3 pointsby vasusen8 hours ago1 comment
  • vasusen8 hours ago
    We moved our SDK off public npm onto a private registry we host.

    Our customers mainly use Donobu's SDK to run their end-to-end tests in CI/CD, with AI self-healing and triage. It was unlicensed but on public npm on purpose, so `npm i` just worked.

    NPM registry has had a rough year. When we looked at alternatives, we realized self-hosting packages is not that hard anymore. Our customers continue using `npm i`. They just add a .npmrc pointing at our registry; reusing their existing Donobu API key for auth was a nice bonus.

    .npmrc was the only thing needed:

      @donobu:registry=https://api.donobu.com/npm/
      //api.donobu.com/npm/:_authToken=${DONOBU_API_KEY}
    • popalchemist7 hours ago
      Why is it unlicensed? That seems insane.
      • vasusen7 hours ago
        It was for use by our paid customers in CI/CD. We did not want large companies to use it as is without a contract from us.
        • popalchemist7 hours ago
          Then why are you posting about it here, if it is only for use by people who are already your customers? By the way, this response is baffling, you still need a license, otherwise anyone adopting your software is exposed legally. Your lack of awareness about that tells me you're young and inexperienced.