A valid use case I can think of is if npmjs.com is blackholed by your company to prevent supply chain attacks