On 23/10/2015 10:01 PM, Doug Schaefer wrote:
I think for some of this though, we’re running into hurdles from IP.
Node.js drives a lot of this. For example both Grunt and Bower are node.js
apps and more are coming every day. We need to be able to redistribute
node for those that don’t have it. Visual Studio does this, hate to see us
not able to.
>From the IP point of view, we need to separate "ship node.js" from "use lots of npm packages". It is the latter case that is hard to do, as the general state of IP provenance management in the npm ecosystem is poor.
We are also working on a new policy to make it easier for projects to use IP which in the past we would have rejected as not meeting our standards for IP cleanliness. Assuming it is approved by the Board, that will hopefully allow us to use more assets from
the npm ecosystem which are well-known and widely used. Stay tuned on that.
Thanks, Mike. I’m not sure we need to redistribute npm packages. They’re so easy to install, it could be done as a result of user action based on their approval of the provenance of the ecosystem. While I agree this is an issue with vendors redistributing
the bits, it doesn’t seem to be an issue with users, the people who are building systems based on that ecosystem.