Managing JavaScript in the Enterprise


We are excited to announce the launch of a platform to help modernize Javascript development in the enterprise.

Ripping the “beta” label off npm Enterprise is satisfying for a lot of reasons. We started npm to remove friction for JavaScript developers, and I believe we have accomplished a lot. The solution we are announcing today delivers added control, visibility, and security while continuing to delight developers with the npm tools and functionality they are used to.

Approximately 100% of the world’s enterprises already use npm to acquire approximately 97% of their JavaScript code. Unfortunately, most are ill-equipped to take full advantage of that code, or manage its use.

Over the past few months, I’ve had many conversations with companies that employ developers who depend on npm. One thing was consistent: passionate and unmistakable dissatisfaction with today’s enterprise workflow management and artifact storage tools. More than once, I heard from developers who’ve hacked together their own ways to share JavaScript packages with their colleagues. Why? Because they found the tools chosen by their leaders to be too frustrating and inadequate to use. We can help solve this problem.

The closer we looked at current JavaScript security providers, the more we were surprised by how ineffective their services actually are. Most of them use npm as a primary source of information about vulnerabilities, and they often find out about them after we do. They lack the information we have about global developer behaviors, making them badly positioned to understand how widespread vulnerabilities have the potential to become. We can help here, too.

npm Enterprise provides the perfect balance between managerial insight and developer happiness. It provides the tools necessary to modernize JavaScript development within an organization while keeping enterprise developers happy and efficient.

Some of the more exciting features of npm Enterprise are:

  • Dedicated single-tenant hosting in a Kubernetes cluster
  • Company-specific companyname.npme.io URL
  • Support for industry-standard SSO authentication
  • Role-based access control
  • Sharing of packages between and across teams
  • Customizable workflows for collaboration and seamless CI/CD system integration
  • Notification of known vulnerabilities through “npm audit”

Over the coming months our enterprise users can expect improved tooling and new features assisting with security, compliance, workflow efficiency, and team management.

We would love to answer questions that any developer, DevOps manager, or IT executive might have about this new offering or the evolution in JavaScript development that it enables. If you’d like to learn more about the ways npm Enterprise can empower your developers, visit npmjs.com/enterprise.