Ever since Microsoft acquired the open-source development platform GitHub, it has grown the service significantly with even more acquisitions. Last year, GitHub acquired Dependabot and Pull Panda, and today, it's adding another name to its umbrella: npm. GitHub's Nat Friedman announced the acquisition through a blog post, and npm has an accompanying announcement on its website.
npm, short for Node Package Manager, is a package manager for JavaScript applications that has gotten fairly popular since its debut over 10 years ago. In fact, it's the largest developer ecosystem in the world, and it currently serves over 1.3 million packages to over 12 million developers, and those packages are downloaded 75 billion times every month.
With the acquisition, GitHub has set three immediate goals: building a reliable registry and infrastructure, improving the core experience, and engaging with the community. Further down the road, GitHub will integrate with npm in order to improve security and enable the ability to trace a GitHub pull request to a specific npm package that fixes it.
If you're worried about the future of npm under a large company like Microsoft, the blog post promises that npm will continue to be free forever, and npm Pro, Teams, and Enterprise customers will also continue to be supported. For those paying customers, GitHub will also eventually enable them to move their private npm packages to GitHub Packages, a multi-language package registry that integrates with GitHub proper. Finally, the GitHub team will host a Reddit AMA session in the coming days to address any questions about the acquisition.
15 Comments - Add comment