Former npm, Inc. CTO Announces Entropic, a Decentralized Package Registry

CJ Silverio, former CTO of npm Inc., gave a presentation at JSConf EU 2019 in Berlin earlier this month titled “The Economics of Open Source.” More specifically, she discussed the economics of package management as it applies to open source software, based on her unique perspective and experience gained in working for the company that runs the world’s largest JavaScript package registry.
Silverio tells the story of how npm gained official status and characterizes its success as a catastrophe for a centralized package registry and repository. Although centralization has some advantages for usability and reliability, success can be expensive when a centralized service becomes popular. She described the events leading up to npm’s incorporation in 2013. The registry was down more than it was up in October 2013 and npm needed money.
npm’s owner took seed funding from a VC firm and the Node project continued to give npm special privileges. Developers perpetuated this by continuing to use npm, as over time it had come to define developers’ expectations in serving JavaScript packages. Silverio discusses some of the consequences of npm coming under private control, how developers now have no input into registry policies or how disputes are resolved.  » Read More