SOURCE - The Logic Layer of the Modern Economy

Introduction

SOURCE is a premium registry for software packages. We act as a layer between package managers (npm, pip, cargo) and developers, providing monetization and access control.

When you run npm install @source/package-name, our registry validates your access token and streams the package if authorized.

Quick Start

Step 1: Configure npm

npm config set @source:registry https://registry.source.software

Step 2: Add your auth token

npm config set //registry.source.software/:_authToken YOUR_TOKEN

Step 3: Install packages

npm install @source/secure-auth

Tip: Use our CLI to configure npm automatically! Run source configure-npm after logging in.

CLI Tool

The SOURCE CLI makes it easy to manage your packages and configure npm automatically.

Installation

npm install -g @source/cli

Commands

source login

Authenticate with SOURCE. Opens your browser to get a CLI token.

source configure-npm

Automatically configure your .npmrc with the SOURCE registry and your auth token.

Options:

--global - Configure ~/.npmrc instead of project-local
--dry-run - Preview changes without writing
--scope <name> - Use a custom scope (default: source)

source publish

Publish a package to SOURCE. Run in your package directory.

Options:

--version <v> - Override package.json version
--changelog <text> - Add release notes
--dry-run - Validate without uploading

source whoami

Display the currently logged in user and token info.

source logout

Remove stored credentials from your machine.

Example Workflow

# Login and configure npm
source login
source configure-npm --global

# Publish a package
cd my-package
source publish --changelog "Initial release"

Authentication

After purchasing a package subscription, you'll receive an auth token. This token is unique to your account and grants access to all packages you've purchased.

Token format: source_abc123...

Your token can be found in your Dashboard after purchasing a package.

npm Configuration

Configure npm to use SOURCE for @source and @expert scoped packages.

Global Configuration

# Set registry for @source scope
npm config set @source:registry https://registry.source.software

# Set registry for @expert scope
npm config set @expert:registry https://registry.source.software

# Add auth token
npm config set //registry.source.software/:_authToken YOUR_TOKEN

Project-level (.npmrc)

@source:registry=https://registry.source.software
@expert:registry=https://registry.source.software
//registry.source.software/:_authToken=${SOURCE_TOKEN}

pip Configuration

Python package support is coming soon. Configure pip.conf:

# pip.conf
[global]
extra-index-url = https://YOUR_TOKEN@pip.source.software/simple/

cargo Configuration

Rust/Cargo support is coming soon. Add to .cargo/config.toml:

[registries.source]
index = "sparse+https://cargo.source.software/"
token = "source_YOUR_TOKEN"

Create a Package

Sign in with GitHub at /login
Go to your Creator Dashboard
Fill in the package details:
- Name: lowercase, hyphens allowed
- Scope: @source or @expert
- Pricing Model: subscription, PPV, or AI license
- Price: monthly amount in USD
Click "Create Package"

Upload Versions

After creating a package, upload your code as a tarball (.tgz):

Navigate to your package in the Creator Dashboard
Enter the version number (semver format, e.g., 1.0.0)
Drag and drop or select your .tgz file
Add optional changelog notes
Click "Publish Version"

Creating a tarball with npm

# In your package directory
npm pack
# This creates package-name-1.0.0.tgz

Pricing Models

Subscription

Monthly recurring payment. Access expires after 30 days if not renewed. Best for actively maintained packages with regular updates.

Pay-Per-Version (PPV)

One-time payment for a specific version. Access never expires for that version. Best for stable releases or version snapshots.

AI Training License

Special license for companies training AI models on your code. Includes broader usage rights and typically higher pricing.

REST API

The registry follows the npm registry protocol. For complete API documentation including all endpoints, authentication, and code examples, see our full API reference.

Example: Fetch package metadata

curl -H "Authorization: Bearer source_YOUR_TOKEN" \
  https://registry.source.software/@source/package-name

View Full API Documentation

Webhooks

Webhook support for package events (new versions, purchases) is planned for a future release.

Rate Limits

Endpoint	Limit
Package downloads	1000/hour
API requests	100/minute
Package uploads	10/hour

Introduction

SOURCE is a premium registry for software packages. We act as a layer between package managers (npm, pip, cargo) and developers, providing monetization and access control.

When you run npm install @source/package-name, our registry validates your access token and streams the package if authorized.

Quick Start

Step 1: Configure npm

npm config set @source:registry https://registry.source.software

Step 2: Add your auth token

npm config set //registry.source.software/:_authToken YOUR_TOKEN

Step 3: Install packages

npm install @source/secure-auth

Tip: Use our CLI to configure npm automatically! Run source configure-npm after logging in.

CLI Tool

The SOURCE CLI makes it easy to manage your packages and configure npm automatically.

Installation

npm install -g @source/cli

Commands

source login

Authenticate with SOURCE. Opens your browser to get a CLI token.

source configure-npm

Automatically configure your .npmrc with the SOURCE registry and your auth token.

Options:

--global - Configure ~/.npmrc instead of project-local
--dry-run - Preview changes without writing
--scope <name> - Use a custom scope (default: source)

source publish

Publish a package to SOURCE. Run in your package directory.

Options:

--version <v> - Override package.json version
--changelog <text> - Add release notes
--dry-run - Validate without uploading

source whoami

Display the currently logged in user and token info.

source logout

Remove stored credentials from your machine.

Example Workflow

# Login and configure npm
source login
source configure-npm --global

# Publish a package
cd my-package
source publish --changelog "Initial release"

Authentication

After purchasing a package subscription, you'll receive an auth token. This token is unique to your account and grants access to all packages you've purchased.

Token format: source_abc123...

Your token can be found in your Dashboard after purchasing a package.

npm Configuration

Configure npm to use SOURCE for @source and @expert scoped packages.

Global Configuration

# Set registry for @source scope
npm config set @source:registry https://registry.source.software

# Set registry for @expert scope
npm config set @expert:registry https://registry.source.software

# Add auth token
npm config set //registry.source.software/:_authToken YOUR_TOKEN

Project-level (.npmrc)

@source:registry=https://registry.source.software
@expert:registry=https://registry.source.software
//registry.source.software/:_authToken=${SOURCE_TOKEN}

pip Configuration

Python package support is coming soon. Configure pip.conf:

# pip.conf
[global]
extra-index-url = https://YOUR_TOKEN@pip.source.software/simple/

cargo Configuration

Rust/Cargo support is coming soon. Add to .cargo/config.toml:

[registries.source]
index = "sparse+https://cargo.source.software/"
token = "source_YOUR_TOKEN"

Create a Package

Sign in with GitHub at /login
Go to your Creator Dashboard
Fill in the package details:
- Name: lowercase, hyphens allowed
- Scope: @source or @expert
- Pricing Model: subscription, PPV, or AI license
- Price: monthly amount in USD
Click "Create Package"

Upload Versions

After creating a package, upload your code as a tarball (.tgz):

Navigate to your package in the Creator Dashboard
Enter the version number (semver format, e.g., 1.0.0)
Drag and drop or select your .tgz file
Add optional changelog notes
Click "Publish Version"

Creating a tarball with npm

# In your package directory
npm pack
# This creates package-name-1.0.0.tgz

Pricing Models

Subscription

Monthly recurring payment. Access expires after 30 days if not renewed. Best for actively maintained packages with regular updates.

Pay-Per-Version (PPV)

One-time payment for a specific version. Access never expires for that version. Best for stable releases or version snapshots.

AI Training License

Special license for companies training AI models on your code. Includes broader usage rights and typically higher pricing.

REST API

The registry follows the npm registry protocol. For complete API documentation including all endpoints, authentication, and code examples, see our full API reference.

Example: Fetch package metadata

curl -H "Authorization: Bearer source_YOUR_TOKEN" \
  https://registry.source.software/@source/package-name

View Full API Documentation

Webhooks

Webhook support for package events (new versions, purchases) is planned for a future release.

Rate Limits

Endpoint	Limit
Package downloads	1000/hour
API requests	100/minute
Package uploads	10/hour

Documentation

Getting Started

Installing Packages

Publishing

API Reference

Introduction

Quick Start

CLI Tool

Installation

Commands

Example Workflow

Authentication

npm Configuration

Global Configuration

Project-level (.npmrc)

pip Configuration

cargo Configuration

Create a Package

Upload Versions

Pricing Models

Subscription

Pay-Per-Version (PPV)

AI Training License

REST API

Webhooks

Rate Limits

Documentation

Getting Started

Installing Packages

Publishing

API Reference

Introduction

Quick Start

CLI Tool

Installation

Commands

Example Workflow

Authentication

npm Configuration

Global Configuration

Project-level (.npmrc)

pip Configuration

cargo Configuration

Create a Package

Upload Versions

Pricing Models

Subscription

Pay-Per-Version (PPV)

AI Training License

REST API

Webhooks

Rate Limits