As though anticipating developer angst about the change in ownership, Friedman promised that users would not notice a difference. “For the millions of developers who use the public npm registry every day, npm will always be available and always be free,” Friedman wrote.
He also promised to update the infrastructure behind the tool, improve the experience and keep up communication with the npm community. What’s more, he said the company would incorporate the npm tech into the GitHub platform.
“Looking further ahead, we’ll integrate GitHub and npm to improve the security of the open source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it,” he wrote.
But it’s not just the free version, of course. There is a core group of paying customers too, and Friedman indicated GitHub would continue to support them.
He also stated that later this year when the registry is integrated more fully into the GitHub platform, paying customers would be able to convert their private npm packages to GitHub packages.
npm was founded in 2014, and raised almost $19 million on a $48 million post valuation, according to Pitchbook data.