GitHub Acquires npm, Buying Microsoft a Presence in the Node/JavaScript Community

栏目: IT技术 · 发布时间: 4年前

内容简介:Code repository serviceGitHub plans to invest in npm’s infrastructure, with the hopes of bringing some much-needed modernization to the platform, GitHub CEO” We will make the investments necessary to ensure that npm is fast, reliable, and scalable,” Friedm

Code repository service GitHub is in the process of acquiring the preeminent software registry for Node.js and JavaScript modules, npm , the two companies announced Monday.

GitHub plans to invest in npm’s infrastructure, with the hopes of bringing some much-needed modernization to the platform, GitHub CEO Nat Friedman promised in a blog post . It also may help free the rapidly-growing registry from the considerable financial and personnel turmoil that it has been inflicted with over the past few years.

” We will make the investments necessary to ensure that npm is fast, reliable, and scalable,” Friedman wrote. “We will actively engage with the JavaScript community to get your ideas and help us define the future of npm.”

The npm service houses 1.3 million packages, which currently get 75 billion downloads a month. The Node.js runtime makes it easy for developers to download packages that help run their own software, and these dependencies, as they are also called, are also widely used across other parts of the JavaScript community.

GitHub has pledged to keep the public registry free for use, and to bring substantive improvements. The company wants to “improve the core experience,” vowed Friedman. “Some bigger features that we’re excited about are Workspaces and improvements to the publishing and multifactor authentication experience,” he wrote.

In the long term, GitHub will work to integrate npm into GitHub, which could tighten the security of the supply of open source dependencies. The work will allow developers to “trace a change from a GitHub pull request to the npm package version that fixed it,” Friedman wrote.

Like GitHub itself, npm supports private registries through services such as npm Pro, Teams, and Enterprise. These services will continue to be offered, as well as enhanced through integration with GitHub Packages, a multilanguage packages registry. “Later this year, we will enable npm’s paying customers to move their private npm packages to GitHub Packages — allowing npm to exclusively focus on being a great public registry for JavaScript,” Friedman wrote.

The acquisition should also be a good move for GitHub parent company Microsoft, which has been expanding its reach into the open source community over the past few years. In turn, Microsoft will be able to bring financial stability to npm operations, while maximizing the use of these assets, notedLawrence Hecht, an analyst for The New Stack.

GitHub Acquires npm, Buying Microsoft a Presence in the Node/JavaScript Community

Source: Sonotype.

No Cinderella Story

First created in 2009, npm (short for Node Package Manager) was designed as an online package manager for sharing JavaScript modules. The company npm.inc was formed in 2014 to scale the technology necessary to meet its tremendous demand. It ran into a number of issues along the way, not the least being the security, and subsequent unavailability, of the Left-Pad package , which left an untold number of JavaScript programs inoperable. And even as the service grew in popularity, it continued to experience monetization issues. It also faced criticism over labor management and executive hires .

“It’s not a kajillion-billion-dollar-10x-startup cinderella story, and we’ve taken our hits, but in the end, we’ve done right by our community, team, and careers, and I’m extremely proud of what we’ve achieved,” wrote npm inc co-founder Isaac Z. Schlueter , in a blog post.

Early reaction to the news seems to be positive. In “the case of GitHub buying npm, it’s good news all around (and nicely solves the npm monetization issue),” wrote Amazon Web Services developer evangelist and long-time open source observer Matt Asay , in a Tweet .

“Today’s news that GitHub will be acquiring npm is a positive and logical step to ensure the stability and security of the open source npm registry for JavaScript developers. We know and trust the GitHub leaders who have the experience to build upon the important contributions by many, which made npm the leading open source package management resource it is today.” said Robin Ginn , executive director, OpenJS Foundation , in a statement.

My primary motivator for five years at npm was to keep the registry running forever. That is now assured. GitHub was always the company that made the most sense to integrate with npm, and I’m glad it became possible.

— Laurie Voss (@seldo) March 16, 2020

The New Stack Contributors B. Cameron Gain and Mike Melanson contributed to this post.

Sonotype is a sponsor of The New Stack.


以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

智能商业

智能商业

曾鸣 / 中信出版集团 / 2018-11 / 68.00

《智能商业》由马云作序推荐。《智能商业》是阿里巴巴集团前总参谋长曾鸣,对互联网时代的重要趋势做出革命性解读的作品,披露了其对于未来商业模式的思考和判断。 2006年,曾鸣教授加入阿里巴巴集团,参与阿里巴巴集团及各重要业务线,如淘宝、支付宝、阿里云计算、菜鸟等的发展,被业界称为阿里的“军师”。 基于在阿里巴巴集团十几年的实践经验,以及对互联网、大数据和人工智能的深入思考,曾鸣教授在《智能......一起来看看 《智能商业》 这本书的介绍吧!

随机密码生成器
随机密码生成器

多种字符组合密码

Base64 编码/解码
Base64 编码/解码

Base64 编码/解码

URL 编码/解码
URL 编码/解码

URL 编码/解码