npm is joining GitHub
We’re excited to announce that npm will be joining GitHub.
I’m excited to announce that GitHub has signed an agreement to acquire npm.
npm is a critical part of the JavaScript world. The work of the npm team over the last 10 years, and the contributions of hundreds of thousands of open source developers and maintainers, have made npm home to over 1.3 million packages with 75 billion downloads a month. Together, they’ve helped JavaScript become the largest developer ecosystem in the world. We at GitHub are honored to be part of the next chapter of npm’s story and to help npm continue to scale to meet the needs of the fast-growing JavaScript community.
For the millions of developers who use the public npm registry every day, npm will always be available and always be free. Our focus after the deal closes will be to:
- Invest in the registry infrastructure and platform. The JavaScript ecosystem is massive and growing quickly. It needs a rock-solid registry. We will make the investments necessary to ensure that npm is fast, reliable, and scalable.
- Improve the core experience. We will work to improve the everyday experience of developers and maintainers, and support the great work already started on the npm v7 CLI, which will remain free and open source. Some bigger features that we’re excited about are Workspaces and improvements to the publishing and multi-factor authentication experience.
- Engage with the community. We will actively engage with the JavaScript community to get your ideas and help us define the future of npm.
Looking further ahead, we’ll integrate GitHub and npm to improve the security of the open source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it. Open source security is an important global issue, and with the recent launch of the GitHub Security Lab and GitHub’s built-in security advisories, we are well-positioned to make a difference. In addition, GitHub Sponsors has already paid out millions of dollars to open source contributors, and we’re excited to explore tasteful ways to extend it to the npm ecosystem.
For paying customers who use npm Pro, Teams, and Enterprise to host private registries, we will continue to support you. We are also investing heavily in GitHub Packages as a great multi-language packages registry that’s fully integrated with GitHub. Later this year, we will enable npm’s paying customers to move their private npm packages to GitHub Packages—allowing npm to exclusively focus on being a great public registry for JavaScript.
We also welcome your ideas on the future of npm. We’ll be hosting a Reddit AMA with some of the people on the team in the coming days.
The amazing energy and creativity of millions of JavaScript developers is evident every day in the work that appears in npm. We are honored to support that community in a new way. The future of npm and the JavaScript ecosystem is very bright.
Written by
Related posts
Code referencing now generally available in GitHub Copilot and with Microsoft Azure AI
Announcing the general availability of code referencing in GitHub Copilot and Microsoft Azure AI, allowing developers to permit code suggestions containing public code matches while receiving detailed information about the match.
The nuances and challenges of moderating a code collaboration platform
Sharing the latest data update to our Transparency Center alongside a new research article on what makes moderating a code collaboration platform unique.
GitHub Copilot now available in github.com for Copilot Individual and Copilot Business plans
With this public preview, we’re unlocking the context of your code and collaborators—and taking the next step in infusing AI into every developer’s workflow.