Your registry.
All of npm.
GIVO replaces npmjs as your registry. Your packages are hosted and sealed with tamper-proof stamps. Everything else is federated from npmjs: cached, integrity-checked, kill-switchable, and safe for AI agents to read.
npm, with proof.
Same packages, same workflow, and a supply chain you can actually account for.
| The usual registry | GIVO | |
|---|---|---|
| Registry | npmjs only | Yours + npmjs, federated |
| Integrity | Trust on publish | Sealed write-once stamp |
| Bad version | Unpublish / deprecate | Tombstone: installs get 410 |
| Publishing | Publish is final | Draft → release, test first |
| npmjs outage | Installs break | The cache keeps serving |
| AI agents | Docs served raw | AGENTS.md injection-wrapped |
| Engine | One package manager | npm + pnpm, one command |
One registry to front them all.
Point npm at GIVO once with givo setup --global and every install flows through it: your packages from the source, the rest proxied from npmjs with receipts.
Hosted wins the cascade
Your names resolve from GIVO itself, full lifecycle attached. A name that also exists on npmjs? Yours wins, and the shadowing is flagged loudly at publish.
Cached and verified
Every tarball is checked against the manifest checksum before it is ever cached, so corrupted or tampered upstream bytes never stick. Packuments revalidate with etags.
Outage-proof
npmjs down? Everything that ever resolved through GIVO keeps installing from the cache, marked stale. Cold names fail loud, never silent.
Sealed, not trusted.
A release is not a promise. It is a receipt. GIVO stamps every version and can pull a bad one without rewriting history.
Write-once stamp
On release, the registry seals the version: name, integrity, shasum, size and a reproducible digest. Immutable from there on.
Tombstone kill-switch
A malicious or corrupted release is replaced by a gravestone: installs get a hard 410, and the record stays permanent.
Draft → release
Publish lands as a mutable draft you can re-push and test via pkg@draft. Releasing seals it and moves latest.
Built for agents.
Half the installs are driven by an AI now. A package's docs are untrusted input, and GIVO treats them that way.
Injection-wrapped docs
On install, givo wraps each AGENTS.md in a safety notice, before and after the content, so a doc can't quietly steer the agent reading it.
No trust by source
A trusted publisher with a hijacked chain is still a threat. The warning is unconditional, never "this one's fine."
On the disk, not the screen
The notice is written into the file itself, so it holds even when stdout is piped to /dev/null.
One line to start.
Then make GIVO the registry for everything:
Needs Node ≥ 22.