
Npm Raises $2.6M Seed Round - andrewnez
http://blog.npmjs.org/post/76320673650/funding
======
mmaster5
Per his blog, Fast.ly is now hosting the npm registry, so the money is not
going for hosting. It's to build some kind of sellout business.

Back in July he must've seen this coming because he switched the npm license
from MIT to the more restrictive Artistic 2.0:
[https://github.com/npm/npm/commit/c32391b1efd70a861cebc77e0c...](https://github.com/npm/npm/commit/c32391b1efd70a861cebc77e0cc784a46af5de21)

He's already taken away the download numbers on npmjs.org, so maybe he intends
to sell the "analytics" back to the community.

The guy calls himself a Supreme Emporer on his LinkedIn.

~~~
seldo
It's not accurate to say that Fastly is hosting the registry; Fastly are
providing CDN services to our registry -- a globally distributed cache -- for
which we're very grateful.

As of five days ago ( [http://blog.npmjs.org/post/75707294465/new-npm-
registry-arch...](http://blog.npmjs.org/post/75707294465/new-npm-registry-
architecture) ) we are hosting the registry ourselves; it was previously
hosted by Nodejitsu (who still operate a downstream mirror).

As for the download counts, per Twitter (
[https://twitter.com/npmjs/status/422823647619710976](https://twitter.com/npmjs/status/422823647619710976)
), we removed the download counts because our original solution for those
counts (keeping them in CouchDB) wasn't scaling. I am literally, as we speak,
working on the replacement system to restore download counts.

And Isaac's LinkedIn title is a joke. I hope that's obvious.

~~~
ivanplenty
thanks for answering the questions. i depend on node at my day job, so i am
particularly interested in npm's future.

i understand someone has to pay for the servers and development time, but
would it be possible to give a hint for the types of things you plan to charge
for? Even just a rough sketch of "we will offer private repositories" or "we
will offer support." I appreciate the "reassurances" that nothing will change
today for me, but the ambiguity prevents my latent paranoia from going away.

~~~
seldo
I appreciate your paranoia :-) We are wary of announcing all the stuff we're
planning given that we don't know how long it will take to build yet and don't
want to be accused of vaporware. However, we are planning to announce at least
our initial product plans pretty soon. (Probably not in a comment on a HN
thread though ;-))

~~~
morganherlocker
I just want to say that I would gladly pay for private npm hosting. Something
along the lines of github's private vs public repos would be extremely
valuable. Yes, we could set up our own private npm server, but this seems like
an obvious thing to outsource to a service as long as the pricing is not
crazy. Best of luck!

~~~
jameswyse
We've been using Gemfury[1] for our private modules which has worked out well,
no problems in over a year of use.. though I'd probably switch over to npm if
they offered private hosting.

[1] [http://www.gemfury.com/](http://www.gemfury.com/)

------
al2o3cr
One thing I'm a tad annoyed by - this deal was being put together
simultaneously with the "scalenpm" crowdfunding drive. A shoutout to the
supporters of that drive would have been nice...

~~~
nbody
Quite true. Even though I didn't donate, I wonder why they went for
crowdfunding while they were going raising VC funding. I would expect
(partial) refunds.

~~~
slexaxton
This is a common confusion. The scalenpm crowdfunding was done by the good
folks who ran the npm servers for free (mostly nodejitsu) up until the recent
switchover to the new infrastructure with Npm, Inc.

You can still use the nodejitsu registry for free if you'd like[1]. They arent
likely to need as much scaling anymore, but there's still a big cost to
running those servers. I don't think there was any foul play when it comes to
the scalenpm money as I'm fairly sure they were not aware of the intent for
Npm, Inc to take over default hosting.

tl;dr the money did not go to the same people, and the people who crowd funded
thought they'd still be hosting npm going forward at the time.

[1] [http://blog.nodejitsu.com/simple-hosted-private-npm-and-
regi...](http://blog.nodejitsu.com/simple-hosted-private-npm-and-registry-
nodejitsu-com/)

~~~
stormbrew
Does this actually make it any better, though? I mean presumably the people
who took part in the crowdfunding _also_ assumed they were contributing to the
long term hosting costs of npm and the success of the platform itself.

~~~
slexaxton
I don't believe they had much say in the change. They are still using the
money to do what they said they'd do in their campaign, and many people are
setting up their registry as their default. As far as I know they just got
caught in a situation that was less than ideal (while also getting rid of some
financial burden). I think they deserve an applause for running it at high
cost to their business for free for years rather than be villainized because
they got caught in a situation that they weren't in control of. If you
donated, or are worried about what Npm, Inc. is doing (hint: so silly to feel
this way) you should set your default registry to theirs (it's already set as
your failover, btw).

The cynicism in this thread is so bizarre to me. No one is being evil. There's
no secret foul play. Everyone go write modules and share them and be happy.

~~~
IsaacSchlueter
> (it's already set as your failover, btw)

Say what?

The Nodejitsu replica is a downstream replica, not a failover. Very different.
100% of `registry.npmjs.org` traffic goes to npm, Inc infrastructure.

> The cynicism in this thread is so bizarre to me.

Welcome to Hacker News. I see it's your first time here. :)

> Everyone go write modules and share them and be happy

Couldn't agree more.

------
IbJacked
I understand the fact that it can be fairly expensive to run a large, popular
module site such as npm and rubygems. What I'm curious about is how they
intend to monetize npm, and how it affect users, if it does. Typically, VCs
hope to get a return on their investment.

~~~
sheetjs
There are 3 obvious areas of monetization:

\- paid private repositories on npm or a parallel system (think github)

\- paid internal npm servers with support (think github enterprise)

\- statistics that used to be available, like download counts (think imgur
pro)

~~~
IsaacSchlueter
Download counts are coming back. This is literally in progress right now, and
was only removed due to technical difficulties.

~~~
jerrysievert
Thanks Isaac. Are there any additional metrics being made public as well?

------
williamcotton
Privately run 'open source' code repositories are not what the open web should
run on.

I would say that this marks the beginning of the end for npm as anything
viable for front-end code repositories and probably for anything related to
node.

I propose an open-source alternative for front-end JavaScript libraries and
dependency management.

Anyone calling for npm modules and browserify to rule the day for front-end JS
should question their opinions on the matter.

~~~
graetzer
The infrastructure of npm is open-source:
[https://github.com/npm](https://github.com/npm)

------
janjongboom
I'm kept wondering how the whole npm structure will look like. At the bottom
of npmjs.org it states: 'Powered by Joyent', but Nodejitsu ran the 'Scale npm'
donation campaign to get funds to scale the public npm registry. But Nodejitsu
acquired IrisCouch and now offers private npm services.

And now izs starts a new company npm inc. that will, well, who knows. But he's
former Joyent who power npm, so will running npm transfer to npm inc.? But how
does Nodejitsu or the 300K that they raised with their campaign fit into this
picture?

~~~
mikealAgain
Here's the history, hope it helps.

I wrote the original version of the npm registry in a day or two on top of
CouchDB. I built it quickly and didn't think much about scale.

Isaacs continued to improve and maintain that code. At one point he even wrote
up an open standard for generic js package registries for CommonJS but they
didn't seem to care (they were too busy arguing about promises).

At the time I wrote the initial code I was employed at CouchOne and we had a
small CouchDB hosting platform operated by Jason Smith which is where we ran
the registry free of charge. Later on, after CouchOne was aquired by Membase
and became Couchbase, it decided to break off the hosting company and
give/sell it to Jason Smith, which became IrisCouch.

IrisCouch continued to run the registry for free for several years. They had
no venture funding and limited resources but they provided this service for
our community anyway. They announced a product for enterprise (hosted) NPM but
as far as I know it wasn't really marketed or sold. Last year IrisCouch was
acquired by Nodejitsu.

Nodejitsu continued to host the registry for free. Some time last year the
infrastructure hit a breaking point, mostly around CouchDB. Remember, I wrote
this in a weekend when less than a hundred node packages existed. Many of the
semantics from me and Isaacs' initial "prototype" persisted until just a few
weeks ago. For instance, this single database held all the package binaries,
for every version of a package, attached to the document for that package.

Once the registry started to have serious stability issues a few things
happened. Isaacs started to work on ways to improve the reliability by
changing how the registry worked and Nodejitsu sought community support for
keeping the current registry up. At some point Isaacs also decided it would be
best if he worked on NPM full time and built NPM Inc.

In the early days we weren't thinking about 58K modules, that was just crazy,
we were just figuring out the simplest way to store a couple packages the node
community was writing. Since founding this company Isaacs has already managed
to re-write the way the registry works to fit the kind of load we have now.

Nodejitsu is now free of the financial burden that was dragging them down as
well and Isaacs' new infrastructure can keep the registry up more cheaply than
the previous system and more reliably.

~~~
tzm
Thanks for sharing this.

------
drakaal
Multiple points:

1\. Why are people happy about this? They did a crowd funding round taking
common people's money, gave them squat, then took Investor money and gave them
a share. (Would make me mad if I was part of the crowd)

2\. What is the business model? In what world does PIP or any other package
manager have a revenue stream? Ads? Spyware? There are no good models for
this.

3\. Does anyone else think that having a company title of Supreme Emporer is a
sign that this is not a founder focused on community?

I'd say we bounce and use something else, but I did that a long time ago, so I
can only suggest everybody else make like an external node. (a leaf ;-) )

~~~
PyDart
Exactly. Which is why I am actively gearing up to switch to Dart and (back to)
Python as soon as is even painfully feasible. I am also sick to death of all
the socio-political posturing and other narcisspewage surrounding the so-
called node/ _npm_ "culture".

------
aivis
Why npm needs funding? ($2.6M) They want to hire team or it's for...?

~~~
phillmv
What's the exit going to be? Who are they going to sell to? What revenues are
they going to bring in? We're talking VC money, not a grant.

Did they just hand over the keys to the node community to someone else?

~~~
yapcguy
Money corrupts.

It's amazing how things have changed in 10 years.

CPAN.

Perl.

A real community of programmers, system admins, enthusiasts.

~~~
bdcravens
Is funding better or worse than corporate sponsorship? The most successful
(depending on your metric of course) projects have been backed by corporate
dollars. Also, not every project can be a Go or Angular with a multi-billion
dollar company behind it.

All of the CPAN mirrors are paid for by somebody. Nothing's free; money is in
the equation at some point.

Of course, that's a different model than VC funding. However, you're
intimating that NPM isn't "real" with your last statement. The project has run
for several years now. This isn't some project that came out of the chute with
funding (such as Meteor).

Similar model is GitHub: long-running project/organization, took VC after a
few years. In the time since they took the VC, have they become corrupted? Are
they not a real community?

~~~
eCa
The difference is in the goal. Donated/sponsored dollars don't expect to get
dollars back. VC invested dollars expects invested_dollars * multiple in
return.

------
knappador
Going to be watching Nginx and other deals very closely as far as their long-
term health.

I could take a giggly pot-shot at web development in general by proposing that
they want to monetize node.js via a browser-base service to live one's entire
developer life, but I'm in serious agreement with others' concerns that
there's something ultimately harmful in VC money getting confused, panicky,
and deciding to GSM (Google Mobile Services) the licensing of new code or come
up with some ridiculous contributor licensing agreement like what I'm hearing
about Ubuntu.

Take heed, FOSS communities don't negotiate except on an endless table that
runs from one side of the universe to the other.

------
memracom
Soon there will be a new node.js package manager to compete with npm but it
will be supported by a non-profit foundation rather than a private profit-
driven company.

This npm inc. is one of the dumbest startup ideas that I have ever come
across. Kudos to the founders for managing to hack the VCs, but VCs that dumb
ain't gonna be around for long.

------
thanpolas
I want my donated money back.

------
Oculus
I'm a huge fan of Node.js, but I'm getting an uneasy feeling about all the
different changes and things happening. I still haven't made up my mind if
it's a justified feeling or not.

------
sktrdie
I don't get it. The community was thriving even without investment. What do
the investors get from this?

------
serkanyersen
Well, this is a bit concerning. How are the investors plan to get that money
back? Something tells me we will not like the solution.

------
thrush
npm install funding

------
jchrisa
NPM is one of the more interesting opportunities out there right now... And
plenty of competition. Watch the throne.

------
EpicEng
So... someone enlighten me here; why does a project like npm need funding at
all? If projects like GCC, which are far more complex, can subsist via
contributions and donations alone, so what makes npm, a package manager,
different?

~~~
daleharvey
gcc isnt a service?

~~~
EpicEng
I suppose... though other package managers exist without funding... but hey, I
wouldn't turn down 2.6 mil to make my project better either.

I don't understand how they intend to monetize this, but whatever.

~~~
ethangarofolo
Canonical hosts packages for Ubuntu, and they pay for that by charging for
other services. Free packages means more people using Ubuntu means more people
seeking enterprise support.

There is always funding for everything that lives. Even if you're hosting
something for "free" yourself, your job is the funding.

~~~
EpicEng
Well, sure, but $2.8m? Seems like a bit much for this sort of thing.

------
fiatjaf
Big money for a simple (lucky) project. I think it is time to move to another
JS package registry.

------
leetreveil
I would like to see npm become a more generic solution for package management
in all languages.

~~~
tobyink
I wouldn't. Most of the languages I use already have far superior solutions
for package management.

~~~
morganherlocker
Examples (genuinely curious)? In my casual experience, it seems to be easier
to use than gems or pip and has much larger ecosystem than anything else I
have tried, which is the #1 selling point of a package manager IMHO. A good
package manager (by my standards) should have:

1\. super easy publishing 2\. A package for practically everything you can
think of and if not, see #1 3\. Most of the market share for its particular
language so that you can be reasonably sure a particular module maintainer has
an up to date package

------
chrisabrams
I don't see the issue here. Node has Joyent as a backing and it's doing fine.

