内容简介:Code repository serviceGitHub plans to invest in npm’s infrastructure, with the hopes of bringing some much-needed modernization to the platform, GitHub CEO” We will make the investments necessary to ensure that npm is fast, reliable, and scalable,” Friedm
Code repository service GitHub is in the process of acquiring the preeminent software registry for Node.js and JavaScript modules, npm , the two companies announced Monday.
GitHub plans to invest in npm’s infrastructure, with the hopes of bringing some much-needed modernization to the platform, GitHub CEO Nat Friedman promised in a blog post . It also may help free the rapidly-growing registry from the considerable financial and personnel turmoil that it has been inflicted with over the past few years.
” We will make the investments necessary to ensure that npm is fast, reliable, and scalable,” Friedman wrote. “We will actively engage with the JavaScript community to get your ideas and help us define the future of npm.”
The npm service houses 1.3 million packages, which currently get 75 billion downloads a month. The Node.js runtime makes it easy for developers to download packages that help run their own software, and these dependencies, as they are also called, are also widely used across other parts of the JavaScript community.
GitHub has pledged to keep the public registry free for use, and to bring substantive improvements. The company wants to “improve the core experience,” vowed Friedman. “Some bigger features that we’re excited about are Workspaces and improvements to the publishing and multifactor authentication experience,” he wrote.
In the long term, GitHub will work to integrate npm into GitHub, which could tighten the security of the supply of open source dependencies. The work will allow developers to “trace a change from a GitHub pull request to the npm package version that fixed it,” Friedman wrote.
Like GitHub itself, npm supports private registries through services such as npm Pro, Teams, and Enterprise. These services will continue to be offered, as well as enhanced through integration with GitHub Packages, a multilanguage packages registry. “Later this year, we will enable npm’s paying customers to move their private npm packages to GitHub Packages — allowing npm to exclusively focus on being a great public registry for JavaScript,” Friedman wrote.
The acquisition should also be a good move for GitHub parent company Microsoft, which has been expanding its reach into the open source community over the past few years. In turn, Microsoft will be able to bring financial stability to npm operations, while maximizing the use of these assets, notedLawrence Hecht, an analyst for The New Stack.
Source: Sonotype.
No Cinderella Story
First created in 2009, npm (short for Node Package Manager) was designed as an online package manager for sharing JavaScript modules. The company npm.inc was formed in 2014 to scale the technology necessary to meet its tremendous demand. It ran into a number of issues along the way, not the least being the security, and subsequent unavailability, of the Left-Pad package , which left an untold number of JavaScript programs inoperable. And even as the service grew in popularity, it continued to experience monetization issues. It also faced criticism over labor management and executive hires .
“It’s not a kajillion-billion-dollar-10x-startup cinderella story, and we’ve taken our hits, but in the end, we’ve done right by our community, team, and careers, and I’m extremely proud of what we’ve achieved,” wrote npm inc co-founder Isaac Z. Schlueter , in a blog post.
Early reaction to the news seems to be positive. In “the case of GitHub buying npm, it’s good news all around (and nicely solves the npm monetization issue),” wrote Amazon Web Services developer evangelist and long-time open source observer Matt Asay , in a Tweet .
“Today’s news that GitHub will be acquiring npm is a positive and logical step to ensure the stability and security of the open source npm registry for JavaScript developers. We know and trust the GitHub leaders who have the experience to build upon the important contributions by many, which made npm the leading open source package management resource it is today.” said Robin Ginn , executive director, OpenJS Foundation , in a statement.
My primary motivator for five years at npm was to keep the registry running forever. That is now assured. GitHub was always the company that made the most sense to integrate with npm, and I’m glad it became possible.
— Laurie Voss (@seldo) March 16, 2020
The New Stack Contributors B. Cameron Gain and Mike Melanson contributed to this post.Sonotype is a sponsor of The New Stack.
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
深入浅出Ajax
(美)Brett McLaughlin / 东南大学出版社 / 2006-5 / 98.00元
本书将教会您如何在很短的时间内掌握使用JavaScript代码来向服务器提交异步请求?同时,您可以学习如何使用诸如动态HTML、XML、JSON、DOM等技术来解决开发过程中遇到的许多问题。让你从那些繁琐而笨拙的网站开发技术中彻底解放出来!本书将是一本指导您进行异步开发的经典参考书籍。 作为一名网站设计人员,您也许时常因为遇到以下情况而烦恼:用户只是移动了鼠标就要从服务器重载数据......一起来看看 《深入浅出Ajax》 这本书的介绍吧!