GitHub is acquiring npm
As npm founder Isaac Z. Schlueter announced on the npm blog, GitHub is acquiring npm. An according agreement was signed by both sides.
Current and future plans for npm
The public npm registry is planned to remain public and free under the ownership of GitHub. Not only does Schlueter, who will keep working on npm, believe that npm will continue as we know it, but “it’ll only get better.”
As GitHub CEO Nat Friedman points out on the GitHub blog, investments in the npm registry infrastructure and platform are among the current plans. Furthermore, GitHub and npm will be integrated, which will enable tracing changes from a GitHub pull request to an updated npm package version.
In light of GitHub’s security features including the recently launched GitHub Security Lab, the integration should offer improved security for the open source software supply chain.
Paying npm customers will be able to move their private npm packages to GitHub Packages later this year, turning npm exclusively into a public registry.