GitHub buys Node Package Manager (NPM)

Is one of the largest repository of Javascript packages going to stay free-of-cost?

If you’re a programmer and not living under the rock then you must have heard the news that Github, which is a Microsoft-owned open-source platform, has acquired NPM, a company with a large registry of JavaScript packages.

Nat Friedman, Github’s chief executive officer, who made the announcement in a blog post, wrote that npm’s place in the open-source community and their extensive registry of JavaScript packages was a key reason for the purchase.

NPM was founded in 2014 and is based in Oakland, California, with 46 employees, according to LinkedIn. The open-source Npm package manager dates to 2009. The start-up’s investors include Bessemer Venture Partners and True Ventures. To date, 11 million developers have approached NPM for their Javascript projects.

If you are not familiar, npm is a package manager for JavaScript programming language, primarily the hugely popular open-source Node.JS. Though npm has a scope of private repository for enterprises, most of the 1.3 million packages are open source and/or used in various open-source projects. Both Node.js and NPM are used by big software and IT companies like IBM, Yahoo and big corporations like Netflix and PayPal.

“NPM is a critical part of the JavaScript world. The work of the NPM team over the last 10 years, and the contributions of hundreds of thousands of open source developers and maintainers, have made NPM home to over 1.3 million packages with 75 billion downloads a month,” Friedman wrote.

>>>Also Read: How to install Node.js on Windows 8

Why did GitHub actually buy NPM?

NPM founder and CEO Isaac Schlueter pointed out that there are some “awesome opportunities for improvement in the npm experience,” which would meaningfully improve life for JS devs in countless large and small ways. And Schlueter said that things would be made more reliable, convenient, and connected for everyone across the JavaScript ecosystem.

The aspirations behind this acquisition are:

1) Invest in the registry infrastructure and platform because the JavaScript ecosystem is massive and growing quickly. It needs a rock-solid registry.

2) They will make the investments necessary to ensure that npm is fast, reliable, and scalable.

3) Improve the core experience. Work to improve the everyday experience of developers and maintainers, and support the great work already started on the npm v7 CLI.

4) Workspaces and improvements to the publishing and multi-factor authentication experience.

Engage with the community. We will actively engage with the JavaScript community to get your ideas and help us define the future of npm.

What changes should developers expect?

The merging of npm and GitHub will make sense for many developers. Because the two services are used in conjunction so often, it can be hard to tell where one ends and the other begins. GitHub is an online service built to make it easier to collaborate and work on top of the Git version control system. It is social-coding on a massive scale. Many JavaScript repositories hosted on GitHub are then submitted to the npm registry. Other developers can then use npm to manage their dependencies on a per-project level.

Schlueter expressed that he feels like this is an ideal move for npm, largely in part to GitHub’s commitment to open source. “As we dug into the technical and strategic plans for how npm would fit into the vision of GitHub moving forward, it became clear that this isn’t just a good option for the JavaScript community – it’s significantly better than what npm, Inc., can provide on its own,” he said. “I’ve said countless times before that I wouldn’t let the registry go someplace that won’t take care of it.”

For JavaScript programmers, this change should not cause any issues. It should be business as usual. With a company as large as GitHub and the infrastructure it can provide, developers will likely be looking for new features and improved tools.

>>>Also Read: How to create a Twitter Bot using Twit Package?

Is NPM going to stay Free?

The acquisition news quickly spread like a wildfire and the netizens were quick to express their reservation, albeit jokingly that the popular package manager is not going to stay free.

Given Microsoft’s notoriety with the bugs, glitches and viruses in its operating system, some developers even expressed their concerns that the packages after the acquisition will be marred with bugs and code errors.

If you ask me, this is the classical example of perception being stronger than reality and to be honest all these grapevines were unfounded, baseless and outright rude.

Many people who were worried about the NPM’s future, tend to forget that Microsoft does have some invaluable open-source projects under its belt. In fact, many developers use them on a daily basis. Some of these projects are, Visual Studio, Azure, Dot Net etc. All their codes are up-for-the-grab for the enthusiasts. Further to this there are many certifications you can get in these types of software. Taking Azure, for example, you can take the az-104 exam to become an Azure administrator. And with the az-104 exam questions and answers available online for practice, it’s never been easier to get certified.

Coming to the NPM not staying free, well, they already have both free and premium versions. So it’s not like that NPM is completely free.

Now you can raise a valid concern here. After the buy out will the free version stay free?

For the developers’ relief, Friedman put an end to all the speculations and promised that users would not notice a difference. He further added:

For the millions of developers who use the public npm registry every day, npm will always be available and always be free,”

So all those developers who had already started to download the packages ferociously, they can sit back and relax.

Final Word

I’d conclude the article with Friedman’s assurance the company will be heavily investing in GitHub packages as a multi-language packages registry so it is only going to get better.

The package manager will be fully integrated with GitHub and later this year they will be enabling npm paying customers to move their private npm packages to GitHub Packages.

Before signing out, here’s a montage by the NPM creator, Isaac Z. Hope this will help you better understand the circumstances of his exit from NPM.