Pkgvault is a single self-hostable registry and caching proxy that speaks npm, PyPI, Cargo, Maven, Go, NuGet, RubyGems, and OCI — natively, on the wire. Point your whole toolchain at one endpoint and retire eight registries, eight mirrors, and eight status pages you currently get paged on.
Sits in front of the registries your builds already hit
Every external dependency crosses your perimeter once, then never leaves. Public-registry outages, yanked versions, and left-pad mornings stop being your incident.
The first build fetches from upstream; every build after reads from your vault at LAN speed. When npm or PyPI falls over, your CI never finds out.
Once a version lands it is content-addressed and frozen. A deleted or re-pushed upstream artifact can never silently change what your lockfile already resolved to.
Artifacts mirror to the regions your runners actually live in. A Tokyo runner pulls from Tokyo — not from a bucket eleven thousand kilometres away.
Stop paying to download the same tarball ten thousand times. One upstream fetch, served from cache forever, every byte metered in your dashboard.
What teams see after pointing their toolchain at the vault
Publish once and Pkgvault serves it back over the native protocol of every ecosystem — no per-language registry to babysit, no second auth scheme to invent.
Pkgvault implements the real npm, PyPI, Cargo, Maven, Go-module, NuGet, RubyGems, and OCI APIs end to end — Yarn, pnpm, Gradle, sbt, and Helm clients included. Your existing install, publish, and audit commands work with one flag changed: the registry URL.
Compose private packages and proxied upstreams into one merged view. Developers resolve from a single URL while you set precedence and decide which upstreams are even reachable.
Move a build from snapshot to staging to release with one call. Each gate can demand a passing scan, a valid signature, or a human approval before the artifact is allowed forward.
Scope a token to one repo, one protocol, read or write, with an expiry. Rotate from the API. Every pull and push lands in an audit log you can export.
Keep the last N releases, expire snapshots after a week, garbage-collect unreferenced layers nightly. Storage stays bounded with nobody pruning tarballs by hand.
Change one line — the registry URL. Every client below resolves, publishes, and authenticates against the same vault, with the same tokens and the same audit trail.
Scoped packages, dist-tags, and the full audit endpoint. Lockfiles resolve byte-identical across CI and laptops.
Simple and JSON APIs, wheels and sdists, with PEP 503 normalisation so pip, uv, and Poetry all agree.
Sparse-index protocol and the crates API. cargo build hits your vault and never reaches crates.io cold.
Release and snapshot layouts, checksums, and metadata the JVM ecosystem expects, served from one host.
A full GOPROXY with the .info, .mod, and .zip endpoints — plus a vendored sumdb mirror for verification.
Distribution v2 for images and ORAS artifacts, so charts, images, and SBOMs share one registry and one policy.
A registry is the chokepoint of your supply chain. Pkgvault treats it like one — signing, scanning, and recording everything that crosses it.
Every artifact is signed with Sigstore keyless signing and records who built it, from which commit, on which runner. Verify the chain before a single byte is installed.
A CycloneDX bill of materials is generated the moment you publish. When the next CVE drops, query your whole estate for the vulnerable transitive dependency in seconds.
Policy rules reject artifacts with critical CVEs, missing signatures, or forbidden licenses before they ever reach a developer or a deploy. Quarantine, don't clean up.
Proxied upstream packages are screened against known-malicious and look-alike name lists, so a compromised mirror can't smuggle a package into your builds.
Run with no outbound connectivity at all. Sync an allow-listed set of upstream packages into the isolated network as a single signed, verifiable bundle.
One Go binary on one VM, or a managed multi-region cloud — same protocols either way. Your artifacts and metadata stay in storage you own.
“We were running Verdaccio, a PyPI mirror, a Maven proxy, and a registry for images — four things to patch, four things to get paged on. Pkgvault is one binary and one URL. We deleted three services in a week and nobody noticed except the on-call rotation.”
“A public-registry outage used to mean every pipeline red. Since the pull-through cache went in, upstream can fall over and our builds don't blink. Dependency flakiness on CI went from a weekly fire to a number I stopped tracking.”
“When the last supply-chain scare hit, I answered 'are we exposed?' from the SBOM index in under a minute. Before Pkgvault that question was a two-day grep across forty repos and a lot of guessing.”
The single-binary registry is open and free forever. Upgrade when you need multi-region caching, security policy, and SSO for the whole team.
For one team and one VM.
For platform teams running it for everyone.
For regulated and air-gapped estates.
No. Pkgvault implements each ecosystem's real protocol, so npm, pip, cargo, go, maven, and docker keep working exactly as they do today. The only change is pointing the registry URL at your vault — usually one line in a config file or one environment variable on the runner.
Anything already cached keeps resolving at full speed, because the proxy serves it from your own storage. A brand-new, never-seen package will wait on the upstream — but in practice the cache covers the overwhelming majority of any build, so your pipelines stay green straight through public outages.
A mirror per language is N services to deploy, patch, authenticate, and monitor. Pkgvault is one service that speaks all of them, with one auth model, one audit log, and one provenance chain. You operate a single thing instead of a shelf full of them — and you get the SBOM and policy layer for free.
Yes. Enterprise supports true air-gap: you sync an allow-listed set of upstream packages into the isolated network as a signed, verifiable bundle, and the registry serves them with zero outbound connectivity required.
Wherever you choose. Self-hosted writes to local disk or any S3-compatible bucket you control. Managed cloud keeps artifacts and metadata in your own object storage — Pkgvault is the control plane, never the owner of your data.
Pull the single binary, point one toolchain at it, and watch your cold fetches drop to zero. No card to start. No sales call to self-host.