GitHub CEO Nat Friedman and co-founder of NPM Isaac Schlueter are blogging that integration is coming soon for GitHub and NPM. Ultimately, this is expected to increase the security of the open source software supply chain.
“Open source security is an important global issue, and after the recent launch of GitHub Security Lab and built-in security recommendations, we have every opportunity to influence the situation,” Friedman writes and promises to be able to track the change path from the GitHub pull request to the package version. npm in which this change is applied.
Friedman also notes that the CLI will remain free, open source. And later this year, he said, NPM customers paying for hosting private packages will be able to transfer their code to GitHub Packages.
The amount of the transaction has not been disclosed, only NPM developers are hinting that this is “this is not a story about a startup worth $ 1 million.”