Use packages from npmjs.com
Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019 | TFS 2018
The npm client is designed to work with a single primary registry (what Azure Artifacts calls a feed). It also supports secondary scoped registries. Scoped registries can only be used to install packages whose names begin with the scope prefix, so their usage is more restrictive. If you want to use both private packages you've created and public packages from npmjs.com, we recommend using upstream sources.
The npmjs.com upstream source allows you to merge the contents of npmjs.com into your feed such that the npm client can install packages from both locations. Enabling upstream sources also automatically enables saving of packages you use from the upstream source. This is the recommended way to use Azure Artifacts with npm. Upstreams give you the most flexibility to use a combination of scoped- and nonscoped packages in your feed, as well as scoped- and nonscoped packages from npmjs.com.
Enable npmjs.com as an upstream
You can use npmjs.com as an upstream source with new and existing feeds.
On a new feed
Create a new feed. Make sure you check the Include packages from common public sources checkbox.
On an existing feed
Select Artifacts, and then select your feed.
Navigate to Feed settings by selecting the gear icon button.
Select Upstream sources, and then select Add Upstream.
Select Public source, and then select npmjs from the dropdown menu.
Select Save when you are done.
Select Save to save your changes.
Filter to saved packages
You can view the packages you saved from upstreams by selecting your Source from the dropdown menu.
Using scopes instead of upstream sources limits your private package consumption to those with the
@scope prefix e.g.
@fabrikam/core but enables you to consume public packages directly from npmjs.com, see npm scopes for more details.