RepoFlow Features

Store private packages, scan for vulnerabilities, proxy upstream registries with caching, and more.

Get started Talk to an expert

Search Packages...

Repositories

npm-local

Details

Package Type: npm
Repository Type: local
Child Repositories: npm-local, maven-local, nuget-local
Uploads Routed To: None Edit
Remote URL: -
Cache Size: 0.00 Bytes
Size: 146.93 GB
Packages Count: 92417
Package List: View Packages
File Browser: Open file browser

Permissions & members

Your Permissions: Admin
Access Control: Private Edit
Members: 6 Edit Members
Upload Restrictions: 1 Edit Restrictions

react

A JavaScript library for building user interfaces

19.2.4 • 4 minutes ago • npm-local

react-dom

React package for working with the DOM

19.2.4 • 4 minutes ago • npm-local

react-router

Declarative routing for React

7.2.0 • 6 minutes ago • npm-local

react-hook-form

Performant, flexible and extensible forms with easy-to-use validation

7.54.0 • 9 minutes ago • npm-local

react-refresh

Fast Refresh runtime for React applications

0.15.0 • 12 minutes ago • npm-local

scheduler

Cooperative Scheduling for React

0.25.0 • 12 minutes ago • npm-local

react-is

Brand checking of React Elements

19.2.4 • 18 minutes ago • npm-local

react

19.2.4 • Jan 26, 2026

Install Package

npm install react@19.2.4

React

A JavaScript library for building user interfaces.

Table of Contents

Getting Started
Installation
Usage
Hooks
FAQ
License

Getting Started

This package contains the core React runtime. For web apps, you’ll typically use it together with react-dom.

Installation

npm install react@19.2.4 react-dom@19.2.4

Usage

Render your app using react-dom/client:

import { StrictMode } from 'react';
		import { createRoot } from 'react-dom/client';
		import App from './App';

	createRoot(document.getElementById('root')).render(
	  <StrictMode>
	    <App />
	  </StrictMode>
	);

Components

Build your UI by composing small components. Components can be functions that return JSX.

export default function Button(props) {
		  return <button type="button">{props.children}</button>;
		}

Hooks

Hooks let you use state and other React features in function components.

import { useState } from 'react';

		export default function Counter() {
	  const [count, setCount] = useState(0);

	  return (
	    <button type="button" onClick={() => setCount(count + 1)}>
	      Count: {count}
	    </button>
	  );
	}

FAQ Do I need a framework?

Not necessarily. React can be used standalone, but many teams prefer frameworks for routing, data fetching, and build tooling.

License

MIT

Vulnerability scanning

Remote repo

Dependency viewer

Audit logs

Universal proxy

Local repo

Virtual repo

Smart package search

Upload validation

Upload restrictions

SSO + LDAP

Personal access tokens

Custom CA certs

Retention rules

High availability

Self-hosted

AWS support

Azure support

GCP support

No indexing delays

Built for scale

Built-in README viewer

Built-in docs

Airgapped

Vulnerability scanning

Remote repo

Dependency viewer

Audit logs

Universal proxy

Local repo

Virtual repo

Smart package search

Upload validation

Upload restrictions

SSO + LDAP

Personal access tokens

Custom CA certs

Retention rules

High availability

Self-hosted

AWS support

Azure support

GCP support

No indexing delays

Built for scale

Built-in README viewer

Built-in docs

Airgapped

Universal proxy

Virtual repo

Upload validation

SSO + LDAP

Local repo

Custom CA certs

No indexing delays

Remote repo

Retention rules

Built for scale

Smart package search

High availability

Built-in README viewer

Dependency viewer

Self-hosted

Built-in docs

Upload restrictions

AWS support

Airgapped

Audit logs

Azure support

Vulnerability scanning

Personal access tokens

GCP support

Universal proxy

Virtual repo

Upload validation

SSO + LDAP

Local repo

Custom CA certs

No indexing delays

Remote repo

Retention rules

Built for scale

Smart package search

High availability

Built-in README viewer

Dependency viewer

Self-hosted

Built-in docs

Upload restrictions

AWS support

Airgapped

Audit logs

Azure support

Vulnerability scanning

Personal access tokens

GCP support

Local repo

Smart package search

Upload restrictions

Personal access tokens

Remote repo

Retention rules

Built for scale

Virtual repo

High availability

Built-in README viewer

Dependency viewer

Self-hosted

Built-in docs

Upload validation

AWS support

Airgapped

Audit logs

Azure support

Vulnerability scanning

SSO + LDAP

GCP support

Universal proxy

Custom CA certs

No indexing delays

Local repo

Smart package search

Upload restrictions

Personal access tokens

Remote repo

Retention rules

Built for scale

Virtual repo

High availability

Built-in README viewer

Dependency viewer

Self-hosted

Built-in docs

Upload validation

AWS support

Airgapped

Audit logs

Azure support

Vulnerability scanning

SSO + LDAP

GCP support

Universal proxy

Custom CA certs

No indexing delays

Developer-first UI

A clean UI to browse packages, versions, and README docs without extra tools.

Upstream caching

Proxy upstream registries and serve repeat downloads from cache to speed up CI.

Security scanning

Scan artifacts for vulnerabilities with severity first results and clear remediation context.

Policy controls

Prevent bad uploads and enforce rules so repositories stay clean as usage grows.

Works with popular package types

Smart package search

Find packages fast across names, metadata, and READMEs, even when you only remember part of the name.

Fuzzy queries across repositories
Search inside READMEs and descriptions
Jump to versions and artifacts quickly

axios

Promise based HTTP client for the browser and node.js

1.11.0 • 4 minutes ago • npm-local

got

Human-friendly and powerful HTTP request library for Node.js

14.4.5 • 6 minutes ago • npm-local

undici

An HTTP/1.1 client, written from scratch for Node.js

6.21.1 • 8 minutes ago • npm-local

node-fetch

A light-weight module that brings Fetch API to Node.js

3.3.2 • 10 minutes ago • npm-local

superagent

Small progressive client-side HTTP request library

9.0.2 • 14 minutes ago • npm-local

Tiny and elegant HTTP client based on the Fetch API

1.6.0 • 19 minutes ago • npm-local

cross-fetch

Universal WHATWG Fetch API for Node.js, browsers, and React Native

4.0.0 • 23 minutes ago • npm-local

Proxy caching for reliable CI

Proxy upstream registries, add caching, and keep builds resilient during outages and rate limits.

Cache artifacts on first request
Serve repeat downloads at LAN speed
One URL for local, remote, and virtual repos

Vulnerability scanning

Scan on upload, on a schedule, or on demand with severity first results.

CVE-2024-5535 Critical

A critical issue that may allow crafted inputs to crash affected clients.

CVE-2022-37434 Critical

Heap buffer overflow in inflate implementations prior to 1.2.13.

CVE-2021-44228 Critical

Remote code execution risk in vulnerable logging configurations.

CVE-2023-38545 Critical

A critical issue in URL parsing that may lead to memory corruption.

CVE-2024-3094 Critical

Supply-chain compromise risk in affected builds and distributions.

CVE-2023-44487 High

HTTP/2 rapid reset may cause denial of service on affected stacks.

CVE-2022-0778 High

Malformed certificates may trigger an infinite loop and CPU spike.

CVE-2021-4173 High

A path traversal issue in Apache HTTP Server configurations.

CVE-2023-45853 High

Issue in HTTP/2 handling that may lead to a denial of service.

CVE-2021-3999 High

Out-of-bounds read in a parsing path for crafted locale data.

CVE-2022-48174 High

Potential stack overflow in ash parser for crafted inputs.

CVE-2021-3711 High

Potentially exploitable issue in SM2 decryption for crafted inputs.

CVE-2022-3602 High

Buffer overread risk in specific certificate processing paths.

CVE-2020-1971 High

NULL pointer dereference that may lead to a crash (DoS).

CVE-2023-0286 Medium

Moderate severity issue affecting certificate verification edge cases.

CVE-2022-1292 Medium

Unsafe use of c_rehash may allow unintended script execution.

CVE-2021-36367 Medium

Parsing issue that can be triggered with specially crafted inputs.

CVE-2022-42898 Medium

Text interpolation issue that may be abused in unsafe configurations.

CVE-2023-25193 Medium

Deserialization issue in certain polymorphic type scenarios.

CVE-2023-24538 Medium

Moderate issue that may lead to incorrect handling of crafted inputs.

CVE-2022-4304 Medium

Potential denial of service from pathological query patterns.

CVE-2024-24790 Medium

Moderate issue in decompression handling for malformed streams.

CVE-2022-25636 Medium

Issue that may allow bypass in specific rule evaluation paths.

CVE-2023-25652 Medium

Moderate issue that affects uncommon repository edge cases.

CVE-2021-35942 Medium

Potential out-of-bounds read in a rarely used code path.

CVE-2022-3996 Medium

Moderate issue in parsing behavior for unusual inputs.

CVE-2020-36309 Low

A low-severity issue in XML parsing for specially crafted inputs.

CVE-2019-8457 Low

A minor issue that can be triggered with unusual SQL input patterns.

CVE-2020-1751 Low

A minor parsing issue for unusual inputs. Low impact in common deployments.

CVE-2018-1000802 Low

Low-severity issue that may affect edge-case submodule handling.

CVE-2021-33574 Low

Low-impact edge case in string parsing behavior.

CVE-2021-31810 Low

Minor issue that may be triggered by a malicious archive.

CVE-2020-14155 Low

Low-severity issue affecting rare image decoding scenarios.

CVE-2017-1000112 Low

Low-severity issue in uncommon environment configuration cases.

CVE-2019-11068 Low

Minor issue in PNG parsing for malformed input data.

CVE-2021-22947 Low

Low severity issue in protocol handling for edge cases.

CVE-2024-5535 Critical

A critical issue that may allow crafted inputs to crash affected clients.

CVE-2022-37434 Critical

Heap buffer overflow in inflate implementations prior to 1.2.13.

CVE-2021-44228 Critical

Remote code execution risk in vulnerable logging configurations.

CVE-2023-38545 Critical

A critical issue in URL parsing that may lead to memory corruption.

CVE-2024-3094 Critical

Supply-chain compromise risk in affected builds and distributions.

CVE-2023-44487 High

HTTP/2 rapid reset may cause denial of service on affected stacks.

CVE-2022-0778 High

Malformed certificates may trigger an infinite loop and CPU spike.

CVE-2021-4173 High

A path traversal issue in Apache HTTP Server configurations.

CVE-2023-45853 High

Issue in HTTP/2 handling that may lead to a denial of service.

CVE-2021-3999 High

Out-of-bounds read in a parsing path for crafted locale data.

CVE-2022-48174 High

Potential stack overflow in ash parser for crafted inputs.

CVE-2021-3711 High

Potentially exploitable issue in SM2 decryption for crafted inputs.

CVE-2022-3602 High

Buffer overread risk in specific certificate processing paths.

CVE-2020-1971 High

NULL pointer dereference that may lead to a crash (DoS).

CVE-2023-0286 Medium

Moderate severity issue affecting certificate verification edge cases.

CVE-2022-1292 Medium

Unsafe use of c_rehash may allow unintended script execution.

CVE-2021-36367 Medium

Parsing issue that can be triggered with specially crafted inputs.

CVE-2022-42898 Medium

Text interpolation issue that may be abused in unsafe configurations.

CVE-2023-25193 Medium

Deserialization issue in certain polymorphic type scenarios.

CVE-2023-24538 Medium

Moderate issue that may lead to incorrect handling of crafted inputs.

CVE-2022-4304 Medium

Potential denial of service from pathological query patterns.

CVE-2024-24790 Medium

Moderate issue in decompression handling for malformed streams.

CVE-2022-25636 Medium

Issue that may allow bypass in specific rule evaluation paths.

CVE-2023-25652 Medium

Moderate issue that affects uncommon repository edge cases.

CVE-2021-35942 Medium

Potential out-of-bounds read in a rarely used code path.

CVE-2022-3996 Medium

Moderate issue in parsing behavior for unusual inputs.

CVE-2020-36309 Low

A low-severity issue in XML parsing for specially crafted inputs.

CVE-2019-8457 Low

A minor issue that can be triggered with unusual SQL input patterns.

CVE-2020-1751 Low

A minor parsing issue for unusual inputs. Low impact in common deployments.

CVE-2018-1000802 Low

Low-severity issue that may affect edge-case submodule handling.

CVE-2021-33574 Low

Low-impact edge case in string parsing behavior.

CVE-2021-31810 Low

Minor issue that may be triggered by a malicious archive.

CVE-2020-14155 Low

Low-severity issue affecting rare image decoding scenarios.

CVE-2017-1000112 Low

Low-severity issue in uncommon environment configuration cases.

CVE-2019-11068 Low

Minor issue in PNG parsing for malformed input data.

CVE-2021-22947 Low

Low severity issue in protocol handling for edge cases.

Upload validation

Automatically validate uploads so teams can fix issues immediately and keep repositories ready to install.

SSO + LDAP

Integrate with SSO and LDAP for centralized access control.

Audit logs (soon)

Track downloads, uploads, and configuration changes for compliance and incident response.

Time Actor Action Target

12:04:18 alex download npm-local/axios@1.11.0

12:04:20 ci-bot proxy github/tool-v1.2.3.zip

12:04:27 maria upload pypi-local/wheel.whl

12:04:30 maria rule-change upload-rules

12:04:33 alex login sso

12:04:36 ci-bot download docker-remote/redis:alpine

High availability

Scale horizontally and keep traffic flowing during deploys and traffic spikes.

Built for scale

A lightweight architecture designed to handle large artifact volumes efficiently.

No index files

Indexes are calculated on the fly so artifacts are available immediately after upload.

Performance & reliability

Keep installs fast and reliable at scale.

Local, remote, and virtual repositories Host internal artifacts, proxy upstream registries, and combine sources behind a single URL.
High availability Scale horizontally and stay resilient as traffic grows with a stateless design.
Built for scale Serve millions of artifacts with a lightweight architecture built for scale.
No index files RepoFlow calculates indexes on the fly so you avoid stale index files and packages are available immediately.

Security & governance

Scan packages, enforce policy, and keep an audit trail.

Vulnerability scanning CVE scanning on demand, on upload, or on a schedule, with clear, actionable results.
Audit logs Track downloads, uploads, and configuration changes for compliance and incident response.
SSO + LDAP Integrate SSO and LDAP with quick setup and built-in diagnostics for easier troubleshooting.
Upload restriction rules Enforce policy by blocking specific packages or versions from being pushed.

Developer workflow

Help teams find, understand, and ship packages faster.

Smart package search Search across package names, versions, metadata, and READMEs.
Built-in README viewer Browse package documentation in a clean, fast README viewer inside RepoFlow.
Upload validation RepoFlow automatically validates packages on upload so you can fix issues immediately and ensure every artifact is ready to install.
Universal repository and proxy Host any file and proxy remote assets (like GitHub Releases) with fast repeat downloads.

Deployment & operations

Run RepoFlow where you need it and keep operations simple.

Self-hosted deployments Deploy RepoFlow on your own infrastructure with the same product capabilities.
Retention rules Automate cleanup with retention policies to keep storage predictable as artifact volume grows.
Airgapped support Run RepoFlow in offline environments and restricted networks.
Built-in docs Built-in documentation that matches your deployed version, including offline access for self-hosted deployments.

RepoFlow Features

Built for how teams ship software

Smart package search

Proxy caching for reliable CI

Security controls

Performance that scales with you

Performance & reliability

Security & governance

Developer workflow

Deployment & operations

Can’t find the feature you’re looking for?