Can npm and pip work over Tor?

Yes, with torsocks. Run: torsocks npm install or torsocks pip install. torsocks intercepts network calls from the package manager and routes them through the local Tor SOCKS5 proxy (127.0.0.1:9050). DNS resolution also goes through Tor when using torsocks, preventing DNS leaks. Some package managers support SOCKS5 proxy configuration natively: npm supports --proxy socks5://127.0.0.1:9050, pip supports --proxy socks5://127.0.0.1:9050. Use whichever method works better for your environment.

How do I prevent dependency confusion attacks with Verdaccio?

Configure Verdaccio with uplink to npmjs.com but restrict which package names are proxied: in config.yaml, set packages configuration with @yourorg/* to not proxy to uplink (serve only from local storage), and other packages to proxy normally. Additionally: use npm scopes (@yourorg/) for all internal packages to separate the namespace from public packages. Scoped packages cannot be confused with public packages because the public registry namespace for @yourorg is controlled by your npm account.

Is there a performance cost to routing CI/CD through Tor?

Yes. Each package manager call that hits the .onion registry adds Tor circuit establishment time (2-5 seconds for first connection, faster for subsequent on same circuit). For a build that installs 50 packages: if each package install opens a new circuit, add 2-5 minutes of latency. Mitigate by: caching packages in the CI environment (most CI systems have package caching), using devpi's server-side package caching (install from devpi's local cache, not from PyPI), and warming the cache before builds.

Can Verdaccio store packages privately without internet access?

Yes. Verdaccio can be configured in offline mode where it serves only packages already in its local storage and does not proxy to npmjs.com. Configure by removing the uplink configuration from config.yaml. In this mode, all packages used by your team must be explicitly published to the private registry first. This provides maximum supply chain isolation but requires manual management of all dependencies including transitive dependencies.

How do I audit access to my private package registry?

Verdaccio logs all access events to its log file. Enable access logging in config.yaml: logs - type: file, path: /var/log/verdaccio/access.log, format: pretty, level: info. Log entries include username, package name, version, and action. Monitor logs for: unexpected package publishes, access from unexpected client IPs (you should only see Tor exit IPs in a .onion deployment, or 127.0.0.1 if accessed locally), and unusual access patterns. Set up log rotation and periodic log review as part of security practice.

Private Package Registry as a Tor Hidden Service

Software supply chain security has become a major concern after repeated incidents of malicious packages injected into public registries. Organizations that rely on npm, PyPI, Maven, or other public registries face the risk of dependency confusion attacks, typosquatting, and compromised package maintainer accounts. A private package registry - hosting your own packages separate from public registries - provides defense against these attacks. Running that private registry as a Tor hidden service adds an additional layer: developers authenticate with the registry over .onion, packages are distributed without exposing the registry server's IP or physical location, and access is restricted to team members who have the .onion address. This guide covers deploying Verdaccio (private npm registry) and devpi (private PyPI) as .onion hidden services.

Need this done for your project?

We implement, you ship. Async, documented, done in days.

Start a Brief

Supply Chain Security Through Private Registries

Dependency confusion attacks exploit the fact that package managers prefer packages from public registries over private registries when name conflicts exist. An attacker publishes a package with the same name as an internal package to the public registry - with a higher version number. The package manager fetches the attacker's version from the public registry instead of the legitimate internal version. A properly configured private registry with scoped packages (npm @yourorg/ scope) or devpi's index inheritance eliminates this attack vector: all internal packages are served from the private registry, and public package names that conflict are pinned. The .onion hosting of the registry adds another layer: the registry is not accessible to attackers scanning the internet - only developers with Tor access and the .onion address can interact with it.

Deploying Verdaccio as a .onion npm Registry

Verdaccio is a lightweight private npm registry written in Node.js. Install: npm install -g verdaccio or use the official Docker image. Configure config.yaml: listen: 127.0.0.1:4873 (do not expose on public interfaces). Configure Tor: HiddenServiceDir /var/lib/tor/npm-registry/ and HiddenServicePort 4873 127.0.0.1:4873 in torrc. After restarting Tor, the .onion address appears in the HiddenServiceDir/hostname file. Developers configure npm to use the .onion registry: npm set registry http://youraddress.onion:4873 (requires npm to be used behind torify or in a Tor-enabled environment). Alternatively, configure npm scopes: npm set @yourorg:registry http://youraddress.onion:4873. Published packages are stored locally on the Verdaccio server and proxied from npmjs.com for packages not in the private registry.

Deploying devpi as a .onion PyPI Registry

devpi is a Python package server with caching, PyPI mirroring, and multi-user support. Install: pip install devpi-server devpi-client. Initialize: devpi-server --serverdir /var/lib/devpi --init and configure to listen on 127.0.0.1:3141. Configure Tor: HiddenServicePort 3141 127.0.0.1:3141. Configure devpi indexes: create a root index that mirrors PyPI and a team index for private packages. Team members configure pip to use the private registry: pip install --index-url http://youraddress.onion:3141/user/teamindex/+simple/ packagename. For direct Tor-aware pip usage: use torsocks pip install or configure pip to use a SOCKS proxy. The devpi server caches PyPI packages after first download - repeated installs of the same version are served from your private cache, not from PyPI, reducing exposure to PyPI availability issues.

Access Control and Authentication

Both Verdaccio and devpi support user authentication. Verdaccio uses htpasswd by default (configurable to LDAP, GitHub OAuth plugins). devpi uses its own user database with API tokens. For .onion deployments: (1) enable user authentication to prevent unauthorized package publishing, (2) additionally configure Tor v3 client authorization to restrict which Tor clients can even connect to the .onion address - this creates a cryptographic access control layer before the application-level authentication, (3) distribute .onion addresses and client authorization keys through your secure team communication channel (Signal, Element/Matrix over Tor), (4) require TLS even over .onion for defense in depth against any future vulnerabilities in Tor's confidentiality guarantees.

CI/CD Integration with .onion Registries

Continuous integration and deployment systems that build software using private packages must be configured to access the .onion registry. For CI/CD running on a VPS: install Tor on the CI server, configure torsocks, and wrap package manager commands: torsocks npm install or torsocks pip install. For CI/CD in Docker containers: build a custom CI image with Tor pre-installed and configured. For GitLab CI/GitHub Actions with self-hosted runners: configure the runner with Tor and torsocks. Set environment variables NPM_CONFIG_REGISTRY or PIP_INDEX_URL to the .onion address in CI/CD configuration. Test the CI/CD pipeline thoroughly - Tor circuit establishment adds 2-10 seconds to each package manager invocation that hits the registry.

Related Services

Offshore VPS from $17.90/mo Dedicated Servers DevOps Services

Why Anubiz Host

100% async — no calls, no meetings

Delivered in days, not weeks

Full documentation included

Production-grade from day one

Security-first approach

Post-delivery support included

Bulletproof Hosting Providers

DMCA-Ignored Servers

Offshore VPS Hosting

Anonymous Hosting Solutions

Ready to get started?

Skip the research. Tell us what you need, and we'll scope it, implement it, and hand it back — fully documented and production-ready.

Start a Brief Iceland VPS I - $29.99/mo