What were the factors that drove the success of NodeJS?
Silverio: It introduced two innovations around semantic versioning and dependency management.
How did semantic versioning work?
Silverio: Packages all have versions. Semantic versioning is like a pinky swear among programmers about what they intend the version to contain. A package has three numbers. The last is the patch number. You pinky swear, “I think I’m fixing a bug.”
The middle version number implies, “I think I’m adding a feature.”
The first number is a major version update which asserts, “I’m breaking you.”
This is not a panacea, but this is just enough communication among programmers about what their intent is. You break people by accident all the time, but semantic versioning lets you signal it.
This turns out not to be a solution to everyone’s problems, but it is enough grease on the skids that it helps.
How did npm address dependency challenges?
Silverio: Dependency hell is a term people throw around. For example, you are trying to depend on one piece of software and something else you depend on also depends on a different version of the first piece of software. This is a much harder problem in Java, C, and C++. Anything that is statically compiled tends to have this problem, which basically mandates there will only be one version. For example, if I want to use OpenSSL, it’s not possible to have two things that require different versions of it in statically compiled languages.
Node includes a mechanism for working around this by nesting dependencies. It does not matter what version they want. Two modules can call different versions of a package, and it is fine they coexist.
How did these catalyze back-end development?
That is when npm and Node went kaboom.
Our COO, Laurie Voss is into numbers and enjoys producing graphs of npm’s uptake and use. It is not exponential, but it looks exponential.
There were 50 billion Tarballs downloaded in the last week. The majority was probably continuous integration testing. When people are actually deploying a new app, they will download it once to make a new build.
How do bundling browser apps and compiling back-end apps compare?
The one everyone uses today is webpack. Another is called Rollup. Bundlers do a function that parallels what compilers do. They take source code in one form that is convenient to developers and turn it into the form best suited for browsers to consume.
It is just that the Node servers are different than browsers. This is okay, because they are different things. You end up wanting to use the conveniences of Node when you are developing.
What is the secret horror of working with NodeJS?
This program might not run in the browser. It might run after you do some transformation to make all the nice things you get from Node available in the browser equivalent. That is what tools like webpack do.
How does npm make money from giving away free access to a package manager?
Deeper analysis and reporting is available as a paid offering. It can also do more analysis over time across projects. For example, we could tell you when a particular vulnerability entered your application, and what your exposure is over time.
I’ve developed Node apps that update database rows and columns that ran for years. The fact that people are developing websites and development is constant.
How has the mix of front-end and back-end developers shifted?
Silverio; We have about 11 million developers using npm. Most of those are front-end browser developers using Node to do it. Many are using Node but sharing code that might have nothing to do with Node.js. For example, React is hosted on npm. If you want to get the latest version of React, you will run and install it using npm, Yarn or a CLI command that talks to the npm registry.
I refer to it as success as a catastrophe. You have a startup and now you have succeeded. npm has survived a catastrophe of success, because we have made really good use of our CDN.
Currently, npm usage is about 80:20 front-end to back-end developers. Two years ago, it was about 50:50. Node is critically important and is being widely used to write single page web apps.
npm being where it is and as usable and fast as it is has enabled people to do new methods of web development they could not do before. By allowing the plumbing to be taken for granted by developers, it has allowed people to build things on us that were not thinkable before.
Semantic versioning is not perfect, but most of the time it works. People can just take the software with confidence and npm retrieves the components for them automatically.