Microsoft is purchasing npm, the package manager for Node.js. The intention is for npm to be freely available and their will be continued, paid for, support customers who use npm Pro, Teams, and Enterprise to host private registries.

npm's founder Isaac Schlueter prefaces his post announcing being purchased by GitHub  on the npm blog with:

tl;dr – Good news!

Schlueter's post explains that he created npm in 2009, formed a startup to save it going under in 2013 when it needed money to survive and has had a long-term desire to be squired by GitHub. Now that this has happened he writes:

As GitHub has branched out into other aspects of the end-to-end developer community experience, it’s natural to see how the JavaScript package management process fits into that story. It’s not a loss leader or an experimental add-on or a way to quickly hire a team. Rather, the npm registry is a significant and concrete strategic asset serving GitHub’s mission of eliminating transaction costs in software development.

Being taken over by Microsoft, which has resources to plow into it, seems to have worked for GitHub. The next acquisition was Pull Panda, a logical addition in terms of becoming a complete version control platform. Buying npm gives GitHub a stronger role in the JavaScript and in return allows npm to grow rather than be overwhelmed by its own success. As Schlueter puts it:

Today, npm serves over 1.3 million packages to roughly 12 million developers, who download these things 75 billion times a month, and all of this is growing at a rate that ensures these massive numbers will seem small in a few years.

On the GitHub blog Nat Friedman says that the once the deal is closed investments will be made to ensure that npm is fast, reliable, and scalable and GitHub will focus too on improving the core experience and engaging with the community. He also notes:

“Looking further ahead, we’ll integrate GitHub and npm to improve the security of the open-source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it.”

He also refers to GitHub Packages, which together with GitHub Actions, which entered its public beta earlier this month, enables developers to automate workflows. Packages provides developers with a multi-language packages registry that’s fully integrated with GitHub and according to Friedman later this year npm’s paying customers will be able to to move their private npm packages to GitHub Packages, which will allow npm to exclusively focus on being a public registry for JavaScript.

This all sounds like good news and to confirm that Microsoft can be good for Open Source, just as open source is good for Microsoft.

More Information

npm is joining GitHub

Next Phase Montage (npm blog)

Related Articles

GitHub Acquires Pull Panda 

New From GitHub Universe 

GitHub Package Registry

GitHub Actions API Enters Public Beta

Microsoft GitHub - What's Different

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info