►
Description
Keynote: The State of npm by Isaac Schlueter
A
There
we
go
computers,
all
right,
I,
don't
actually
sign
Raquel's
paychecks
we
use
TriNet
for
that
they're
they're
great
I
would
do
you
probably
never
get
paid
I'm
really
terrible
at
stuff,
so
welcome
everybody
I
usually
asked
us
at
any
time.
I
give
a
talk.
It's
probably
kind
of
a
dumb
question
here,
but
how
many
of
you
have
used
NPM
before
how
many
of
you
were
here
at
your
first
NPM
camp.
A
Anybody
been
using
NPM
since,
before
it
shipped
with
node-
oh
ok,
so
most
this
is
gonna,
be
boring
or
any
know
the
story.
So
once
upon
a
time
there
was
this
thing
called
nodejs
and
the
whole
community
actually
fit
on
a
small,
relatively
low
activity,
mailing
list
and
then
Ryan
went
to
Berlin
Ryan
to
all
the
inventor
of
node.js
went
to
Berlin
and
gave
this
talk
if
you've
never
seen
it
I
recommend.
Looking
it
up.
A
It's
kind
of
amazing
like
how
much
node
is
still
kind
of
doing
the
same
kind
of
you
know
following
some
of
those
same
principles
and
which
ones
have
kind
of
changed
over
time,
but
anyway
gave
this
talk
and
a
lot
more
people
showed
up
on
the
mailing
list.
So
there
was
all
this
like
really
interesting,
work
being
done,
people
would
say:
oh
I'm,
you
know
I
wrote
this
thing.
It
connects
to
a
some
kind
of
database
and
to
install
it.
A
A
Npm
originally
was
this
thing
called
semper
or
semantic.
Versioning
NPM
was
one
of
the
first
package
managers
to
to
leverage
this
in
a
big
way.
Now,
it's
kind
of
just
obvious:
that's
how
you
do
versions
but
and
we've
kind
of
evolved
NPM
with
December
spec,
so
they're
actually
cases
there
was
a
moment
there
were
like
seven
per
spec
had
moved
ahead
of
NPM.
We
had
to
kind
of
catch-up
it
the
thing
about
cember,
that's
kind
of
interesting.
A
So
you
probably
all
have
some
idea
of
what
like
a
patch
version
or
a
major
version
or
a
minor
version
is-
and
you
may
have
had
some
passionate
arguments
about
whether
cember
is
like
the
best
thing
ever
or
the
worst
thing
ever
and
I'm
here,
to
tell
you
that
I
disagree
with
both
of
those
points
of
view,
a
lot
the
the
the
semantics
live
in
you.
They
live
inside
of
us
in
our
brains
that
are
not
in
the
numbers.
The
numbers
are
just
these
tokens
that
we
can
kind
of
manipulate.
A
Small
modules
is
another
thing,
that's
commonly
associated
with
NPM.
It
wasn't
actually
an
original
design
goal
of
of
the
package
manager
from
day
one
I,
don't
and
I.
Don't
think
that
we've
ever
really
done
anything
to
try
and
make
modules
smaller.
It's
just
kind
of
what
happens
when
people
can
write
small
modules
right
they
tend
to
so
it's
it's
sort
of
like
the
the
end
result
of
increasing
modularity
and
programs.
You
just
say:
well,
you
know
why
not
have
a
wrapper.
A
You
know
a
packaging
wrapper
for
this
one
function
and
then
you,
you
know
once
it's
a
thing.
It
needs
documentation,
it
needs
tests,
there's
kind
of
this
mental
shift
to
treat
it
like
a
first-class
citizen,
so
that
the
the
value
of
small
modules
ultimately
is
just
whatever
the
value
is
of
modularity
people
can
iterate.
In
parallel,
you
get
code,
quality
and
some
isolation,
but
obviously
this
every
strategy
has
trade-offs.
A
There's
once
you
have
more
smaller
modules
that
do
more
things,
you
have
kind
of
this
assembly
problem
and
a
greater
depth
of
abstraction
instead
of
having
you
know
to
deal
with
all
the
abstraction
in
one
place.
So
it's
it's,
it's
complicated,
I
think
I.
Think
one
of
my
favorite
aspects
of
NPM
is
actually
that
and
what
I've
found
in
doing
this
is
the
the
surprises
where,
like
you,
solve
one
kind
of
problem,
only
to
realize
that
there
was
this
much
bigger
problem
that
was
kind
of
waiting
behind
it.
A
So
we
get
to
increasingly
be
frustrated
by
more
interesting
things,
which
is
kind
of
a
career
goal
of
mine
as
a
software
developer
and
and
entrepreneur,
actually
it
all
kind
of
started.
It
started
for
me
about
seven
years
ago,
as
sort
of
an
unplanned
adventure,
because
I
was
actually
trying
to
work
out
a
way
to
to
write
a
web
framework
in
node.
This
is
before
there
were
any
web
frameworks
in
node
there
weren't,
like
you
know,
I,
don't
know.
A
50
like
there
are
now
probably
but
I
was
trying
to
figure
out
a
way
to
build
this.
This
nice
framework
for
building
websites
and
I
needed
to
use
other
people's
code,
and
so
I
figured
well
before
I
write
a
web
framework.
I'm
gonna
write
a
package
manager
cuz.
Why
not,
and
I
probably
never
would
have
done
that
if
I
was
actually
like
going
to
work
every
day
at
a
job,
you
know
why
would
you
write
a
package
manager
to
build
a
website?
A
That's
stupid,
but,
like
the
whole
thing,
is
just
kind
of
this
testament
to
the
unreasonable
effectiveness
of
taking
some
time
off.
Some
of
you
follow
me
on
Twitter,
probably
know
I'm
a
big
proponent
of
guaranteed
basic
income
or
universal
basic
income.
This
is
really
why,
because
when
people
have
a
few
extra
brain
cycles,
they
create
interesting,
creative
things.
A
Npm
never
would
have
happened
if
I
hadn't
kind
of
found
myself
in
this
position.
I
was
sort
of
a
very
unhappy
workaholic
for
most
of
my
20s
and
finally
snapped
I
was
like
I've,
been
I've,
been
working,
my
ass
off
and
saving
all
this
money
like.
What's
the
point,
I'm
gonna
take
some
time
off
and
just
eat
my
savings
and
see
what
happens
it
totally
burnt
out
and
so
I
wrote
a
package
manager'.
That's
what
you
do.
A
I'm
not
gonna
say
that
like
quitting
your
job
and
and
sort
of
like
saying
screw,
it
is
the
best
option
or
even
a
reasonable
option
for
everybody,
but
it's
like
if
you
have
this,
come
up
and
you're
in
your
realm
of
possibilities
at
some
point
in
your
life
like
very
seriously,
consider
it
it's
kind
of
great.
So
this
thing
got
popular
and
the
problem
with
making
a
thing
in
your
spare
time
during
temporary
unemployment.
A
Is
that
and
then
that
thing
getting
popular
is
you
have
to
keep
figuring
out
how
to
make
it
survive
while
it
tries
to
crush
everything
that
you
love
and
what
I
found?
Was
this
this
nights
and
weekends
project
for
a
single
individual
and
like
running
on
infrastructure
that
was
donated
free
of
charge?
It
was
first
from
couch
io
and
then
it
became
couch
one
and
then
it
got
handed
off
to
Irish
couch
and
then
that
got
acquired
by
no
Jitsu,
but
it
was
really
actually
all
the
same
people
with
the
same
servers
the
whole
time.
A
This
system
works
really
great
for
a
while
until
it
suddenly
doesn't,
and
so
they
were
by
the
end
of
2013.
There
were
some
pretty
awful
ops
problems,
scaling
issues
stuff
would
go
down
on
a
weekend
and
I'd
be
like
out
of
town
and
just
not
hear
about
it
until
Monday,
so
it'd
be
like
no
NPM
this
week.
A
Thing
is,
though,
it
what
we.
What
we
found
in
what
was
sort
of
surprising
is
like
in
2010,
when
NPM
would
hiccup
and
be
unavailable
for
a
day.
I
was
like
no
big
deal,
it
was
a
thing
I
had
to
do
in
2013.
It
was
a
big
big
deal.
It
was
completely
unacceptable.
People
got
really
mad
about
it,
and
so
the
problem
really
is
that
we
needed.
You
know
this
this
one
person
on
a
sabbatical
and
then
kind
of
keeping
it
going
with
their
nights
and
weekends.
A
Time
totally
works
for
a
really
small
thing
and
it's
a
great
way
to
do
really
creative,
interesting
work,
but
like
actual
stuff
that
people
are
depending
on
you
need
to
have
professionals
really
dedicating
their
working
hours
like
reasonable
working
hours,
not
80
a
week,
dedicating
their
their
professional
attention
to
like
solving
the
current
problems
and
also
planning
for
the
to
solve
the
next
ones
that
are
going
to
come
up.
The
thing
about
exponential
growth
is
that
it's
really
hard
to
have
sort
of
a
gut
reckon
about
it.
A
Anything
that's
exponential
tends
to
like
tends
to
just
be
continually
surprising,
but
you
know,
because
our
brains
are
not
evolved
to
deal
with
exponential
growth,
but
it's
pretty
straightforward
to
do
the
math
of
it
like
it's
actually,
not
that
complicated
to
sit
down
and
plan.
Okay,
here's
where
we
need
to
be
next
year.
Yes,
that
sounds
crazy.
Yes,
that
sounds
wild.
That
is
completely
not
reasonable.
A
That
will
scale
that
big,
but
I
can
tell
that
we
are
going
to
because
that's
what
the
that's,
what
the
graph
says
and
I
yeah,
so
starting
a
company
sounded
kind
of
fun.
A
bunch
of
companies
out
there
had
said
to
me
that
they
wanted
to
give
me
money
to
be
able
to
host
their
private
code
on
NPM
and
also
to
ensure
that
it
didn't
go
down
all
the
time.
So
that
seemed
like
a
pretty
good
plan.
Start
a
company
make
some
money.
A
First
order
of
business
was
operational
excellence
and
the
last
talk
of
this
conference
today,
you'll
hear
CJ
Silverio
talking
about
I
assume
some
I
haven't
actually
seen
her
talk,
but
I
assume
it's
got
some
touches
on
how
we
keep
the
registry
not
on
fire.
Cj
is
NPM
CTO.
The
next
thing
we
did
was
we
built
an
enterprise
version
of
the
registry
that
you
can
pay
money
to
have
inside
your
company's
firewall.
A
The
next
thing
we
did
was
making
it
so
that
you
can
use
private
modules
on
the
registry
that
we
host,
so
you
don't
have
to
install
it
and
inside
your
company's
firewall.
If
that's
not
a
thing
you
care
about
and
along
the
way
we've
been
working
on,
improving
the
CLI,
the
website,
writing
Docs,
answering
support
emails
and
now,
apparently
throwing
conferences.
So
why
do
we
do
all
this
stuff?
A
A
These
numbers
are
huge.
Look
at
this,
like
that's
like
five
billion
downloads
in
the
last
month.
That
doesn't
make
any
sense,
like
three
300,000,
some
odd
modules
now
320,000
it's
right
now,
there's
like
four
million
humans,
a
little
over
four
million
human
beings
using
NPM
on
a
pretty
regular
basis.
A
Unfortunately,
most
of
them
could
not
make
it
to
NPM
camp
when
our
when
our
servers
hiccup,
like
I,
mentioned
before
I
mean
into
you
thought,
2013
was
bad
like
it
takes
so
much
less
of
a
hiccup
now
to
make
people
very
upset,
the
internet
gets
bad,
they
have,
they
have
strong
feelings,
they
send
them
to
us.
We
get
calls
from
the
media
when
that
happens.
A
It
just
just
sort
of
speaking
personally
like
repeated
exposure
to
NPM
usage
graphs
in
this
exponential
curve
has
kind
of
got
me
like
broken
inside
like
I'm,
just
not
amazed
by
large
numbers
anymore.
I
know
one
day
like
Lori's
gonna
storm
into
my
office
and
be
like,
oh,
my
god,
ten
billion
downloads
yesterday,
like
giant
numbers
giant
numbers
everybody.
The
fact
is
just
everybody
uses
NPM
for
everything
and
it's
kind
of
Awesome,
but
it
will
probably
never
stop
feeling
weird
to
me.
A
So
when
I,
when
I
first
started
splitting
modules
out
from
the
the
NPM
codebase
NPM
was
originally
this,
like
total
monolith
project,
it's
still
like
almost
a
monolith
project
but
like
forest
and
team
have
really
done
a
lot
of
work
to
keep.
You
know,
cutting
things
and
organizing
them
a
lot
better.
I
left
it
in
a
total
mess
for
them.
If
you
want
to
make
a
messy
codebase,
do
something
on
your
nights
and
weekends
for
four
years,
and
it's
so
anyway.
A
How
do
I
wins
the
conference?
I
thought
it
was
some
Easter
Egg
that
was
gonna.
Tell
me
like
how
to
buy
a
ticket
or
something's
like
no.
No,
no,
it's
for
your
ini
files,
but
this
conference
is
mostly
not
about
config
files,
only
a
little
bit
about
config
files
so
and
NPM,
and
we
actually
thought
long
and
hard
about
this
like
why
I
actually
do
a
conference
anyway
right.
It's
like
maybe
does
that
not
even
make
sense.
A
Npm
is
already
represented
at
pretty
much
every
Jay
s
conference
and
meetup
an
event
like
there's
somebody
giving
some
talk
about
doing
something
with
NPM,
and
so
we
were
kind
of
like
yeah.
Isn't
just
gonna
be
like
all
of
us
telling
people
stuff,
it
seems
kind
of
boring,
I,
don't
know,
but
what
we
realized
was
kind
of
was
lacking
was
an
event
to
really
try
and
bring
the
community
together
and
have
people
share
what
they're
doing
with
NPM
out
in
the
world
and
share
it
with
each
other
and
also
kind
of
with
us.
A
So
this
is
the
talks.
Today
are
mostly
not
NPM
employees,
but
we
do
have
a
handful
myself
included,
obviously,
and
it's
the
first
conference.
So
it's
a
little
that
we've
that
we've
thrown
like
this,
it's
a
little
bit
of
an
experiment,
but
I'm
pretty
excited
about
it,
mostly
I'm,
really
looking
forward
to
seeing
what
all
the
other
stuff
that
people
do
with
NPM
I
just
think
javascript
is
cool
and
it's
really
fun
to
see
people
making
things
and
especially
making
things
with
a
thing
that
I
helped
make.
A
There's
there's
a
ton
of
really
great
stuff
that
I've
seen
lately
way
more
than
I
can
fit
on
a
slide,
but
you
should
probably
check
out
some
of
these
most
of
the
or
one
of
the
one
of
the
fun
thing.
Is
that,
like
a
lot
of
these
are
actually
ideas
that
I've
had
right
like
Zico?
Is
a
deployment
thing
greenkeeper,
like
checks
out
which
steps
whenever
they
get
updated
and
make
sure
that
you
can
kind
of
stay
up
to
date?
No
security
project
is
exactly
what
it
says
on
the
tin.
A
It
is
a
project
to
increase
node
security
and
there's,
like
thousands
of
other
things
that
don't
fit
there.
But
what's
exciting
is
like
these
are
all
stuff
that
things
that
I've
thought
at
one
point
or
another
like
I,
really
build
that
and
then
I
didn't,
because
you
know
full-time
job
and
then
somebody
else
did
which
is
great
and
that
full-time
job
I
felt
ly
kind
of
help
facilitate
that
I
was
going
to
end
with
some
kind
of
like
future
plans
of
NPM
Inc
type
slide.
A
But
I
looked
back
at
all
of
the
talks
I've
given
about
NPM
over
the
last
five
or
six
years
and
I
always
had
something
that
was
like
okay,
and
these
are
our
future
plans
and
historically
I'm
terrible
at
planning.
The
future
I
have
no
idea
what
we're
gonna
do
like
all
of
my
great
big
ideas,
and
just
never
ever
ever,
do
and
then
like
like
here.
Somebody
beats
us
to
it
and
they
do
a
better
job
anyway
and
they're
using
NPM
anyways.
It's
like
alright!
A
Well,
we
just
have
to
keep
the
registry
going,
so
they
can
keep
doing
it.
Then
that's
our
job,
there's
like
a
time
to
make
the
doughnuts
kind
of
feeling
to
it
a
little
bit
but
yeah.
So
I
do
have
some
stuff
about
our
actual
plans.
Our
actual
plan
is
to
keep
working
to
make
the
make
NPM
the
obvious
trusted
and
essential
tool
for
all
web
developers.
So
this
community
can
keep
growing,
can
keep
building
new
things.
A
A
That's
really
what
success
feels
like
to
me,
even
though
it's
sort
of
a
silent
partner
in
all
of
these
apps,
and
also
it's
a
non-trivial
challenge,
to
keep
figuring
out
how
to
make
a
successful
business
out
of
this
stuff
so
that
we
can
keep
the
registry
running
and
sort
of
have
this
ongoing
sustainability
virtuous
cycle,
so
that
open
source
and
continue
there's
just
a
ton
of
stuff
that
hasn't
been
built
yet
I'm
really
looking
forward
to
seeing
it,
and
that's
all
that
I
have
to
say.
Thank
you
very
much
enjoy
the
rest
today.