Freedom from NPM. Happy 4th

2 points | by vasusen 2 hours ago

4 comments

  • vasusen 2 hours ago

    We moved our SDK off public npm onto a private registry we host.

    Our customers mainly use Donobu's SDK to run their end-to-end tests in CI/CD, with AI self-healing and triage. It was unlicensed but on public npm on purpose, so `npm i` just worked.

    NPM registry has had a rough year. When we looked at alternatives, we realized self-hosting packages is not that hard anymore. Our customers continue using `npm i`. They just add a .npmrc pointing at our registry; reusing their existing Donobu API key for auth was a nice bonus.

    .npmrc was the only thing needed:

      @donobu:registry=https://api.donobu.com/npm/
      //api.donobu.com/npm/:_authToken=${DONOBU_API_KEY}
      popalchemist an hour ago

      Why is it unlicensed? That seems insane.

        vasusen 34 minutes ago

        It was for use by our paid customers in CI/CD. We did not want large companies to use it as is without a contract from us.

          popalchemist 19 minutes ago

          Then why are you posting about it here, if it is only for use by people who are already your customers? By the way, this response is baffling, you still need a license, otherwise anyone adopting your software is exposed legally. Your lack of awareness about that tells me you're young and inexperienced.