#1
RepoFlow
RepoFlow is a self-hosted package management platform supporting Docker, NPM, PyPI, Maven, and more, with CVE scanning, smart search, and access controls.
RepoFlow is a self-hosted package management platform designed to manage private and public repositories in the cloud or on your own servers. It supports multiple package types, enforces upload rules, and emphasizes security and scalability for teams.
Key Features
- Vulnerabilities Scanning: on-demand CVE scanning to assess security risks
- Smart package search: fast discovery across descriptions and READMEs
- Supports major package types: Docker, NPM, PyPI, Maven, NuGet, Helm, RPM, Gems, Go, Cargo, Composer, Debian, Universal
- Keep Your Repositories Clean: strict upload-validation to reject non-packages
- Self hosted: deploy on your own servers for security/compliance
- Built for scale: designed to handle large catalogs with reliable performance
- SSO + LDAP Support: integrated authentication and user management
- Upload Restriction Rules: granular controls on what can be uploaded
- No more Registry indexing: instant package access without slow indexing
Use Cases
- Enterprise artifact hosting: centralize private/public packages with secure access and policy enforcement
- CI/CD integration: support for multiple package types within self-hosted pipelines with governance
- Regulated environments: on-prem deployments with access controls, CVE scanning, and compliance rules
Conclusion
RepoFlow provides a self-hosted, scalable solution for managing software artifacts across multiple ecosystems, combining security, fast search, and flexible deployment to fit enterprise policies.