I think the JavaScript community needs to step up and boycott NPM

by calypsoon 4/1/2019, 10:43:46 PM with 7 comments
  • by keypusheron 4/2/2019, 10:12:46 AM

    > "The actual concern I have is that the JavaScript package manager and language commons are in the hands of a VC-funded company

    I'm not primarily a JS developer, but I guess I just assumed NPM was run by a non-profit foundation like the Python Software Foundation runs PyPi. So I started looking into the governance of other significant library repos. Homebrew actually sets a good example[0], with a clear governance structure. On the other hand I have no idea who owns RubyGems.org, perhaps a loose collection of GitHub users called the RubyGems Team [1]. Maven Central (Java) is owned+operated by Sonatype [2], Packagist (PHP) is owned+operated by Private Packagist[3], Nuget (C#) is unsurprisingly owned+operated by Microsoft, and CPAN seems to be governed by the Perl Foundation. According to modulecounts.com, NPM has more hosted packages than any of the others. It's also the only one where the registry source code does not seem to be publicly available, and there are very few full mirrors that don't just proxy upstream to npmjs.org. Yikes.

    [0] https://docs.brew.sh/Homebrew-Governance

    [1] https://rubygems.org/pages/about

    [2] https://central.sonatype.org/

    [3] https://packagist.org/

    [4] http://www.modulecounts.com/

  • by takinolaon 4/2/2019, 6:56:00 AM

    The style of this article is really disingenuous. The new leadership at NPM may (or may not) be acting disrespectfully to the terminated workers but to go from that to speculating about their financial health just seems unwarranted. The statement "a company which may, or may not have financial problems" is meaningless. Every company in the world "may, or may not," have financial problems. That sentence only serves to impute doubt about the company's viability while skirting the limits of truthfulness

  • by colejohnson66on 4/2/2019, 2:30:06 AM

    @mods The actual title is “Nice People Matter? NPM may stand for Not Politely Managed – job cuts leave staff sore”.

  • by NelsonMinaron 4/1/2019, 11:47:07 PM

    I'm grateful for this article. It's been clearly reading on Twitter #npmlayoffs something bad has been going down but hard to piece the story together. The Reg puts it together in a relatively straightforward way.

  • by the_fonzon 4/2/2019, 12:25:36 AM

    Capitalism's hubris... co-op workplaces, organized labor and sharing salary info are musts. We don't need fascism nor communism to solve inequality, just a shift back to decency and earned respect through workplace action. Power concedes nothing without organized resistance. Violence carries water for the opposition, so only nonviolent disobedience will be strategically-successful.

  • by jonny_ehon 4/2/2019, 12:43:37 AM

    That title, yikes.

  • by nigron 4/2/2019, 7:19:54 AM

    Yeah, no