NPM Adds Command-Line Option To Help Fund Open-Source Coders

"Despite its own solvency concerns, NPM Inc on Tuesday deployed code changes that add a 'funding' command to the latest version of the npm command-line tool, namely v6.13.0," reports the Register: Henceforth, developers creating packages for the JavaScript runtime environment Node.js can declare metadata that describes where would-be donors can go to offer financial support. Doing so involves adding a funding field to package.json, a file that lists various module settings and dependencies. The funding field should be a URL that points to an online funding service, like Patreon, or payment-accepting website....

In a phone interview with The Register, NPM Inc co-founder and co-CTO Isaac Schlueter said: "The problem we're solving is open source projects need funding and there are very few ways people can get that information in front of people using their code...." Schlueter allowed that NPM Inc's funding mechanism may reward good marketers more than it rewards good developers. But he believes it will work against that. "One thing nice about this approach is that it does take some of the marketing skill out of the equation," he said. "Because all you really have to do is set up a payment URL and then put that in your packages. You don't have to craft the message expertly, you'll show up on that list at the end of the install."
"At the end of August, we made a promise to the community to invest time & effort to better support package maintainers," explains an announcement on the NPM blog.

"This work is just the first, small step toward creating a means/mechanism for a more sustainable open source development ecosystem."

Could this be used to spread malware?

[Anonymous Coward]

I would like to add a link to a malicious website to my app... to gather credentials and possibly payment or banking information.

Uum, no?

[BAReFO0t]

Any other random link on any site could go to the same thing too thaf asks you for private data for a "valid" reason.

If you just enter it, nilly-willy, without checking for trustworthiness, you aren't safe anywhere, and need a legal guardian, as you are certainly not mentally capable of handling basic healthy grown-up things like driving a car, having a credit card, house keys, or maybe even tying your shoes, ... let alone raisig children.

Re: Uum, no?

[BarbaraHudson]

"Raisig children" - does that include learning how to spell or at least enable autocorrect?

The original article says a truth nobody wants to address - open source developers need a way to get funding. Too many act like making a buck out of writing code cheapens the process or takes away from the developers "open source purity". It's time to have a long, in-depth discussion. At least this is a start.

Re:

[anonymouscoward52236]

I guess you could just put your cryptocurrency address instead of a link to a malicious website?

NPM? Isn't that some of that webifying cancer?

[BAReFO0t]

The ecosystem only true nutjobs care about, and everyone else wishes a quick and permanent death?

Which will happen as soon as WebAssembly gets all the APIs that JS has in the browser, and nobody needs to learn or use JS anymore, unless he really wants to.

Re:

[L_R_Shaw]

The best part of WebAssembly about to nuke from orbit the retarded clusterfuck that is the Javascript/Node world is just how foaming at the mouth in apoplectic denial the reaction and panic is.

Web development's reaction to dumping Javascript is going to be like people who were forced to ride across country in a Pinto with a fat guy who ate nothing but Taco Bell finally arriving at their destination.

What is most mind boggling is even the Javascript clowns who know the end is coming all think they are going t

Java Applets reborn.

[bussdriver]

WebAssembly turning into Applet v2.0 doesn't sound great to me.

What sounds great is JavaSCRIPT being the simple glue it was supposed to be. It does not have to be abused and used as something it is not... which is what is being done with it today.

WebAssembly should be strictly forbidden from going beyond being a component system which is coupled to the browser APIs with javascript.

The goal should be: someday you can compile any number of components written in all languages with almost no modifications int

Re: Java Applets reborn.

[BarbaraHudson]

We already have a better solution - one that works both in the browser and without a browser (and all the problems a browser brings to the table). I've said many times that Java sucks, but at least it doesn't require a browser as middleware. We need to get away from our dependence on the browser just because people don't know how to write stand-alone networking applications.

browser are a problem but OS have FAILED too

[bussdriver]

Web: Lower bar for entry. that is what made it popular.

Everything has a free browser; zero cross platform issues, just some browser issues with the TWO browsers and some version issues... which are a pain but:

Why INSTALL software on every device (and it's OS?) All the versions/updates of those installs and historically, the COST for each installed copy (still common, plus now we have subscriptions.) All the crap to remove / install to keep things running nicely. SO people are supposed to INSTALL software

Editor Fail: What is NMP? Why do I care?

[goombah99]

Don't tell me to google it. If the summary uses Opaque initials and doens't even give a clue about the context then the slash dot editors failed

Is this a response to CJ Silverio?

[whh3]

CJ Silverio is the former CTO of Node. Is this a response to her recent criticism of the company and the launch of a federated package manager?

For those who want to know more about her very interesting thoughts on the topic, feel free to look those up here:

Presentation at JSConfEU 19 [youtube.com]

Interview on the Changelog Podcast [changelog.com]

Re:

[whh3]

My apologies: I mistyped in my earlier message. CJ is the former CTO of NPM. NPM is a company. Node is part of the OpenJS Foundation. Sorry for the error.

Comment removed

[account_deleted]

Comment removed based on user account deletion