only express@3.0.1 (= only what's in the cache) is published, but nothing else.
+
+## Override public packages
+
+If you want to use a modified version of some public package `foo`, you can just publish it to your local server, so when your type `npm install foo`, it'll consider installing your version.
+
+There's two options here:
+
+1. You want to create a separate fork and stop synchronizing with public version.
+
+   If you want to do that, you should modify your configuration file so verdaccio won't make requests regarding this package to npmjs anymore. Add a separate entry for this package to *config.yaml* and remove `npmjs` from `proxy` list and restart the server.
+
+   When you publish your package locally, you should probably start with version string higher than existing one, so it won't conflict with existing package in the cache.
+
+2. You want to temporarily use your version, but return to public one as soon as it's updated.
+
+   In order to avoid version conflicts, you should use a custom pre-release suffix of the next patch version. For example, if a public package has version 0.1.2, you can upload 0.1.3-my-temp-fix. This way your package will be used until its original maintainer updates his public package to 0.1.3.

 ## Compatibility

 Verdaccio aims to support all features of a standard npm client that make sense to support in private repository. Unfortunately, it isn't always possible.

-### Basic features
+Basic features:

 - Installing packages (npm install, npm upgrade, etc.) - **supported**
 - Publishing packages (npm publish) - **supported**

-### Advanced package control
+Advanced package control:

 - Unpublishing packages (npm unpublish) - **supported**
 - Tagging (npm tag) - **supported**
- Deprecation (npm deprecate) - **supported**
+- Deprecation (npm deprecate) - not supported

-### User management
+User management:

 - Registering new users (npm adduser {newuser}) - **supported**
- Change password (npm profile set password) - **supported**
- Transferring ownership (npm owner add {user} {pkg}) - not supported, _PR-welcome_
- Token (npm token) - **supported**
+- Transferring ownership (npm owner add {user} {pkg}) - not supported, verdaccio uses its own acl management system

-### Miscellany
+Misc stuff:

 - Searching (npm search) - **supported** (cli / browser)
- Ping (npm ping) - **supported**
- Starring (npm star, npm unstar, npm stars) - **supported**
+- Starring (npm star, npm unstar) - not supported, doesn't make sense in private registry
+- Ping (npm ping) - **supported** 

-### Security
+## Storage

- npm/yarn audit - **supported**
+No CouchDB here. This application is supposed to work with zero configuration, so filesystem is used as a storage.

-## Report a vulnerability
+If you want to use a database instead, ask for it, we'll come up with some kind of a plugin system.

-If you want to report a security vulnerability, please follow the steps which we have defined for you in our [security policy](https://github.com/verdaccio/verdaccio/security/policy).
+About the storage there is a running discussion [here](https://github.com/verdaccio/verdaccio/issues?q=is%3Aissue+is%3Aopen+label%3Astorage).

-## Special Thanks
+## Similar existing things

-Thanks to the following companies to help us to achieve our goals providing free open source licenses. Every company provides enough resources to move this project forward.
-
-| Company      | Logo                                                                                                                            | License                                                                           |
-| ------------ | ------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- |
-| JetBrains    | [![jetbrain](assets/thanks/jetbrains/logo.png)](https://www.jetbrains.com/)                                                     | JetBrains provides licenses for products for active maintainers, renewable yearly |
-| Crowdin      | [![crowdin](assets/thanks/crowdin/logo.png)](https://crowdin.com/)                                                              | Crowdin provides platform for translations                                        |
-| BrowserStack | [![browserstack](https://cdn.verdaccio.dev/readme/browserstack_logo.png)](https://www.browserstack.com/)                        | BrowserStack provides plan to run End to End testing for the UI                   |
-| Netlify      | [![netlify](https://www.netlify.com/img/global/badges/netlify-color-accent.svg)](https://www.netlify.com/)                      | Netlify provides pro plan for website deployment                                  |
-| Algolia      | [![algolia](https://cdn.verdaccio.dev/sponsor/logo/algolia/logo.png)](https://algolia.com/)                                     | Algolia provides search services for the website                                  |
-| Docker       | [![docker](https://cdn.verdaccio.dev/sponsor/logo/docker/docker.png)](https://www.docker.com/community/open-source/application) | Docker offers unlimited pulls and unlimited egress to any and all users           |
-
-## Maintainers
-
-| [Juan Picado](https://github.com/juanpicado)                                   | [Ayush Sharma](https://github.com/ayusharma)                             | [Sergio Hg](https://github.com/sergiohgz)                                 |
-| ------------------------------------------------------------------------------ | ------------------------------------------------------------------------ | ------------------------------------------------------------------------- |
-| ![jotadeveloper](https://avatars3.githubusercontent.com/u/558752?s=120&v=4)    | ![ayusharma](https://avatars2.githubusercontent.com/u/6918450?s=120&v=4) | ![sergiohgz](https://avatars2.githubusercontent.com/u/14012309?s=120&v=4) |
-| [@jotadeveloper](https://twitter.com/jotadeveloper)                            | [@ayusharma\_](https://twitter.com/ayusharma_)                           | [@sergiohgz](https://twitter.com/sergiohgz)                               |
-| [Priscila Oliveria](https://github.com/priscilawebdev)                         | [Daniel Ruf](https://github.com/DanielRuf)                               |
-| ![priscilawebdev](https://avatars2.githubusercontent.com/u/29228205?s=120&v=4) | ![DanielRuf](https://avatars3.githubusercontent.com/u/827205?s=120&v=4)  |
-| [@priscilawebdev](https://twitter.com/priscilawebdev)                          | [@DanielRufde](https://twitter.com/DanielRufde)                          |
-
-You can find and chat with then over Discord, click [here](http://chat.verdaccio.org) or follow them at _Twitter_.
-
-## Who is using Verdaccio?
-
- [create-react-app](https://github.com/facebook/create-react-app/blob/master/CONTRIBUTING.md#customizing-e2e-registry-configuration) _(+86.2k ⭐️)_
- [Grafana](https://github.com/grafana/grafana/search?q=verdaccio) _(+54.9k ⭐️)_
- [Gatsby](https://github.com/gatsbyjs/gatsby) _(+49.2k ⭐️)_
- [Babel.js](https://github.com/babel/babel) _(+38.5k ⭐️)_
- [Docusaurus](https://github.com/facebook/docusaurus) _(+34k ⭐️)_
- [Vue CLI](https://github.com/vuejs/vue-cli) _(+27.4k ⭐️)_
- [Angular CLI](https://github.com/angular/angular-cli) _(+24.3k ⭐️)_
- [Uppy](https://github.com/transloadit/uppy) _(+23.8k ⭐️)_
- [bit](https://github.com/teambit/bit) _(+13k ⭐️)_
- [Aurelia Framework](https://github.com/aurelia/framework) _(+11.6k ⭐️)_
- [pnpm](https://github.com/pnpm/pnpm) _(+10.1k ⭐️)_
- [ethereum/web3.js](https://github.com/ethereum/web3.js) _(+9.8k ⭐️)_
- [Webiny CMS](https://github.com/webiny/webiny-js) _(+6.6k ⭐️)_
- [NX](https://github.com/nrwl/nx) _(+6.1k ⭐️)_
- [Mozilla Neutrino](https://github.com/neutrinojs/neutrino) _(+3.7k ⭐️)_
- [workshopper how to npm](https://github.com/workshopper/how-to-npm) _(+1k ⭐️)_
- [Amazon SDK v3](https://github.com/aws/aws-sdk-js-v3)
- [Amazon Encryption SDK for Javascript](https://github.com/aws/aws-encryption-sdk-javascript)
-
-🤓 Don't be shy, add yourself to this readme.
-
-## Open Collective Sponsors
-
-Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/verdaccio#sponsor)]
-
-[![sponsor](https://opencollective.com/verdaccio/sponsor/0/avatar.svg)](https://opencollective.com/verdaccio/sponsor/0/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/1/avatar.svg)](https://opencollective.com/verdaccio/sponsor/1/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/2/avatar.svg)](https://opencollective.com/verdaccio/sponsor/2/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/3/avatar.svg)](https://opencollective.com/verdaccio/sponsor/3/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/4/avatar.svg)](https://opencollective.com/verdaccio/sponsor/4/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/5/avatar.svg)](https://opencollective.com/verdaccio/sponsor/5/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/6/avatar.svg)](https://opencollective.com/verdaccio/sponsor/6/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/7/avatar.svg)](https://opencollective.com/verdaccio/sponsor/7/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/8/avatar.svg)](https://opencollective.com/verdaccio/sponsor/8/website)
-[![sponsor](https://opencollective.com/verdaccio/sponsor/9/avatar.svg)](https://opencollective.com/verdaccio/sponsor/9/website)
-
-## Open Collective Backers
-
-Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/verdaccio#backer)]
-
-[![backers](https://opencollective.com/verdaccio/backers.svg?width=890)](https://opencollective.com/verdaccio#backers)
-
-## Contributors
-
-This project exists thanks to all the people who contribute. [[Contribute](CONTRIBUTING.md)].
-
-[![contributors](https://opencollective.com/verdaccio/contributors.svg?width=890&button=true)](../../graphs/contributors)
-
-### FAQ / Contact / Troubleshoot
-
-If you have any issue you can try the following options, do no desist to ask or check our issues database, perhaps someone has asked already what you are looking for.
-
- [Blog](https://verdaccio.org/blog/)
- [Donations](https://github.com/sponsors/verdaccio)
- [Reporting an issue](https://github.com/verdaccio/verdaccio/issues/new/choose)
- [Running discussions](https://github.com/verdaccio/verdaccio/issues?q=is%3Aissue+is%3Aopen+label%3Adiscuss)
- [Chat](https://discord.gg/7qWJxBf)
- [Logos](https://verdaccio.org/docs/en/logo)
- [Docker Examples](https://github.com/verdaccio/verdaccio/tree/master/docker-examples)
- [FAQ](https://github.com/verdaccio/verdaccio/discussions/categories/q-a)
-
-### License
-
-Verdaccio is [MIT licensed](https://github.com/verdaccio/verdaccio/blob/master/LICENSE)
-
-The Verdaccio documentation and logos (excluding /thanks, e.g., .md, .png, .sketch) files within the /assets folder) is
-[Creative Commons licensed](https://creativecommons.org/licenses/by/4.0/).
+- npm + git (I mean, using git+ssh:// dependencies) - most people seem to use this, but it's a terrible idea... *npm update* doesn't work, can't use git subdirectories this way, etc.
+- [reggie](https://github.com/mbrevoort/node-reggie) - this looks very interesting indeed... I might borrow some code there.
+- [shadow-npm](https://github.com/dominictarr/shadow-npm), [public service](http://shadow-npm.net/) - it uses the same code as npmjs.org + service is dead
+- [gemfury](http://www.gemfury.com/l/npm-registry) and others - those are closed-source cloud services, and I'm not in a mood to trust my private code to somebody (security through obscurity yeah!)
+- npm-registry-proxy, npm-delegate, npm-proxy - those are just proxies...
+- [nexus-repository-oss](https://www.sonatype.com/nexus-repository-oss) - Repository manager that handles more than just NPM dependencies
+- Is there something else?
+- [codebox-npm](https://github.com/craftship/codebox-npm) - Serverless private npm registry using
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,77 +0,0 @@
-# Security Policy
-
-## Supported versions
-
-The following table describes the versions of this project that are currently supported with security updates:
-
-| Version   | Supported          |
-| --------- | ------------------ |
-| 2.x       | :x:                |
-| 3.x       | :x:                |
-| 4.x       | :x:                |
-| 5.x       | :white_check_mark: |
-| 6.x alpha | :x:                |
-
-## Responsible disclosure security policy
-
-A responsible disclosure policy helps protect users of the project from publicly disclosed security vulnerabilities without a fix by employing a process where vulnerabilities are first triaged in a private manner, and only publicly disclosed after a reasonable time period that allows patching the vulnerability and provides an upgrade path for users.
-
-When contacting us directly via email, we will do our best efforts to respond in a reasonable time to resolve the issue. When contacting a security program their disclosure policy will provide details on timeframe, processes and paid bounties.
-
-We kindly ask you to refrain from malicious acts that put our users, the project, or any of the project’s team members at risk.
-
-## Reporting a security issue
-
-> Please do not use the provided email address to report issues which are not related to security vulnerabilities
-
-At Verdaccio, we consider the security of our systems a top priority. But no matter how much effort we put into system security, there can still be vulnerabilities present.
-
-If you discover a security vulnerability, please use one of the following means of communications to report it to us:
-
- Report the security issue to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
-
-Note that time-frame and processes are subject to each program’s own policy.
-
- Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://cdn.verdaccio.dev/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
-
-Your efforts to responsibly disclose your findings are sincerely appreciated and will be taken into account to acknowledge your contributions.
-
-## PGP key
-
-The following is this project’s PGP key which should be used to encrypt any sensitive information shared on unsecured medium such as e-mails:
-
-```
-----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: OpenPGP.js v4.5.1
-Comment: https://openpgpjs.org
-
-xsBNBFzm3asBCACxnJDv1r6dxiM2e8iqS6B7fxY2I3X1Rc+3m8mhXOwVwRG4
-AOrQ417oSzsVLf4iocg+DWrtxzY79odTLJEovVt79rxwqIIl4y96tH+29kLB
-ao7eaYZacfstonVkBAmxBLaYv1x7cqWuukm6sBCOxapW1X9BcbR3vOghDziY
-/1AwNjupAOPvKNMtghjrdh3w0iMfZS1hw28zjM1oCeezEil+CTjgQDN+69qS
-UFG/BInJ7CVn9TvhU85inSwpxVa576fkhvFoNUrGvFvYRWtXRJndbRdBodVj
-C9At/Gb2IeNf7xqXH2KloZ1yaVNVSzLX4jqrMWeF+9Z12SjUyL6G9TwDABEB
-AAHNIXZlcmRhY2Npb0BwbS5tZSA8dmVyZGFjY2lvQHBtLm1lPsLAdQQQAQgA
-HwUCXObdqwYLCQcIAwIEFQgKAgMWAgECGQECGwMCHgEACgkQpSvoGbwFJYhn
-2wf+JF+yLQXh1EFMih6lpbx243hvglgOWmcigYVRh5mSfULcdW2pmkPQXqhE
-DW73qqwN9G9piiPnGMw7sKoB7XJVuFKyvHOYKtem5UQVRvs2rTxnSc5qFcUJ
-0w3Tw/pZ9B3fYAEYti2B/GsSOzaECfBKCFOg15xXGAdwfgff5FsorN1Gb6MG
-eCO9c8faSF/+fQUCfokwMDVzxXQFZEMx3q/rHVJ/Fm+XelZ+00c9fdyiuPW5
-dM9gATle7lz0iPtxaUDGLW8QZ/7b6O8IJ1kle0tL4AE++bXsVWxNdzhlNohH
-Hn09sIdFnG4ySTz4YJjiDd70ZdQjOGEGvutymEIN1xcNq87ATQRc5t2rAQgA
-yX2ZhUCtrz7lzK0992yveB+duVF//yo9Pei2ra9Z3GNmA+oWlRH1FTWpAmVH
-uDdUchTnxAwaKntabt3Mb1AgEZwrdiG4LuHFbdx2ls93BJ5lXdp7vB6pVf3N
-IrhHKyQ/Y5L5kMSj/GjrhO19zmj6mPPEgb3M3ZIZjQUF4pro0pExuAPA9Wxe
-awn5+0BUYFs4mZQDtTdiVuz5tWA0fNtt1aBfOPA97tmn18y4b1b0iQIJQpep
-BVVnFLeAZOevDcBJFbmQOdAjufWSSgpzX+FZ3rx6RVwwKxUiVQyUuwSQkKh5
-RufZ5zE0y7Fe/YlWXbKoj4zNJqYtjPSPngQRWf7UpwARAQABwsBfBBgBCAAJ
-BQJc5t2rAhsMAAoJEKUr6Bm8BSWIoYQH+QDw0Z84tZK4N1lh49hYyohs6vNU
-9kG69nKLQA5NymPtTxh8YOJhdJL697FkvKI4OGEO2FXUmcJS3CBJ2nBVKMq2
-1biDRKC4OhIU2RgFhS6bHy6VOn24EYs77T+zX8YXpz8ulYVln2b0QZCubN0Z
-L50tEC8HnuVMVN+/pqITdD3FjzwGZgHdW8qkKgD6qhObHCl8/cW2buCsaIAY
-eZWVPgPY1S1U0V608qYNtUCkrmUW5Sl6YLvz7JTvTsaym5mzyFXF3ErAURgI
-/v4XaWmRgNGIxbIxsFGuEs+KIKBQDJmtvJCVpBNS5IYnFf5h/LA5cfkwMKJt
-wXhyE0b/iDs60ZM=
-=QWXs
-----END PGP PUBLIC KEY BLOCK-----
-```
--- a/assets/bitmap/banner-background/verdaccio-banner.png
+++ b/assets/bitmap/banner-background/verdaccio-banner.png
--- a/assets/bitmap/banner-background/verdaccio-banner@2x.png
+++ b/assets/bitmap/banner-background/verdaccio-banner@2x.png
--- a/assets/bitmap/banner-background/verdaccio-banner@3x.png
+++ b/assets/bitmap/banner-background/verdaccio-banner@3x.png
--- a/assets/bitmap/banner-background/verdaccio.png
+++ b/assets/bitmap/banner-background/verdaccio.png
--- a/assets/bitmap/banner-background/verdaccio@2x.png
+++ b/assets/bitmap/banner-background/verdaccio@2x.png
--- a/assets/bitmap/banner-background/verdaccio@3x.png
+++ b/assets/bitmap/banner-background/verdaccio@3x.png
--- a/assets/bitmap/banner-transparent-background/verdaccio.png
+++ b/assets/bitmap/banner-transparent-background/verdaccio.png
--- a/assets/bitmap/banner-transparent-background/verdaccio@2x.png
+++ b/assets/bitmap/banner-transparent-background/verdaccio@2x.png
--- a/assets/bitmap/banner-transparent-background/verdaccio@3x.png
+++ b/assets/bitmap/banner-transparent-background/verdaccio@3x.png
--- a/assets/bitmap/logo-background-title/verdaccio-tiny-text.png
+++ b/assets/bitmap/logo-background-title/verdaccio-tiny-text.png
--- a/assets/bitmap/logo-background-title/verdaccio-tiny-text@2x.png
+++ b/assets/bitmap/logo-background-title/verdaccio-tiny-text@2x.png
--- a/assets/bitmap/logo-background-title/verdaccio-tiny-text@3x.png
+++ b/assets/bitmap/logo-background-title/verdaccio-tiny-text@3x.png
--- a/assets/bitmap/logo-background/verdaccio-tiny.png
+++ b/assets/bitmap/logo-background/verdaccio-tiny.png
--- a/assets/bitmap/logo-background/verdaccio-tiny@2x.png
+++ b/assets/bitmap/logo-background/verdaccio-tiny@2x.png
--- a/assets/bitmap/logo-background/verdaccio-tiny@3x.png
+++ b/assets/bitmap/logo-background/verdaccio-tiny@3x.png
--- a/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text.png
+++ b/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text.png
--- a/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text@2x.png
+++ b/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text@2x.png
--- a/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text@3x.png
+++ b/assets/bitmap/logo-black-white-title/verdaccio-blackwhite-text@3x.png
--- a/assets/bitmap/logo-black-white/verdaccio-blackwhite.png
+++ b/assets/bitmap/logo-black-white/verdaccio-blackwhite.png
--- a/assets/bitmap/logo-black-white/verdaccio-blackwhite@2x.png
+++ b/assets/bitmap/logo-black-white/verdaccio-blackwhite@2x.png
--- a/assets/bitmap/logo-black-white/verdaccio-blackwhite@3x.png
+++ b/assets/bitmap/logo-black-white/verdaccio-blackwhite@3x.png
--- a/assets/bitmap/logo-name-bakground/logo-small-header-bottom.png
+++ b/assets/bitmap/logo-name-bakground/logo-small-header-bottom.png
--- a/assets/bitmap/logo-name-bakground/logo-small-header-bottom@2x.png
+++ b/assets/bitmap/logo-name-bakground/logo-small-header-bottom@2x.png
--- a/assets/bitmap/logo-name-bakground/logo-small-header-bottom@3x.png
+++ b/assets/bitmap/logo-name-bakground/logo-small-header-bottom@3x.png
--- a/assets/bitmap/logo-transparent/logo-twitter-white-background.png
+++ b/assets/bitmap/logo-transparent/logo-twitter-white-background.png
--- a/assets/bitmap/logo-transparent/logo-twitter.png
+++ b/assets/bitmap/logo-transparent/logo-twitter.png
--- a/assets/bitmap/social-banner/verdaccio.github.io.png
+++ b/assets/bitmap/social-banner/verdaccio.github.io.png
--- a/assets/bitmap/social-banner/verdaccio.github.io@2x.png
+++ b/assets/bitmap/social-banner/verdaccio.github.io@2x.png
--- a/assets/bitmap/social-banner/verdaccio.github.io@3x.png
+++ b/assets/bitmap/social-banner/verdaccio.github.io@3x.png
--- a/assets/bitmap/twitter/github-template.png
+++ b/assets/bitmap/twitter/github-template.png
--- a/assets/bitmap/twitter/twitter-header.png
+++ b/assets/bitmap/twitter/twitter-header.png
--- a/assets/bitmap/twitter/twitter-social-banner-tittle-light.png
+++ b/assets/bitmap/twitter/twitter-social-banner-tittle-light.png
--- a/assets/bitmap/twitter/twitter-social-banner-tittle.png
+++ b/assets/bitmap/twitter/twitter-social-banner-tittle.png
--- a/assets/bitmap/twitter/twitter-social-banner.png
+++ b/assets/bitmap/twitter/twitter-social-banner.png
--- a/assets/bitmap/verdaccio@2x.png
+++ b/assets/bitmap/verdaccio@2x.png
--- a/assets/fonts/Apache
+++ b/assets/fonts/Apache
@@ -1,201 +0,0 @@
-Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
--- a/assets/fonts/OpenSans-Bold.ttf
+++ b/assets/fonts/OpenSans-Bold.ttf
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Juan Picado @jotadeveloper	0e6a274a0d	2.2.7	2017-07-18 21:35:33 +02:00
Juan Picado @jotadeveloper	be754a5b4e	release: update changelong	2017-07-18 21:35:17 +02:00