Why is Microsoft buying NPM (Node Package Manager)?

Bryant Jimin Son
Mar 16 · 5 min read
Microsoft GitHub acquires NPM

Node Package Manager, more widely known as NPM, is almost the default package manager of NodeJS platform, though other famous package manager Yarn also exists.

Microsoft recently surprised the developer community by acquiring GitHub, which is the largest source control management tool hosted on the internet.

Microsoft acquiring GitHub was a huge news

Now, another surprise news came out today — Microsoft GitHub is acquiring NPM!

Okay, so we have this Coronavirus pandemic sweeping everywhere around the world. Amidst all of these terrible sufferings, GitHub buying NPM seems to be such a small news that only matters to developers. Besides, NPM is only for NodeJS, which is a popular front-end server but not the de-facto programming tech stack. So, why does it matter and why is Microsoft doing this?

I will breakdown the reasons why Microsoft GitHub doing this.

1.0. Get the best result by making a small effort — 80:20 rule Pareto Principle from Business Perspective: Javascript is most popular programming language in GitHub.

Depending on whom you ask and where you ask, Javascript is not maybe the most popular language. But at least in GitHub, Javascript is the most popular programming language based on number of contributions.

Javascript is the most popular programming language in GitHub. [Source: https://madnight.github.io/githut/#/pull_requests/2019/4]

GitHub knows this, and Microsoft GitHub wants to get the small win by making a move that gives the best result satisfying 80% of the use cases. See Paretto Principle

The Pareto principle (also known as the 80/20 rule, the law of the vital few, or the principle of factor sparsity) states that, for many events, roughly 80% of the effects come from 20% of the causes

2.0. Solving the developers’ technology pain point by making the integration seamless by controlling THE source of front-end libraries

A technology is not always singular, one package that includes all. Instead, an application development depends on multiple libraries, multiple services, and multiple end-points that need to be connected together. For example, let’s look at Apache Maven or Apache Gradle, if you are a Java developer. Just building a simple Spring Boot “hello, world” application requires spring-core library, spring mvc library, and many other JARs. If you want to make it a production ready application, you have to add unit testing (JUnit, mockito, etc), database integration (Hibernate, JDBC, etc), and so much more. It is not exactly easy to integrate all of these, and developers know this. A similar experience will come from front-end developer working with NodeJS and a package manager like NPM or Yarn.

Microsoft GitHub knows this, and it wants to completely control the NPM repo. By integrating the NPM directly with GitHub, Microsoft will have the better control over the NodeJS community, which means front-end developer community. And whenever the pain point shows up, Microsoft GitHub can more easily listen and address it.

3.0. Projecting the Microsoft image as the open source friendly company — Win the open source community by getting closer with NPM community

By buying NPM, Microsoft GitHub can directly transform the NPM community people “their people.” Oracle kinda did the same thing, except it made more enemies by suing, stealing Hudson, which separately went away with Jenkins, etc. I believe Microsoft is doing this different way, by projecting its image as open source friendly company.

Microsoft GitHub developers can closely more work with NPM developers, so they can get to know each other pretty well. Every time when NPM event happens, Microsoft will be first to get invited and become the main sponsor. Every time Microsoft event happens, NPM will also be showcased. And simply publishing the news that Microsoft GitHub buying NPM easily broadcasts through front-end community. This is a big marketing move as well as big relationship move.

4.0. Making $$$ Part #1: Influence the opportunity to grow Microsoft Azure Cloud when the corporates & companies try to pick a cloud

So far, everything was about free stuff. Let’s support the open source! Microsoft will be a top open source company. But wait. Where is $$$ in this?

The money will come from Microsoft Azure cloud. Big companies like Amazon, Microsoft, and Google all fight for cloud market cap. When the industry tries to adopt a cloud, the business executives typically do Analysis of Alternatives (AoA), system engineering, SWAT analysis, etc. One of the factors that can influence the purchasing choice will be what developers and engineers want. Based on the closer integration with technology stacks and how easy it is, and how supportive it is, the cloud purchase decision can be made.

With Microsoft having GitHub and NPM, this choice will boost Microsoft Azure cloud as the most preferred choice among the companies looking to develop front-end web applications.

5.0. Making $$$ Part #2: Putting enterprise supported packages back to NPM repo

One main difference about an individual developer and the corporation is this: individual developer wants to save the initial cost as much as possible while the industry has huge money to invest but want to save big money long term.

“Individual wants to save the initial cost as much as possible but a corporation has the huge money to invest but want to save the big $$$ over long term.”

Company, thus, wants the efficient technology stack, and needs to have the applications running 24 hours and 365 days. That is why the big corporations are willing to pay millions of dollars to simply get the support from the companies that provide the technology stacks.

This also resonates across the security. Companies needs to put the security as the foremost important thing in their technology layers and development. If one security leak happens, that can cost millions and billions of dollars. That is why all the companies always ask “is this supported and certified?”

My bet is that Microsoft GitHub will publish the official supported and certified NPM packages to its acquired NPM platform. In this way, the companies who end up adopting NPM Enterprise version, which might come out soon, can pay for the support but can be comfortable using the packages that are only approved, secure, and certified.

6.0. Bonus benefit — Hiring more front-end developers to join Microsoft GitHub team

This is what I believe. A company is just an entity, but the blood of what good company what it is really the people.

“A company is just an entity. What matters is the people and its culture.”

Microsoft or any smart company knows that it cannot win among the competitive industry without smart people keep joining its teams. Microsoft buying NPM can project the nice image that it is going to be a leading open source company. At the same time, Microsoft will be the first company that front-end developers with experiences in NPM will consider when they try to apply for a new job. Thus, this move can effectively make Microsoft a top place that people want to work for when front-end developers.

Besides, Microsoft also acquired LinkedIn, which is one of the largest job posting SNS site, so there is another plus.

Bryant Jimin Son

Written by

A Red Hat consultant talking about mylife as a consultant, including travels & career tips. But I will sometimes cover financial advises and some random stuffs.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade