npm is Massive
Reposted from Medium
Q. What does npm look like?
A. It looks like this according to the NodeSource design team. Check the new N|Sight visualization of npm (interactive design by Hugh Kennedy).
As of this writing, there are over 155 thousand packages in the public npm repository. Over 5 thousand were added last week. npm served up 1.5 BILLION downloads last month. Even the most jaded among us have to be a little impressed by this type of scale.
But the sheer size also brings with it the challenge of working nimbly with the registry. This requires a few parsing tricks that many find useful:
- Filter out packages without a supporting readme file, they really are an essential element.
- Filter out packages without a license field in the package.json file. Unlicensed packages are unavailable for commercial use without permission.
- Filter out packages without a linked GitHub repository with the original source. Without that, it’s difficult to review or submit improvements.
- Look for accompanying test scripts. Not every package will have one, but it’s a good indicator that it has withstood scrutiny by the community.
There are other options that enterprise Node shops can take advantage of besides the public npm registry. npm, Inc. provides a hosted service for registering private npm modules that are only visible to you or other paid subscribers that you share them with. npm Enterprise runs behind your firewall to help meet compliance needs around privacy and storage, particularly for deployable bundles.
Looking beyond the sheer size of the repository, one of the crucial roles of npm is to manage dependencies for Node.js modules. As modularity is one of the core design principles of Node development, we’ve seen that Node modules tend to multiply (Massively) — and by extension, so do the dependencies between modules. This has resulted from both the increasing availability of packages and the increasing popularity of writing smaller, modular components.
npm can significantly assist an organization as the number of Node packages increases, especially via the use of the npm scoped packages feature. It provides insight into code and dependencies being published, used and deployed throughout.
NodeSource and npm
NodeSource sees npm as an integral tool for Node development, rapid project evolution, and Node-style code modularization. It enables easy sharing of code with minimal overhead for developers. It provides seamless access to both internal and external Node packages. It provides good options for secure and stable deployment of Node projects, isolated from the public registry.
NodeSource offers training in npm from an introductory course in Node Fundamentals, to an intermediate course that focuses specifically on npm, to advanced npm concepts in our multi-day DevOps training.
At NodeSource, we think that being able to visualize a problem is key to solving it. You can talk about how geographically distributed your team is, or you can show it. This is why we have created NodeSource N|Sight, a series of visualizations that show off the power and beauty of Node. Through N|Sight, we are going to create and share other visualizations from time to time that can tell a story more clearly and memorably than a thousand words on the subject.
“Understanding npm” is the first in the series of N|Sight visualizations. We hope you enjoy viewing it as much as we did creating it. If there is something you’d like to see visualized, hit us up on Twitter (@nodesource) with #visualizethis.
“npm” and “The npm Registry” are owned by npm, Inc. All rights reserved.