NPM MVC prototyping

We know we want to achieve NPM support within our package management feature (&186 (closed)), but we need to do some work to identify how this should work.

At a very high level, should we build this ourselves or should be leverage something like Verdaccio.

We would be able to move more quickly, with a richer set of features by integrating an existing solution. However it could end up slowing us down long term, if it becomes challenging to build deeper integration between the products.

A couple areas to keep in mind as we evaluate options:

1. Ability to ship this to customers
2. Ability to use, scale on GitLab.com
3. Authentication, Authorization, Auditing
4. What would the UI look like? Could it look like?
5. What features set could we achieve in an MVC? In a short time after? What feature set could we achieve via integration?
6. Overall velocity

Verdaccio details

1. NodeJS app (surprise!), MIT license.
2. Includes its own official container and helm chart.
3. Auth is pluggable, and plugins already exist for GitLab UN/PW, PAT, and Job tokens: https://github.com/verdaccio/verdaccio/blob/master/docs/plugins.md
4. Storage is pluggable, but no official object storage. There is an S3 plugin separately maintained, but does not appear like other object storage platforms are supported.
5. Auditing is pluggable, but we'd need to write this.