npm Blog (Archive)

The npm blog has been discontinued.

Updates from the npm team are now published on the GitHub Blog and the GitHub Changelog.

Customer Convo: Ben Edelstein, LogRocket


This piece is a part of our Customer Convos series. We’re sharing stories of how people use npm at work. Want to share your thoughts? Drop us a line.

Q: Hi! Can you state your name and what you do, and what your company does?

A: LogRocket helps product teams build better experiences for their users. By recording videos of user sessions along with logs and network data, LogRocket surfaces UX problems and reveals the root cause of every bug.

How’s your day going?


Tell me the story of npm at your company. What specific problem did you have that private packages and orgs solved?

We run a monorepo. Our server code, our frontend code, and our publicly published SDK all coexist and share packages in this repository. This setup is great, but we knew it could easily become monolithic. Having everything split into independent packages helps enforce clean separation. We use lerna to minimize duplicates and keep versions consistent throughout the app.

Can you tell us a story about a specific package you wanted to make that private packages really enabled you to do?

We use a lot of workers to offload data processing in our application. Packages such as promise-worker are lifesavers when dealing with workers in a complex application.

Does your company do open source? How do you negotiate what you keep private and public (feel free to be as vague as you need to be)?

We do! As a rule of thumb, if it’s only used by the SDK then we don’t mind making it public. Anything used by our application code is private.

To people who are unsure what they could use private packages for - how would you explain the use case?

For us, it works for anything that is used by more than one part of the application. Using git subrepos is a common solution to this, but we’ve found those to be quite messy in practice. Configuration, error reporting, and logging all come to mind. We also use packages to share API definitions between services so they’re never out of sync.

How’s it going? How’s the day to day experience of using private packages/orgs?

It’s great.

How would you see the product improved or expanded in the future?

We would love to see more tooling around lock-step publishing, with the end goal of replacing lerna with something native.

Would you recommend that another org or company use private packages or orgs and why?

Absolutely! Especially as the number of packages and contributors increases, having a single approach to package management is priceless. We have a few packages that are used across all different parts of the application. We could not build or distribute these as easily if they were not in a single place.

Any cool npm stuff your company has done publicly that you’d like to promote?

Aside from the main LogRocket SDK, we also use npm for distributing our plugins for React, Redux, GraphQL, VueJS, Mobx, rxjs, @ngrx/store, and more. Check out our plugin docs for more details.