Home

Serverless Registry

Securely develop and distribute custom packages, and confidential code without costly enterprise fees.

Read the docs

Private, Secure, and Controlled by you

Whether it’s for your company's internal tools or distributing licensed packages, VSR offers a streamlined, privacy-first environment for private development and seamless distribution.

Secure

Store and manage dependencies securely, avoiding the risks associated with public registries

Controlled

Maintain full control over access, ensuring only authorized users or systems can publish, access, or modify packages. Perfect for selling your own software & software subscriptions

Local

Run private packages locally for testing, staging, and continuous integration

Reliable

Reduce dependency on public registries, minimizing risks associated with outages or removal of critical packages.

Stable

Lock and manage specific versions of packages to maintain consistency and stability across environments (development, testing, and production).

Fast & Efficient

Benefit from better performance than public registries due to proximity and caching, improving dependency installation speeds.

Regulated

Enforce policies regarding the use of third-party libraries by vetting and approving components before they are used in production.

Coming soon
Compliant

Provide an audit trail to track package usage, changes, and version histories, ensuring compliance with legal, security, and business requirements.

Coming soon
Customizable & Flexibile

Tailor the Serverless Registry to meet specific organizational needs, such as integrating with internal systems and adding authentication mechanisms

Granular Access Tokens

Granular access tokens (GAT) offer the ability to provide precise control over who can interact with a Serverless Registry and how they can do so. These tokens define the scope of actions a user or system can perform, ensuring that access is aligned with organizational policies and roles.

Customer tokens

Read-only

Read-only tokens offer secure, controlled, and revokable access to proprietary packages, enabling businesses to manage third-party access while protecting intellectual property.

  • Read and Download packages they've been granted access to
  • Rotate and Remove associated tokens & profile information for their accounts

Team tokens

Read & Write

Create read-only and read & write team tokens to provide comprehensive and flexible access control for managing packages within an organization, allowing for collaborative and secure package management.

  • Permission to publish, update, and delete packages
  • Controlled access based on specific team roles or environments

API

Package and user management via the rest API, enabling efficient workflows, secure data handling, and robust control features for both private and open-source packages.

Tokens

Roadmap

We’re working hard to deliver a powerful and user-friendly experience across our platform.

Our API roadmap focuses on efficient package data management, user and token administration, unscoped package support, and custom tags, along with key features like rate-limiting, search, and a staging area to support smooth scaling.

On the web side, we’re enhancing accessibility with a comprehensive docs portal, user registration and account management, admin controls, and robust search and staging features.

Each update is designed to streamline workflows and provide a secure, seamless experience for our users.

API

Our API roadmap includes handling package data, managing users and tokens, supporting unscoped packages, setting custom tags, limiting usage rates, adding search, and preparing a staging area.

  • Minimal Package Metadata
  • Full Package Manifests
  • Publishing Private, Scoped Packages
  • Package Manifest Validation
  • Admin User ManagementAdd, Update, and Remove Users
  • User Token ManagementAdd, Update, and Remove Tokens
  • Unscoped Packages
  • Custom Dist-TagsLatest Is Supported
  • Token Rate-Limiting
  • Search
  • Staging

Web

Our web roadmap includes a docs portal, user registration, login, account management, admin controls, custom tags, rate-limiting, search, and a staging area.

  • Docs Portal
  • Admin User Management
  • User Registration
  • User LoginEx. Npm Login / --Auth-Type=Web
  • User Account Management
  • Custom Dist-TagsLatest Is Supported
  • Token Rate-Limiting
  • Search
  • Staging
ImplementedIn ProgressPlanned

Competitive Breakdown

VSR supports a serverless, JavaScript backend with granular access and proxy capabilities, while Verdaccio leads in plugin support, events/hooks, and multi-cloud features. JSR excels in TypeScript and API documentation, with all three platforms covering essentials like package publishing, installation, and Azure DevOps upstream integration.

Feature
VSR
Verdaccio
JSR
Serverless
JavaScript Backend
Granular Access/Permissions
Proxy Upstream Registries
Unscoped Package Names
npm Package Publishing
npm Package Installation
CDN
ESM
Manifest Validation
Plugins
Events/Hooks
Programmatic API
Web Interface
Search
First-Class Typescript
API Documentation Generation
Multi-Cloud
Azure DevOps Artifacts Upstream
JFrog Artifactory Upstream
Google Artifact Registry Upstream
Requires jsr-specific tooling or use a modified package name when using traditional npm clients (ref. https://jsr.io/docs/npm-compatibility)

Let's get started

Choose the option that's right for your needs and get started with your own Serverless Registry.

Managed

from $299 per month
  • Unlimited Packages
  • Unlimited Bandwidth
  • Business Hours Support
Granular Access Tokens
  • User seats1,000 Read only
  • Team seats10 Read/Write
Monthly Usage Allowance
  • Storage25 GB
  • Requests1 million
Contact us

Self-hosted

Free

Self-host on Cloudflare in under 5 minutes with a single click.

CloudFlareUse Wrangler
Github
Minimum RequirementsCloudflare - Free Tier
Workers
100k requests/day
D1 Database
100k writes
5M reads/day
5GB Storage/mo
R2 Bucket
1M writes
10M reads
10GB/mo
LicenseFunctional Source License — FSL-1.1-MIT