
Popular JavaScript Package Manager Npm Raises $8M, Launches Private Modules - doppp
http://techcrunch.com/2015/04/14/popular-javascript-package-manager-npm-raises-8m-launches-private-modules
======
mattmanser
Do I just not get the scale? For this investment to make sense, they would
have to get to $100s of million dollars, but by charging a few thousand
companies $7?

And I'd say there's a 50/50 chance node will completely collapse within 10
years or so. And that's being generous, javascript is a controversial language
and the standards committee moves very slowly. I honestly can't see it staying
king once browsers can support other languages. You only have to see how fast
Ruby was a darling and even now might be regarded on its swan song, less than
10 years later. Tech changes, the next big language will hit soon.

Congratulations to them and all that, and great product, I'm just wondering if
someone can explain the sense in investing so much money into something like
this? As this seems an incredibly risky venture?

~~~
Igglyboo
> I honestly can't see it staying king once browsers can support other
> languages.

Theres no way this happens anytime soon. Google already tried that with Dart
and it failed.

~~~
moron4hire
It's funny how people forget that IE had supported multiple languages for a
very long time:
[http://en.wikipedia.org/wiki/Internet_Explorer#Architecture](http://en.wikipedia.org/wiki/Internet_Explorer#Architecture)

    
    
        Internet Explorer does not include any native scripting
        functionality. Rather, MSHTML.dll exposes an API that 
        permit a programmer to develop a scripting environment
        to be plugged-in and to access the DOM tree. Internet
        Explorer 8 includes the bindings for the Active
        Scripting engine, which is a part of Microsoft Windows
        and allows any language implemented as an Active
        Scripting module to be used for client-side scripting.
        By default, only the JScript and VBScript modules are
        provided; third party implementations like
        ScreamingMonkey (for ECMAScript 4 support) can also be
        used. Microsoft also makes available the Microsoft
        Silverlight runtime (not supported in Windows RT) that
        allows CLI languages, including DLR-based dynamic
        languages like IronPython and IronRuby, to be used for
        client-side scripting.

~~~
pcwalton
Gecko too for a while (because there was concern that VBScript would catch on,
AFAIK), though it was eventually removed. The nsIProgrammingLanguage enum is
the last vestige of this support: [https://dxr.mozilla.org/mozilla-
central/source/xpcom/base/ns...](https://dxr.mozilla.org/mozilla-
central/source/xpcom/base/nsIProgrammingLanguage.idl)

------
Osiris
In my company we had been using Git links in our package.json files to point
to private dependencies hosted on our local GitLab instance. Recently, we
setup an npm-compatible private repository that allows us to publish private
packages as well as cache public ones.

It's been awesome to finally get back to using semver to manage all our
dependencies. Our build server automatically publishes to our private repo on
a successful build.

I think that a lot of companies will find this service extremely helpful and a
lot cheaper than having an employee spend the time to try to set up a private
repository locally.

~~~
awinder
I had set up a private repo at a previous company around the time NPM was
experiencing a lot of outages, and also to handle our private modules. It
worked well when it worked well, but it did definitely require babysitting
once a month or so. Totally the kind of thing you want to NOT just have one
developer understand.

What "npm-compatible" package did you end up going with? Assume you're not
doing the couchdb mirror, which I really don't want to do again either, so I'm
curious if this is a low-dependency sort of thing.

~~~
Osiris
Our Ops guy did it using Nexus.

------
BinaryIdiot
npm is a pretty important piece of node itself; I'm actually surprised Joyent
hasn't picked them up (maybe they're tried?). Maybe this funding will help it
iterate a little faster.

~~~
nailer
There's an interview where Isaac says if npm would sell to anyone (which it
wouldn't) it would definitely not be to Joyent.

+1 re new stuff. npm v3 has some rad de-duplication stuff on the way.

~~~
gaadd33
If npm isn't ever going to sell out how are their VCs planning on making any
return on investment? Go public? (Which is arguably selling to the public)

~~~
bonzoT
hmm. I don't going public is the likely option.

------
kasabali
In an alternate universe: _" Popular Linux Package Manager (apt|yum) Raises
$<few>M, Launches Private Repositories"_. Something sounds strange.

------
WhitneyLand
What would be the potential business model?

------
balls187
Does private modules increase the SLA of NPM?

The biggest issue we face with using github and npm for deploys is the
intermittent service outtages.

~~~
Osiris
Setup a local npm cache. There's lots of instructions online on how to setup
nginx to act as a proxy to fetch npm modules and cache them locally. This way,
you don't have to worry if npmjs.com goes down, your build process will pull
everything from your local cache.

~~~
balls187
Thanks, that's not a bad suggestion for our needs.

I would expect a paid-for service to not require me to run my own proxy
though.

------
marknadal
They misspelled Ryan Dahl's name :(, I miss Ryan. Congrats to Isaac and NPM,
they are such great guys!

------
fibo
Npm is a good pièce software and the free public, pay for private GitHub like
model wins.

~~~
eropple
It wins? Does it? Because I don't see how you become a company worth nine
digits of VC by selling private JavaScript package repositories to twenty
thousand people. We're talking about a difference not only in degree but in
kind to Github.

------
ing33k
do they want to be like Sonatype for node.js ?

[http://www.sonatype.com/](http://www.sonatype.com/)

~~~
jbaruch_s
They'd better not. Nexus has horrible node.js support:
[https://www.youtube.com/watch?v=0yctqs1sN8U](https://www.youtube.com/watch?v=0yctqs1sN8U)

Check Artifactory instead, they have first class support

(Disclaimer: I am with JFrog).

