Announcing the deal, Nat Friedman, CEO of GitHub said, “We’ll integrate GitHub and npm to improve the security of the open-source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it.”
He further added, “GitHub Sponsors has already paid out millions of dollars to open source contributors, and we’re excited to explore tasteful ways to extend it to the npm ecosystem.”
The deal comes at the right time for npm, as the company lost several of its senior executives last year.
He added, “It’s not a loss leader or an experimental add-on or a way to quickly hire a team. Rather, the npm registry is a significant and concrete strategic asset serving GitHub’s mission of eliminating transaction costs in software development.”