npm Blog (Archive)

The npm blog has been discontinued.

Updates from the npm team are now published on the GitHub Blog and the GitHub Changelog.

Customer Convo: Jan Klausa, Clue


This piece is a part of our Customer Convos series. We’re sharing stories of how people use npm at work. Want to share your thoughts? Drop us a line.

Q: Hi! Can you state your name and what you do?

A: Hi! I’m Jan and I’m an iOS developer at Clue.

How’s your day going?

Chilling with my cat, so purrrrrretttty good.

Tell me the story of npm at your company.

Our products are two mobile apps for iOS and Android. We write some logic in JavaScript so that we don’t have to do it twice on both platforms and can share it. Using a real package manager to handle that instead of someone going from time to time “hey, we should maybe update the JS in the apps, huh?” is pretty nice.

Can you tell us a story about a specific package you wanted to make that private packages really enabled you to do?

Some of the core logic of our app would be really error-prone and tricky to re-write for each of our platforms — but it has a bunch of proprietary logic, so its being private was a must-have.

Does your company do open source? How do you negotiate what you keep private and public?

We do have a GitHub org and few repos up there with little helper things that we’ve built over the years, but it’s not an important part of our work. We’ve recently been talking internally about carving out bits and pieces that would be useful in broader contexts and open-sourcing those, but nothing concrete yet.

To people who are unsure what they could use private packages for, how would you explain the use case?

By making analogy to GitHub private orgs/repos. You know how your source code is in a private repo? Well, the build artifacts of your JS library can be, too!

How’s the day-to-day experience of using private packages?

Pretty seamless! I have few nitpicks about the web interface (getting to the private package takes way too many clicks, and I’d love to see a version history), but otherwise I can’t say I’ve noticed any problems.

Oh! there was an issue earlier this year when the person who set up the org left the company. I remember people complaining about the process of transferring the ownership being a PITA, but I wasn’t super involved with that, so I don’t really remember the specifics…

Editor’s note: We’re always happy to help! If you have any issues, please reach out to support at

Would you recommend that another org or company use private packages or orgs? Why?

Yes. “Please stop copy-pasting files between repos.”

Any questions I didn’t ask that you wish I did?

Nyup, I think you got it covered.

Any cool npm stuff your company has done publicly that you’d like to promote?

Sadly not…