Microsoft’s open-source shopping spree has claimed another victim: npm. [Nat Friedman], CEO of GitHub (owned by Microsoft), announced the move recently on the GitHub blog.
So what motivated the acquisition, and what changes are we likely to see as a result of it? There are some obvious upsides and integrations, but these will be accompanied by the usual dose of skepticism from the open-source community. The company history and working culture of npm has also had its moments in the news, which may well have contributed to the current situation. This post aims to explore some of the rationale behind the acquisition, and what it’s likely to mean for developers in the future.
What is npm?
Many Hackaday readers will be familiar with npm (Node Package Manager), one of the backbones of the open-source JavaScript community. If you’ve played around with any kind of web or JavaScript project recently, you’ve probably used npm to install and manage dependencies, with it currently servicing 75 billion downloads a month. It is the most popular package manager for JavaScript, and enables re-use and sharing of modules throughout the JavaScript community; it’s what’s responsible for the node_modules folder in your project munching all your disk space.
At its most basic level, npm allows you to download and install JavaScript modules from the online registry, either individually, by running for example, npm install express, or installing from a package.json file, which contains details of all a project’s dependencies. If you want to read more about how npm manages dependencies and how its parallels with the Node Module Loader allow some neat simultaneous version loading, npm have github acquisition developers
