Overview
Syllabus
Intro
The economics of package management
you are in this story
open-source doesn't mean open ownership or control
the package registry is centralized
centralization has advantages
centralization of costs
servers cost money who pays for them?
founding a company was a novel choice
those large numbers sure are large
open source generates a lot of value
open source vs free software
capitalism loves open source
the language spec
our common registry of shared code is owned by a private company
what are the consequences of private control?
no input into registry policies
the registry is what matters not the clients
the management of our commons is opaque to us
there is no trust without accountability
you had no way to hold me accountable
so is npm evil? mu. ask a different question.
npm is a financial instrument
npm Inc is a means for turning some money into more money
It's 2018. Packages flow like water.
packages cost money even if you're not paying for them
make money or raise money by telling a story about spending money to make money
imagine npm run by a non-benevolent entity
I agree with Ryan Dahl
entropic a federated package manager
new cli & new api decentralized: many registries
Taught by
JSConf