Upstream cache

Keep builds moving without opening your private repositories.

When an internal package depends on public Python, npm, or Maven packages, Ravenstash can fetch approved upstream dependencies through the same private repository and cache them for the next install.

Create account Read cache guide

Build experiencetext

developer install -> private repository
internal package -> served by Ravenstash
approved public dependency -> fetched once
next build -> served from cache

Why it helps

Fewer slow installs, fewer surprise dependency changes

Your team keeps one private repository URL while Ravenstash handles approved upstream packages behind it.

1
Your build asks Ravenstash for a private package.
2
Ravenstash serves your own packages first.
3
If a dependency is not in your repository, Ravenstash can use an upstream registry you approved.
4
The package is cached for future installs, so repeat CI jobs and developer machines spend less time fetching the same dependency.

Controlled upstream use

Choose when a repository can use PyPI, npmjs.org, or Maven Central as a fallback, so developers do not have to add extra registry URLs.

Faster repeat builds

Packages fetched through the upstream cache are kept for future installs, helping CI and developer machines avoid downloading the same dependency again.

Private all the way

Upstream packages still flow through your authenticated Ravenstash repository. The cache is not an anonymous public mirror.