GitHub (née Microsoft) buys NPM

Weird timeline we’re in, eh? While we all sit and hope for the best with COVID-19 taking an unprepared humanity to task, Microsoft (through GitHub) is making an interesting move.

I have to say, it’s an interesting proposition. Microsoft wants to improve and control the popular NPM (Node Package Manager) repository. This is where JavaScript developers go to download modules for Node.js so that they can build their applications. Microsoft will now own this repository.

Honestly, I’m a little torn. On one hand, I dislike the increasing creep of JavaScript “applications” that are run on Node/Electron because they’re not usually well optimized and eat resources like crazy. On the other hand, Node’s repository has been notorious for squatters, malicious files being uploaded into popular modules and even the transfer or takeover of popular modules by hostile entities without any notification. Some sort of corporate curation and regulation (not to mention proper infrastructure and funding) will help.

Ultimately it seems like just another piece of the Open Source pie being consumed by corporations. While NPM is a handy tool for development in Node, I’m sure this change of ownership will prompt an exodus, as the GitHub acquisition did before it.

When it does, we’ll all be the better for it. More diverse sources allow for less single points of failure or control. I wouldn’t be surprised if the popular distributed git-forge idea spawns into a distributed NPM-analog.

Update: It was pointed out to me that there is, in fact, an alternate package repo tool/project tool: Yarn. I’m not a Node developer, but I am extremely happy that it exists and can be a stand-in for NPM.

Computers Family Feelings


I sometimes get to a point where I question a lot of what I do and what matters to me. Sometimes it’s because of simple things, like a broken tool, or a frustrating problem. Sometimes it’s more of a philosophy problem, where I question how I feel about something and if I should change my ideas or mannerisms behind some action.

Lately, it’s been a little of both. I use an iPhone, Apple Music, iCloud (storage, etc), Office 365, and probably other tools and services that would be considered “non-free” in the “libre” sense. This has lead to me thinking about what I actually want out of computing. It’s such a thorny question, because there are so many comfortable choices that I’m in, that upending them would probably throw my life (and my family’s) into temporary turmoil.

For instance: Office 365. I pay for just the Exchange Online component, because I don’t need the actual Office suite as we (my family) get it free from my school and other organizations that we’re associated with. Exchange Online has been fine from a end-user perspective. Very rarely do I have any real issues to speak of, other than paying for it. My real problem here is that it’s a very proprietary platform, and because of that, it’s moderately difficult to get out of and to connect to with free-software tools. The IMAP support is… functional, but the contacts and calendars are tied down.

Similarly, I have lots of Apple devices and services. Like Office 365, I don’t have any complaints, per se, it’s just that they’re extremely proprietary and that means getting out of the ecosystem is difficult, and like above, connecting using free-software tools is straight up impossible.

The reason I have these things in the first place is that my family, who don’t hold my free-software ideals, want/need access to reliable tools they can use from multiple places. This is not an unreasonable request, and is one that can be solved with enough time, free-software, capital and expertise. Unfortunately, I’m not willing or able to host all of that, or even administer it. I don’t have the time, and I certainly don’t have the specific expertise to do all of it. Hence the current implementation.

Balance between freedom, convenience and cost is a tricky one. While I’d personally like to model myself more in line with the FSF’s computing ideals. The problem is that I have family members that I have to support as well. I’d also like to move them toward more free-software systems. While I recognize their choice in platforms is their own, I also get to say what I will and will not support (kind of, family is so complicated).

I don’t have any kind of resolution for this, I’m still trying to figure out what kind of path I want to take. Is pragmatism the smarter choice? Idealism feels right, but is massively more difficult to implement. There is probably a good middle of the road, but I don’t know if I’m on it. Maybe it doesn’t matter?

What should I do?

Featured Image

“Ugh, a Mac”, by Joe Wilcox – License: CC BY-NC-SA 2.0