GitHub buys NPM

GitHub, a Microsoft-owned company, announced a deal this week with NPM Inc, which manages the npm repository, which contains over 1.3 million packages and is used by 12 million JavaScript developers. Let me remind you that today npm is the largest JavaScript package manager in this ecosystem, as well as the largest package repository among all programming languages.

GitHub CEO Nat Friedman and co-founder of NPM Isaac Schlueter are blogging that integration is coming soon for GitHub and NPM. Ultimately, this is expected to increase the security of the open source software supply chain.

“Open source security is an important global issue, and after the recent launch of GitHub Security Lab and built-in security recommendations, we have every opportunity to influence the situation,” Friedman writes and promises to be able to track the change path from the GitHub pull request to the package version. npm in which this change is applied.

Friedman also notes that the CLI will remain free, open source. And later this year, he said, NPM customers paying for hosting private packages will be able to transfer their code to GitHub Packages.

The amount of the transaction has not been disclosed, only NPM developers are hinting that this is “this is not a story about a startup worth $ 1 million.”

Leave a Reply

Your email address will not be published. Required fields are marked *

four − three =