Microsoft plans to integrate npm with GitHub following acquisition
The JavaScript platform will undergo a host of improvements, with the community given a stronger voice
GitHub has signed an agreement to acquire widely-used JavaScript platform npm, with parent company Microsoft eventually hoping to integrate the newly bought company into GitHub in the longer-term.
Considered an essential part of the JavaScript ecosystem, the npm package manager is home to 1.3 million packages and sustains 75 billion downloads per month. The platform will be integrated into the GitHub development platform, which Microsoft took under its ownership in 2018.
Three keys to maximise application migration and modernisation success
Harness the benefits that modernised applications can offer
The firm is planning to invest in the registry infrastructure and wider platform, with investments made to ensure it’s fast, reliable and scalable.
Microsoft will moreover, improve the core experience for developers while retaining npm’s open-source status. Additional features, such as Workspaces and improvements to multi-factor authentication (MFA) processes, will be developed with time.
Finally, the company wants to actively engage with the JavaScript community so the views of developers can be fed into future builds of npm.
“The amazing energy and creativity of millions of JavaScript developers is evident every day in the work that appears in npm,” said GitHub chief executive Nat Friedman. “We are honored to support that community in a new way. The future of npm and the JavaScript ecosystem is very bright.”
The eventual goal is to integrate GitHub and npm to improve the security of the wider open-source software supply chain, the company said. Users in future would be able to trace a change from a GitHub pull request to the npm package version that fixed it.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Friedman added users who use npm Pro, Teams and Enterprise to host private registries will continue to be supported under the GitHub-npm umbrella. The firm says it’ll invest heavily in packages so it serves as a wide-ranging multi-language that’s fully integrated with GitHub.
Later in 2020, Microsoft will allow npm’s paying customers to move their private npm packages to GitHub packages, with an exclusive focus on ramping up the public registry for JavaScript.
The move to integrate the JavaScript platform signals the extent to which Microsoft is aiming to build GitHub into an all-encompassing hub for developers and coders.
JavaScript has long been considered to be one of the most popular coding languages. Despite the rise of newer languages like Python, MDM and Kotlin, JavaScript was still found to be the most popular language for businesses, according to research from 2019.
Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.