Use packages from npmjs.com
Azure DevOps Services | Azure DevOps Server 2020 | Azure DevOps Server 2019 | TFS 2018 - TFS 2017
The npm client is designed to work with a single primary registry (what Azure Artifacts calls a feed). It also supports secondary scoped registries. Scoped registries can only be used to install packages whose names begin with the scope prefix, so their usage is more restrictive. If you want to use both private packages you've created and public packages from npmjs.com, we recommend using upstream sources.
The npmjs.com upstream source allows you to merge the contents of npmjs.com into your feed such that the npm client can install packages from both locations. Enabling upstream sources also automatically enables saving of packages you use from the upstream source. This is the recommended way to use Azure Artifacts with npm. Upstreams give you the most flexibility to use a combination of scoped- and non-scoped packages in your feed, as well as scoped- and non-scoped packages from npmjs.com.
Enable npmjs.com as an upstream
You can use npmjs.com as an upstream source with new and existing feeds.
On a new feed
Create a new feed. Make sure you check the Include packages from common public sources checkbox.
On an existing feed
Navigate to your feed and then select the gear icon in the top right of the page to open the feed settings.
Select the Upstream sources tab, and then select Add upstream source.
Select Public source and then select the npmjs public source from the dropdown menu.
Select Add when you are done.
Filter to saved packages
You can view the packages you saved in your feed by selecting a source from the dropdown menu.
Scopes
Using scopes instead of upstream sources limit your private package consumption to those with the @scope prefix e.g. @fabrikam/core but enable you to consume public packages directly from npmjs.com, see Npm scopes for more details.