Microsoft will soon control more of the open source software development ecosystem.
GitHub, which Microsoft bought in 2018, said Monday that it will acquire NPM, which offers a crucial service for JavaScript developers. Terms of the deal were not disclosed.
GitHub is the most popular place to host open source software on the web and is home to around 100 million code “repositories.” NPM, short for “node package manager,” hosts packages written for the popular JavaScript programming platform Node, and provides tools for managing those packages. According to a blog post from NPM cofounder Isaac Schlueter, the company hosts 1.3 million packages, which are downloaded 75 billion times per month. The company’s website says customers include Slack, Netflix, Visa, and Nike.
The companies are important because developers today tend not to write applications entirely from scratch. Instead they typically stitch programs together from open source packages of code—like those hosted on NPM—that handle common features, like communication with databases or verifying passwords.
If you wanted to create an open source Node package, you might upload the code to GitHub in order to work with other programmers on it. But you’d probably also upload it to NPM, from which developers would install and manage it. GitHub also launched its own package management service last year called GitHub Package Registry.
NPM raised $8 million in venture capital in 2015. Like GitHub, NPM charges users who want to host code on its service privately instead of making it publicly available. Companies might want to do this so that they can manage open source and proprietary software through the same tools.
Despite the important role it plays in software development, NPM struggled. The Register reported last year that the company had laid off around 20 or 25 percent of its employees, including an employee only a month away from vesting his stock options and three people who were attempting to form a union at the company. NPM was the subject of five complaints last year with the National Labor Relations Board, alleging “coercive statements” and retaliation. All the complaints were closed following informal settlements, according to the NLRB website. NPM declined to comment, and GitHub did not immediately respond to a request for comment.
More Great WIRED Stories