Kat Marchán Brings the Command Line to Npm – InApps Technology 2022

The following interview is part of a series, called Open Source Leaders, where we profile project leaders in the open source IT community, to learn more about how they developed their software as well as the challenges and benefits that come with running an open source project.  

Kat Marchán is a core developer at Npm, Inc., working on the command line client for the world’s largest software registry. When she’s not fixing terminal-tormenting bugs and implementing new npm command line features, Marchán also travels to spread the open source Node.js/npm love through conference talks and community events. InApps Technology caught up with her recently to learn how this green-haired digital dryad came to live in the open source ecosystem.

So ten years ago you were in film school. What led to the leap from documentary filmmaking to being co-maintainer of the npm CLI?

I started coding my final year at Hampshire College, where I studied linguistics and filmmaking. I was working on a year-long film project that was my final thesis work for my degree. My thought was I’d pick something up that was just entirely different so I could clear my head from being so deep in the weeds. I ended up taking an Intro to CS course in Python at Smith College. It’s part of a five-college system in the area that lets students take classes at any of the schools). I loved it and immediately wondered why I hadn’t just studied CS for my undergrad!

I graduated from film school straight into the recession. Finding a job was incredibly hard, so I filled in the time by going through programming books, working on open source stuff, and just generally learning to code. The first programming language I got comfortable with was Common Lisp. I was treating it all as a hobby while looking for sysadmin work, which I’d done as a work-study job in college. Eventually, I applied to a webdev agency and they were kind enough to take me in as an entry-level QA person with the opportunity to occasionally code. A few more jobs along the way took me from Massachusetts to Minnesota to Florida before I finally ended up in California. And now I’m one of the two core devs on the npm CLI, the most widely-used JavaScript package manager.

How did you get involved with open source?

Way before I even started coding I was really into computer stuff in general, and I worked tech support gigs throughout college. So I first learned about the existence of open source through running whatever the latest distros were, and also by hanging out on IRC — there is a lot of OS culture there. Then when I started actually programming there was this new hot thing called GitHub and everyone told me to get on there. I made an account and started putting up my random personal hacks.

I first realized how truly, deeply cool open source is when I was playing with one of my very first programming projects, a MUD (text-based multi-user video game). So I took a deep breath and put up the source code for that — at the time I was like a total OS n00b, and to me the word fork was a really bad thing. But then someone forked it, practically right away, and I almost started crying because I immediately thought that meant two bad things — some more experienced coder was going to tear apart my stuff, and I also kind of felt like I was losing control of this precious personal thing that had been all mine, you know?

Then a day later they put up this pull request to do this refactor of what I’d done, and it was beautiful. And I was like, “You mean other people will just come and join my party and help make my projects better?!” I was hooked.

Can you give us some basic project stats of your current Open Source main project, the npm CLI?

As the default package manager for the JavaScript runtime environment Node.js, npm consists of a command line client, also called npm, and an online database of public packages, called the npm registry. There are two core developers, Rebecca Turner and I, who are paid full-time to maintain the project. That’s about it for corporate support.

We also have a smattering of semi-regular contributors, and a bunch of other community members that send in one-off patches. Our AUTHORS.txt currently has 477 lines in it.

Working on a project that has such major impact can be kind of intense to think about. Like, I can make a small improvement to how long nmp5 takes to install stuff and that amounts to SO much time when you factor in our user base — literally years of savings over a week, in human hours saved. It is also terrifying to realize any kind of small mess up can have huge repercussions. Eight million users is the number I’ve been told, and so if I made a mistake that affected just one percent, 80,000 people is how many people would be unable to use the software.

What is the potential to monetize your involvement with the project?

I earn a six-figure salary working on a really visible open source project as my full-time job. I’m pretty happy about that.

On a more macro level, Npm, Inc., runs the open source registry as a free service, with the goal of supporting the long-term success of the JavaScript community. But the company monetizes by building tools and creating services around the secure use of packages in a private or enterprise context.

What are the technical and/or business problems the project helps solve?

Npm is the world’s most widely-used software package manager, and it’s a core part of the stack for devs working on just about every level of web development. Npm is the main gateway to the massive JavaScript ecosystem of 500,000 packages on the npm Registry, which saves folks an immense amount of time when developing solutions to their own problems. Odds are, if you have a problem, someone’s already at least partially solved it and made it available for free on the registry. It’s by far the biggest package ecosystem of any programming language, ever.

We also have things like Orgs and npm Enterprise to make it easier for devs to work on internal projects using the workflows they’re used to in their open source work, and have it all be a relatively seamless experience.

Random Kat Marchán factoid?

I have coded Lisp for a living, as my first programming language. That’s pretty rare. These days, JavaScript feels like a good enough Lisp for me — it’s got enough of the fun random crap I used to enjoy in Lisp.