For developers

Your .npmrc picks up a token. The rest of your day doesn't change.

Chainsaw is a registry proxy, not a plugin and not an agent. You install packages the same way you always have. When something passes policy, nothing looks different. When something fails, the error tells you what rule fired and who can unblock it. That's the whole developer-facing surface area.

zsh · ~/src/payments

$ npm install react@18.3.1
added 1 package in 220ms

$ npm install left-paid
npm ERR! code EBLOCKED
npm ERR! chainsaw: left-paid@1.0.3 blocked
npm ERR!   rule:    typosquat/left-pad
npm ERR!   score:   98 (word-reorder match)
npm ERR!   exception contact: security-platform@acme.example
npm ERR!   request exception: https://chainsaw.acme.example/exceptions/new?pkg=left-paid

Common worries

My builds get slower or less reliable because someone put a proxy in front of the registry.
I can't debug why a package got blocked without pinging the security channel.
Workspace tools — pnpm, Yarn, Turborepo — break under the proxy.
The setup is a Yak shave that'll eat a day of my sprint.

What's actually true

Cache usually makes CI faster

Once a version has passed policy once, subsequent installs serve from Chainsaw's content-addressed blob store. The round trip to npmjs.org or pypi.org goes away. For teams with big CI matrices this is a noticeable win.

Blocked installs tell you what to do

The error names the rule, the reason, and the exception reviewer. A blocked log4j install doesn't say "denied" — it tells you which CVE and which policy, with a link to request an exception if you need to.

Monorepos and workspaces work

Chainsaw proxies the registry, not the package manager. Yarn workspaces, pnpm workspaces, Nx, Turborepo, Lerna — no changes needed. Lockfiles stay the same.

Setup is one token per machine

One client credential in .npmrc, pip.conf, ~/.docker/config.json, or settings.xml. The CLI install-hook command will drop it in the right place for the ecosystems you use.

Config snippets

Point your package manager at Chainsaw

Drop one of these into your existing config file. The chainsaw install-hook CLI command can do it for you across every ecosystem your project uses.

.npmrc ini

registry=https://your-chainsaw.example.com/npm/
//your-chainsaw.example.com/npm/:_authToken=${CHAINSAW_TOKEN}
always-auth=true

pip.conf ini

[global]
index-url = https://${CHAINSAW_TOKEN}@your-chainsaw.example.com/pypi/simple/
trusted-host = your-chainsaw.example.com

~/.m2/settings.xml xml

<mirrors>
  <mirror>
    <id>chainsaw</id>
    <url>https://your-chainsaw.example.com/maven/</url>
    <mirrorOf>*</mirrorOf>
  </mirror>
</mirrors>

~/.docker/config.json json

{
  "auths": {
    "your-chainsaw.example.com": {
      "auth": "${BASE64_TOKEN}"
    }
  }
}

Cargo .cargo/config.toml toml

[source.crates-io]
replace-with = "chainsaw"

[source.chainsaw]
registry = "https://your-chainsaw.example.com/crates/"
token = "${CHAINSAW_TOKEN}"

Go GOPROXY shell

export GOPROXY=https://${CHAINSAW_TOKEN}@your-chainsaw.example.com/go/,direct
export GOSUMDB=off

Performance

Cache math, briefly

On a cache miss, Chainsaw adds the cost of the policy evaluation — low single-digit milliseconds for most rules. On a cache hit, Chainsaw is often faster than the public registry because the blob store is on your network. CI pipelines that install the same 200 packages on every run almost always see an end-to-end speedup.

Local dev

Monitor mode while you learn the rules

Ask your platform team to keep new rules in monitor for a week. Your installs succeed as they always did; the audit log captures what would have been blocked. By the time a rule flips to enforce, you've already been warned about the handful of legitimate dependencies that need exceptions.

Monorepos

Workspaces, lockfiles, and the rest

Chainsaw proxies the registry, so anything that resolves dependencies through npm, pip, Maven, Go modules, Cargo, Composer, or Docker works unmodified. Turbo, Nx, Lerna, Yarn workspaces, and pnpm workspaces all run without changes. Lockfiles don't need to be regenerated.

Agents

Claude Code, Cursor, Windsurf

If you use an AI coding agent, it can query Chainsaw's MCP server to check whether a package would be allowed before suggesting it. The same RBAC applies — agents get exactly the scope the admin gives them. See /for-agents/ for setup.

Evaluating for your team?

Free plan is permanent; ten minutes to wire one repo

Point a single .npmrc at Chainsaw, install a package that's on a CVE list, and see the error for yourself. If it's not faster or safer than what you run today, that's a clean signal.

Try it on your laptop See the dev guide →